lp:~intrigeri/apparmor/pass-compiler-flags-binutils

Created by intrigeri on 2017-06-24 and last modified on 2017-06-24
Get this branch:
bzr branch lp:~intrigeri/apparmor/pass-compiler-flags-binutils
Only intrigeri can upload to this branch. If you are intrigeri please log in for upload directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
intrigeri
Project:
AppArmor
Status:
Merged

Recent revisions

3665. By intrigeri on 2017-06-24

Pass CFLAGS and CPPFLAGS when building binutils.

3664. By Goldwyn Rodrigues on 2017-06-15

json support for logprof and genprof

From: Goldwyn Rodrigues <email address hidden>

Provides json support to tools in order to interact with other
utilities such as Yast.

The JSON output is one per line, in order to differentiate between
multiple records. Each JSON record has a "dialog" entry which defines
the type of message passed. A response must contain the "dialog"
entry. "info" message does not require a response.

"apparmor-json-version" added in order to identify the communication
protocol version for future updates.

This is based on work done by Christian Boltz.

Signed-off-by: Goldwyn Rodrigues <email address hidden>

Acked-by: Christian Boltz <email address hidden>
Acked-by: Seth Arnold <email address hidden>

3663. By Goldwyn Rodrigues <email address hidden> on 2017-06-11

Remove yast from utils

From: Goldwyn Rodrigues <email address hidden>

This is the yast cleanup from the utils code. All yast communication
should be done with JSON interface now.

Signed-off-by: Goldwyn Rodrigues <email address hidden>

Acked-by: Christian Boltz <email address hidden>

3662. By Christian Boltz on 2017-06-06

More strict profile_storage()

This patch makes the profile_storage() data structure more strict. It
- initializes everything inside a profile with proper values
- makes the profile storage a dict() instead of a hasher(), which means
  it will complain loudly when trying to access non-existing elements
  (hasher() was more forgiving, but this also meant hiding bugs)

The patch also fixes a minor issue related to the more strict 'repo'
profile property in serialize_profile().

Acked-by: Seth Arnold <email address hidden>

3661. By Christian Boltz on 2017-05-19

Ignore ptrace log events without denied_mask

This fixes a crash in the tools.

Reported by peetaur on IRC.

Acked-by: John Johansen <email address hidden> for trunk and 2.11.

3660. By Christian Boltz on 2017-05-19

Add two parser files to .bzrignore

- parser/libapparmor_re/parse.cc is autogenerated during build
- parser/tst_lib gets compiled during "make check"

Both files get deleted by make clean.

Acked-by: John Johansen <email address hidden> for trunk and 2.11.

3659. By Christian Boltz on 2017-05-19

Fix aa-logprof crash on ptrace garbage log events

(garbage) ptrace events like
    ... apparmor="DENIED" operation="ptrace" profile="/bin/netstat" pid=1962 comm="netstat" target=""
cause an empty name2 field, which leads to a crash in the tools.

This patch lets logparser.py ignore such garbage log events, which also
avoids the crash.

As usual, add some testcases.

test-libapparmor-test_multi.py needs some special handling to ignore the
empty name2 field in one of the testcases.

References: https://bugs.launchpad.net/apparmor/+bug/1689667

Acked-by: Seth Arnold <email address hidden> for trunk and 2.11.

Older releases can't handle ptrace log events and therefore can't crash ;-)

3658. By Jamie Strandboge on 2017-05-04

Update base abstraction for additional journald sockets

The base abstraction already allows write access to
/run/systemd/journal/dev-log but journald offers both:
- a native journal API at /run/systemd/journal/socket (see sd_journal_print(4))
- /run/systemd/journal/stdout for connecting a program's output to the journal
  (see systemd-cat(1)).

In addition to systemd-cat, the stdout access is required for nested container
(eg, LXD) logs to show up in the host. Interestingly, systemd-cat and LXD
containers require 'r' in addtion to 'w' to work. journald does not allow
reading log entries from this socket so the access is deemed safe.

Signed-off-by: Jamie Strandboge <email address hidden>
Acked-by: Seth Arnold <email address hidden>

3657. By Tyler Hicks on 2017-04-20

libapparmor: Don't print shell commands that check for test failures

Error messages should only show up in build logs when the error has been
encountered. This patch silences these shell commands from being printed
before they're interpreted.

Signed-off-by: Tyler Hicks <email address hidden>
Acked-by: John Johansen <email address hidden>
Acked-by: Christian Boltz <email address hidden>

3656. By Tyler Hicks on 2017-04-20

libapparmor: Fix parallel make dependency issue in testsuite

A multi job `make check` command could fail due to check-local running
before the check-DEJAGNU target, which is automatically generated by
automake, would complete. This would result in a build failure due to
libaalogparse.log not yet existing.

Fix the issue by depending on the check-DEJAGNU target.

Signed-off-by: Tyler Hicks <email address hidden>
Acked-by: John Johansen <email address hidden>

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
lp:apparmor/2.12
This branch contains Public information 
Everyone can see this information.

Subscribers