Re: [apparmor] [patch] [2.9 branch] fix aa-mergeprof capability handling

2015-06-01 Thread Steve Beattie
On Thu, May 14, 2015 at 02:05:40AM +0200, Christian Boltz wrote: > Hello, > > this patch fixes the 2.9 aa-mergeprof capability handling. > > Thanks to a broken optimization (which missed a "not" in the if > condition), aa-mergeprof never asked to merge capability rules. > > Also fix a syntax / p

Re: [apparmor] [patch] Fix available buttons after switching audit flag in aa-logprof

2015-06-01 Thread Steve Beattie
On Tue, May 26, 2015 at 01:53:45PM +0530, Kshitij Gupta wrote: > On Mon, May 25, 2015 at 5:20 AM, Christian Boltz wrote: > > > Hello, > > > > when switching the audit flag for network events in aa-logprof > > (technically, it happens in aa.py ask_the_question()), the "(I)gnore" > > button gets "l

Re: [apparmor] [patch] aa-mergeprof: move creating the headers for capabilty and network rules inside the loop

2015-06-01 Thread Steve Beattie
On Sun, May 24, 2015 at 11:25:45PM +0200, Christian Boltz wrote: > Hello, > > this patch moves the code to set q.headers, q.functions and q.default > for network and capability rules inside the "while not done" loop. This > ensures to always have valid headers (for example, after changing the >

Re: [apparmor] [patch] Replace duplicate code in aa-mergeprof with a loop

2015-06-01 Thread Steve Beattie
On Sun, May 24, 2015 at 11:23:54PM +0200, Christian Boltz wrote: > now that the handling for capability and network rules is the same, > wrap the former network rule-only code with > for ruletype in ['capability', 'network']: > and delete the superfluous ;-) capabiltiy code block. > > Needless

Re: [apparmor] [patch] Change aa-logprof and aa-mergeprof to read the severity from CapabilityRule

2015-06-01 Thread Steve Beattie
On Sun, May 31, 2015 at 06:25:26PM +0200, Christian Boltz wrote: > Hello, > > Am Freitag, 29. Mai 2015 schrieb Steve Beattie: > > On Sun, May 24, 2015 at 06:53:35PM +0200, Christian Boltz wrote: > > > Note: the != '--' check in aa-mergeprof is superfluous for > > > capabilities, but will becom

Re: [apparmor] [PATCH 05/20] add ability to parser dmesg output as a log file

2015-06-01 Thread Steve Beattie
On Fri, May 29, 2015 at 01:39:11AM -0700, John Johansen wrote: > Signed-off-by: John Johansen Acked-by: Steve Beattie , thanks. -- Steve Beattie http://NxNW.org/~steve/ signature.asc Description: Digital signature -- AppArmor mailing list AppArmor@lists.ubuntu.com Modify settings or unsubsc

Re: [apparmor] [PATCH 09/20] add helper fn to query file path permissions

2015-06-01 Thread Tyler Hicks
On 2015-06-01 11:01:12, John Johansen wrote: > On 06/01/2015 10:47 AM, Tyler Hicks wrote: > > On 2015-06-01 10:18:34, John Johansen wrote: > >> On 06/01/2015 06:46 AM, Tyler Hicks wrote: > >>> On 2015-05-31 18:00:25, Christian Boltz wrote: > Hello, > > Am Freitag, 29. Mai 2015 schrie

Re: [apparmor] [PATCH 09/20] add helper fn to query file path permissions

2015-06-01 Thread John Johansen
On 06/01/2015 10:47 AM, Tyler Hicks wrote: > On 2015-06-01 10:18:34, John Johansen wrote: >> On 06/01/2015 06:46 AM, Tyler Hicks wrote: >>> On 2015-05-31 18:00:25, Christian Boltz wrote: Hello, Am Freitag, 29. Mai 2015 schrieb Tyler Hicks: > On 2015-05-30 00:00:25, Christian Bolt

Re: [apparmor] [PATCH 09/20] add helper fn to query file path permissions

2015-06-01 Thread Tyler Hicks
On 2015-06-01 10:18:34, John Johansen wrote: > On 06/01/2015 06:46 AM, Tyler Hicks wrote: > > On 2015-05-31 18:00:25, Christian Boltz wrote: > >> Hello, > >> > >> Am Freitag, 29. Mai 2015 schrieb Tyler Hicks: > >>> On 2015-05-30 00:00:25, Christian Boltz wrote: > Am Freitag, 29. Mai 2015 schri

Re: [apparmor] [PATCH 09/20] add helper fn to query file path permissions

2015-06-01 Thread John Johansen
On 06/01/2015 06:46 AM, Tyler Hicks wrote: > On 2015-05-31 18:00:25, Christian Boltz wrote: >> Hello, >> >> Am Freitag, 29. Mai 2015 schrieb Tyler Hicks: >>> On 2015-05-30 00:00:25, Christian Boltz wrote: Am Freitag, 29. Mai 2015 schrieb Tyler Hicks: > On 2015-05-29 01:39:15, John Johansen

Re: [apparmor] [patch] Update comments in minitools_test.py

2015-06-01 Thread Steve Beattie
On Sun, May 31, 2015 at 07:58:26PM +0200, Christian Boltz wrote: > Hello, > > After switching to winbindd as test profile, comments about the ntpd > profile don't make sense anymore ;-) > > The patch also includes a whitespace fix. > > [ 43-update-comments-in-minitools_test.py.diff ] While you'

Re: [apparmor] [PATCH] parser: Document the --features-file option in apparmor_parser(8)

2015-06-01 Thread Steve Beattie
On Mon, Jun 01, 2015 at 09:55:10AM -0500, Tyler Hicks wrote: > This option was previously only documented in the --help output. > > Signed-off-by: Tyler Hicks Acked-by: Steve Beattie , thanks. -- Steve Beattie http://NxNW.org/~steve/ signature.asc Description: Digital signature -- AppArmor

[apparmor] [PATCH] parser: Document the --features-file option in apparmor_parser(8)

2015-06-01 Thread Tyler Hicks
This option was previously only documented in the --help output. Signed-off-by: Tyler Hicks --- parser/apparmor_parser.pod | 6 ++ 1 file changed, 6 insertions(+) diff --git a/parser/apparmor_parser.pod b/parser/apparmor_parser.pod index 428b058..bab5979 100644 --- a/parser/apparmor_parser.

Re: [apparmor] [PATCH 09/20] add helper fn to query file path permissions

2015-06-01 Thread Tyler Hicks
On 2015-05-31 18:00:25, Christian Boltz wrote: > Hello, > > Am Freitag, 29. Mai 2015 schrieb Tyler Hicks: > > On 2015-05-30 00:00:25, Christian Boltz wrote: > > > Am Freitag, 29. Mai 2015 schrieb Tyler Hicks: > > > > On 2015-05-29 01:39:15, John Johansen wrote: > > > > > +int aa_query_file(uint32_