-parse_profile_start.diff
26-fix-is_skippable_dir.diff
27-simplify-serialize_parse_profile_data.diff
Technically all those patches are Acked-by: timeout, so if nobody
objects until tuesday, I'll commit them to trunk and 2.9.
Regards,
Christian Boltz
--
...NACK --ware MÄNNER nutzen BSD
| ILINK RULE |
ICHANGE_PROFILE RULE | IRLIMIT RULE | IDBUS RULE )
+
+BBLOCK RULES = ISUBPROFILE
BSUBPROFILE = [ ICOMMENT ... ] ( IPROGRAMHAT | 'profile '
IPROGRAMCHILD ) '{' [ ( IFILE RULE | ICOMMENT | IINCLUDE ) ... ] '}'
With or without the above changes,
Acked-by: Christian Boltz appar
'profile' ;-)
+BHATNAME = '^' (non-whitespace characters; see aa_change_hat(2)
A quick test shows that non-whitespace isn't correct - for example,
^!foo {} causes a parser error ;-) Please specify what exactly is
allowed.
Regards,
Christian Boltz
--
Always file a bug: if it's
| IHAT )
Acked-by: Christian Boltz appar...@cboltz.de for trunk and 2.9.
Regards,
Christian Boltz
--
Hmm, wenn Du von CD aus Dein Linux-System booten kannst, dann scheint
vielleicht Dein MBR gerade Urlaub zu machen ;-)
[Martin Mewes in suse-linux]
--
AppArmor mailing list
AppArmor
blocks in the tools will become
interesting[tm] :-/
Nevertheless, the documentation looks correct, so
Acked-by: Christian Boltz appar...@cboltz.de
Regards,
Christian Boltz
--
Sich aktiv an Wikipedia beteiligen habe ich versucht.
Es war grausam. Dagegen ist das Heise-Forum ein Streichelzoo
acks in this patchset are for
trunk and 2.9.
Regards,
Christian Boltz
--
Offeriere denen mal kein ESMTP, dann klappt das schon :)
scnr: Vielleicht sollte er auch Anfragen ob er ihre Dokumente doch nicht
lieber vom Paketdienst abholen lassen soll, da ich vermute dass die das
evtl. noch mit dem
, 2015 at 11:57:11PM +0100, Christian Boltz wrote:
...
Here's v3, this time with the number included in the filename ;-)
Unfortunately, this doesn't appear to work under python2:
$ PYTHONPATH=.. python2 test-example.py
Traceback (most recent call last):
File test-example.py, line 44
.
As you probably noticed, I'm already using tuples in the tests added in
the following patches.
Anyway - if you have an idea for an improvement, feel free to send a
patch ;-)
Regards,
Christian Boltz
--
PHP5 wäre auch mal interessant...
*WAHHH*
[ Ratti
Hello,
Am Dienstag, 31. März 2015 schrieb John Johansen:
On 03/28/2015 03:49 PM, Christian Boltz wrote:
Am Mittwoch, 25. März 2015 schrieb John Johansen:
Signed-off-by: John Johansen john.johan...@canonical.com
---
parser/apparmor.d.pod | 46
Hello,
Am Dienstag, 31. März 2015 schrieb Steve Beattie:
On Sat, Mar 28, 2015 at 10:26:44PM +0100, Christian Boltz wrote:
just a reminder: some ;-) of the patches I sent in the last weeks
are still pending:
[updated list]
10-test-re_profile_start_2-and-parse_profile_start_line.diff
14
['operation'], e['name'])
Regards,
Christian Boltz
--
12.2 will be released also in 2013 and not 2011 (which would save
us all some work, but violation of linear time is currently not an
option ;) [Marcus Meissner in opensuse-announce]
--
AppArmor mailing list
AppArmor@lists.ubuntu.com
Modify
-29 22:41:02.093109280 +0200
@@ -1,5 +1,6 @@
# --
#Copyright (C) 2013 Kshitij Gupta kgupta8...@gmail.com
+#Copyright (C) 2015 Christian Boltz appar...@cboltz.de
#
#This program is free software; you can redistribute
.*.leases rw, # Required for lxc
/bin/bash ix, # Required to execute --dhcp-script argument
Regards,
Christian Boltz
--
Jungs. Mit dem Argument kann ich kaputte Autos verkaufen und dann
erklären, daß Fahrradfahren eh viel gesünder ist.
