[apparmor] Fwd: Re: [patch] Add network mpls and ib to rule/network.py and the apparmor.d manpage
Christian Boltz
apparmor at cboltz.de
Mon Aug 24 19:35:16 UTC 2015
Hello,
I assume that was meant for the mailinglist ;-)
----- Weitergeleitete Nachricht -----
Von: Kshitij Gupta <kgupta8592 at gmail.com>
An: Christian Boltz <apparmor at cboltz.de>
Betreff: Re: [apparmor] [patch] Add network mpls and ib to rule/network.py and the apparmor.d manpage
Datum: Dienstag, 25. August 2015
Hello,
On Mon, Aug 24, 2015 at 11:17 PM, Christian Boltz <apparmor at cboltz.de>
wrote:
> Hello,
>
> $subject.
>
> Those two showed up in apparmor.vim when building on latest openSUSE
> tumbleweed.
>
> The manpage change should also go into 2.9, but since we are missing
> more network domain keywords (and various other things), that should
> be done as a big merge patch.
>
>
> [ 84-add-network-mpls-ib.diff ]
>
> === modified file ./utils/apparmor/rule/network.py
> --- utils/apparmor/rule/network.py 2015-07-17 00:19:58.574811968 +0200
> +++ utils/apparmor/rule/network.py 2015-08-24 19:33:00.445291390 +0200
> @@ -27,7 +27,7 @@
> network_domain_keywords = [ 'unix', 'inet', 'ax25', 'ipx', 'appletalk',
> 'netrom', 'bridge', 'atmpvc', 'x25', 'inet6',
> 'rose', 'netbeui', 'security', 'key',
> 'netlink', 'packet', 'ash', 'econet', 'atmsvc', 'rds', 'sna',
> 'irda', 'pppox', 'wanpipe', 'llc', 'can',
> 'tipc', 'bluetooth', 'iucv', 'rxrpc', 'isdn', 'phonet',
> - 'ieee802154', 'caif', 'alg', 'nfc', 'vsock'
> ]
> + 'ieee802154', 'caif', 'alg', 'nfc',
> 'vsock', 'mpls', 'ib' ]
>
> network_type_keywords = ['stream', 'dgram', 'seqpacket', 'rdm',
> 'raw', 'packet']
> network_protocol_keywords = ['tcp', 'udp', 'icmp']
> --- parser/apparmor.d.pod 2015-07-11 14:26:30.374110864 +0200
> +++ parser/apparmor.d.pod 2015-08-24 19:34:08.893196537 +0200
> @@ -103,7 +103,7 @@
>
> B<NETWORK RULE> = [ I<QUALIFIERS> ] 'network' [ I<DOMAIN> ] [ I<TYPE> |
> I<PROTOCOL> ]
>
> -B<DOMAIN> = ( 'inet' | 'ax25' | 'ipx' | 'appletalk' | 'netrom' | 'bridge'
> | 'atmpvc' | 'x25' | 'inet6' | 'rose' | 'netbeui' | 'security' | 'key' |
> 'packet' | 'ash' | 'econet' | 'atmsvc' | 'sna' | 'irda' | 'pppox' |
> 'wanpipe' | 'bluetooth' | 'netlink' | 'unix' | 'rds' | 'llc' | 'can' |
> 'tipc' | 'iucv' | 'rxrpc' | 'isdn' | 'phonet' | 'ieee802154' | 'caif' |
> 'alg' | 'nfc' | 'vsock' ) ','
> +B<DOMAIN> = ( 'inet' | 'ax25' | 'ipx' | 'appletalk' | 'netrom' | 'bridge'
> | 'atmpvc' | 'x25' | 'inet6' | 'rose' | 'netbeui' | 'security' | 'key' |
> 'packet' | 'ash' | 'econet' | 'atmsvc' | 'sna' | 'irda' | 'pppox' |
> 'wanpipe' | 'bluetooth' | 'netlink' | 'unix' | 'rds' | 'llc' | 'can' |
> 'tipc' | 'iucv' | 'rxrpc' | 'isdn' | 'phonet' | 'ieee802154' | 'caif' |
> 'alg' | 'nfc' | 'vsock' | 'mpls' | 'ib' ) ','
>
> B<TYPE> = ( 'stream' | 'dgram' | 'seqpacket' | 'rdm' | 'raw' | 'packet' )
>
>
>
> Thanks for the patch.
Acked-by: Kshitij Gupta <kgupta8592 at gmail.com>
> Regards,
>
> Christian Boltz
> --
> Life used to be simpler when apple and blackberry were just fruits!
> [from https://bugzilla.novell.com/quips.cgi]
>
>
> --
> AppArmor mailing list
> AppArmor at lists.ubuntu.com
> Modify settings or unsubscribe at:
> https://lists.ubuntu.com/mailman/listinfo/apparmor
>
--
Regards,
Kshitij Gupta
-------------------------------------
Regards,
Christian Boltz
--
The original author of this email is Ludwig Nussel, but I edited it a
bit before sending. That means that the good parts are from him, and
the mistakes are mine. [Alberto Planas Dominguez in opensuse-factory]
More information about the AppArmor
mailing list