- 30 Jan, 2023 2 commits
-
-
Christian Boltz authored
Recently got bitten by `usr.sbin.lighttpd` not having the local include, so I figured I'd bring all the `extras/` profiles up to parity. MR: !974 Approved-by:
Christian Boltz <apparmor@cboltz.de> Merged-by:
Christian Boltz <apparmor@cboltz.de>
-
Daniel Richard G. authored
-
- 29 Jan, 2023 3 commits
-
-
Christian Boltz authored
* Improve utils hotkey handling * Ensure all languages are always tested and all subprocesses run successfully. Picked from !966 (by Mark Grassi) so that code and translation changes are in separate MRs. MR: !971 Approved-by:
Christian Boltz <apparmor@cboltz.de> Merged-by:
Christian Boltz <apparmor@cboltz.de>
-
-
Ensure all languages are always tested and all subprocesses run successfully.
-
- 25 Jan, 2023 1 commit
-
-
John Johansen authored
Signed-off-by:
John Johansen <john.johansen@canonical.com>
-
- 24 Jan, 2023 4 commits
-
-
John Johansen authored
Resolves #292. This fix is the same as !830 but for Brave. Opening links in Brave now works as intended. Note that now a separate denial is caused, related to WidevineCDM, is produced: ``` [ERROR:content_main_runner_impl.cc(415)] Unable to load CDM /home/username/.config/BraveSoftware/Brave-Browser/WidevineCdm/4.10.2557.0/_platform_specific/linux_x64/libwidevinecdm.so (error: /home/username/.config/BraveSoftware/Brave-Browser/WidevineCdm/4.10.2557.0/_platform_specific/linux_x64/libwidevinecdm.so: failed to map segment from shared object) ``` In the syslog: ``` audit: type=1400 audit(1671108748.090:117): apparmor="DENIED" operation="file_mmap" profile="/usr/bin/evince//sanitized_helper" name="/home/username/.config/BraveSoftware/Brave-Browser/WidevineCdm/4.10.2557.0/_platform_specific/linux_x64/libwidevinecdm.so" pid=65765 comm="brave" requested_mask="m" denied_mask="m" fsuid=1000 ouid=100 ``` I'm not sure if granting permission(s) for this is desirable. In either case, the potential relevant changes are out of the scope of this MR. If I disable WidevineCDM in Brave, I get the following denial on cap sys_admin: ``` audit: type=1400 audit(1671112807.666:174): apparmor="DENIED" operation="capable" profile="/usr/bin/evince//sanitized_helper" pid=112098 comm="brave" capability=21 capname="sys_admin" ``` which is fine, as mentioned by @jjohansen [here](!830 (comment 831915024)). Closes #292 MR: !957 Approved-by:
John Johansen <john@jjmx.net> Merged-by:
John Johansen <john@jjmx.net>
-
John Johansen authored
In the [merge request that adds AppArmor support on D-Bus Broker](https://github.com/bus1/dbus-broker/pull/286), the word "method" is used instead of "member" on the auditing logs. So we are adding support to parse "method" the same way as "member" on D-Bus audit logs. MR: !958 Approved-by:
John Johansen <john@jjmx.net> Merged-by:
John Johansen <john@jjmx.net>
-
John Johansen authored
- ssl_certs: /{etc,usr/share}/pki/trust/ has more than the 'anchors' subdirectory - crypoto: allow reading /etc/gcrypt/hwf.deny I propose this patch for 3.0..master (2.13 doesn't have abstractions/crypto). MR: !961 Approved-by:
John Johansen <john@jjmx.net> Merged-by:
John Johansen <john@jjmx.net>
-
John Johansen authored
The key of SYSV message queues is an integer and the kernel uses an integer to store the key. In order to improve performance when travelling the DFA in the kernel, we should use an integer instead of the string. This [patch](georgiag/apparmor-kernel@5501f45f) contains a rough implementation of what that would look like on the kernel side MR: !968 Approved-by:
John Johansen <john@jjmx.net> Merged-by:
John Johansen <john@jjmx.net>
-
- 23 Jan, 2023 2 commits
-
-