[Peer Heinlein in postfixbuch-users]
--
AppArmor
.
The symptoms seem to be very similar to a thread by Christian Boltz in
2012:
https://lists.ubuntu.com/archives/apparmor/2012-March/002414.html (in
that case it's .css files, I wonder if it was ever solved?)
No, this was not solved yet - and it seems to happen for various types
of _static_ files (css
Hello,
Am Samstag, 28. Februar 2015 schrieb Steve Beattie:
On Mon, Feb 23, 2015 at 10:04:28PM +0100, Christian Boltz wrote:
this patch changes logparser.py parse_event() so that it changes
disconnected path events to aamode 'ERROR'.
This means that aa-logprof will ignore the event
,
-}
-
-/does/not/exist4 (audit,complain) {
- /usr/X11R6/lib/lib*so* r,
- /does/not/exist7 r,
-
- ^debug (debug) {
-/var/log/debug rwl,
- }
-}
-
Regards,
Christian Boltz
--
Working in a datacentre is the next best thing to being talented and
popular. I get to spend hours surrounded
Hello,
Am Montag, 2. März 2015 schrieb Steve Beattie:
On Sun, Mar 01, 2015 at 04:08:23PM +0100, Christian Boltz wrote:
this patch adds some tests for aa.py get_profile_flags().
It also adds a check to get_profile_flags() to catch an invalid
syntax:
/foo ( ) {
was accepted
Hello,
Am Montag, 2. März 2015 schrieb Steve Beattie:
On Sun, Mar 01, 2015 at 07:12:05PM +0100, Christian Boltz wrote:
[ split-off-parse_profile_start-and-add-tests.diff ]
[SNIP]
=== modified file 'utils/apparmor/aa.py'
--- utils/apparmor/aa.py2015-02-20 20:36:55 +
):
-if not os.path.isdir(self.disabledir):
-raise apparmor.AppArmorException(Can't find AppArmor disable
directory %s % self.disabledir)
-
def get_next_to_profile(self):
'''Iterator function to walk the list of arguments passed'''
Regards,
Christian Boltz
--
Zu meiner
@@
# --
#Copyright (C) 2013 Kshitij Gupta kgupta8...@gmail.com
+#Copyright (C) 2015 Christian Boltz appar...@cboltz.de
#
#This program is free software; you can redistribute it and/or
#modify it under the terms of version 2 of the GNU General Public
@@ -12,6
(AppArmorBug):
self._parse('xy', '/bar', '/bar') # not a profile start
Regards,
Christian Boltz
--
Das 42te Gebot des Usernetzes besagt: Du sollst nicht süchtig siggen
eines Süchtigen Signatur. Auf das du selber nicht siggsüchtig werdest.
Wahrscheinlich wird das jetzt wieder
Hello,
here's the I-know-what-I-am-doing reply ;-)
Am Mittwoch, 4. März 2015 schrieb Seth Arnold:
On Thu, Mar 05, 2015 at 12:06:06AM +0100, Christian Boltz wrote:
this patch simplifies the setup_all_tests() call and avoids that
every test needs to import sys.
The patch applies on top
Hello,
Am Mittwoch, 4. März 2015 schrieb Seth Arnold:
On Thu, Mar 05, 2015 at 01:22:47AM +0100, Christian Boltz wrote:
BTW: If I had noticed earlier that __name__ is always '__main__',
I'd have implemented the simplified way from the beginning.
But is it always __main__? The whole point
profile without profile keyword
if __name__ == '__main__':
unittest.main(verbosity=2)
Regards,
Christian Boltz
--
Die Konsole muss ein Hermaphrodit, also zweigeschlechtlich, sein.
