1. 25 Jun, 2010 1 commit
    • Steve Beattie's avatar
      This patch adds a couple of additional lineno reporting testcases: · 2d2897f4
      Steve Beattie authored
        * a non-include related syntax error (errors/modefail.sd)
        * multiple successful includes followed by a failed include
      It also fixes two issues with the parser's line counting:
        * the count began at 0 (demonstrated by the first testcase's error
          being reporting on one line less than it should be), and
        * an extra line increment when includes were detected (demonstrated
          by the second testcase's error being reported at a line beyond the
          correct linenumber.
      The existing testcases did not catch these because they were all
      based on the first include in the file failing and so the start of
      the count from 0 counteracted the extra counted line.
  2. 05 Jun, 2010 2 commits
  3. 24 Jul, 2009 4 commits
  4. 15 Aug, 2007 1 commit
  5. 24 May, 2007 1 commit
  6. 09 May, 2007 1 commit
  7. 11 Apr, 2007 1 commit
  8. 20 Nov, 2006 1 commit
    • Steve Beattie's avatar
      This patch converts the call to fdopendir() to fclose(), opendir(), as · 6271e1a5
      Steve Beattie authored
      the former isn't supported on glibc before glibc 2.4 (SL10.0 and prior,
      Annvix, etc.). I dislike the change because fdopendir() does exactly
      what I want, and converting to straight opendir() introduces a small
      race window, though paths in question should be under administrator
      control anyway.
  9. 10 Oct, 2006 1 commit
    • Steve Beattie's avatar
      This patch adds support for including all the files within a directory · 398ef08b
      Steve Beattie authored
      by naming the directory (e.g. #include </etc/apparmor.d/abstractions>).
      It will skip over dotfiles and as well as subdirectories. It is intended
      to make scripting and packaging easier, as the including profile will
      not need to know explicitly all of the names to include.
      Long term, rather than hardcode that dotfiles will be skipped, it should
      be configurable via /etc/apparmor.d/subdomain what patterns of files
      should be skipped; genprof/logprof should also honor this setting. The
      code could be reused as I'd like to make the parser just take a directory
      on the command line rather than being fed profiles one at a time; again
      it would skip files based on these same patterns.
      This patch also eliminates some dead code in the include processing, as
      well as replaces a couple of undersized fixed-size buffer (PATH_MAX is
      4095 on linux, buffer is not overflowable due to use of strncpy/snprintf)
      with dynamically allocated ones.
  10. 26 Sep, 2006 1 commit
  11. 28 Apr, 2006 1 commit
    • Steve Beattie's avatar
      https://bugzilla.novell.com/show_bug.cgi?id=160330 · 0508ea01
      Steve Beattie authored
      This patch prevents the parser from segv'ing if neither of the expected
      default profile directories exist (/etc/subdomain.d, /etc/apparmor.d).
      A profile passed on the command line or via stdin will still load, so
      long as -I/path/to/includes is passed for any relevant includes files.
  12. 12 Apr, 2006 1 commit
  13. 11 Apr, 2006 1 commit