Hallo Leute,
Am Sonntag, 30. November 2014 schrieb Christian Boltz:
> Let me warn you that your __init__() also has a regression when
> compared with my set_* functions - imagine someone calls it with a
> raw_rule that completely differs from the other parameters, like
>
> cap_rule = Capabili
On Sat, Nov 29, 2014 at 09:49:20PM +0100, Christian Boltz wrote:
> this patch deletes the unused profilemode() function from aamode.py
Acked-by: Steve Beattie
--
Steve Beattie
http://NxNW.org/~steve/
signature.asc
Description: Digital signature
--
AppArmor mailing list
AppArmor@lists.ubunt
On Sat, Nov 29, 2014 at 09:45:23PM +0100, Christian Boltz wrote:
> aamode.py contains an unused function map_log_mode().
>
> grep didn't find any usage of this function in the bzr checkout,
> therefore this patch deletes it.
Acked-by: Steve Beattie
Thanks.
--
Steve Beattie
http://NxNW.org/~
On Sat, Nov 29, 2014 at 08:10:38PM +0100, Christian Boltz wrote:
> Hello,
>
> LOG_MODE_RE (used in validate_log_mode() in aamode.py) just checked if
> the given parameter contains one of the possible matches. This resulted
> in "invalid" [1] being a valid log mode (from audit.log requested_mask
On Sun, Nov 30, 2014 at 12:45:49AM +0100, Christian Boltz wrote:
> > Second is that I think these changes are large enough to not be
> > acceptable for 2.9.1, and that we should branch off 2.9.x before
> > committing this patch set.
> You are right that the changes are quite big for a maintenance
The check-logprof target was not updated to use the python tools, when
they were merged in. This patch fixes the issue.
(The check-logprof is not part of the 'check' target for the profiles,
because it fails for the same reasons that the utils/ make check fails
in environments where apparmor has n
Hello,
Am Montag, 1. Dezember 2014 schrieb Steve Beattie:
> On Sat, Nov 29, 2014 at 08:10:38PM +0100, Christian Boltz wrote:
> > LOG_MODE_RE (used in validate_log_mode() in aamode.py) just checked
> > if the given parameter contains one of the possible matches. This
> > resulted in "invalid" [1] b
On Mon, Dec 01, 2014 at 09:09:46PM +0100, Christian Boltz wrote:
> Am Montag, 1. Dezember 2014 schrieb Steve Beattie:
> > On Sat, Nov 29, 2014 at 08:10:38PM +0100, Christian Boltz wrote:
> > > LOG_MODE_RE (used in validate_log_mode() in aamode.py) just checked
> > > if the given parameter contains
Hello,
@{PROC}/@{pid}/maps r,
is part of abstractions/base - so there's no need to include it in the
nscd profile.
=== modified file 'profiles/apparmor.d/usr.sbin.nscd'
--- profiles/apparmor.d/usr.sbin.nscd 2014-11-17 19:18:29 +
+++ profiles/apparmor.d/usr.sbin.nscd 2014-12-01 20:58:52
On Mon, Dec 01, 2014 at 10:00:14PM +0100, Christian Boltz wrote:
> @{PROC}/@{pid}/maps r,
> is part of abstractions/base - so there's no need to include it in the
> nscd profile.
Acked-by: Steve Beattie
--
Steve Beattie
http://NxNW.org/~steve/
signature.asc
Description: Digital signature
Hello,
I merged my server profiles into the extra profiles - this is one of
the resulting patches.
=== modified file 'profiles/apparmor/profiles/extras/usr.bin.man'
--- profiles/apparmor/profiles/extras/usr.bin.man 2010-12-20 20:29:10
+
+++ profiles/apparmor/profiles/extras/usr.bin.m
Hello,
this patch updates the mysqld profile in the extras directory to
something that works on my servers ;-)
BTW: AFAIK Ubuntu ships an active profile for mysqld - can someone merge
it with this profile, please?
=== modified file 'profiles/apparmor/profiles/extras/usr.sbin.mysqld'
--- profil
Hello,
the usr.sbin.sendmail profile contains some duplicated lines. This patch
deletes them.
=== modified file 'profiles/apparmor/profiles/extras/usr.sbin.sendmail'
--- profiles/apparmor/profiles/extras/usr.sbin.sendmail 2014-06-27 04:32:56
+
+++ profiles/apparmor/profiles/extras/usr.sbin.
Hello,
in my server profiles, I found that useradd for some reason executes
nscd (maybe to tell it to refresh its cache?)
=== modified file 'profiles/apparmor/profiles/extras/usr.sbin.useradd'
--- profiles/apparmor/profiles/extras/usr.sbin.useradd 2014-09-18 22:03:49
+
+++ profiles/apparmo
Hello,
final patch from merging my server profiles:
=== modified file 'profiles/apparmor/profiles/extras/usr.sbin.vsftpd'
--- profiles/apparmor/profiles/extras/usr.sbin.vsftpd 2010-12-20 20:29:10
+
+++ profiles/apparmor/profiles/extras/usr.sbin.vsftpd 2014-12-01 22:10:36
+
@@ -1,6
Hello,
that's what you get from manually beautifying a profile before sending a
patch - it's @{pid}, not @{PID}.
Updated patch:
=== modified file 'profiles/apparmor/profiles/extras/usr.sbin.vsftpd'
--- profiles/apparmor/profiles/extras/usr.sbin.vsftpd 2010-12-20 20:29:10
+
+++ profiles/a
Hello,
Am Montag, 1. Dezember 2014 schrieb Steve Beattie:
> The check-logprof target was not updated to use the python tools, when
> they were merged in. This patch fixes the issue.
>
> (The check-logprof is not part of the 'check' target for the profiles,
> because it fails for the same reasons
Hi everyone,
I have a tenative profile for bin.ps but I have a question before I
submit it to the package maintainer.I have received no response from
the package maintainer regarding a profile.
I have identified three capabilitier requested by ps on my system:
dac_override
dac_read_search
sys_pt
On Mon, Dec 01, 2014 at 05:19:33PM -0600, parspes wrote:
> Hi everyone,
> I have a tenative profile for bin.ps but I have a question before I
> submit it to the package maintainer.I have received no response from
> the package maintainer regarding a profile.
>
> I have identified three capabilit
19 matches
Mail list logo