Denn manchmal denk ich mir: So kurz angebunden und sachlich wie die
ist, muss da ein Mann dahinter stecken
Hello,
Am Dienstag, 3. März 2015 schrieb Christian Boltz:
this patch adds better support for looping over a tests[] array to
common_test.py:
- class AATest - a base class we can use for all tests, and that will
probably get more features in the future (for example tempdir
handling
(verbosity=2)
Regards,
Christian Boltz
--
(gnome packages are getting too few and too easy :P )
Be sure that I'll keep this quote for later when we'll suffer
some pain with gnome packages ;-)
[ Dominique Leuenberger and Vincent Untz in opensuse-factory]
--
AppArmor mailing list
AppArmor
]['name'] == profile:
correct = False
Regards,
Christian Boltz
--
BUGS
It is not yet possible to change operating system by writing
to /proc/sys/kernel/ostype. -- Linux sysctl(2) manpage
--
AppArmor mailing list
AppArmor@lists.ubuntu.com
Modify settings
/samba/** rk,
/{,var/}run/samba/ncalrpc/ rw,
Regards,
Christian Boltz
--
Axel, algerisch gegen neuen Linkschreibung
Die neue recht Schreibung hat aber einen nicht unter schaetzbaren vor
Teil gegen ueber der alten recht Schreibung: so werden zum bei Spiel
viele lange Woerter nicht mehr zu
is: are the utils when passed --dir in sync with parser in
terms of where relative includes will be pulled from?
AFAIK the tools don't fallback to /etc/apparmor.d/ when -d is specified
and only use directory given with -d/abstractions.
Regards,
Christian Boltz
--
Sich aktiv an Wikipedia
Hello,
Am Sonntag, 1. März 2015 schrieb Christian Boltz:
this patch adds some tests for aa.py get_profile_flags().
It also adds a check to get_profile_flags() to catch an invalid
syntax: /foo ( ) {
was accepted by get_profile_flags, while
/foo () {
failed.
When testing
)):
+return os.path.join(p.split()[1].decode(), apparmor)
return False
def errormsg(message):
Regards,
Christian Boltz
--
[IP-Adresse von ppp0 mit system() ermitteln]
Dazu Perl zu verwenden, ähnelt sicherlich ein wenig der Spatzenjagd
mit großkalibrigen Langrohrgeschützen
that are set in files in the
F/etc/apparmor.d/tunables/ directory. These variables are currently
B@{HOME} and B@{HOMEDIRS}. Variables cannot be set in profile
scope;
Regards,
Christian Boltz
--
Microsoft is a cross between The Borg and the Ferengi. Unfortunately
they use Borg to do their marketing
AppArmorException('Can\'t find system log %s.' % (filename))
-
ldd = conf.find_first_file(cfg['settings']['ldd']) or '/usr/bin/ldd'
if not os.path.isfile(ldd) or not os.access(ldd, os.EX_OK):
raise AppArmorException('Can\'t find ldd')
Regards,
Christian Boltz
--
In college, I wrote
first *g*
Regards,
Christian Boltz
--
I've been told that better way how to find proces witch is using
disk is: echo 1 /proc/sys/vm/block_dump ; dmesg
... but to avoid the risk or syslog running amok writing that syslog
writes that syslog writes ... , shut down syslog first ;)
[ Cyril Hrubis
Hello,
Am Samstag, 27. Juli 2013 schrieb John Johansen:
On 07/27/2013 10:02 AM, Christian Boltz wrote:
(yes, those dates and the subject are correct ;-)
@John: I'm still waiting for your answer about
# ix implies m, so we don't need to add m if ix is present
so ignore this, as we
Hello,
Am Donnerstag, 2. April 2015 schrieb Steve Beattie:
On Thu, Apr 02, 2015 at 12:23:19PM +0200, Christian Boltz wrote:
this patch adds all __pycache__ directories below utils/ to
.bzrignore.
