for the various dovecot binaries in
profiles/apparmor.d/ (which should receive the same patch, BTW).
Now to the wft?:
Why does ubuntu have to maintain its own fork of the profiles?
Regards,
Christian Boltz
--
Genau. [aus dem CVS] Killen.
Du darfst... (oder geht das mit LinCVS etwa nicht
,
and would also avoid misunderstandings if an AppArmor newbie reads the
profile (what, unbound is allowed to delete (rm) /etc/passwdd?!?)
Needless to say: I pre-ACK this change ;-)
Regards,
Christian Boltz
--
[Windows remote herunterfahren] einfach ein Nichtgepatchtes Windows
verwenden und einen der
-useradd
manually).
Regards,
Christian Boltz
--
BTW an alle: ich weiss nicht, wie ich auf die Leser hier wirke, ich
kann da nur aus den Mails ableiten, aber wenn ich mal daneben liege,
dann will ich korrigiert werden bzw. einen Widerspruch bekommen.
Dein Wunsch sei Dir erfüllt ;-)
*g* Danke
Hello,
Am Mittwoch, 4. Januar 2012 schrieb Kees Cook:
On Wed, Jan 04, 2012 at 07:43:35PM +0100, Christian Boltz wrote:
+ profile /etc/init.d/nscd {
+#include abstractions/base
+#include abstractions/nameservice
+
+capability sys_ptrace,
I wonder why sys_ptrace keeps
/apparmor.d/sbin.syslog-ng 2012-01-05 11:05:54 +
@@ -23,6 +23,7 @@
capability chown,
capability dac_override,
+ capability dac_read_search,
capability fsetid,
capability fowner,
capability sys_tty_config,
Regards,
Christian Boltz
--
Sorry, mit java kenne ich mich gar nicht
,valid}.dat mr,
/usr/sbin/smbd mr,
/etc/samba/* rwk,
/var/cache/samba/** rwk,
Regards,
Christian Boltz
--
Direkter Mailkontakt mit dem Paketmacher. Tränen, Gewaltandrohnung,
knappe Unterwäsche - als nix genützt. Abgelehnt.
[Ratti ueber einen Aenderungswunsch an einem SuSE-Paket
,
Regards,
Christian Boltz
--
Wenn Windows2000 die Antwort sein soll, wie bescheuert muss bloss die
Frage gewesen sein
--
AppArmor mailing list
AppArmor@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/apparmor
/show_bug.cgi?id=741592
I also nominate this patch for 2.7.1
Regards,
Christian Boltz
--
Nicht das ich frei von Paranoia Schueben waere ;), aber wenn Dir das
passiert spiel sofort Lotto, bei dem Glueck bekommst Du bestimmt 4
Wochen den 6er mit Superzahl. [Maik Holtkamp in suse-linux]
Update
to handle the
situation.
Regards,
Christian Boltz
--
There's such a thing as real life? Is it packages for openSUSE yet?
Will there be a YaST2 module for easy configuration? Is it going to be
included in 11.2 or is it so complex it's going to have to wait until
11.3? More importantly
of the apache
profile(s) to a separate file (program-chunks/apache?) that can be
included in the httpd2-prefork and apache2-mpm-itk profile.
Otherwise we'll get a maintenance hell sooner or later...
Regards,
Christian Boltz
--
Linux - und dein PC macht nie wieder blau.
--
AppArmor mailing list
AppArmor
-desktop).
Regards,
Christian Boltz
--
Angela Merkel zitiere ich ja am liebsten wörtlich. Ich hab noch keine
bessere Möglichkeit gefunden, diese Frau zu beleidigen.
-- Volker Pispers
--
AppArmor mailing list
AppArmor@lists.ubuntu.com
Modify
expect $?==0.
+ done; \
+ rm -f $$tmpfile
OK, those two lines probably hide the non-zero exitcode.
Nevertheless using done || true; to make it obvious would be a good
idea IMHO. (Not sure if you still need the \ to keep the $tmpfile variable.)
