Hello,
Am Montag, 24. Februar 2014 schrieb Steve Beattie:
On Tue, Feb 25, 2014 at 12:20:33AM +0100, Christian Boltz wrote:
Change aa-complain / set_complain() to (only) add the complain flag.
We don't need to additionally create a force-complain symlink.
Acked-by: Steve Beattie st
generation when in a chroot environment while a file
is accessed that is exernal to the chroot but within the namespace).
/para
/sect2
Regards,
Christian Boltz
--
Anyway, what does our mission statement say?
Have a lot of fun...
[ Per Jessen and Kreg KH in opensuse-factory
Hello,
I just found out nobody pointed me to art_apparmor_quick.xml in the SLE
doc. I just accidently ;-) found it - and as always when I first touch
something, it breaks into its parts ;-)
For details, see the attached review patch (for SVN r12170)
Regards,
Christian Boltz
--
Eine Sig ist
:
+print (tabs(dpth) + '[--- empty ---]')
+else:
+if key:
+print (tabs(dpth) + '%s = %s' % (key, src))
+else:
+print (tabs(dpth) + '- %s' % src)
+
def cmd(command):
'''Try to execute the given command.'''
debug(command)
Regards,
Christian
Hello,
Am Donnerstag, 27. Februar 2014 schrieb Jamie Strandboge:
On 02/26/2014 06:48 PM, Christian Boltz wrote:
this patch adds recursive_print() to common.py.
It prints a data structure in an easily readable output and is quite
useful[1] for debugging. However, I don't recommend
/~cjwatson/blosxom/2009-07-02-python-sigpipe.html
# This is needed so that the subprocesses that produce endless output
Regards,
Christian Boltz
--
Meeting, n.:
An assembly of people coming together to decide what person or
department not represented in the room must solve a problem
. The following patch fixes them.
Thanks!
Acked-by: Christian Boltz appar...@cboltz.de
However, I still get errors from test-aa-decode.py and
test-aa-easyprof.py.
Well, one thing after the other ;-)
The fix for test-aa-decode.py is trivial, I'll send a patch in a minute.
Regards,
Christian Boltz
Hello,
Am Donnerstag, 27. Februar 2014 schrieb Jamie Strandboge:
This patch adds /var/www/html to abstractions/web-data, which is the
path used for document root on Debian and its derivatives[1].
Nominated for 2.8.
Acked-by: Christian Boltz appar...@cboltz.de
for trunk and 2.8
That said
Hello,
Am Donnerstag, 27. Februar 2014 schrieb Christian Boltz:
this patch fixes test-aa-decode.py - it failed all tests because the
path to aa-decode was wrong.
=== modified file 'utils/test/test-aa-decode.py'
--- utils/test/test-aa-decode.py2012-11-06 01:27:20 +
+++ utils
Hello,
Am Donnerstag, 27. Februar 2014 schrieb Jamie Strandboge:
On 02/27/2014 02:04 PM, Christian Boltz wrote:
Am Donnerstag, 27. Februar 2014 schrieb Jamie Strandboge:
On 02/26/2014 06:48 PM, Christian Boltz wrote:
this patch adds recursive_print() to common.py.
Is pprint
Hello,
Am Donnerstag, 27. Februar 2014 schrieb Kshitij Gupta:
On Feb 27, 2014 6:18 AM, Christian Boltz appar...@cboltz.de wrote:
this patch adds recursive_print() to common.py.
It prints a data structure in an easily readable output and is quite
Works with nested dictionaries, lists
Hello,
Am Sonntag, 2. März 2014 schrieb Kshitij Gupta:
On Sat, Mar 1, 2014 at 3:41 AM, Christian Boltz wrote:
test-aa-easyprof.py depends on /bin/ls being a real binary.
In practise, it is a symlink to /usr/bin/ls on some distributions.
The patch below fixes this for me, but I know
Hello,
Am Dienstag, 4. März 2014 schrieb Kshitij Gupta:
On Sat, Mar 1, 2014 at 3:41 AM, Christian Boltz wrote:
test-aa-easyprof.py depends on /bin/ls being a real binary.
In practise, it is a symlink to /usr/bin/ls on some distributions.
