packages: apparmor-parser/apparmor-parser-bzr.patch, apparmor-parser/apparm...
arekm
arekm at pld-linux.org
Sat Aug 27 20:13:30 CEST 2011
Author: arekm Date: Sat Aug 27 18:13:30 2011 GMT
Module: packages Tag: HEAD
---- Log message:
- rel 3; make profiles reloading work even if there is no free space on /tmp (from bzr)
---- Files affected:
packages/apparmor-parser:
apparmor-parser-bzr.patch (1.3 -> 1.4) , apparmor-parser.spec (1.36 -> 1.37)
---- Diffs:
================================================================
Index: packages/apparmor-parser/apparmor-parser-bzr.patch
diff -u packages/apparmor-parser/apparmor-parser-bzr.patch:1.3 packages/apparmor-parser/apparmor-parser-bzr.patch:1.4
--- packages/apparmor-parser/apparmor-parser-bzr.patch:1.3 Wed Aug 4 15:10:58 2010
+++ packages/apparmor-parser/apparmor-parser-bzr.patch Sat Aug 27 20:13:25 2011
@@ -1,10738 +1,104 @@
-=== added file '.bzrignore'
---- .bzrignore 1970-01-01 00:00:00 +0000
-+++ .bzrignore 2010-08-03 17:27:13 +0000
-@@ -0,0 +1,165 @@
-+parser/po/*.mo
-+parser/af_names.h
-+parser/cap_names.h
-+parser/tst_misc
-+parser/tst_regex
-+parser/tst_symtab
-+parser/tst_variable
-+parser/parser_lex.c
-+parser/parser_version.h
-+parser/parser_yacc.c
-+parser/parser_yacc.h
-+parser/pod2htm*.tmp
-+parser/*.7
-+parser/*.5
-+parser/*.8
-+parser/*.7.html
-+parser/*.5.html
-+parser/*.8.html
-+parser/common
-+parser/apparmor_parser
-+parser/libapparmor_re/regexp.cc
-+parser/techdoc.aux
-+parser/techdoc.log
-+parser/techdoc.pdf
-+parser/techdoc.toc
-+libraries/libapparmor/Makefile
-+libraries/libapparmor/Makefile.in
-+libraries/libapparmor/aclocal.m4
-+libraries/libapparmor/audit.log
-+libraries/libapparmor/autom4te.cache
-+libraries/libapparmor/compile
-+libraries/libapparmor/config.guess
-+libraries/libapparmor/config.log
-+libraries/libapparmor/config.status
-+libraries/libapparmor/config.sub
-+libraries/libapparmor/configure
-+libraries/libapparmor/depcomp
-+libraries/libapparmor/install-sh
-+libraries/libapparmor/libtool
-+libraries/libapparmor/ltmain.sh
-+libraries/libapparmor/missing
-+libraries/libapparmor/ylwrap
-+libraries/libapparmor/doc/Makefile
-+libraries/libapparmor/doc/Makefile.in
-+libraries/libapparmor/doc/aa_change_hat.2
-+libraries/libapparmor/src/.deps
-+libraries/libapparmor/src/.libs
-+libraries/libapparmor/src/Makefile
-+libraries/libapparmor/src/Makefile.in
-+libraries/libapparmor/src/af_protos.h
-+libraries/libapparmor/src/change_hat.lo
-+libraries/libapparmor/src/grammar.lo
-+libraries/libapparmor/src/libaalogparse.lo
-+libraries/libapparmor/src/libimmunix_warning.lo
-+libraries/libapparmor/src/scanner.lo
-+libraries/libapparmor/src/libapparmor.la
-+libraries/libapparmor/src/libimmunix.la
-+libraries/libapparmor/src/grammar.c
-+libraries/libapparmor/src/grammar.h
-+libraries/libapparmor/src/scanner.c
-+libraries/libapparmor/src/scanner.h
-+libraries/libapparmor/src/tst_aalogmisc
-+libraries/libapparmor/swig/Makefile
-+libraries/libapparmor/swig/Makefile.in
-+libraries/libapparmor/swig/perl/LibAppArmor.bs
-+libraries/libapparmor/swig/perl/LibAppArmor.pm
-+libraries/libapparmor/swig/perl/Makefile
-+libraries/libapparmor/swig/perl/Makefile.PL
-+libraries/libapparmor/swig/perl/Makefile.in
-+libraries/libapparmor/swig/perl/Makefile.perl