Luckily .bzrignore supports the ** notation ;-)
[ bzrignore-pycache.diff
Hello,
Am Donnerstag, 2. April 2015 schrieb Steve Beattie:
On Thu, Apr 02, 2015 at 09:55:24PM +0200, Christian Boltz wrote:
if 3/2 == 1:
print(old python inside)
To be fair, it's doing integer math when both the numerator and
denominator are integers; other things do this as well
re
Regards,
Christian Boltz
--
Yeah, I always need to have a sick bag handy when thinking about
web apps ;-) [Ludwig Nussel in opensuse-packaging]
--
AppArmor mailing list
AppArmor@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/apparmor
/common
-changehat/tomcat_apparmor/common
-utils/common
utils/*.8
utils/*.8.html
utils/*.5
Regards,
Christian Boltz
--
PATH=${HOME}/Oktoberfest 2003:$PATH
configure '--prefix=Auf geht\'s'
[Ralf Corsepius in suse-programming]
--
AppArmor mailing list
AppArmor@lists.ubuntu.com
Modify
@@
tests/regression/apparmor/unlink
tests/regression/apparmor/xattrs
tests/regression/apparmor/coredump
-./utils/apparmor/__pycache__
+utils/**/__pycache__/
Regards,
Christian Boltz
--
Das terrorsicherste Verkehrsmittel ist ganz klar das Automobil. Einzeln
verpackte Verkehrsteilnehmer
Hello,
Am Sonntag, 15. März 2015 schrieb Christian Boltz:
Am Sonntag, 15. März 2015 schrieb Christian Boltz:
and finally...
*drumroll*
This patch implements attachment handling - aa-logprof now works
with
profiles that have an attachment defined, instead of ignoring
audit.log
Hello,
Am Dienstag, 31. März 2015 schrieb Steve Beattie:
Bah, sent before completing my thoughts...
;-)
On Tue, Mar 31, 2015 at 03:32:00PM -0700, Steve Beattie wrote:
On Wed, Mar 04, 2015 at 10:41:10PM +0100, Christian Boltz wrote:
this patch add tests for RE_PROFILE_START_2
:
nt_name = nt_name.strip()
Regards,
Christian Boltz
--
Gibt es ein Buch über das maßvolle Verwenden von Fußnoten?
Wenn ja, dann bin ich bereit, Dir ein Exemplar zu schicken.
[Thorsten Haude zu David Haller in sl-etikette]
--
AppArmor mailing list
AppArmor@lists.ubuntu.com
Hello,
Am Dienstag, 31. März 2015 schrieb Seth Arnold:
On Sun, Mar 29, 2015 at 11:04:10PM +0200, Christian Boltz wrote:
this patch moves the code that does the c - a and d - w
replacement
in denied_mask and requested_mask so that it only runs for path
events, but not for other events
= [
('/bin/foo ', False), # no '{'
Regards,
Christian Boltz
--
Can I get some more info from the machine? 'dmesg', 'cat
/proc/bus/input/devices', etc ...
Sorry, there's no command calles etc on my machine... ;-)
[Rasmus Plewe on https://bugzilla.novell.com/show_bug.cgi?id=176022
-baserule.py 2015-04-11 22:51:35.361699045 +0200
@@ -0,0 +1,36 @@
+#! /usr/bin/env python
+# --
+#
+#Copyright (C) 2015 Christian Boltz appar...@cboltz.de
+#
+#This program is free software; you can redistribute it and/or
+#modify
should be a separate entry point, possibly
Regards,
Christian Boltz
--
weitere Indizien deuten ja auf KMail2:
- [...]
- KMail2 ist immer kaputt, warum nicht auch hier? ;)
[Roman Fietze in opensuse-de]
--
AppArmor mailing list
AppArmor@lists.ubuntu.com
Modify settings or unsubscribe at:
https
Hello,
Am Montag, 13. April 2015 schrieb Steve Beattie:
On Sun, Apr 12, 2015 at 03:32:25AM +0200, Christian Boltz wrote:
CleanProf.remove_duplicate_rules() didn't call
$profile['capability'].delete_duplicates()
because aa-cleanprof sets same_file=True.
Fix this by calling
Hello,
Am Montag, 13. April 2015 schrieb Steve Beattie:
On Sat, Apr 11, 2015 at 08:23:09PM +0200, Christian Boltz wrote:
this patch adds setUp() to AATest that sets self.maxDiff = None
(unlimited). This gives us unlimited array diffs everywhere where
AATest is used.
=== modified file
...
Regards,
Christian Boltz
[1] I'm not sure if all countries in europe use summer time. Also, there
are more clever clocks (like in your computer) that fix themself ;-)
--
Laß die Finger von Linux, wenn Du nur Linux haben willst, weil es
cool ist, Linux zu haben. Linux will geliebt sein.
