lp:~sdeziel/apparmor/usr.sbin.sshd-refresh
- Get this branch:
- bzr branch lp:~sdeziel/apparmor/usr.sbin.sshd-refresh
Branch merges
- Seth Arnold: Approve
-
Diff: 285 lines (+109/-130)2 files modifiedprofiles/apparmor.d/abstractions/libpam-systemd (+19/-0)
profiles/apparmor/profiles/extras/usr.sbin.sshd (+90/-130)
Branch information
Recent revisions
- 3274. By Simon Déziel
-
usr.sbin.sshd: deny net_admin that is not strictly required
Matthew Dawson explained why:
> sshd doesn't actually require the net_admin capability. libpam-systemd tries
> to use it if available to set the send/receive buffers size, but will fall
> back to a non-privileged version if it fails.https:/
/lists. ubuntu. com/archives/ apparmor/ 2016-April/ 009586. html - 3269. By Simon Déziel
-
Allow reading conf snippets from /etc/dnsmasq.
d-available Some packages like libvirt-bin and lxc drop conf snippets in /etc/dnsmasq.
d-available
and make them available through symlinks in /etc/dnsmasq.d created during postinst. - 3268. By Christian Boltz
-
Add __repr__() functions to BaseRule and BaseRuleset
This makes print()ing a class object much more helpful - instead of
<apparmor.rule.network. NetworkRule object at 0x7f416b239e48>
we now get something like
<NetworkRule> network inet stream,
(based on get_raw())A NetworkRuleset will be printed as (also based on get_raw())
<NetworkRuleset>
network inet stream,
allow network inet stream, # comment
</NetworkRuleset>Also add tests to test-network.py to ensure that __repr__() works as
expected.Acked-by: Kshitij Gupta <email address hidden>
- 3267. By Christian Boltz
-
Add (abstract) get_clean() method to baserule
Also add a test to ensure it raises an AppArmorBug.
Acked-by: Kshitij Gupta <email address hidden>
- 3266. By Christian Boltz
-
let logparser.py ignore file_inherit events without request_mask
That's not nice, but still better than a crash ;-)
References: https:/
/bugs.launchpad .net/apparmor/ +bug/1466812/ Acked-by: Kshitij Gupta <email address hidden> for trunk and 2.9
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:apparmor/2.12