-+libraries/libapparmor/swig/perl/blib
-+libraries/libapparmor/swig/perl/libapparmor_wrap.c
-+libraries/libapparmor/swig/perl/pm_to_blib
-+libraries/libapparmor/swig/python/Makefile
-+libraries/libapparmor/swig/python/Makefile.in
-+libraries/libapparmor/swig/python/setup.py
-+libraries/libapparmor/swig/ruby/Makefile
-+libraries/libapparmor/swig/ruby/Makefile.in
-+libraries/libapparmor/testsuite/.deps
-+libraries/libapparmor/testsuite/.libs
-+libraries/libapparmor/testsuite/Makefile
-+libraries/libapparmor/testsuite/Makefile.in
-+libraries/libapparmor/testsuite/libaalogparse.log
-+libraries/libapparmor/testsuite/libaalogparse.sum
-+libraries/libapparmor/testsuite/site.exp
-+libraries/libapparmor/testsuite/test_multi.multi
-+libraries/libapparmor/testsuite/config/Makefile
-+libraries/libapparmor/testsuite/config/Makefile.in
-+libraries/libapparmor/testsuite/lib/Makefile
-+libraries/libapparmor/testsuite/lib/Makefile.in
-+libraries/libapparmor/testsuite/libaalogparse.test/Makefile
-+libraries/libapparmor/testsuite/libaalogparse.test/Makefile.in
-+libraries/libapparmor/testsuite/test_multi/out
-+changehat/mod_apparmor/.libs
-+changehat/mod_apparmor/common
-+changehat/pam_apparmor/common
-+changehat/tomcat_apparmor/common
-+utils/common
-+utils/*.8
-+utils/*.8.html
-+utils/*.5
-+utils/*.5.html
-+utils/*.tmp
-+utils/po/*.mo
-+tests/regression/apparmor/access
-+tests/regression/apparmor/changehat
-+tests/regression/apparmor/changehat_fail
-+tests/regression/apparmor/changehat_fork
-+tests/regression/apparmor/changehat_misc
-+tests/regression/apparmor/changehat_misc2
-+tests/regression/apparmor/changehat_pthread
-+tests/regression/apparmor/changehat_twice
-+tests/regression/apparmor/changehat_wrapper
-+tests/regression/apparmor/changeprofile
-+tests/regression/apparmor/chdir
-+tests/regression/apparmor/chgrp
-+tests/regression/apparmor/chmod
-+tests/regression/apparmor/chown
-+tests/regression/apparmor/clone
-+tests/regression/apparmor/deleted
-+tests/regression/apparmor/env_check
-+tests/regression/apparmor/environ
-+tests/regression/apparmor/exec
-+tests/regression/apparmor/exec_qual
-+tests/regression/apparmor/exec_qual2
-+tests/regression/apparmor/fchdir
-+tests/regression/apparmor/fchgrp
-+tests/regression/apparmor/fchmod
-+tests/regression/apparmor/fchown
-+tests/regression/apparmor/fork
-+tests/regression/apparmor/link
-+tests/regression/apparmor/link_subset
-+tests/regression/apparmor/mkdir
-+tests/regression/apparmor/mmap
-+tests/regression/apparmor/mount
-+tests/regression/apparmor/named_pipe
-+tests/regression/apparmor/net_raw
-+tests/regression/apparmor/open
-+tests/regression/apparmor/openat
-+tests/regression/apparmor/pipe
-+tests/regression/apparmor/ptrace
-+tests/regression/apparmor/ptrace_helper
-+tests/regression/apparmor/pwrite
-+tests/regression/apparmor/readdir
-+tests/regression/apparmor/rename
-+tests/regression/apparmor/rw
-+tests/regression/apparmor/swap
-+tests/regression/apparmor/symlink
-+tests/regression/apparmor/syscall_chroot
-+tests/regression/apparmor/syscall_mknod
-+tests/regression/apparmor/syscall_mlockall
-+tests/regression/apparmor/syscall_ptrace
-+tests/regression/apparmor/syscall_reboot
-+tests/regression/apparmor/syscall_setdomainname
-+tests/regression/apparmor/syscall_sethostname