...
@Christian
With the patch from @Steve in place I
Hello,
Am Mittwoch, 5. März 2014 schrieb Steve Beattie:
On Wed, Mar 05, 2014 at 09:27:29PM +0100, Christian Boltz wrote:
I finally applied Steve's small change to preserve the tempdirs (and
another one to tell me the used tempdir - BTW: is there a clean
way to do this? I had to abuse
(program)
import apparmor.cleanprofile as cleanprofile
Regards,
Christian Boltz
--
weitere Indizien deuten ja auf KMail2:
- [...]
- KMail2 ist immer kaputt, warum nicht auch hier? ;)
[Roman Fietze in opensuse-de]
--
AppArmor mailing list
AppArmor@lists.ubuntu.com
Modify settings
,
audit /tmp/foo, # bar rw, # comment
The expected results should be obvious, even if those testcases are a
bit ;-) evil.
Regards,
Christian Boltz
--
In case someone reads this and does not understand irony: this is not
a valid solution for something you want to submit to openSUSE:Factory
Hello,
Am Donnerstag, 6. März 2014 schrieb Steve Beattie:
On Thu, Mar 06, 2014 at 09:41:02AM -0800, Steve Beattie wrote:
On Thu, Mar 06, 2014 at 01:29:41PM +0100, Christian Boltz wrote:
Am Mittwoch, 5. März 2014 schrieb Steve Beattie:
This patch splits out the genprof tool functionality
Hello,
Am Donnerstag, 6. März 2014 schrieb Steve Beattie:
On Thu, Mar 06, 2014 at 10:10:16PM +0100, Christian Boltz wrote:
Am Mittwoch, 5. März 2014 schrieb Steve Beattie:
D-Bus rules in particular seem to get written as multi-line rules.
This patch adds very simple hackish support
sounds better)?
That would mean people have to actively opt-in to the automatical
fallback by touch'ing the file once in their bzr checkout. This would
fix the surprise part.
With the opt-in file added, the patch looks good to me.
Regards,
Christian Boltz
--
Mit Java [...] werden auch oft
?
Regards,
Christian Boltz
[1] at least for the programs I'm using regularly ;-)
--
Hier gibt es zB eine Adress-DB für einige Leute und allein schon die
gleichzeitige Verwendung dieser DB ist eher die Ausnahme.
Wahrscheinlich verdienen die Datenbanken hier die Bezeichnung gar nicht.
Wenn du willst
.
Signed-off-by: Kshitij Gupta kgupta8...@gmail.com
Looks good (and works) :-)
Acked-by: Christian Boltz appar...@cboltz.de
Regards,
Christian Boltz
--
Currently you get a SUSE Linux box for 60 bugs with 1 DVD, 5 CDs,
Although there are actually more bugs available for SUSE LINUX 10.0,
as you
]
+if re.search('^.*msg\=audit\((\d+\.\d+\:\d+).*\).*$', out):
+logmark = re.search('^.*msg\=audit\((\d+\.\d+\:\d+).*\).*$',
out).groups()[0]
else:
logmark = ''
return logmark
Regards,
Christian Boltz
--
wie gefährlich kann der momentan umgehende Wurm Sober-C für ein
Linux
strings wrapped in a
class.
Signed-off-by: Tyler Hicks tyhi...@canonical.com
Looks good, thanks. I also like the testcases you added. (Maybe you can
add some tests for lines with comments?)
Acked-by: Christian Boltz appar...@cboltz.de
Regards,
Christian Boltz
--
Auaauaaua, sorry, Leute, das war
matches[2].trim here.
With the regex changed and a TODO note for duplicate removal,
Acked-by: Christian Boltz appar...@cboltz.de
Regards,
Christian Boltz
--
That release went far too smooth after we had everything together ;-)
That on it's own should have set off the alarm bells :-)
[ Andreas Jaeger
encountering signal
rules.
Signed-off-by: Tyler Hicks tyhi...@canonical.com
In general,
Acked-By: Christian Boltz appar...@cboltz.de
However,
diff --git a/utils/test/test-regex_matches.py
b/utils/test/test-regex_matches.py index 0b656cc..7096a50 100644
--- a/utils/test/test-regex_matches.py
encountering ptrace
rules.