Regards,
Christian Boltz
--
Kann
Hello,
Am Dienstag, 7. Februar 2012 schrieb Jamie Strandboge:
On Tue, 2012-02-07 at 16:50 +0100, Christian Boltz wrote:
Is the l permission really needed for /opt?
Maybe? I thought it conceivable that applications might have their own
tmp directory in /opt which is why I added 'l' (ie, we
,
@{PROC}/cpuinfor,
+ /sys/devices/system/cpu/online r,
Acked-By: Christian Boltz appar...@cboltz.de
Please commit to trunk and to the 2.7 branch.
BTW: Next time, please come up with such patches before I submit a
maintenance update for openSUSE ;-) Well, it's pending in the test
Hello,
Am Sonntag, 12. Februar 2012 schrieb Steve Beattie:
On Sun, Feb 12, 2012 at 10:13:36PM +0100, Christian Boltz wrote:
I also propose this patch for the 2.3 branch.
I think you mean the 2.7 branch.
Oops, that's the result of working on PostfixAdmin (current version:
2.3.5) some
^\s*@@auditdeny@@capability@@EOL@@/
contains=sdComment nextgroup=@sdEntry,sdComment,sdError,sdInclude
Network line
Syntax: network domain (inet, ...) type (stream, ...) protocol (tcp, ...)
Regards,
Christian Boltz
--
wie jeder weiß ist Debian auf ISDN die langsamste bekannte Methode
) capability list...
(Would it make sense to put this into a small helper script
capabilities_list to avoid duplicate code? Or do you have a better
idea for apparmor.vim?)
Regards,
Christian Boltz
--
Das Wort WINDOWS stammt aus einem alten Sioux-Dialekt und bedeutet:
Weißer Mann starrt durch
be fixed?
Regards,
Christian Boltz
--
Achso, danke fuer die Beleidigung. Darf ich dich so zitieren?
Das waere praktisch als Ausrede, wenn ich mal jemanden flamen will.
Ist der Ruf erst ruiniert, flamed es sich ganz ungeniert
[David Haller in suse-linux]
--
AppArmor mailing list
AppArmor
,
Christian Boltz
--
DAS kenne ich! Learning by carrying of annoying heavy hardware.
So'nen Strafmonitor habe ich hier auch. Wenn ich mal wieder meinen
kleinen Server an die Wand gefahren hab, müssen 40 kg/21 den Flur
hochgewuchtet werden :-) [Ratti]
--
AppArmor mailing list
AppArmor
and should also be implemented with a file
instead of using a make variable.
Note that everything above is untested ;-)
BTW: make clean should delete the capability_list file.
Regards,
Christian Boltz
--
Unix: Alles ist ein File, und was kein File ist, hat sich gefaelligst
als ein solches zu
.
+#
+#This program is free software; you can redistribute it and/or
+#modify it under the terms of version 2 of the GNU General Public
+#License published by the Free Software Foundation.
+#
+#Written by Steve Beattie st...@nxnw.org, based on work by
+#Christian Boltz appar
, only the exitcode is honored and the output hidden -
which means the profile is not loaded, but nobody sees an error message.
Expected result: a red failed and $? != 0
(AppArmor 2.7.2 on openSUSE 12.1 - but I'm quite sure trunk shares this
bug.)
Regards,
Christian Boltz
--
Ich werde gerne
for speakers.
[1] http://bit.ly/HiXb2X
[2] http://bit.ly/HmIqwJ
[3] http://bit.ly/HiXydO
-
Regards,
Christian Boltz
--
If Microsoft is the solution, I want my problems back.
--
AppArmor mailing list
AppArmor@lists.ubuntu.com
Modify settings or unsubscribe
This also affects logprof, see
https://bugzilla.novell.com/show_bug.cgi?id=755923
** Bug watch added: Novell/SUSE Bugzilla #755923
https://bugzilla.novell.com/show_bug.cgi?id=755923
--
You received this bug notification because you are a member of AppArmor
Developers, which is the registrant
Public bug reported:
- AppArmor 2.7.2 on openSUSE 12.1
- httpd2-prefork profile in complain mode
- using mod_apparmor with one hat per vhost (specified with AADefaultHatName)
mod_apparmor doesn't print/log any error message if the hat specified
with AADefaultHatName does not exist. Instead, I
most profiles get network access via abstractions, which
already include support for IPv4 and IPv6.
