| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There were two bugs. First, trying to access /proc/self/attr/exec
with O_CREAT | O_EXCL has no chance of working. Second, it turns
out that the correct command to send is "exec", not "changeprofile".
Of course, there was no way to know this until:
commit 3eea57c26e49a5add4c053a031cc2a1977b7c48e
Author: John Johansen <john.johansen@canonical.com>
Date: Wed Feb 27 03:44:40 2013 -0800
apparmor: fix setprocattr arg processing for onexec
Signed-off-by: Andy Lutomirski <luto@amacapital.net>
|
|
|
|
|
|
|
| |
Let's keep usage() simple and details in the man page. The current
brief description in usage() seems confusing for some users.
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
|
|
| |
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
|
|
| |
Signed-off-by: Benno Schulenberg <bensberg@justemail.net>
|
|
|
|
| |
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
|
|
|
|
| |
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
|
|
|
|
|
|
| |
For an average user names are easier to use than uid and gid numbers.
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
|
| |
|
|
|
|
| |
Signed-off-by: Andy Lutomirski <luto@amacapital.net>
|
|
|
|
| |
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
This new command can set no_new_privs, uid, gid, groups, securebits,
inheritable caps, the cap bounding set, securebits, and selinux and
apparmor labels.
[kerolasa@iki.fi: a lot of small adjustment making the command to be good
fit to util-linux project]
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
Signed-off-by: Andy Lutomirski <luto@amacapital.net>
|