Re: [apparmor] [PATCH 4/4] Move rule simplification into the tree construction phase

On Mon, Jun 22, 2015 at 11:00:02AM -0700, John Johansen wrote: > The current rule simplification algorithm has issues that need to be > addressed in a rewrite, but it is still often a win, especially for > larger profiles. > > However doing rule simplification as a single pass limits what it can >

Re: [apparmor] [PATCH] parser: fix make parser_regex dependency

On Wed, Jun 24, 2015 at 02:44:13PM -0700, Steve Beattie wrote: > My testing of this patch did uncover one problem with incremental > builds, a missing make dependency on the libapparmor_re/aare_rules.h > header. > > Signed-off-by: Steve Beattie Acked for both 2.9 and trunk Acked-by: Seth Arnold

[apparmor] [PATCH] parser: fix make parser_regex dependency

On Mon, Jun 22, 2015 at 11:00:01AM -0700, John Johansen wrote: > Currently rules are added to the expression tree in order, and then > tree simplification and factoring is done. This forces simplification > to "search" through the tree to find rules with the same permissions > during right factorin

Re: [apparmor] [patch] profiles: postfix/master also needs lock permissions for master.pid

On Wed, Jun 24, 2015 at 10:56:01PM +0200, Christian Boltz wrote: > Hello, > > postfix/master also needs lock permissions for master.pid > > reported by darix some weeks ago, and also confirmed on my own servers. > > > I propose this patch for trunk and 2.9. Acked for both Acked-by: Seth Arno

[apparmor] [patch] profiles: postfix/master also needs lock permissions for master.pid

Hello, postfix/master also needs lock permissions for master.pid reported by darix some weeks ago, and also confirmed on my own servers. I propose this patch for trunk and 2.9. [ profiles-postfix-master-pid-k.diff ] === modified file 'profiles/apparmor/profiles/extras/usr.lib.postfix.master

Re: [apparmor] [PATCH 3/4] Change expr tree construction so that rules are grouped by perms

On Mon, Jun 22, 2015 at 11:00:01AM -0700, John Johansen wrote: > Currently rules are added to the expression tree in order, and then > tree simplification and factoring is done. This forces simplification > to "search" through the tree to find rules with the same permissions > during right factorin

Re: [apparmor] [Patch] [Parser] Fix bare include keyword

On Wed, Jun 17, 2015 at 02:41:30AM -0700, John Johansen wrote: > Fix the regression that caused using 'include' instead of '#include' for > includes to stop working. > > Signed-off-by: John Johansen > > diff --git a/parser/parser_lex.l b/parser/parser_lex.l > index 5af788a..974548d 100644 > ---

Re: [apparmor] Fwd: Re: [Patch 0/4] change accept node handling during expr tree set

On 06/23/2015 10:13 AM, Jamie Strandboge wrote: > > I accidentally responded to John privately but meant to respond to the list, > so > forwarding here. > > Forwarded Message > Subject: Re: [apparmor] [Patch 0/4] change accept node handling during expr > tree set > Date: Mon,

Re: [apparmor] [Patch 0/4] change accept node handling during expr tree set

On 06/23/2015 01:04 PM, John Johansen wrote: > On 06/22/2015 10:59 AM, John Johansen wrote: >> This series of patches changes the way accept nodes are generated >> and the expression tree is set-up around them. It is a start to the >> backend refactoring and cleanup, and provides a nice little perf

Re: [apparmor] [PATCH 2/4] Move the permission mapp into the rule set

On Mon, Jun 22, 2015 at 11:00:00AM -0700, John Johansen wrote: > Signed-off-by: John Johansen Acked-by: Steve Beattie Thanks. -- Steve Beattie http://NxNW.org/~steve/ signature.asc Description: Digital signature -- AppArmor mailing list AppArmor@lists.ubuntu.com Modify settings or unsubs