Signed-off-by: Tyler Hicks tyhi...@canonical.com
Acked-By: Christian Boltz appar...@cboltz.de
with similar complaints as in the signal patch:
--- /dev/null
+++ b/utils/test/test-ptrace_parse.py
...
+class AAParsePtraceTest(unittest.TestCase):
+
+def
when encountering
pivot_root rules.
Signed-off-by: Tyler Hicks tyhi...@canonical.com
Acked-By: Christian Boltz appar...@cboltz.de
with two conditions:
- please fix the issues Steve found
- please convert the tests to arrays to make the code more readable
(as described in my previous mails
(self):
As already written several times today, having all tests in an array
would be a good idea ;-)
Regards,
Christian Boltz
--
Blöde Frage: Platte/Partition voll? - df -h
Tatsächlich. Erklärt mich nicht für blöd, das war auch mein 1.Gedanke,
habe mich dann aber dummerweise bei der Ausgabe
/samba/smb_tmp_krb5.* rw,
Regards,
Christian Boltz
--
Der Pinguin ist ein gutes Logo für Linux,
denn was nicht fliegt, stürzt auch nicht ab.
Francis Kuhlen (IBM-Vice President Sales)
--
AppArmor mailing list
AppArmor@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com
) [ 'flags=(complain)' ]'{'
[...]
Unrelated, but:
There are more flags, not only complain. The manpage should also have a
section explaining what all those flags do.
Are you bored enough to fix this now (I'm not, sorry), or do you prefer
a bugreport? ;-)
Regards,
Christian Boltz
--
http://www1
Hello,
Am Montag, 21. April 2014 schrieb Steve Beattie:
On Fri, Apr 18, 2014 at 04:17:41PM +0200, Christian Boltz wrote:
this patch updates the usr.sbin.winbindd profile
- allow rw access to /var/cache/krb5rcache/
- treat passdb.tdb.tmp as passdb.tdb
Patch from Lars Müller lmue
|= MODE_HASH[tmp]
Acked-by: Christian Boltz appar...@cboltz.de
Regards,
Christian Boltz
--
I guess that mkinitrd has become an official victim of our
attempts to move from into the /usr space.
[Raymond Wooninck in https://bugzilla.novell.com/787085#c10]
--
AppArmor mailing list
AppArmor
for handling bare file rules.
Signed-off-by: Tyler Hicks tyhi...@canonical.com
Cc: Christian Boltz appar...@cboltz.de
---
This patch is meant to address the feedback from cboltz regarding the
duplicated code in aa.py (not the duplicated test code):
https://lists.ubuntu.com/archives/apparmor
*(#.
*)?$')
+RE_PROFILE_PTRACE =
re.compile('^\s*(audit\s+)?(allow\s+|deny\s+)?(ptrace[^#]*\s*,)\s*(#.
*)?$')
+RE_PROFILE_PIVOT_ROOT =
re.compile('^\s*(audit\s+)?(allow\s+|deny\s+)?(pivot_root[^#]*\s*,)\s
*(#.*)?$')
Acked-by: Christian Boltz appar...@cboltz.de
Side note: the regex for PIVOT_ROOT will also match
in a classes list. The test methods are based
on the regex_test() method, which performs the regex search and
compares the results to the expected_result.
Signed-off-by: Tyler Hicks tyhi...@canonical.com
Cc: Christian Boltz appar...@cboltz.de
---
This patch is meant to address feedback from cboltz
: Are you ok with $SUBJECT as commit message? ;-)
(if not, please propose a better one ;-)
Regards,
Christian Boltz
--
AFAIK they are still working on it... But you know, there are also so
called human beeings, who normally do not work the weekend ;-)
It rather seems to me that there are so many
anything that's not or #, or matching quotes with anything except
quotes inside
__re_no_or_quoted_hash = '([^#]|[^]*)*'
Regards,
Christian Boltz
--
Bei Windows hat man Mailreader, der alles kann. Bei Linux hat man
ein MUA, das eigentlich gar nichts kann, aber das verdammt gut.
[Bernd Brodesser
to make the rules much simpler:
/etc/php5/**/ r,
/etc/php5/**.ini r,
Opinions?