[Bernd
(without it, I'd expect some
test-network.py failures)
- 43-cleanprof-do-in-profile-run.diff (without it, the patch that was in
this mail won't apply)
39-aatest-maxdiff.msg is also pending (and waiting for an answer to my
question), but at least it doesn't block anything.
Regards,
Christian
and $type !=
$LibAppArmor::AA_RECORD_ALLOWED) {
+goto err;
+}
my $profile = LibAppArmor::aa_log_record::swig_profile_get($test);
my $operation = LibAppArmor::aa_log_record::swig_operation_get($test);
Regards,
Christian Boltz
--
Ausgaben mit einer 0 sind ok, es sei denn
])
self.assertEqual(obj.is_equal(check_obj, True), expected[1], 'Mismatch
in is_equal/strict, expected %s' % expected[1])
Regards,
Christian Boltz
--
Und nun rate mal, warum ausgerechnet v.a. Vielschreiber mutt
verwenden. Sicher nicht, weil KMail besser waere.
Weil eine Handvoll muttschisten
')
-
-with self.assertRaises(AppArmorBug):
-parse_modifiers(matches)
-
def test_empty_cap_set(self):
obj = CapabilityRule('chown')
obj.capability.clear()
Regards,
Christian Boltz
--
P.S.: Christian, ich bereite schonmal deine Antwort vor: [...]
|Glaubst du mir
Hello,
Am Sonntag, 19. April 2015 schrieb Kshitij Gupta:
On Sat, Apr 18, 2015 at 2:51 AM, Christian Boltz wrote:
Am Dienstag, 14. April 2015 schrieb Christian Boltz:
this patch adds utils/test/test-network.py with tests for
NetworkRule
and NetworkRuleset.
The tests
don't need to re-
parse the includes for each profile. Nevertheless the patch is probably
a good starting point.
Regards,
Christian Boltz
--
This will be the Chinese year of the Snake so the next release should
be called Anaconda. Period. No discussion, no arguments.
Using a name of South
Hello,
Am Donnerstag, 23. April 2015 schrieb Seth Arnold:
On Sun, Apr 12, 2015 at 03:29:44AM +0200, Christian Boltz wrote:
this patch implements in-profile de-duplication in BaseRuleset
(currently affects only CapabilityRuleset, but will also work for
all future *Ruleset classes
of overhead ;-)
Regards,
Christian Boltz
--
Du hast die Freiheit, alles zu schreiben.
Ich habe die Freiheit, alles zu ignorieren. [Stephan Lange in dsn]
--
AppArmor mailing list
AppArmor@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/apparmor
Hello,
Am Dienstag, 28. April 2015 schrieb Steve Beattie:
On Mon, Apr 27, 2015 at 10:29:44PM +0200, Christian Boltz wrote:
AATest: don't limit diff length
Add setUp() to AATest that sets self.maxDiff = None (unlimited).
This gives us unlimited array diffs everywhere where AATest
are planning makes those added calls
superfluous again ;-)
Note that this comment is NOT a nack, just a silly question ;-)
Regards,
Christian Boltz
--
Wenn jemand eine ganz, ganz kurze man page aus dieser Diskussion - also
ohne meine schlechten Scherze - baut, dann fügt die Steffen dem Paket in
Zukunft
Hello,
Am Dienstag, 14. April 2015 schrieb Christian Boltz:
...
So basically super() is (more or less) useless with py2 :-( - and in
case it isn't, it has an annoying syntax.
Since nobody objected to the proposal in my previous mail, here's the
updated patch that avoids the super() dance
}),
(' /foo {', { 'plainprofile': '/foo',
'namedprofile': None, 'attachment': None, 'flags': None,
'comment': None }),
Regards,
Christian Boltz
--
Zu Risiken und Nebenwirkungen der PIN und TAN-Eingabe im Internet
beachten Sie die üblichen
:
-#To-Do
-pass
elif RE_PROFILE_ALIAS.search(line):
matches = RE_PROFILE_ALIAS.search(line).groups()
Regards,
Christian Boltz
--
Wir sind vom LinuxTag e.V., Widerstand ist zwecklos.