-+tests/regression/apparmor/syscall_setpriority
-+tests/regression/apparmor/syscall_setscheduler
-+tests/regression/apparmor/syscall_sysctl
-+tests/regression/apparmor/sysctl_proc
-+tests/regression/apparmor/tcp
-+tests/regression/apparmor/unix_fd_client
-+tests/regression/apparmor/unix_fd_server
-+tests/regression/apparmor/unlink
-+tests/regression/apparmor/xattrs
-+tests/regression/apparmor/coredump
-
-=== added file 'README'
---- README 1970-01-01 00:00:00 +0000
-+++ README 2010-08-03 17:27:13 +0000
-@@ -0,0 +1,155 @@
-+------------
-+Introduction
-+------------
-+AppArmor protects systems from insecure or untrusted processes by
-+running them in restricted confinement, while still allowing processes
-+to share files, exercise privilege and communicate with other processes.
-+AppArmor is a Mandatory Access Control (MAC) mechanism which uses the
-+Linux Security Module (LSM) framework. The confinement's restrictions
-+are mandatory and are not bound to identity, group membership, or object
-+ownership. The protections provided are in addition to the kernel's
-+regular access control mechanisms (including DAC) and can be used to
-+restrict the superuser.
-+
-+The AppArmor kernel module and accompanying user-space tools are
-+available under the GPL license (the exception is the libapparmor
-+library, available under the LGPL license, which allows change_hat(2)
-+and change_profile(2) to be used by non-GPL binaries).
-+
-+For more information, you can read the techdoc.pdf (available after
-+building the parser) and http://apparmor.wiki.kernel.org.
-+
-+
-+-------------
-+Source Layout
-+-------------
-+
-+AppArmor consists of several different parts:
-+
-+changehat/ source for using changehat with Apache, PAM and Tomcat
-+common/ common makefile rules
-+desktop/ empty
-+kernel-patches/ patches for various kernel versions
-+libraries/ libapparmor source and language bindings
-+parser/ source for parser/loader and corresponding documentation
-+profiles/ configuration files, reference profiles and abstractions
-+tests/ regression and stress testsuites
-+utils/ high-level utilities for working with AppArmor
-+
-+
-+------------------------------------------
-+Building and Installing AppArmor Userspace
-+------------------------------------------
-+
-+To build and install AppArmor userspace on your system, build and install in
-+the following order.
-+
-+
-+libapparmor:
-+$ cd ./libraries/libapparmor
-+$ sh ./autogen.sh
-+$ sh ./configure --prefix=/usr --with-perl
-+$ make
-+$ make check
-+
-+
-+Utilities:
-+$ cd utils
-+$ make
-+$ make install
-+
-+
-+parser:
-+$ cd parser
-+$ make
-+$ make tests # not strictly necessary as they are run during the
-+ # build by default
-+$ make install
-+
-+
-+Apache mod_apparmor:
-+$ cd changehat/mod_apparmor
-+$ LIBS="-lapparmor" make
-+$ make install
-+
-+
-+PAM AppArmor:
-+$ cd changehat/pam_apparmor
-+$ LIBS="-lapparmor -lpam" make
-+$ make install
-+
-+
-+Profiles:
-+$ cd profiles
-+$ make
-+$ make install
-+
-+
-+
-+-------------------
-+AppArmor Testsuites
-+-------------------
-+
-+A number of testsuites are in the AppArmor sources. Most have documentation on
-+usage and how to update and add tests. Below is a quick overview of their
-+location and how to run them.