Regards,
Christian Boltz
--
Angesichts der offensichtlich hervorragenden Leistungen einiger Athleten
bei der 35. Idiotenparade der Herren (Einzel/Mannschaft) in Nürnberg bin
ich gerade mal wieder eine alte
\=audit\((\d+\.\d+\:\d+).*\).*$',
out).groups()[0]
else:
Regards,
Christian Boltz
--
I'm root - if you see me laughing you better have a backup!
--
AppArmor mailing list
AppArmor@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/apparmor
][pname] = True
write_profile_ui_feedback(pname)
def get_profile_flags(filename, program):
Regards,
Christian Boltz
--
Feel free to close this bug as accidently ;-) fixed...
Nothing happens here by accident ;-)...
[ Christian Boltz and Stephan Binner,
https://bugzilla.novell.com
is innocent because he just translated this well-hidden bug to
python ;-)
Regards,
Christian Boltz
--
Möglicherweise laufe ich sogar mit fliegenden Fahnen von Gnome zu KDE
über. Jedenfalls, bis sich das Gnome-Projekt dazu entschliesst, Nautilus
durch /irgendwas/ zu ersetzen. Notfalls eine Parkuhr oder
,'
+mount = aa.parse_mount_rule(rule)
+self.assertEqual(rule, mount.serialize(),
+'mount object returned %s, expected %s' %
Doing this with an array and a loop is still on your TODO list, right?
;-)
That said,
Acked-by: Christian Boltz appar...@cboltz.de
Regards
-09 18:31:07 +
@@ -33,7 +33,7 @@
return value
def sysctl_write(path, value):
-if not value:
+if value is None:
return
with open(path, 'w') as f_out:
f_out.write(str(value))
Regards,
Christian Boltz
--
Re. mailing lists are too hard to use, people who
Hello,
Am Montag, 9. Juni 2014 schrieb Seth Arnold:
On Mon, Jun 09, 2014 at 08:33:28PM +0200, Christian Boltz wrote:
aa-genprof failed to set /proc/sys/kernel/printk_ratelimit to 0
(unlimited) because the if not value: check matches 0.
This patch replaces the check with ... is None
Hallo Leute,
Am Montag, 9. Juni 2014 schrieb Christian Boltz:
However, a warning can't hurt. Slightly updated patch:
Well, actually it can hurt - if you don't import the warn() function ;-)
So here's v3:
=== modified file 'utils/aa-genprof'
--- utils/aa-genprof2014-05-21 19:42:43 +
noticed that aa-cleanprof (and therefore probably all python
tools) adds additional quotes in file rules, so
/bin/foo bar mrix,
becomes
/bin/foo bar mrix,
and in the next run
/bin/foo bar mrix,
One more patch to write...
Regards,
Christian Boltz
--
a computer without an Internet connection
variable operation %s for variable
%s') % (var_operation, list_var))
def strip_quotes(data):
Regards,
Christian Boltz
--
[BILD] Als langjährig tätiger Strafverteidiger (und Fan von Volker
Pispers) muß ich jedoch dringend davor warnen, stinkende tote Fische in
dieses Freiexemplar der
Hello,
Am Mittwoch, 18. Juni 2014 schrieb Steve Beattie:
On Thu, Jun 19, 2014 at 02:41:39AM +0200, Christian Boltz wrote:
this patch improves the error messages in aa.py store_list_var() to
make debugging of profile syntax problems easier.
This is an okay improvement as-is, but it sure
usr.sbin.apache2 and abstractions/apache2-common contain signal
rules).
Is this an Ubuntu patch that was not commited to bzr yet?
