Last commit made on 2017-10-28
Get this branch:
git clone -b apparmor-2.11 https://git.launchpad.net/~sbeattie/apparmor/+git/apparmor
Only Steve Beattie can upload to this branch. If you are Steve Beattie please log in for upload directions.

Branch merges

Branch information


Recent commits

f993585... by Steve Beattie on 2017-10-28

git conversion: move .bzrignore to .gitignore

Signed-off-by: Steve Beattie <email address hidden>

728f02b... by Simon D├ęziel on 2017-10-27

profiles: update wireshark profile for modern releases

MErge from trunk commit 3728

Acked-by: Steve Beattie <email address hidden>

831c932... by intrigeri on 2017-10-26

profiles: allow OpenAL HRTF support in audio abstraction

Merge from trunk commit 3726

The files are "head-related transfer function" data sets, used by
OpenAL for better spatialization of sounds when headphones are detected.

Acked-by: Steve Beattie <email address hidden>

Bug: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=874665

89f3fb7... by intrigeri on 2017-10-26

binutils: honor ${CFLAGS} and ${CPPFLAGS}

Merge from trunk revision 3723.

Acked-by: Steve Beattie <email address hidden>

a29704b... by Vincas Dargis on 2017-10-26

profiles: tunables/global - accept seven digit pids

[Merge from trunk revision 3722]

On 64bit systems, /proc/sys/kernel/pid_max can be set to PID_MAX_LIMIT,
(2^22), which results in seven digit pids. Adjust the @{PID} variable in
tunables/global to accept this.

Acked-by: intrigeri <email address hidden>
Acked-by: Steve Beattie <email address hidden>

Bug: https://bugs.launchpad.net/apparmor/+bug/1717714

90e0869... by Christian Boltz on 2017-10-23

Add python3.6 line to utils/logprof.conf

This is a backport of trunk r3718 by intrigeri

Acked-by: John Johansen <email address hidden> for 2.11 and 2.10 (on IRC)

0eedfe8... by Christian Boltz on 2017-10-20

Allow reading /etc/netconfig in abstractions/nameservice

/etc/netconfig is required by the tirpc library which nscd and several
other programs use.

References: https://bugzilla.opensuse.org/show_bug.cgi?id=1062244

Acked-by: Seth Arnold <email address hidden> for 2.9, 2.10, 2.11 and trunk

8b81fe0... by John Johansen on 2017-10-19

bump release version to 2.11.1

a8f5b8f... by Steve Beattie on 2017-10-19

libapparmor: fix swig test_apparmor.py for zero length ptrace records
Merge from trunk revision 3715

The added testcase for a ptrace target with an empty string
(ptrace_garbage_lp1689667_1.in) was causing the swig python test script
to fail. The generated python swig record for libapparmor ends up
setting a number of fields to None or other values that indicate the
value is unset, and the test script was checking if the value in the
field didn't evaluate to False in a python 'if' test.

Unfortunately, python evaluates the empty string '' as False in 'if'
tests, resulting in the specific field that contained the empty string
to be dropped from the returned record. This commit fixes that by
special case checking for the empty string.

Signed-off-by: Steve Beattie <email address hidden>
Acked-by: John Johansen <email address hidden>

878ebd4... by John Johansen on 2017-10-18

Fix af_unix downgrade of network rules

with unix rules we output a downgraded rule compatible with network rules
so that policy will work on kernels that support network socket controls
but not the extended af_unix rules

however this is currently broken if the socket type is left unspecified
(initialized to -1), resulting in denials for kernels that don't support
the extended af_unix rules.

cherry-pick: lp:apparmor r3700
Signed-off-by: John Johansen <email address hidden>
Acked-by: timeout