lp:apparmor/2.7

Created by John Johansen on 2011-12-15 and last modified on 2012-04-25
Get this branch:
bzr branch lp:apparmor/2.7
Members of AppArmor Developers can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
AppArmor Developers
Project:
AppArmor
Status:
Mature

Recent revisions

1903. By Kees Cook on 2012-04-25

Merge from trunk rev 2037:

The m4 shipped to handle Python was incorrectly clearing
$CPPFLAGS. Additionally, do not repeat compiler flags for automake
targets that already include them, and pass more flags to the Perl build.

Signed-off-by: Kees Cook <email address hidden>
Acked-By: Steve Beattie <email address hidden>

1902. By Kees Cook on 2012-04-25

Port from trunk rev 2036:

Include IceWeasel in ubuntu-browsers abstraction.

Author: Intrigeri <email address hidden>
Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=661176

Signed-off-by: Kees Cook <email address hidden>
Acked-By: Steve Beattie <email address hidden>
Acked-By: Jamie Strandboge <email address hidden>

1901. By Kees Cook on 2012-04-25

Merge from trunk rev 2035:

Updates the X abstraction to include gdm3 path.

Author: Intrigeri <email address hidden>
Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=660079

Signed-off-by: Kees Cook <email address hidden>
Acked-By: Steve Beattie <email address hidden>

1900. By Steve Beattie on 2012-04-24

Merge from trunk rev 2034: fix aa-logprof rewrite of PUx modes

When writing out a profile, aa-logprof incorrectly converts PUx execute
permission modes to the syntactically invalid UPx mode, because the
function that converts the internal representation of permissions to
a string emits the U(nconfined) mode bit before the P bit.

This patch corrects this by reordering the way the exec permissions
are emitted, so that P and C modes come before U and i. Based on
http://wiki.apparmor.net/index.php/AppArmor_Core_Policy_Reference#Execute_rules
this should emit the modes correctly in all combined exec modes.
Other approaches to fixing this would require adjusting the data
structure that contains the permission modes, resulting in a more
invasive patch.

Nominated-By: Steve Beattie <email address hidden>
Signed-Off-By: John Johansen <email address hidden>

1899. By Steve Beattie on 2012-04-17

Merge from trunk revision 2022:

libapparmor: add support for ip addresses and ports

Bugs: https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/800826
  https://bugzilla.novell.com/show_bug.cgi?id=755923

This patch modifies the libapparmor log parsing code to add support
for the additional ip address and port keywords that can occur in
network rejection rules. The laddr and faddr keywords stand for local
address and foreign address respectively.

The regex used to match an ip address is not very strict, to hopefully
catch the formats that the kernel emits for ipv6 addresses; however,
because this is in a context triggered by the addr keywords, it should
not over-eagerly consume non-ip addresses. Said addresses are returned
as strings in the struct to be processed by the calling application.

Nominated-By: Christian Boltz <email address hidden>
Signed-Off-By: John Johansen <email address hidden>

1898. By Christian Boltz on 2012-04-16

If tftp server for dnsmasq is configured it won't serve the boot
file. This patch adds read permissions for /srv/tftpboot/

References: https://bugzilla.novell.com/show_bug.cgi?id=738905

Somehow ;-) [1] Acked-By: John Johansen

[1] see mailinglist for details ;-)

1897. By Christian Boltz on 2012-04-05

the usr.lib.dovecot.imap-login profile should allow inet6 in addition to inet

References: https://bugzilla.novell.com/show_bug.cgi?id=755923

Acked-By: Jamie Strandboge <email address hidden>

1896. By Christian Boltz on 2012-02-13

Add the missing k permission for /etc/.pwd.lock to the userdel profile.

Acked-By: Steve Beattie <email address hidden>

1895. By Jamie Strandboge on 2012-02-10

cherrypick fix for LP: #929531 from trunk

1894. By Steve Beattie on 2012-01-30

Fix bug in toplevel Makefile REPO_URL reference that caused release
tarballs to be pulled from trunk rather than the 2.7 branch. Adjust
version for a 2.7.2 release.

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
lp:apparmor/2.12
This branch contains Public information 
Everyone can see this information.