Regards,
Christian Boltz
--
dragotin where is that lazy chicken btw?
suseROCKs Ouch!
dragotin oh - code of conduct violated?
dragotin It is not allowed to call henne
us
Acked-by: Christian Boltz appar...@cboltz.de
Regards,
Christian Boltz
--
[ComputerBild] Allerdings wird wahrscheinlich eher die Hölle zufrieren
als das dieses Organ der Presselandschaft, deren Inhalt einer jeden
Ausgabe locker auf einer Briefmarke Platz hätte, [für die Etikette]
eine Spalte
/apparmor.d/usr.lib.dovecot.auth2014-07-07 19:55:54 +
@@ -1,6 +1,7 @@
# --
#
#Copyright (C) 2013 Christian Boltz
+#Copyright (C) 2014 Christian Wittmer
#
#This program is free software; you can redistribute
rw,
- /var/{db,cache,run}/nscd/{passwd,group,services,host}r,
+ /{var/db,var/cache,var/run,run}/nscd/{passwd,group,services,host}r,
# nscd renames and unlinks files in it's operation that clients will
# have open
/{,var/}run/nscd/db* rmix,
Regards,
Christian Boltz
--
Hell
Hello,
Am Montag, 7. Juli 2014 schrieb Steve Beattie:
On Tue, Jul 01, 2014 at 11:06:06PM +0200, Christian Boltz wrote:
What's the reason for the /{var/,}run/dovecot/config rw, rule?
None of the dovecot profiles did contain this rule before...
Honestly, I'm not enough of a dovecot
the buildservice to send a submit request ;-)
Regards,
Christian Boltz
--
My calendar shows May 12th to be a Friday, not a Thursday?
I meant 11th ;-(.
With all the delays, perhaps mentioning the year would also be
a good idea. ;-) [ Andreas Jaeger and houghi in opensuse]
--
AppArmor mailing
reload), but the systemd magic breaks it.
Regards,
Christian Boltz
--
Ich _habe_ einen vernünftigen Mailer!
Und warum benutzt Du ihm nicht?
Mach ich gerade.
Komisch, bei mir wird angezeigt, daß Du KMail benutzt.
[ Manfred Misch und Bernd Brodesser in suse-linux]
--
AppArmor mailing list
/rc.aaeventd.suse deprecated/
Regards,
Christian Boltz
--
Von Euch laß ich mich nirgendwo hinführen!
Das machen wir ganz unauffällig, das merkst Du garnicht. Warts ab,
eines Tages bist Du der größte sig-Lieferant im Usenet und weißt
garnichts davon.[Moss und C. Mueller in suse-talk
|a|x|i|u|p|c|n|I|U|P|C|N)')
def str_to_mode(string):
Regards,
Christian Boltz
--
In the beginning was the word, and the word was content-type: text/plain
--
AppArmor mailing list
AppArmor@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/apparmor
|Ux|Px|PUx|Cx|Pix|Cix')
PROFILE_MODE_DENY_RE = re.compile('r|w|l|m|k|a|x')
Regards,
Christian Boltz
--
Wäre es nicht eine Verbesserung, wenn bei der nächsten Win Version
anstatt der beängstigenden Meldung schwerer Ausnahmefehler ein
beruhigendes ärgerliches Standardproblem den
in changed_list:
+for profile_name in sorted(changed.keys()):
write_profile_ui_feedback(profile_name)
reload_base(profile_name)
Regards,
Christian Boltz
--
Machen wir einen Club utf-8 geplagte Perl-Programmierer auf?
[Bernhard Walle in suse
Hello,
Am Montag, 14. Juli 2014 schrieb Seth Arnold:
On Sat, Jul 12, 2014 at 09:29:14PM +0200, Christian Boltz wrote:
logparser.py defines LOG_MODE_RE, but doesn't use it.
LOG_MODE_RE is also defined (and used) in aamode.py.
This patch removes the superfluous definition from
/',
symlinks=True)
def tearDown(self):
#Wipe the local profiles from the test directory
Regards,
Christian Boltz
--
Widerstand ist zwecklos (wenn er kleiner als 1 Ohm ist).
--
AppArmor mailing list
AppArmor@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com
Hello,
Am Montag, 14. Juli 2014 schrieb Christian Boltz:
this patch changes severity_test.py to use the in-tree profiles
instead of the system profiles in /etc/apparmor.d/
=== modified file 'utils/test/severity_test.py'
--- utils/test/severity_test.py 2014-02-13 00:59:27 +
+++ utils
@@
#
# --
+import sys
+sys.path.append('../')
+
import apparmor.aa as aa
import unittest
Regards,
Christian Boltz
--
Ansonsten: Ich sage nur Diwasserstoffmonoxid.