Regards,
Christian Boltz
--
Aber genauso können mir ja auch die Grünen leid tuen.
Da bin ich doch lieber blau ...
[Konrad Neitzel in suse-linux]
--
AppArmor mailing list
AppArmor
/usr.lib.dovecot.imap-login
+++ profiles/apparmor.d/usr.lib.dovecot.imap-login
@@ -11,6 +11,7 @@
capability sys_chroot,
network inet stream,
+ network inet6 stream,
/usr/lib/dovecot/imap-login mr,
/{,var/}run/dovecot/login/ r,
Regards,
Christian Boltz
--
Ich habe nix gegen C
for them, nor would it
break current semantics in that it could be said that new namespaces
inherit their parents unconfined profile (which just can't be
replaced currently).
Are you talking about really unconfined or default_profile here?
Regards,
Christian Boltz
--
Wouldn't the sentence 'I
.
#include local/usr.sbin.dnsmasq
}
Regards,
Christian Boltz
--
Meine Katze hat zu der Maus auch gesagt: Kannst ganz beruhigt sein,
ich tu Dir nichts! Und vom Fressen hat die Katze kein Ton gesagt.
[Rolf-Hubert Pobloth in suse-linux]
--
AppArmor mailing list
AppArmor@lists.ubuntu.com
Hello,
Am Donnerstag, 5. April 2012 schrieb John Johansen:
On 04/05/2012 03:31 PM, Christian Boltz wrote:
Am Mittwoch, 4. April 2012 schrieb John Johansen:
A bit of history, and where we are at now
Thanks for the history lesson!
Can you please store your text (or a link
the bug in the 2.7 branch.
Regards,
Christian Boltz
--
[...] bis zur Erwähnung des gesuchten Punktes sind es nur ein paar
Bild-downs. Wenn Du mir erzählen willst, dass das schwer zu finden
ist, mache ich ab Morgen eine Linux-Kindergarten-Mailingliste auf und
lade Dich dazu ein. [Henning Hucke
;-)
Regards,
Christian Boltz
--
Mir sind genug NT - Admins mit Gehaeltern ab 150 KDM bekannt, die
weniger von NT wissen als ich - und das ist _sehr_ wenig.
NT-Admins werden wie Bundestagsabgeordnete bezahlt?
Wo kriegt man so Angebote? Gibt es irgendwo einen MCSE-Straßenstrich?
[in dasr
system? Do you want to include it in 2.8?
Regards,
Christian Boltz
--
[Re: Wie krieg ich meinen Ratti in mutt zurueck?]
In der procmail einfach angeben:
formail -I From: ra...@gesindel.de (Ratti)
Dann sind _ALLE_ Mails von Ratti.
[Ratti (welcher denn? ;-) in suse-linux]
--
AppArmor
Hello,
Am Sonntag, 6. Mai 2012 schrieb Kees Cook:
On Sun, May 06, 2012 at 01:46:30AM +0200, Christian Boltz wrote:
I prefer hand-written Makefiles - but that might be a matter of
personal taste ;-) (and, in my case, missing knownledge about
automake)
I find it much easier to deal
-By: Christian Boltz appar...@cboltz.de
And now let me explain why bzr blame is named bzr _blame_ ;-))
# bzr blame parser/Makefile |grep techdor
1522 kees.co | 60 rm -rf techdoc.aux techdoc.log techdoc.pdf
techdoc.toc techdor.txt techdoc/
# bzr log -r1522
Hello,
Am Dienstag, 8. Mai 2012 schrieb Kees Cook:
On Tue, May 08, 2012 at 09:59:11PM +0200, Christian Boltz wrote:
- don't include build date on first page of the PDF
Oh good -- this had been bothering me.