-+
-+
-+Regression tests
-+----------------
-+For details on structure and adding tests, see
-+tests/regression/apparmor/README.
-+
-+To run:
-+$ cd tests/regression/apparmor (requires root)
-+$ make
-+$ sudo make tests
-+$ sudo bash open.sh -r # runs and saves the last testcase from open.sh
-+
-+
-+Parser tests
-+------------
-+For details on structure and adding tests, see parser/tst/README.
-+
-+To run:
-+$ cd parser/tst
-+$ make
-+$ make tests
-+
-+
-+Libapparmor
-+-----------
-+For details on structure and adding tests, see libraries/libapparmor/README.
-+$ cd libraries/libapparmor
-+$ make check
-+
-+
-+Stress Tests
-+------------
-+To run AppArmor stress tests:
-+$ make all
-+
-+Use these:
-+$ ./change_hat
-+$ ./child
-+$ ./kill.sh
-+$ ./open
-+$ ./s.sh
-+
-+Or run all at once:
-+$ ./stress.sh
-+
-+Please note that the above will stress the system so much it may end up
-+invoking the OOM killer.
-+
-+To run parser stress tests (requires /usr/bin/ruby):
-+$ ./stress.sh
-+
-+(see stress.sh -h for options)
-+
-+-----------------------------------------------
-+Building and Installing AppArmor Kernel Patches
-+-----------------------------------------------
-+
-+TODO
-+
-
-=== modified file 'common/Make.rules'
---- common/Make.rules 2010-03-11 07:07:29 +0000
-+++ common/Make.rules 2010-08-03 17:27:13 +0000
-@@ -48,7 +48,7 @@
- echo "/tmp/${NAME}" ; \
- fi ;)
- endif
--RPMHOSTVENDOR=$(shell rpm --eval "%{_host_vendor}")
-+RPMHOSTVENDOR=$(shell which rpm && rpm --eval "%{_host_vendor}")
- ifndef DISTRO
- DISTRO=$(shell if [ -f /etc/slackware-version ] ; then \
- echo slackware ; \
-@@ -92,30 +92,16 @@
- ifndef SPECFILE
- SPECFILE = $(NAME).spec
- endif
--RELEASE = $(shell rpm -q --specfile --define "_sourcedir ." ${RPMARG} --qf "%{RELEASE}" ${SPECFILE})
-+RELEASE = $(shell lsb_release -is) $(shell lsb_release -rs)
- RELEASE_DIR = $(NAME)-$(VERSION)
- TARBALL = $(NAME)-$(VERSION)-${REPO_VERSION}.tar.gz
--TAR = /bin/tar czvp -h --exclude .svn --exclude CVS --exclude .cvsignore --exclude ${TARBALL} --exclude ${RELEASE_DIR}/${RELEASE_DIR} $(shell test -f ${NAME}.exclude && echo "-X ${NAME}.exclude")
-+TAR = /bin/tar czvp -h --exclude .svn --exclude .bzr --exclude .bzrignore --exclude ${TARBALL} --exclude ${RELEASE_DIR}/${RELEASE_DIR} $(shell test -f ${NAME}.exclude && echo "-X ${NAME}.exclude")
- LDCONFIG = /sbin/ldconfig
-
--CVSPKG_VERSION=$(shell rpm -q --specfile --define "_sourcedir ." ${RPMARG} ${SPECFILE} | head -1 | tr "." "_")
--
- RPMSUBDIRS=SOURCES SPECS BUILD BUILDROOT SRPMS RPMS/i386 RPMS/i586 \
- RPMS/i686 RPMS/athlon RPMS/noarch RPMS/x86_64
- BUILDRPMSUBDIRS=$(foreach subdir, $(RPMSUBDIRS), $(BUILDDIR:/=)/$(subdir))
-
--.PHONY: cvs_tag
--cvs_tag:
-- cvs tag IMMUNIX-${CVSPKG_VERSION}
--
--.PHONY: checkin
--checkin:
-- if cvs -q up -d | grep -q "^\?" ; then echo "Hey! You have" \