Ja, ein äußerst schädliches Zeugs, vor allem wenn es
running $file... ; python3 $file; echo; done
+#!/bin/bash
+# --
+#
+#Copyright (C) 2014 Christian Boltz
+#
+#This program is free software; you can redistribute it and/or
+#modify it under the terms of version 2 of the GNU
Hello,
Am Mittwoch, 16. Juli 2014 schrieb Steve Beattie:
On Wed, Jul 16, 2014 at 01:39:49PM +0200, Christian Boltz wrote:
I know all tests succeeded is the expected result, and we should
always have that.
Indeed. I wish I could get that with make check with the
distribution's python
./*/.so m,
doesn't look correct - I'd guess there shouldn't be a / in front of .so ;-)
--
https://code.launchpad.net/~intrigeri/apparmor-profiles/totem+gstreamer-1.4/+merge/227691
Your team AppArmor Developers is requested to review the proposed merge of
Hello,
Am Montag, 21. Juli 2014 schrieb Steve Beattie:
On Mon, Jul 14, 2014 at 10:19:52PM +0200, Christian Boltz wrote:
this patch changes several utils/test/*.py to use the in-tree
python modules.
Sorry, but I don't like this patch. The reason is that I don't want
to hardcode the local
automatically tighten up when we introduce a @{pid}
kernel-side variable.
Well, it's nearly the best ;-)
You can/should also add the owner keyword which excludes reading /proc
entries of processes run by other users:
owner @{PROC}/@{pid}/** r,
Regards,
Christian Boltz
--
Nur beim Account meines
= False
+
Regards,
Christian Boltz
--
Maybe you need to turn the chamaeleon (gecko) once more, 90 grades this
time, with a silly grin and a rolling stones tongue coming out. ;-))
[Eberhard Moenkeberg in opensuse]
--
AppArmor mailing list
AppArmor@lists.ubuntu.com
Modify settings
,
Christian Boltz
--
Aber immer, wenn ich nichts Böses erwarte, dann passierts.
Dann hat irgend ein Hirni was geändert, was mehr Arbeit macht.
Und der Hirni sitzt hinter 'nem Busch und lacht sich tot
[Ernst Scott in opensuse-de]
--
AppArmor mailing list
AppArmor@lists.ubuntu.com
Modify settings
%s %s to profile') % (family, sock_type))
else:
done = False
Regards,
Christian Boltz
--
mv ~/Hirn ~/Sieb
[David Haller in suse-linux]
--
AppArmor mailing list
AppArmor@lists.ubuntu.com
Modify settings or unsubscribe
Hello,
Am Sonntag, 27. Juli 2014 schrieb Christian Boltz:
I just wanted to use aa-mergeprof and it failed with funny[tm]
backtraces. It turned out that it looks for UI_*() and AA_MAY_EXEC in
the wrong python module.
The patch fixes aa-mergeprof to
- call apparmor.ui.UI_*() instead
or if the packager pulls the
profile from the apparmor-profiles repo (or even both) is just a
technical detail (and a nice chicken-egg problem ;-)
Regards,
Christian Boltz
[1] For openSUSE, I could imagine to have a meta package that
BuildRequires all packages containing profiles. This package could
apparmor.AppArmorException(_(%s is not a directory.)
%profiledir)
+
def main():
mergeprofiles = Merge(profiles)
Regards,
Christian Boltz
--
Wenn derjenige hinterher herumjammert, Zwar hängt jetzt das Bild, aber
ich habe ein Loch in der Wand und ein Nagel steht hervor..., dann habe
ich große Zweifel daran
that,
Acked-by: Christian Boltz appar...@cboltz.de
and commited to bzr.
Regards,
Christian Boltz
--
[lost password] Not that i know much of encrypted FS's, but id say you
are pretty lost by then. Unless you can brutecrack the encryption with
some forensics software...
Start looking for post
/home/cb/apparmor/HEAD-CLEAN/utils/apparmor/aa.py, line 4351,
in write_profile
changed.pop(profile)
KeyError: '/usr/bin/maildrop'
Regards,
Christian Boltz
--
[makeSUSEdvd] When it works, I will most likely hold a press conference
or something, so people will be informed by CNN. :-)
[houghi
), and I'm surprised it's not required.
permission that I can't quite articulate.