I was thinking about inserting the correct date, but that would have
looked too
probably aren't final yet. Nevertheless I'm open for feedback ;-)
Regards,
Christian Boltz
--
[...] aber letzten Endes ist er mein Chef, und wenn er karierte
Maiglöckchen haben will, dann soll er sie kriegen, sofern ich
diese beschaffen kann. [Martin Mewes in suse-linux]
--
AppArmor mailing
Mar 6 21:50:15 2009
#include tunables/global
/usr/bin/uptime flags=(complain) {
#include abstractions/base
#include abstractions/consoles
/proc/loadavg r,
/proc/uptime r,
/usr/bin/uptime mr,
/var/run/utmp rwk,
}
Regards,
Christian Boltz
--
Wie zaehlt man eine Person zu seiner
is probably John.
Regards,
Christian Boltz
--
And if the majority here feels mlmmj should respond in Klingon,
that's what we should consider. As long as it uses proper MIME
headers, of course. ;-)[Gerald Pfeifer in opensuse-project]
--
AppArmor mailing list
AppArmor@lists.ubuntu.com
Modify
, and the interesting speakers should be
louder. Are you afraid of microphones because you stay on distance? ;-)
BTW: is the livestream setup described somewhere? (It could be useful
for the openSUSE conference.)
Regards,
Christian Boltz
--
_sehr_ alt: ich musste neulich wieder feststellen
Hello,
Am Mittwoch, 9. Mai 2012 schrieb Christian Boltz:
as mentioned in the UDS chat, I'd like to have a create_file_rule
function in create-apparmor.vim.py.
Unfortunately Python is not one of the P* languages I speak, which
means I can't implement this myself :-( or at least I'd need more
** Attachment added: hackish script to add a hat to the apache profile
https://bugs.launchpad.net/bugs/1014298/+attachment/3193605/+files/create-apparmor.conf
--
You received this bug notification because you are a member of AppArmor
Developers, which is the registrant for AppArmor.
Public bug reported:
I'm using a script to add hats for each vhost in my apache profile
(attached for reference).
This works, but it uses some ugly sed tricks (for example, it removes
^}$ from the profile) to work. This also means that it might break a
manually edited profile if someone removed
** Attachment added: profile for the test script (after running genprof AND
logprof)
https://bugs.launchpad.net/apparmor/+bug/1014304/+attachment/3193612/+files/home.cb.linuxtag.apparmor.scripts.hello
--
You received this bug notification because you are a member of AppArmor
Developers,
Public bug reported:
Take this little demo script:
#!/bin/bash
echo Hello World! /tmp/hello.txt
cat /tmp/hello.txt
rm /tmp/hello.txt
I created a profile for it using genprof. Most important point: select
child for executing /bin/rm, see attached screendump.txt for details.
When I run logprof
** Attachment added: screendump.txt of genprof and logprof
https://bugs.launchpad.net/bugs/1014304/+attachment/3193610/+files/screendump.txt
--
You received this bug notification because you are a member of AppArmor
Developers, which is the registrant for AppArmor.
for the
/** profile should be named?
Regards,
Christian Boltz
--
Bash ist zwar nur trocken Brot und Wasser,
aber Tcl ist Nutella mit Maggi ;)
[Christian Perle in d.c.o.u.l.m]
--
AppArmor mailing list
AppArmor@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo
@@
# --
#include tunables/global
-/bin/ping {
+/{usr/,}bin/ping {
#include abstractions/base
#include abstractions/consoles
#include abstractions/nameservice
Regards,
Christian Boltz
--
Ein Experte ist ein Mensch, den man in letzter Minute
Hello,
Am Freitag, 6. Juli 2012 schrieb John Johansen:
On 07/06/2012 03:18 PM, Christian Boltz wrote:
Am Donnerstag, 5. Juli 2012 schrieb John Johansen:
The best it could do is apply the same mapping to the tools apply.