-- "files in the directory you have not added into cvs."; exit 1; \
-- fi
-- cvs ci
-- make cvs_tag
--
- ifdef EXTERNAL_PACKAGE
- .PHONY: rpm
- rpm: clean $(BUILDRPMSUBDIRS)
-
-=== modified file 'libraries/libapparmor/src/aalogparse.h'
---- libraries/libapparmor/src/aalogparse.h 2009-09-18 21:13:04 +0000
-+++ libraries/libapparmor/src/aalogparse.h 2010-08-03 17:27:13 +0000
-@@ -129,6 +129,7 @@
- unsigned long fsuid; /* fsuid of task - if logged */
- unsigned long ouid; /* ouid of task - if logged */
- char *profile; /* The name of the profile */
-+ char *comm; /* Command that triggered msg */
- char *name;
- char *name2;
- char *namespace;
-
-=== modified file 'libraries/libapparmor/src/change_hat.c'
---- libraries/libapparmor/src/change_hat.c 2010-02-11 23:38:24 +0000
-+++ libraries/libapparmor/src/change_hat.c 2010-08-03 17:27:13 +0000
-@@ -194,7 +194,7 @@
- /* setup command string which is of the form
- * changehat <token>^hat1\0hat2\0hat3\0..\0
- */
-- sprintf(buf, "%s %016x^", cmd, token);
-+ sprintf(buf, "%s %016lx^", cmd, token);
- pos = buf + strlen(buf);
- if (subprofiles) {
- for (hats = subprofiles; *hats; hats++) {
-
-=== modified file 'libraries/libapparmor/src/grammar.y'
---- libraries/libapparmor/src/grammar.y 2009-09-18 21:13:04 +0000
-+++ libraries/libapparmor/src/grammar.y 2010-08-03 17:27:13 +0000
-@@ -1,6 +1,7 @@
- /*
- * Copyright (c) 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007
- * NOVELL (All rights reserved)
-+ * Copyright (c) 2010, Canonical, Ltd.
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of version 2 of the GNU General Public
-@@ -96,6 +97,13 @@
- %token TOK_TYPE_HINT
- %token TOK_TYPE_STATUS
- %token TOK_TYPE_ERROR
-+%token TOK_TYPE_AA_REJECT
-+%token TOK_TYPE_AA_AUDIT
-+%token TOK_TYPE_AA_COMPLAIN
-+%token TOK_TYPE_AA_HINT
-+%token TOK_TYPE_AA_STATUS
-+%token TOK_TYPE_AA_ERROR
-+%token TOK_TYPE_LSM_AVC
- %token TOK_OLD_TYPE_APPARMOR
- %token TOK_OLD_APPARMOR_REJECT
- %token TOK_OLD_APPARMOR_PERMIT
-@@ -123,6 +131,7 @@
- %token TOK_OLD_FORK
- %token TOK_OLD_CHILD
-
-+%token TOK_KEY_APPARMOR
- %token TOK_KEY_TYPE
- %token TOK_KEY_MSG
- %token TOK_KEY_OPERATION
-@@ -146,6 +155,7 @@
- %token TOK_KEY_ERROR
- %token TOK_KEY_FSUID
- %token TOK_KEY_OUID
-+%token TOK_KEY_COMM
-
- %token TOK_SYSLOG_KERNEL
-
-@@ -168,13 +178,14 @@
- ;
-
- new_syntax:
-- TOK_TYPE_REJECT audit_msg key_list { ret_record->event = AA_RECORD_DENIED; }
-- | TOK_TYPE_AUDIT audit_msg key_list { ret_record->event = AA_RECORD_AUDIT; }
-- | TOK_TYPE_COMPLAIN audit_msg key_list { ret_record->event = AA_RECORD_ALLOWED; }
-- | TOK_TYPE_HINT audit_msg key_list { ret_record->event = AA_RECORD_HINT; }
-- | TOK_TYPE_STATUS audit_msg key_list { ret_record->event = AA_RECORD_STATUS; }
-- | TOK_TYPE_ERROR audit_msg key_list { ret_record->event = AA_RECORD_ERROR; }
