lp:~zyga/snap-confine/new-fhs
- Get this branch:
- bzr branch lp:~zyga/snap-confine/new-fhs
Branch merges
- Steven Wilkin (community): Approve
-
Diff: 12 lines (+1/-1)1 file modifiedsrc/seccomp.c (+1/-1)
Branch information
Recent revisions
- 115. By Zygmunt Krynicki
-
Load seccomp profiles from /var/lib/
snapd/seccomp/ profiles This change matches what's happened in snappy upstream over weekend.
- 114. By Jamie Strandboge
-
update testsuite to use $myprofile as variable name instead of $aaprofile--
these are seccomp profiles, not apparmor - 110. By Jamie Strandboge
-
Various fixes to address Seth's feedback:
- cleaned up 'out' handling and die instead
- fixed the typo
- verify snprint() >= 512 (I increased this length) and added tests
- add test for filter missing trailing newline (I didn't change the
line-too-long handling, but did add tests and verify we must end with trailing newline
- use strcmp() with "@unrestricted". add @unrestricted near miss tests
- use getresuid() instead of UBUNTU_CORE_LAUNCHER_ NO_ROOT
- replace getenv() with secure_getenv() everywhere we can
- check return code of fork()
- verify return code of fclose()
- simplified final execv()In addition:
- don't support obsoleted SNAP_APP_TMPDIR and SNAP_APP_USER_DATA_ PATH
- use uid_t and gid_t instead of unsigned
- check return codes of other (f)close()s to help futureproof - 107. By Jamie Strandboge
-
add debian/
README. syscalls from ubuntu- core-security since that package is
going awayignore src/tmp
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:~snappy-dev/snap-confine/trunk