Sounds like a good idea, but it doesn't cover everything ;-) (see
2012-08-05 15:46:47 +
@@ -40,5 +40,5 @@
# run out of /etc/bash.bashrc
/etc/DIR_COLORS r,
- /bin/ls mix,
+ /{usr/,}bin/ls mix,
/usr/bin/dircolors mix,
Regards,
Christian Boltz
--
[creating ARCHIVES.gz] I
the duplicate ;-))
A direct --clear-cache would just be a debugging tool for admins, and
rarely used (hopefully) at that.
Indeed. It might be a nice feature, but I'd give it a low priority [2].
The avarage admin most probably knows how to delete all files in a
directory ;-)
Regards,
Christian Boltz
:
On 08/07/2012 01:34 PM, Christian Boltz wrote:
John, thanks for honoring the golden rules of bad programming in
your
patch! I'm especially talking about rule 18 - take great care in
setting bad defaults ;-)
Hehe I did it on purpose to get a discussion of what it should be on
list :)
Looks
Hello,
# aa-exec
#
I'd expect an error message about missing parameters in this case...
Regards,
Christian Boltz
--
In case someone reads this and does not understand irony: this is not
a valid solution for something you want to submit to openSUSE:Factory
OF course Im aware
contain hex characters (0-9, a-f, A-F)
-return
+exit 1
fi
d=`decode $e`
Regards,
Christian Boltz
--
ich mochte gerne fur eine unbestimte Zeit Linux von meiner
Festplatte werfen wie mache ich das genau? [Glenn Charpantier]
Nimm die Platte aus dem Rechner, und pack
that do not contain an encoded filename (instead of
grepping them away)
In other words: you can pipe your audit.log through aa-decode, and the
only difference to the raw audit.log is that filenames are decoded.
Signed-Off-By: Christian Boltz appar...@cboltz.de
=== modified file 'utils/aa-decode
Hello,
Am Dienstag, 9. Oktober 2012 schrieb Steve Beattie:
On Wed, Oct 03, 2012 at 02:00:34AM +0200, Christian Boltz wrote:
the attached patch fixes aa-decode stdin handling.
Realistically, this ought to be converted to one of the P* languages,
given the difficulties around quoting
that is somewhat unrelated: I remember that using
etckeeper was discussed at the last(?) UDS. Did this happen in the
meantime? If yes, how good does it work?
Regards,
Christian Boltz
--
Linux just isn't user-friendly when it comes to viruses. You have to
work to find and run them. It doesn't happen
/profile name out of the line and decode it
ne=`echo $line | sed 's/.* name=\([^ ]*\).*$/\\1/g'`
Regards,
Christian Boltz
--
I wonder how we ended up with baseurl and extra_url, now we are missing
one with a - like data-dir to violate consistency and the principle
of least surprise
built-in regular expression comparison operator =~.
I'd assume that's old enough to be available on everyone's system ;-)
Regards,
Christian Boltz
--
I forgot to mention: The default language will of course be English!
In UTF-8 or latin1? [ Christoph Thiel and Marcus Meissner]
--
AppArmor
missing part needed to provide secure and non-annoying[1] profiles
for web browsers - and also other desktop applications
(but maybe I underestimate on how many places dbus is used nowadays...)
Regards,
Christian Boltz
[1] like you can store downloaded files only in ~/downloads
--
vielleicht mal
]}/*-linux/**/*.so
mr,
Two more pairs to merge ;-)
Regards,
Christian Boltz
--
Bei mir läuft KDE gar nicht.
Völlig korrekt. Logisch. Aber sinnfrei.
[David Haller in opensuse-de]
--
AppArmor mailing list
AppArmor@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com
Hello,
Am Montag, 5. November 2012 schrieb John Johansen:
On 11/01/2012 11:06 AM, Christian Boltz wrote:
here's a patch that speeds up aa-decode - in my case from 1.9s to
0.3s (test log with about 900 lines, with 16 encoded lines)
The trick is to use bash regex matching instead
strict validation/
error highlighting
BTW: Feel free to steal my AppArmor slides (or some content from them)
from blog.cboltz.de ;-) (LibreOffice files available on request)
Regards,
Christian Boltz
--
But you are probably also complaining if local root exploits in the
kernel are fixed
detect conflicting rules like
allow deny /foo rw,
as an error?