-+ TOK_TYPE_AA_REJECT audit_msg key_list { ret_record->event = AA_RECORD_DENIED; }
-+ | TOK_TYPE_AA_AUDIT audit_msg key_list { ret_record->event = AA_RECORD_AUDIT; }
-+ | TOK_TYPE_AA_COMPLAIN audit_msg key_list { ret_record->event = AA_RECORD_ALLOWED; }
-+ | TOK_TYPE_AA_HINT audit_msg key_list { ret_record->event = AA_RECORD_HINT; }
-+ | TOK_TYPE_AA_STATUS audit_msg key_list { ret_record->event = AA_RECORD_STATUS; }
-+ | TOK_TYPE_AA_ERROR audit_msg key_list { ret_record->event = AA_RECORD_ERROR; }
- | TOK_TYPE_UNKNOWN audit_msg key_list { ret_record->event = lookup_aa_event($1); }
-+ | TOK_TYPE_LSM_AVC audit_msg key_list
- ;
-
- other_audit: TOK_TYPE_OTHER audit_msg TOK_MSG_REST
-@@ -366,7 +377,8 @@
-
- audit_id: TOK_AUDIT TOK_OPEN_PAREN TOK_AUDIT_DIGITS TOK_PERIOD TOK_AUDIT_DIGITS TOK_COLON TOK_AUDIT_DIGITS TOK_CLOSE_PAREN TOK_COLON
- {
-- asprintf(&ret_record->audit_id, "%s.%s:%s", $3, $5, $7);
-+ if (!asprintf(&ret_record->audit_id, "%s.%s:%s", $3, $5, $7))
-+ yyerror(scanner, YY_("Out of memory"));
- ret_record->epoch = atol($3);
- ret_record->audit_sub_id = atoi($7);
- free($3);
-@@ -420,6 +432,18 @@
- { ret_record->fsuid = $3;}
- | TOK_KEY_OUID TOK_EQUALS TOK_DIGITS
- { ret_record->ouid = $3;}
-+ | TOK_KEY_COMM TOK_EQUALS TOK_QUOTED_STRING
-+ { ret_record->comm = $3;}
-+ | TOK_KEY_APPARMOR TOK_EQUALS apparmor_event
-+ ;
-+
-+apparmor_event:
-+ TOK_TYPE_REJECT { ret_record->event = AA_RECORD_DENIED; }
-+ | TOK_TYPE_AUDIT { ret_record->event = AA_RECORD_AUDIT; }
-+ | TOK_TYPE_COMPLAIN { ret_record->event = AA_RECORD_ALLOWED; }
-+ | TOK_TYPE_HINT { ret_record->event = AA_RECORD_HINT; }
-+ | TOK_TYPE_STATUS { ret_record->event = AA_RECORD_STATUS; }
-+ | TOK_TYPE_ERROR { ret_record->event = AA_RECORD_ERROR; }
- ;
-
- key_pid: TOK_KEY_PID TOK_EQUALS TOK_DIGITS { ret_record->pid = $3; }
-
-=== modified file 'libraries/libapparmor/src/libaalogparse.c'
---- libraries/libapparmor/src/libaalogparse.c 2009-09-18 21:13:04 +0000
-+++ libraries/libapparmor/src/libaalogparse.c 2010-08-03 17:27:13 +0000
-@@ -56,6 +56,8 @@
- free(record->denied_mask);
- if (record->profile != NULL)
- free(record->profile);
-+ if (record->comm != NULL)
-+ free(record->comm);
- if (record->name != NULL)
- free(record->name);
- if (record->name2 != NULL)
-@@ -151,7 +153,8 @@
- if (current->protocol_name) {
- ret = strdup(current->protocol_name);
- } else {
-- asprintf(&ret, "unknown(%u)", proto);
-+ if (!asprintf(&ret, "unknown(%u)", proto))
-+ ret = NULL;
- }
-
- return ret;
-
-=== modified file 'libraries/libapparmor/src/scanner.l'
---- libraries/libapparmor/src/scanner.l 2010-02-10 23:13:55 +0000
-+++ libraries/libapparmor/src/scanner.l 2010-08-03 17:27:13 +0000
-@@ -1,6 +1,7 @@
- /*
- * Copyright (c) 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007
- * NOVELL (All rights reserved)
-+ * Copyright (c) 2010, Canonical, Ltd.