Sie werden assimiliert.
[Henning Heinold - LinuxTag
+# --
+#Copyright (C) 2013 Kshitij Gupta kgupta8...@gmail.com
+#Copyright (C) 2015 Christian Boltz appar...@cboltz.de
+#
+#This program is free software; you can redistribute it and/or
+#modify it under the terms of version 2 of the GNU General Public
+#License
+0200
+++ utils/test/test-change_profile.py 2015-05-09 20:23:18.967205925 +0200
@@ -0,0 +1,443 @@
+#!/usr/bin/env python
+# --
+#Copyright (C) 2015 Christian Boltz appar...@cboltz.de
+#
+#This program is free software; you
,
Christian Boltz
--
Bringt ein kommerzielles Produkt wirklich einen Mehrwert, der sich
wiederlegen laesst ? Wuerde mich einfach so mal interessieren...
Aber klar doch, der Mehrwert ist für denjenigen, der das kommerzielle
Produkt vertreibt, auf seinem Bankkonto direkt sichtbar.
[Peter Beck und
Hello,
this patch series adds classes for change_profile rules and changes the
tools to use those classes.
Regards,
Christian Boltz
--
Golden rule of Sourcecode: 50% are comments, and the other 50% bugs!
--
AppArmor mailing list
AppArmor@lists.ubuntu.com
Modify settings or unsubscribe
):
-return RE_PROFILE_CHANGE_PROFILE_2.search(raw_rule)
+return RE_PROFILE_CHANGE_PROFILE.search(raw_rule)
@classmethod
def _parse(cls, raw_rule):
Regards,
Christian Boltz
--
== Ich müßte das abtippen.
jetzt wird's aber heftig. Maus putt ?
# Log all the mail messages in one place
Hello,
Am Freitag, 8. Mai 2015 schrieb Seth Arnold:
On Fri, May 08, 2015 at 11:56:46PM +0200, Christian Boltz wrote:
+++ utils/apparmor/rule/__init__.py 2015-05-08
23:46:26.461767822 +0200 +def quote_if_needed(data):
+'''quote data if it contains whitespace
,
Christian Boltz
--
[feste Stringlängen in C] Dafür gibt's #defines.
Und jedesmal ein neuer Build, wenn sich irgendwo eine Länge ändert.
Cool! Den Versionszähler kann man sich dann als Ventilator in die
Küche hängen ;-) [ Thorsten Haude und Jan Trippler in suse-linux]
--
AppArmor mailing
Hello,
Am Donnerstag, 14. Mai 2015 schrieb Christian Boltz:
[ 06-mergeprof-capability-rule.diff ]
Here's an updated patch with two small changes:
- update comment about the other.aa[profile][hat].get('capability')
check - if it's needed for network rules, then it's probably also
needed
):
Regards,
Christian Boltz
--
[perl -pi -e] Das erspart es einem, selber die Dateien zu kopieren:
sed hat inzwischen auch einen -i Parameter. Willkommen in 2005, David ;)
[ David Haller und Peter Wiersig in suse-linux]
--
AppArmor mailing list
AppArmor@lists.ubuntu.com
Modify settings
']
+else:
+buttons += ['CMD_AUDIT_NEW']
+
+buttons += ['CMD_ABORT', 'CMD_FINISHED']
+
+return buttons
+
if __name__ == '__main__':
main()
Regards,
Christian Boltz
--
I'm not out to destroy Microsoft. That will just be a
completely unintentional side effect. [Linus Torvalds
Hello,
Am Sonntag, 17. Mai 2015 schrieb Christian Boltz:
I tested all changes manually.
... and another test with a different profile resulted in a crash
because other.aa[profile][hat]['network'] wasn't initialized :-(
Here's the updated patch that
- adds a check for that
- moves around
',
+#expected_more_rules='\n profile /bin/bar flags=(audit) {\n}\n'
+#)
def test_set_flags_invalid_01(self):
Regards,
Christian Boltz
--
Es kommt mir (auch wegen der zahlreichen PMs) so vor als ob ich der
einzige bin der das noch nicht gehört hatte. Nächstes Mal wähle
ich gleich als
)
done = True
elif ans == 'CMD_DENY':
Regards,
Christian Boltz
--
[Loadbalancer vor Mailservern]
Ausbauen, bei Ebay verhökern und die frei gewordene Zeit zusammen mit
dem Ebay-Erlös in eine große Betriebsparty mit Cocktails anlegen.
