Re: [apparmor] [PATCH profile 1/2] dnsmasq: Adjust pattern for log files to comply SELinux

Hi, > i.e. move '*' from beginning to before suffix. > Commit 025c7dc6 ("dnsmasq: Add permission to open log files") added > pattern, which is not compatible with SELinux. As this pattern has been > in SELinux since 2011 (with recent change to accept '.log' suffix + > logrotate patterns which are

[apparmor] [PATCH] security/apparmor: allow matching on presence of extended attributes

Currently, xattrs values must match the xmatch DFA to match a profile. This lets users construct profiles to match a file with a specific key and value with a basic regex. profile test xattrs(security.apparmor=/usr/bin/*) {} The xmatch DFA doesn't handle null characters in the xattrs value, s

Re: [apparmor] [PATCH profile 1/2] dnsmasq: Adjust pattern for log files to comply SELinux

Hello, Am Freitag, 7. Dezember 2018, 11:17:10 CET schrieb Petr Vorel: > Ping, please. I forwarded your patches to https://gitlab.com/apparmor/apparmor/merge_requests/288 Now I only need someone to press the "Approve" button so that I can merge it ;-) BTW: For future patches, you can do merge

Re: [apparmor] [PATCH profile 1/2] dnsmasq: Adjust pattern for log files to comply SELinux

On 12/7/18 2:56 PM, Christian Boltz wrote: > Hello, > > Am Freitag, 7. Dezember 2018, 11:17:10 CET schrieb Petr Vorel: >> Ping, please. > > I forwarded your patches to > https://gitlab.com/apparmor/apparmor/merge_requests/288 > > Now I only need someone to press the "Approve" button so that I c