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of version 2 of the GNU General Public
-@@ -30,6 +31,8 @@
-
- #include <assert.h>
-
-+#define YY_NO_INPUT
-+
- unsigned int string_buf_alloc = 0;
- unsigned int string_buf_len = 0;
- char *string_buf = NULL;
-@@ -84,12 +87,19 @@
- modes ({mode_chars}+)|({mode_chars}+::{mode_chars}*)|(::{mode_chars}*)
- /* New message types */
-
--reject_type "APPARMOR_DENIED"
--audit_type "APPARMOR_AUDIT"
--complain_type "APPARMOR_ALLOWED"
--hint_type "APPARMOR_HINT"
--status_type "APPARMOR_STATUS"
--error_type "APPARMOR_ERROR"
-+aa_reject_type "APPARMOR_DENIED"
-+aa_audit_type "APPARMOR_AUDIT"
-+aa_complain_type "APPARMOR_ALLOWED"
-+aa_hint_type "APPARMOR_HINT"
-+aa_status_type "APPARMOR_STATUS"
-+aa_error_type "APPARMOR_ERROR"
-+reject_type "\"DENIED\""
-+audit_type "\"AUDIT\""
-+complain_type "\"ALLOWED\""
-+hint_type "\"HINT\""
-+status_type "\"STATUS\""
-+error_type "\"ERROR\""
-+lsm_avc_type "AVC"
- unknown_type UNKNOWN\[{digits}+\]
- other_audit_type [[:alnum:]\[\]_-]+
-
-@@ -125,6 +135,7 @@
-
- /* Key tokens */
-
-+key_apparmor "apparmor"
- key_type "type"
- key_msg "msg"
- key_operation "operation"
-@@ -147,6 +158,7 @@
- key_error "error"
- key_fsuid "fsuid"
- key_ouid "ouid"
-+key_comm "comm"
- audit "audit"
-
- /* syslog tokens */
-@@ -240,6 +252,13 @@
- {hint_type} { BEGIN(INITIAL); return(TOK_TYPE_HINT); }
- {status_type} { BEGIN(INITIAL); return(TOK_TYPE_STATUS); }
- {error_type} { BEGIN(INITIAL); return(TOK_TYPE_ERROR); }
-+ {aa_reject_type} { BEGIN(INITIAL); return(TOK_TYPE_AA_REJECT); }
-+ {aa_audit_type} { BEGIN(INITIAL); return(TOK_TYPE_AA_AUDIT); }
-+ {aa_complain_type} { BEGIN(INITIAL); return(TOK_TYPE_AA_COMPLAIN); }
-+ {aa_hint_type} { BEGIN(INITIAL); return(TOK_TYPE_AA_HINT); }
-+ {aa_status_type} { BEGIN(INITIAL); return(TOK_TYPE_AA_STATUS); }
-+ {aa_error_type} { BEGIN(INITIAL); return(TOK_TYPE_AA_ERROR); }
-+ {lsm_avc_type} { BEGIN(INITIAL); return(TOK_TYPE_LSM_AVC); }
- {unknown_type} { char *yptr = yytext;
- while (*yptr && *yptr != '[')
<<Diff was trimmed, longer than 597 lines>>
---- CVS-web:
http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/apparmor-parser/apparmor-parser-bzr.patch?r1=1.3&r2=1.4&f=u
http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/apparmor-parser/apparmor-parser.spec?r1=1.36&r2=1.37&f=u
More information about the pld-cvs-commit
mailing list