[Peer
,
Christian Boltz
--
Rechte Maustaste auf den Mülleimer - Mülleimer lehren
Also, wenn Du dem Muelleimer 'was lehren kannst, bist Du echt gut. Ich
hoffe, Du hast aber auch eine Lehrerausbildung, sonst kann das in die
Hose gehn... :-) [ Manfred Tremmel und Thomas Hertweck in suse-linux]
--
AppArmor
/winbindd.pid rwk,
/{var/,}run/samba/winbindd/ rw,
Regards,
Christian Boltz
--
Zu schön um nicht gesiggt zu werden ;-) [Rainer Behrendt in dag°]
--
AppArmor mailing list
AppArmor@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/apparmor
(...)
pass
+def AATeardown(self):
+# called by tearDown() - use AATeardown() to avoid the need for using
super(...)
+pass
+
def test_Baz_only_one_test(self):
self.assertEqual(baz, baz)
Regards,
Christian Boltz
--
Bei Emacs ist wie bei jedem anderen OS ein Editor
profiles with the same name
+parse_profile_data('profile /foo {\n}\nprofile /foo
{\n}\n'.split(), 'somefile', False)
+
class AaTest_separate_vars(AATest):
tests = [
('' , set() ),
Regards,
Christian Boltz
--
You cannot mix
or b) if not given, the first
existing logfile from logprof.conf'''
Regards,
Christian Boltz
--
macht ja nichts, dass 95'er ist doch schnell wieder installiert ;-)
Und zur not gibts halt ein wenig geisterbeschwörung Oh grosser Geist
von Norton ich rufe dich. Erhöre mein Flehen und zeichne
Hello,
Am Donnerstag, 9. April 2015 schrieb Tyler Hicks:
On 2015-04-06 21:02:16, Christian Boltz wrote:
make distclean shrinks the list a bit:
unknown:
libraries/libapparmor/test-driver
libraries/libapparmor/include/Makefile.in
libraries/libapparmor/include/sys/Makefile.in
for everybody.
Note that you'll need the latest aa-* utils from bzr trunk if you want
to use aa-logprof on such profiles. Older versions will ignore events
for profiles with an attachment specification.
Regards,
Christian Boltz
[1] for example, /usr/sbin/avahi-daemon is longer than
Hello,
Am Donnerstag, 16. April 2015 schrieb Kshitij Gupta:
On Wed, Apr 15, 2015 at 3:11 AM, Christian Boltz wrote:
Change aa.py to use NetworkRule and NetworkRuleset instead of a
sub-hasher to store, check and write network rules. In detail:
- drop profile_known_network() and use
or self.all_caps != rule_obj.all_caps):
Regards,
Christian Boltz
--
Und das, was das Administrator-Handbuch (SuSE 9.0) dafür hergibt, liest
sich wie ein Backrezept nach folgendem Muster: nehmem sie Mehl, Zucker
und Milch und stellen Sie es in den Ofen ;-) [Enrico Kunz in suse
Hello,
Am Dienstag, 14. April 2015 schrieb Christian Boltz:
this patch adds utils/test/test-network.py with tests for NetworkRule
and NetworkRuleset.
The tests are hopefully self-explaining, so let me just mention the
most important things:
- I started to play with namedtuple, which looks
' )
Regards,
Christian Boltz
--
Klotzcode:
80x25 auf 24 Zoll.
[Werner Flamme in opensuse.de]
--
AppArmor mailing list
AppArmor@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/apparmor
Hello,
Am Mittwoch, 15. April 2015 schrieb Kshitij Gupta:
On Wed, Apr 15, 2015 at 3:07 AM, Christian Boltz wrote:
this patch adds utils/apparmor/rule/network.py with the NetworkRule
and NetworkRuleset classes. These classes are meant to handle
network rules.