Christian Boltz authored
Fixes: https://bugs.launchpad.net/bugs/2003702 MR: !970 Approved-by:
Jon Tourville <jon.tourville@canonical.com> Merged-by:
Christian Boltz <apparmor@cboltz.de>
-
- 22 Jan, 2023 1 commit
-
-
Christian Boltz authored
Waydroid uses LXC and some lxc-net equivalent scripts. Allow that. https://github.com/waydroid/waydroid/blob/b910c891740026aeba2cd6a86f93ca87ef57e3c6/data/scripts/waydroid-net.sh https://web.archive.org/web/20221202141315/https://docs.waydro.id/debugging/known-issues MR: !969 Approved-by:
Christian Boltz <apparmor@cboltz.de> Merged-by:
Christian Boltz <apparmor@cboltz.de>
-
- 17 Jan, 2023 1 commit
-
-
Cameron Nemo authored
Waydroid uses LXC and some lxc-net equivalent scripts. Allow that. https://github.com/waydroid/waydroid/blob/b910c891740026aeba2cd6a86f93ca87ef57e3c6/data/scripts/waydroid-net.sh https://web.archive.org/web/20221202141315/https://docs.waydro.id/debugging/known-issues Signed-off-by:
Cameron Nemo <cam@nohom.org>
-
- 12 Jan, 2023 1 commit
-
-
Georgia Garcia authored
MR: !967 Approved-by:
Jon Tourville <jon.tourville@canonical.com> Merged-by:
Georgia Garcia <georgia.garcia@canonical.com>
-
- 11 Jan, 2023 3 commits
-
-
Georgia Garcia authored
The key of SYSV message queues is an integer and the kernel uses an integer to store the key. In order to improve performance when travelling the DFA in the kernel, we should use an integer instead of the string. Signed-off-by:
Georgia Garcia <georgia.garcia@canonical.com>
-
Georgia Garcia authored
Signed-off-by:
Georgia Garcia <georgia.garcia@canonical.com>
-
Georgia Garcia authored
The mqueue tests were using the previous format which was specific for capabilities. The qual= prefix should be used instead. Signed-off-by:
Georgia Garcia <georgia.garcia@canonical.com>
-
- 07 Jan, 2023 1 commit
-
-
John Johansen authored
dbus-broker requires some modification of the test suite. In summary: * refactor to support starting and stopping both dbus and dbus-broker. * Make it so we can run the tests on each, where appropriate * skip unrequested reply and eavesdrop tests for dbus broker because they are not supported. MR: !965 Approved-by:
John Johansen <john@jjmx.net> Merged-by:
John Johansen <john@jjmx.net>
-
- 06 Jan, 2023 1 commit
-
-
Georgia Garcia authored
DBus Broker was enabled for the dbus_message and dbus_service regression tests. The dbus_eavesdropping test does not run with dbus-broker because eavesdropping was deprecated in favor or monitoring, so new tests for the "BecomeMonitor" method need to be added. The dbus_unrequested_reply test is also not supported by dbus-broker, therefore the tests are skipped. Signed-off-by:
Georgia Garcia <georgia.garcia@canonical.com>
-
- 05 Jan, 2023 1 commit
-
-
John Johansen authored
Commit 8cf3534a ("tests regression: fix failure on older versions of Make") from !639 was incorrectly applied, including the `+` prefixes from the proposed patch. This causes the sysctl syscall() checks to not correctly be applied and results in a mismatch of expectations in the syscall_sysctl.sh test script, causing it and the testsuite to fail. Thus, remove the bogon `+` characters from the Makefile, to make USE_SYSCTL be set correctly. Fixes: 8cf3534a ("tests regression: fix failure on older versions of Make") Signed-off-by:
Steve Beattie <steve.beattie@canonical.com> MR: !963 Approved-by:
Georgia Garcia <georgia.garcia@canonical.com> Approved-by:
Christian Boltz <apparmor@cboltz.de> Approved-by:
John Johansen <john@jjmx.net> Merged-by:
John Johansen <john@jjmx.net>
-
- 04 Jan, 2023 4 commits
-
-
Georgia Garcia authored