Regards,
Christian Boltz
--
Dabei müsste er nur seine Entern-Taste gangbar bekommen, Debian
lauffähig im Grundgerüst bekommt man ja beinahe automatisiert
installiert, wenn man ein Weizenkorn auf die Entertaste malt und
ein Huhn vor
Hello,
Am Mittwoch, 7. November 2012 schrieb John Johansen:
On 11/07/2012 02:44 PM, Christian Boltz wrote:
Am Mittwoch, 7. November 2012 schrieb John Johansen:
let allow be used as a prefix in place of deny. Allow is the
default
and is implicit so it is not needed but some user keep
for trunk or also for the 2.8
branch is a bit tricky because it depends on the kernel version and
unfortunately the parser seems to bail out with Invalid capability if
the kernel doesn't support it :-((tested with capability foo ;-)
Regards,
Christian Boltz
--
We work *with* SUSE
Not backported (= remaining differences):
- move extra profiles to /usr/share/apparmor/extra-profiles/
(I doubt we should do this in a minor release)
- capability block_suspend for usr.sbin.nscd (because the 2.8 parser
doesn't support it - which is a problem on its own)
Regards,
Christian Boltz
abstraction?
- @{HOME}/.kde/share/config/kioslaverc r,
+ owner @{HOME}/.kde/share/config/kioslaverc r,
KDE on openSUSE uses ~/.kde4/ - what about
owner @{HOME}/.kde{4,}/share/config/kioslaverc r,
(Note: I don't know if skype is clever enough to check ~/.kde4 ;-)
Regards,
Christian Boltz
the
following? (/usr/bin/virtualbox is just a guess - replace as needed)
aa-complain /usr/bin/virtualbox # [1]
# start and use /usr/bin/virtualbox
aa-logprof
aa-enforce /usr/bin/virtualbox # [1]
Happy new year!
Christian Boltz
[1] aa-complain switches the profile to learning (complain) mode
;-)
Any objections?
Regards,
Christian Boltz
--
ohh.. and ensure that you dont use phpBB, I repeat, dont use phpBB or
you will regret it !! my dog writes better code than that :-P
[Cristian Rodríguez in opensuse-project]
--
AppArmor mailing list
AppArmor@lists.ubuntu.com
Modify settings
Hello,
Am Mittwoch, 2. Januar 2013 schrieb Steve Beattie:
On Wed, Jan 02, 2013 at 04:27:33PM -0800, Steve Beattie wrote:
On Tue, Dec 18, 2012 at 11:21:20PM +0100, Christian Boltz wrote:
Sorry about that, I was both on holiday and ill for most of that week
of December.
Sounds like a bad
/home/*/downloads/ r,
owner /home/*/downloads/** rw,
This could mean two things:
a) you didn't download any file while creating the profile
b) chromium has a clever(?) way to handle downloads in a separate,
unconfined process
Regards,
Christian Boltz
--
The wiki is as much yours
Hello,
Am Mittwoch, 9. Januar 2013 schrieb Aaron Lewis:
I made few tweaks (xfce4, /proc /sys etc.) and the profile / patch is
attached here.
Looks like you forgot the attachment - can you please try again? ;-)
Regards,
Christian Boltz
--
sdfgsdfg
sind denn die Schreibmaschinenkurse an der
to be really sure, I can create a
profile for it)
(and, BTW, it's even possilble to give xosview a cool transparent look
by applying the desktop background image to the xosview*pixmapName ;-)
Regards,
Christian Boltz
--
[Evolution - Message-ID] Oh ja... Apropos: die libcamel (die fuer
diesen Muell
the 'virtual
memory accounting' mode. The update for the base abstraction gives
read access to this file.
To make the collection complete:
Acked-By: Christian Boltz appar...@cboltz.de
Please also backport both patches to the 2.8 branch.
As a side effect of the abstractions/base patch, we should
is going on.