In comparison
22:44:49 +
+++ .bzrignore 2015-04-17 21:39:14 +
@@ -24,6 +24,7 @@
parser/techdoc.log
parser/techdoc.pdf
parser/techdoc.toc
+profiles/apparmor.d/local/*.*
libraries/libapparmor/Makefile
libraries/libapparmor/Makefile.in
libraries/libapparmor/aclocal.m4
Regards,
Christian Boltz
Hello,
Am Freitag, 17. April 2015 schrieb Seth Arnold:
On Fri, Apr 17, 2015 at 10:47:39PM +0200, Christian Boltz wrote:
see $subject ;-)
[ capability-rule-fix-typo.diff ]
Acked-by: Seth Arnold seth.arn...@canonical.com
Acked for both 2.9 and trunk as needed.
This typo (and the whole
Hello,
this patchset introduces and uses the NetworkRule and NetworkRuleset
classes and changes aa.py etc. to use them instead of a sub-hasher.
Regards,
Christian Boltz
--
rpmdb: PANIC: fatal region error detected; run recovery
Du wohnst nicht zufällig in Bielefeld?
[ Cornelia Böttge und
python
+# --
+#Copyright (C) 2013 Kshitij Gupta kgupta8...@gmail.com
+#Copyright (C) 2015 Christian Boltz appar...@cboltz.de
+#
+#This program is free software; you can redistribute it and/or
+#modify it under the terms
:19:41 +
@@ -0,0 +1,428 @@
+#!/usr/bin/env python
+# --
+#Copyright (C) 2015 Christian Boltz appar...@cboltz.de
+#
+#This program is free software; you can redistribute it and/or
+#modify it under the terms
= re.compile(RE_AUDIT_DENY +
'(dbus\s*,|dbus\s+[^#]*\s*,)' + RE_EOL)
Regards,
Christian Boltz
--
(Beschwerden bitte an die Verbrecher des jeweiligen Programms)
:) Die KDE4-Entwickler sind vermutlich eh noch eingebunkert...
[ Karl Thomas Schmidt und Helga Fischer in opensuse-de]
--
AppArmor
Hello,
Am Montag, 13. April 2015 schrieb Steve Beattie:
On Tue, Apr 14, 2015 at 12:50:26AM +0200, Christian Boltz wrote:
Am Montag, 13. April 2015 schrieb Steve Beattie:
On Sun, Apr 12, 2015 at 03:32:25AM +0200, Christian Boltz wrote:
CleanProf.remove_duplicate_rules() didn't call
,
Christian Boltz
[1] patches for bugs uncovered by the LibreOffice profiles:
33-fix-add-to-variable-and-add-tests.diff
35-fix-serialize_profile_from_old_profiles-variable-add.diff
36-fix-crash-in-serialize_profile_from_old_profiles.diff
--
Wenn das Teil unter Windows CE oder Pocket PC 2000
,',
+'',
+' audit capability,',
+'',
+]
+
+expected_deleted = 6
+
+self._check_test_delete_duplicates_in_profile(rules, expected_raw,
expected_clean, expected_deleted)
+
+
if __name__ == __main__:
unittest.main(verbosity=2)
Regards,
Christian Boltz
deleted += delete_path_duplicates(self.profile.aa[program][hat],
self.other.aa[program][hat], 'allow', self.same_file)
Regards,
Christian Boltz
--
sigmonster ist gassi...
--
AppArmor mailing list
AppArmor@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com
Hello,
Am Montag, 6. April 2015 schrieb Tyler Hicks:
On 2015-04-04 14:24:12, Christian Boltz wrote:
# cd libraries/libapparmor
# ./configure
[... everything looks good ...]
# make clean
...
Now the interesting question is why it is looking for aclocal-1.14.
I have /usr/bin/aclocal
[key], exp_var[key])
+
+
class AaTest_write_header(AATest):
tests = [
# name embedded_hatwrite_flagsdepth flags
attachment prof.keyw. commentexpected
Regards,
Christian Boltz
--
[lange Antwort schreib] [begreif] [lange falsche Antwort lösch]
Genial
501 - 600 of 1302 matches
Mail list logo