Maybe the following script helps you to articulate it ;-)
#!/bin/rm -r /
echo Hello World!
You better have a tight profile while testing this Hello World script
;-)
Regards,
Christian Boltz
PS: the script
Hello,
Am Montag, 4. August 2014 schrieb Kshitij Gupta:
On Wed, Jul 30, 2014 at 4:01 AM, Christian Boltz wrote:
Am Mittwoch, 30. Juli 2014 schrieb Kshitij Gupta:
...
The current method uses all the profiles and abstractions from -d
directory to process profiles. Without it the merges can
= raw_input(text)
+except EOFError:
+string = ''
+finally:
+readline.set_startup_hook()
else:
SendDataToYast({'type': 'dialog-getstring',
'label': text,
Regards,
Christian Boltz
--
Ich denk in Prag werd ich dann hauptsächlich
Hello,
Am Mittwoch, 6. August 2014 schrieb Kshitij Gupta:
On Wed, Aug 6, 2014 at 4:45 AM, Christian Boltz wrote:
this patch sets the currently selected path as (editable) default
when using (N)ew in aa-logprof or aa-genprof.
Credits go to
http://stackoverflow.com/questions/2533120
,
- /etc/dovecot/dovecot-database.conf.ext r,
- /etc/dovecot/dovecot-sql.conf.ext r,
+ /etc/dovecot/* r,
/usr/lib/dovecot/auth mr,
# kerberos replay cache
Regards,
Christian Boltz
--
Whoa whoa whoa that's WAY too efficient. Using tools that already exist?
Instead of inventing
/printing/printers.tdb mrw,
+ /var/{cache,lib}/samba/printing/printers.tdb mrw,
/var/lib/samba/** rwk,
/var/lib/sss/pubconf/kdcinfo.* r,
/{,var/}run/cups/cups.sock rw,
Regards,
Christian Boltz
--
If nothing else, the 15 years I've been online have impressed upon me
the ability of people
initscript even with
systemd. Having a systemd unit to load all profiles would be nice (and
would solve some annoying problems) - is someone interested in writing
one? ;-)
Regards,
Christian Boltz
--
[Virenscanner] Stattdessen gehört auf einen Windows-Arbeitsplatz ein
guter, selbstaktualisierender
Hello,
Am Mittwoch, 13. August 2014 schrieb Seth Arnold:
On Wed, Aug 13, 2014 at 01:54:30PM +0200, Christian Boltz wrote:
apparmor.common.AppArmorException: Syntax Error: Missing '}' .
Reached end of file /etc/apparmor.d/usr.sbin.nginx while inside
profile /usr/sbin/nginx
,
Christian Boltz
--
[Passwörter] Ich suche nach einem Mittelweg zwischen maximaler
Sicherheit und Zumutbarkeit für den Benutzer (ein Pferd mit Hufen,
dem unsere Admin-Tastaturen viel zu klein sind :-)).
[Manfred Rebentisch in suse-linux]
--
AppArmor mailing list
AppArmor@lists.ubuntu.com
Modify
Hello,
Am Dienstag, 12. August 2014 schrieb Steve Beattie:
On Wed, Aug 06, 2014 at 10:45:55PM +0200, Christian Boltz wrote:
the test profiles in parser/tst/simple_tests/profile/flags/* contain
#include includes/base
which doesn't exist.
Except that it does, as parser/tst
TypeError: unsupported operand type(s) for -: 'collections.defaultdict' and
'set'
BTW: Using 'c' instead of 'v' lets me view the differences without a crash.
Regards,
Christian Boltz
--
... wenn man schon Spams und Viren nur unvollkommen filtern,
wie will man dann die Windoof Experten fo^Hiltern
:
+return True
+return False
def fatal_error(message):
# Get the traceback to the message
Regards,
Christian Boltz
--
You cannot mix selections and patterns in a product - and we
will remove all selection support now.