If unsure, just paste the output into a mail ;-)
Regards,
Christian Boltz
--
Der von Ihnen vielleicht erwartete Input wird zu dem eines verstimmten
Mitarbeiters oder eines Crackers der Monate Zeit hat, oder einer Katze,
die über die Tastatur läuft in keinerlei Zusammenhang stehen
will be the final enemy^Wtestcase *eg* - I'm quite sure you know
how hard that can be ;-)
Regards,
Christian Boltz
PS: non-random sig ;-)
--
Quite low is 1 in 4 billion. Murphy could make me believe you saw it
once, but not twice. You could plausibly see it in a stress test rig
This _is_
Hello,
Am Mittwoch, 1. Mai 2013 schrieb Seth Arnold:
On Wed, May 01, 2013 at 05:35:03PM +0200, Christian Boltz wrote:
http://www.google-melange.com/gsoc/proposal/review/google/gsoc2013/kshitij8/1
I've got a handful of concerns; I'm afraid to give them voice, because
I do not wish to blunt
line
+sys.stdout.write('%s\n' % line)
+#print line
See the attachment for the full patch.
Regards,
Christian Boltz
--
the issue has been fixed and everybody moved on to breaking
other stuff :) [Dominique Leuenberger in opensuse-factory]
=== modified file 'common/Make.rules
Hello,
Am Montag, 6. Mai 2013 schrieb Steve Beattie:
On Mon, May 06, 2013 at 11:54:58PM +0200, Christian Boltz wrote:
I'd like to propose the python3 compability changes from trunk r2052
to the 2.8 branch.
Most of trunk r2052 also applies to the 2.8 branch. The only
difference
for send and receive (s/receive,/send,/ and you have the
rule for the sending program)
BTW: please use sender.com and receiver.com instead of foo and bar
to make your mails easier understandable ;-)
Regards,
Christian Boltz
--
Was habt Ihr denn? emacs ist doch ein tolles Betriebssystem!
Das
Hello,
Am Donnerstag, 9. Mai 2013 schrieb John Johansen:
On 05/09/2013 07:16 AM, Christian Boltz wrote:
Could we just switch it to the way that is also used for send?
I'd propose
dbus name=sender.com - name=receiver.com receive,
Advantages are:
- we can keep the arrow
Hello,
Am Dienstag, 28. Mai 2013 schrieb Kshitij Gupta:
I'm Kshitij Gupta from Lucknow, India. I had applied for GSoC under
openSUSE and am glad to have been accepted as a student to work on
Profile management tool for AppArmor under the guidance of Christian
Boltz (Project Mentor).
Now
in the local/* files instead of the main
profile.
Regards,
Christian Boltz
--
RAID: One more disk fails than can be recovered by the redundancy.
-- Andreas Dau
--
AppArmor mailing list
AppArmor@lists.ubuntu.com
Modify settings or unsubscribe
to AppArmor profile tools ;-)
@John: is it easily possible to move the code including version history
to the apparmor repo later? I'd guess it is, but I'm not familiar enough
with bzr...
Regards,
Christian Boltz
--
[scrolling with synaptics touchpad] I'm sorry, I couldn't realise
this feature
CMap tables
- /usr/share/poppler/cMap/** r,
This is now committed to trunk, revision 2120.
The patch looks also interesting for the 2.8 branch. Can you please
commit it there, too?
For the 2.8 branch:
Acked-By: Christian Boltz appar...@cboltz.de
(also valid for trunk of course
the modified profile and
re-install the apparmor-profiles package.)
Sometimes, the user generated profiles may
screw up. (I ended up messing up my Firefox profile while playing
with aa-genprof as a consequence to which my Firefox would never
start-up).
;-)
Regards,
Christian Boltz
[1
minus space - the
space is important) to separate the sig. That's the usual sig delimiter,
and many mail clients have an option to automatically remove the sig
when writing a reply.
Regards,
Christian Boltz
--
Ein wenig künstlerische Freiheit darf doch wohl noch sein, oder?
Nur, falls Du die
;-)
Regards,
Christian Boltz
--
bei Bernd ist alles Zufall.
