lp://qastaging/~intrigeri/apparmor/gnome-gtk3-config
- Get this branch:
- bzr branch lp://qastaging/~intrigeri/apparmor/gnome-gtk3-config
Branch merges
- Seth Arnold: Approve
-
Diff: 11 lines (+1/-0)1 file modifiedprofiles/apparmor.d/abstractions/gnome (+1/-0)
Recent revisions
- 3577. By intrigeri
-
gnome abstraction: grant read access to ~/.config/
gtk-3.0/ *. E.g. Totem needs access to ~/.config/
gtk-3.0/ settings. ini. - 3576. By Christian Boltz
-
Add a test_multi testcase for dbus eavesdrop
The log line (with a different profile=...) was sitting around on my
disk since a year, so let's do something useful with it ;-)Acked-by: Seth Arnold <email address hidden>
- 3575. By Christian Boltz
-
More test_multi profiles
This patch adds profiles for all log sniplets that are expected to
result in a profile rule.This also means some changes in test-libapparmo
r-test_ multi.py are
needed:
- split off log_to_profile_skip from log_to_profile_ known_failures to
- only skip tests in log_to_profile_skip (causing a crash or requiring
user interaction)
- run tests in log_to_profile_ known_failures, but expect a non-equal
result (caused by not added rules etc.)
- add quite some tests to log_to_profile_ known_failures - they were
skipped before because they didn't have a *.profile file.
- add handling for hats to shorten list of known failures
This fixes testcase24 and testcase33 (after adjusting the profiles)
and lots of the new *.profile files.
- since we now have *.profile files for all log events that should result
in a profile rule, no longer ignore FileNotFoundErrorAcked-by: Seth Arnold <email address hidden>
- 3574. By Christian Boltz
-
dnsmasq profile: more lxd additions
Besides dnsmasq.leases, dnsmasq.pid needs to be written. Also read
access for some files is needed (currently dnsmasq.raw and
dnsmasq.hosts - using dnsmasq.* makes this more future-proof when
more files get added)References: https:/
/bugs.launchpad .net/apparmor/ +bug/1634199 (again) Acked-by: John Johansen <email address hidden>
- 3573. By Christian Boltz
-
Add new dnsmasq.leases location for lxd to dnsmasq profiles
References: https:/
/bugs.launchpad .net/bugs/ 1634199 Acked-by: Seth Arnold <email address hidden> for trunk, 2.10 and 2.9.
- 3572. By Christian Boltz
-
Test log to profile "translation"
This patch adds TestLogToProfile to test-libapparmo
r-test_ multi.py which
"translates" the test_multi log sniplets to a profile, and checks if it
matches the expected profile.The expected profile for one log event will obviously contain only one
rule, and gets added as *.profile to the test_multi directory.This patch includes 33 test_multi profiles - which means 83 more need to
be created. Whenever you have some time, add one or two! (Please write
those test_multi profiles manually, without using the tools.)I know some parts of the test code looks complicated. Unfortunately this
is how things work - compare it with do_logprof_pass() in aa.py...While on it, set tests = 'invalid' which ensures a failure in case
parse_test_profiles( ) doesn't set the tests array, and move printing
the test name out of parse_test_profiles( ) to avoid printing it twice. A nice side effect of this patch is increased test coverage:
- 30% -> 40% in aa.py (= 250 more lines)
- 52% -> 78% in aamode.py (= 23 more lines)
- 26% -> 68% in logparser.py (= 120 more lines)
- total coverage increases from 57% to 62%Acked-by: Seth Arnold <email address hidden>
- 3571. By Christian Boltz
-
fix typo in "reasonable" in apparmor_parser manpage
(merge request by intrigeri)
Acked-By: <Christian Boltz> for trunk, 2.10 and 2.9
- 3570. By Christian Boltz
-
allow reading /tmp/.X11-unix/* in abstractions/X
This is needed when starting X with "-nolisten local".
References: https:/
/bugs.launchpad .net/apparmor/ +bug/1589823 Acked-by: Seth Arnold <email address hidden> for trunk, 2.10 and 2.9
- 3569. By Christian Boltz
-
add network 'kcm' keyword to apparmor.d manpage
I already did this in the python code a month ago, and now realized that
we should also update the apparmor.d manpage ;-)Acked-by: Seth Arnold <email address hidden> for trunk and 2.10.
- 3568. By Christian Boltz
-
Drop unused 'found' counter from aa.py ask_the_questions()
Acked-by: Seth Arnold <email address hidden>
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp://qastaging/apparmor/2.12