AAARRGG. Needing to re-write makeSUSEdvd again. ;-)
It looks
socket names
OPERATION_TYPES = {'create': 'net',
Regards,
Christian Boltz
--
Versuch mal eine Seite für user zu erstellen die noch mit nem 486er
win 95 und ie4 bzw nem alten netscape 3 durch die gegend surfen.
OK, aber du hast heute auch Probleme mit Poststationen, wo du die Pferde
, aamode,
e['denied_mask'], e['name'], ''])
else:
Regards,
Christian Boltz
--
_sehr_ alt: ich musste neulich wieder feststellen, dass bei einem 32bit
System nach (2^^32-1)/100 Sekunden Laufzeit es nicht mehr sinnvoll
möglich ist, die uptime zu ermitteln :) [Wolfgang Hamann in opensuse
: 'AUDITING',
+ 2: 'AUDIT',
3: 'PERMITTING',
4: 'REJECTING',
5: 'HINT',
Regards,
Christian Boltz
--
I was already 21 when color tv got introduced in Germany...
Old Fart
in the extras dir
(profiles/apparmor/profiles/extras/usr.sbin.sshd in tarball and bzr)
which does exactly that.
Regards,
Christian Boltz
--
[ X-Mailer: Microsoft Outlook Express 6.00.2800.1106 ]
Damit ist deinem Kmail der Preis für die gruseligste Halloween-Maske
dieses Jahres sicher. [Andreas
,
Christian Boltz
--
Jetzt kriege ich es echt mit der Angst: da gibt es Zeilen in meinem
Code der identisch mit dem von SCO ist, etwa ein include stdio.h
oder aber auch ein hinterlistiges default:break;.
[Michael Karges in suse-linux]
--
AppArmor mailing list
AppArmor@lists.ubuntu.com
Modify
glob_path(newpath):
Glob the given file path
if newpath[-1] == '/':
Regards,
Christian Boltz
--
[...] if the installation of a stupid package failed, [...]
AFAIK there is no package named `stupid'.
[ Raphael Schillings and Michael Gross in
https://bugzilla.novell.com/show_bug.cgi?id
/used in network.h?
(I slightly ;-) doubt...)
Regards,
Christian Boltz
--
Persönliche Daten sind wie Plutonium.
Wenn zuviele davon auf einem Haufen liegen, wird es kritisch.
[Dirk Engeling, CCC]
--
AppArmor mailing list
AppArmor@lists.ubuntu.com
Modify settings or unsubscribe at:
https
already sent an
Acked-by: Christian Boltz appar...@cboltz.de
for this patch on IRC yesterday.
Regards,
Christian Boltz
--
Erstes Gesetz WWW:
Du mögest trennen die Spinnen und Indianer von den Usern und jedem
sein eigen Grund und Heim zuteilen auf das der eine nicht neidisch
werde auf den
-by: Christian Boltz appar...@cboltz.de
Regards,
Christian Boltz
--
Hmmm I think I hear steve yelling something about a unit test,
but he is on vacation so I'll just ignore him for now ;)
[John Johansen in apparmor]
--
AppArmor mailing list
AppArmor@lists.ubuntu.com
Modify settings or unsubscribe
code :-)
Acked-by: Christian Boltz appar...@cboltz.de
Regards,
Christian Boltz
--
xslt, was? Wir kombinieren das Paradigma von awk mit der
sprachlichen Eleganz von Cobol und den programmiertechnischen
Verrenkungen von funktionalen Sprachen unter sorgfältiger
Umgehung aller möglichen Vorteile
Hello,
Am Donnerstag, 28. August 2014 schrieb Steve Beattie:
Convert the mount parse tests to use common AAParseTest super class in
common_test.py.
Signed-off-by: Steve Beattie st...@nxnw.org
Acked-by: Christian Boltz appar...@cboltz.de
Regards,
Christian Boltz
--
Gericom + Pentium IV
Hello,
Am Donnerstag, 28. August 2014 schrieb Steve Beattie:
Convert the pivotroot parse tests to use common AAParseTest super
class in common_test.py.
Signed-off-by: Steve Beattie st...@nxnw.org
Acked-by: Christian Boltz appar...@cboltz.de
Regards,
Christian Boltz
--
ist mein sendmail
201 - 300 of 1302 matches
Mail list logo