The test "eavesdrop (confined w/o dbus perms)" was failing for the wrong reason. While it should fail because it is missing dbus rules, it was actually failing because it didn't have the required unix rule. The error message was: "FAIL: Failed to open connection to "session" message bus: Failed to open socket: Permission denied" Corresponding audit log: [28306.743863] audit: type=1400 audit(1671048091.505:297): apparmor="DENIED" operation="create" class="net" profile="/home/georgia/apparmor/tests/regression/apparmor/dbus_eavesdrop" pid=6787 comm="dbus_eavesdrop" family="unix" sock_type="stream" protocol=0 requested_mask="create" denied_mask="create" addr=none After the change, the error message is: FAIL: Failed to open connection to "session" message bus: An AppArmor policy prevents this sender from sending this message to this recipient; type="method_call", sender="(null)" (inactive) interface="org.freedesktop.DBus" member="Hello" error name="(unset)" requested_reply="0" destination="org.freedesktop.DBus" (bus) Corresponding audit log: [28444.248268] audit: type=1107 audit(1671048229.009:300): pid=6826 uid=0 auid=1000 ses=5 subj=unconfined msg='apparmor="DENIED" operation="dbus_method_call" bus="session" path="/org/freedesktop/DBus" interface="org.freedesktop.DBus" member="Hello" mask="send" name="org.freedesktop.DBus" pid=6854 label="/home/georgia/apparmor/tests/regression/apparmor/dbus_eavesdrop" peer_label="unconfined" exe="/usr/bin/dbus-daemon" sauid=0 hostname=? addr=? terminal=?' Signed-off-by:
Georgia Garcia <georgia.garcia@canonical.com>
-
Georgia Garcia authored
The profile generated by dbus did not include this rule which caused the following DENIED audit logs: [26937.013475] audit: type=1400 audit(1671046721.776:246): apparmor="DENIED" operation="getattr" class="file" profile="/home/georgia/apparmor/tests/regression/apparmor/dbus_message" name="/tmp/sdtest.5720-14413-VQMPsH/output.dbus_message" pid=5866 comm="dbus_message" requested_mask="r" denied_mask="r" fsuid=0 ouid=0 Signed-off-by:
Georgia Garcia <georgia.garcia@canonical.com>
-
John Johansen authored
As reported in issue #295 , the json output from aa-status would be invalid if there were profiles defined for processes that were unconfined. Fix this by ensuring the json for the processes array is closed properly. Signed-off-by:
Alex Murray <alex.murray@canonical.com> MR: !964 Approved-by:
John Johansen <john@jjmx.net> Merged-by:
John Johansen <john@jjmx.net>
-
Alex Murray authored
As reported in issue #295 , the json output from aa-status would be invalid if there were profiles defined for processes that were unconfined. Fix this by ensuring the json for the processes array is closed properly. Signed-off-by:
Alex Murray <alex.murray@canonical.com>
-
- 03 Jan, 2023 3 commits
-
-
Georgia Garcia authored
getopt returns an int, not a char. Error caused by this issue could only be observed on non-x86 systems. Closes LP#2000359 Signed-off-by:
Georgia Garcia <georgia.garcia@canonical.com> MR: !962 Approved-by:
Jon Tourville <jon.tourville@canonical.com> Approved-by:
Steve Beattie <gitlab@nxnw.org> Merged-by:
Georgia Garcia <georgia.garcia@canonical.com>
-
Steve Beattie authored
Commit 8cf3534a ("tests regression: fix failure on older versions of Make") from !639 was incorrectly applied, including the `+` prefixes from the proposed patch. This causes the sysctl syscall() checks to not correctly be applied and results in a mismatch of expectations in the syscall_sysctl.sh test script, causing it and the testsuite to fail. Thus, remove the bogon `+` characters from the Makefile, to make USE_SYSCTL be set correctly. Fixes: 8cf3534a ("tests regression: fix failure on older versions of Make") Signed-off-by:
