[apparmor] [Bug 732837] Re: AF_TIPC not supported by parser when it is in the kernel

Christian Boltz apparmor at cboltz.de
Fri Mar 11 12:51:26 UTC 2011


Hello,

Am Donnerstag, 10. März 2011 schrieb John Johansen:
> There were several families being screened out because they caused
> build failures under previous releases.  This is no longer the case
> and I have attached a proposed patch

-FILTER_FAMILIES=PF_RXRPC PF_MAX PF_UNSPEC PF_UNIX PF_LOCAL PF_NETLINK PF_LLC PF_IUCV PF_TIPC PF_CAN PF_ISDN PF_PHONET
+FILTER_FAMILIES=         PF_MAX PF_UNSPEC PF_UNIX PF_LOCAL PF_NETLINK

How does this affect the profile language?
If I get it right, this patch allows some new keywords for network rules. 
Which keywords are this?

At the moment I have those keywords for the network rule:
sdNetworkProto="inet|ax25|ipx|appletalk|netrom|bridge|atmpvc|x25|inet6|rose|netbeui|security|key|packet|ash|econet|atmsvc|sna|irda|pppox|wanpipe|
bluetooth"


Regards,

Christian Boltz
-- 
> You cannot mix selections and patterns in a product - and we
> will remove all selection support now.
AAARRRRRRGGGGGG. Needing to re-write makeSUSEdvd again. ;-)
It looks like you do all this on purpose, just to anoy me. :-D
[> Andreas Jaeger and houghi in opensuse]



More information about the AppArmor mailing list