Glaubst Du nicht, dass da Kristallkugel.pl zugeschlagen hat? Ich bin mir
sicher, dass Bernd sowas auf seinem Rechner hat ;-)
[ Michael Schulz u. Manfred Tremmel über Bernd Brodesser in suse-linux]
--
AppArmor mailing list
AppArmor
.,
therefore I'm asking for an extra strict review (and some testing) ;-)
Regards,
Christian Boltz
--
Ich geh' jetzt erstmal Gummienten beim Wettschwimmen zugucken...
Du Gluecklicher. Ich darf morgen echten eNTen beim Umfallen zuschaun.
[Jochen Erwied und Thomas Ogrisegg
out the schedule for weekly
meetings.
See below for a proposal.
On Thu, Jun 6, 2013 at 12:54 AM, Kshitij Gupta wrote:
On Thu, Jun 6, 2013 at 12:12 AM, Christian Boltz wrote:
Am Mittwoch, 5. Juni 2013 schrieb Kshitij Gupta:
@Christian First off, what mail client do you use? I'd like
Hello,
Am Mittwoch, 12. Juni 2013 schrieb John Johansen:
On 06/05/2013 01:23 PM, Christian Boltz wrote:
you might have noticed the discussion about the libapparmor ruby
bindings build failures on openSUSE Factory, which is the first
version with ruby 2.0.
The problem was that DESTDIR
.
Anyway, I'd say we need a working base (python modules + commandline
interface) first. When we have that, we can add the YaST user interface
on top.
Regards,
Christian Boltz
--
[20:01] * mrdocs grabs a snack first
[20:01] suseROCKs hmm last time mrdocs said he was going to grab
===
Looks like a copy of the old code in config.py. That's why bzr has a
version history - no need to checkin backups of old code ;-)
Regards,
Christian Boltz
--
Sach ma, siggst du alles von mir? ;)
[David Haller in fontlinge-devel]
--
AppArmor mailing list
AppArmor@lists.ubuntu.com
Modify
the
alternation send or receive and send and receive at the same time?
Regards,
Christian Boltz
--
Warum deine Programme auf spanisch ausgeführt werden kommt mir sehr
spanisch vor (*kloink* *Centstücke in die schlechte Wortspielkasse
schmeiß*). [Michael Skiba in opensuse-de]
--
AppArmor mailing
- the test should catch this
exception ;-)
Also note that the last line contains \n\t - this should become a real
line break and tab in the output...
Regards,
Christian Boltz
--
[T-Shirt-Druck] Die meisten Leute haben bedauerlicherweise ein
ImageMagick mit 16-Bit Farbtiefe, da sind 300x300/16 Bit
/.
This was reported by Jakub Wilk jw...@debian.org on Debian bug
#714843.
Acked-by: Seth Arnold seth.arn...@canonical.com
Please also backport the abstractions/fonts patches to the 2.8 branch.
(I will only write one (this) mail for all 3 patches ;-)
Regards,
Christian Boltz
--
[Netscape 4] Wer
big is the risk that your patch breaks something?
Regards,
Christian Boltz
--
If I had a cent for everytime someone complained about single RPM
installation failing with KPackageKit on 11.4, I'd buy Attachmate ;-)
[Martin Schlander in opensuse-factory]
--
AppArmor mailing list
AppArmor
that in one case $options is used and @options in the other.
I somehow doubt that both are correct ;-)
Regards,
Christian Boltz
--
Verwandschaft, f. (pl) : Jemand, der auf dem Sofa sitzt und übelnimmt.
[Ratti in fontlinge-devel]
--
AppArmor mailing list
AppArmor@lists.ubuntu.com
Modify settings
Hello,
same as last time - see attached file ;-)
Regards,
Christian Boltz
--
who needs facts if polemics are that much easier to get into.
[Sven Burmeister in opensuse-factory]
=== modified file 'Testing/severity_test.py'
--- Testing/severity_test.py 2013-07-06 13:27:06 +
+++ Testing
1 - 100 of 1302 matches
Mail list logo