Steve Beattie <steve.beattie@canonical.com>
-
Georgia Garcia authored
getopt returns an int, not a char. Error caused by this issue could only be observed on non-x86 systems. Closes LP#2000359 Signed-off-by:
Georgia Garcia <georgia.garcia@canonical.com>
-
- 17 Dec, 2022 1 commit
-
-
Christian Boltz authored
- ssl_certs: /{etc,usr/share}/pki/trust/ has more than the 'anchors' subdirectory - crypoto: allow reading /etc/gcrypt/hwf.deny
-
- 16 Dec, 2022 4 commits
-
-
Georgia Garcia authored
small fixes on log parsing MR: !959 Approved-by:
Jon Tourville <jon.tourville@canonical.com> Approved-by:
Christian Boltz <apparmor@cboltz.de> Merged-by:
Georgia Garcia <georgia.garcia@canonical.com>
-
Georgia Garcia authored
Add support to parse "method" the same way as "member" on D-Bus audit logs. Signed-off-by:
Georgia Garcia <georgia.garcia@canonical.com>
-
Georgia Garcia authored
The AppArmorBug exception was missing the variable from the message Signed-off-by:
Georgia Garcia <georgia.garcia@canonical.com>
-
Georgia Garcia authored
If the "operation" field is not present, we get the following error: AttributeError: 'NoneType' object has no attribute 'startswith' Signed-off-by:
Georgia Garcia <georgia.garcia@canonical.com>
-
- 15 Dec, 2022 1 commit
-
-
Rushil Ambati authored
-
- 12 Dec, 2022 1 commit
-
-
Christian Boltz authored
... by returning early if there's nothing to do. The main improvement is more readable code, but there should also be a minor performance improvement. MR: !955 Approved-by:
Georgia Garcia <georgia.garcia@canonical.com> Merged-by:
Christian Boltz <apparmor@cboltz.de>
-
- 10 Dec, 2022 2 commits
-
-
John Johansen authored
States are not guaranteed to have transitions, but when inserting a state into the chfa table there is an unconditional dereference to the states first transition. This will result in a bad reference and could result in an OOB flag being set on the state when it shouldn't be. Fixes: 16b67ddb ("add ability to use out of band transitions" Closes: #290 Reported-by:
Nobel Barakat <nobelbarakat@google.com> Reported-by:
Oleksandr Tymoshenko <ovt@google.com> Signed-off-by:
John Johansen <john.johansen@canonical.com> Closes #290 MR: !956 Approved-by:
Seth Arnold <seth.arnold@gmail.com> Merged-by:
John Johansen <john@jjmx.net>
-
John Johansen authored
States are not guaranteed to have transitions, but when inserting a state into the chfa table there is an unconditional dereference to the states first transition. This will result in a bad reference and could result in an OOB flag being set on the state when it shouldn't be. Fixes: 16b67ddb ("add ability to use out of band transitions" Closes: #290 Reported-by:
Nobel Barakat <nobelbarakat@google.com> Reported-by:
Oleksandr Tymoshenko <ovt@google.com> Signed-off-by:
John Johansen <john.johansen@canonical.com>
-
- 05 Dec, 2022 2 commits
-
-
John Johansen authored
This reverts commit 1aa474b2 . This is a debug patch that unconditionally sets a profile debug flag if mqueue rules are present. It should not be present in merged code, and instead the user should set a debug flag on the profile if that is desired. This was merged with the patch to expedite the MR with the understanding that this patch would be reverted. Signed-off-by:
John Johansen <john.johansen@canonical.com>
-
John Johansen authored
MR: !858 Approved-by:
John Johansen <john@jjmx.net> Merged-by:
John Johansen <john@jjmx.net>
-
- 30 Nov, 2022 1 commit
-
-
Christian Boltz authored
... by returning early if there's nothing to do. The main improvement is more readable code, but there should also be a minor performance improvement.
-