subject:"\[PATCH 09\/17\] doc\: ReSTify apparmor.txt"

Re: [PATCH 09/17] doc: ReSTify apparmor.txt

2017-05-13 Thread John Johansen

On 05/13/2017 04:51 AM, Kees Cook wrote:
> Adjusts for ReST markup and moves under LSM admin guide.
> 
> Cc: John Johansen 
> Signed-off-by: Kees Cook 
Acked-by: John Johansen 

> ---
>  .../apparmor.txt => admin-guide/LSM/apparmor.rst}  | 36 
> ++
>  Documentation/admin-guide/LSM/index.rst|  1 +
>  Documentation/security/00-INDEX|  2 --
>  MAINTAINERS|  1 +
>  security/apparmor/match.c  |  2 +-
>  security/apparmor/policy_unpack.c  |  2 +-
>  6 files changed, 28 insertions(+), 16 deletions(-)
>  rename Documentation/{security/apparmor.txt => admin-guide/LSM/apparmor.rst} 
> (65%)
> 
> diff --git a/Documentation/security/apparmor.txt 
> b/Documentation/admin-guide/LSM/apparmor.rst
> similarity index 65%
> rename from Documentation/security/apparmor.txt
> rename to Documentation/admin-guide/LSM/apparmor.rst
> index 93c1fd7d0635..3e9734bd0e05 100644
> --- a/Documentation/security/apparmor.txt
> +++ b/Documentation/admin-guide/LSM/apparmor.rst
> @@ -1,4 +1,9 @@
>  What is AppArmor? ---
> +
> +AppArmor
> +
> +
> +What is AppArmor?
> +=
>  
>  AppArmor is MAC style security extension for the Linux kernel.  It implements
>  a task centered policy, with task "profiles" being created and loaded
> @@ -6,34 +11,41 @@ from user space.  Tasks on the system that do not have a 
> profile defined for
>  them run in an unconfined state which is equivalent to standard Linux DAC
>  permissions.
>  
>  How to enable/disable ---
> +How to enable/disable
> +=
> +
> +set ``CONFIG_SECURITY_APPARMOR=y``
>  
> -set CONFIG_SECURITY_APPARMOR=y
> +If AppArmor should be selected as the default security module then set::
>  
> -If AppArmor should be selected as the default security module then
> -   set CONFIG_DEFAULT_SECURITY="apparmor"
> -   and CONFIG_SECURITY_APPARMOR_BOOTPARAM_VALUE=1
> +   CONFIG_DEFAULT_SECURITY="apparmor"
> +   CONFIG_SECURITY_APPARMOR_BOOTPARAM_VALUE=1
>  
>  Build the kernel
>  
>  If AppArmor is not the default security module it can be enabled by passing
> -security=apparmor on the kernel's command line.
> +``security=apparmor`` on the kernel's command line.
>  
>  If AppArmor is the default security module it can be disabled by passing
> -apparmor=0, security= (where XXX is valid security module), on the
> -kernel's command line
> +``apparmor=0, security=`` (where ```` is valid security module), on 
> the
> +kernel's command line.
>  
>  For AppArmor to enforce any restrictions beyond standard Linux DAC 
> permissions
>  policy must be loaded into the kernel from user space (see the Documentation
>  and tools links).
>  
>  Documentation ---
> +Documentation
> +=
>  
> -Documentation can be found on the wiki.
> +Documentation can be found on the wiki, linked below.
>  
>  Links ---
> +Links
> +=
>  
>  Mailing List - appar...@lists.ubuntu.com
> +
>  Wiki - http://apparmor.wiki.kernel.org/
> +
>  User space tools - https://launchpad.net/apparmor
> +
>  Kernel module - 
> git://git.kernel.org/pub/scm/linux/kernel/git/jj/apparmor-dev.git
> diff --git a/Documentation/admin-guide/LSM/index.rst 
> b/Documentation/admin-guide/LSM/index.rst
> index cc0e04d63bf9..a4db29410ea0 100644
> --- a/Documentation/admin-guide/LSM/index.rst
> +++ b/Documentation/admin-guide/LSM/index.rst
> @@ -33,4 +33,5 @@ the one "major" module (e.g. SELinux) if there is one 
> configured.
>  .. toctree::
> :maxdepth: 1
>  
> +   apparmor
> SELinux
> diff --git a/Documentation/security/00-INDEX b/Documentation/security/00-INDEX
> index aaa0195418b3..22ebdc02f0dc 100644
> --- a/Documentation/security/00-INDEX
> +++ b/Documentation/security/00-INDEX
> @@ -4,8 +4,6 @@ Smack.txt
>   - documentation on the Smack Linux Security Module.
>  Yama.txt
>   - documentation on the Yama Linux Security Module.
> -apparmor.txt
> - - documentation on the AppArmor security extension.
>  keys-ecryptfs.txt
>   - description of the encryption keys for the ecryptfs filesystem.
>  keys-request-key.txt
> diff --git a/MAINTAINERS b/MAINTAINERS
> index c85108b4f6c7..184cdd32a67e 100644
> --- a/MAINTAINERS
> +++ b/MAINTAINERS
> @@ -11560,6 +11560,7 @@ W:apparmor.wiki.kernel.org
>  T:   git git://git.kernel.org/pub/scm/linux/kernel/git/jj/apparmor-dev.git
>  S:   Supported
>  F:   security/apparmor/
> +F:   Documentation/admin-guide/LSM/apparmor.rst
>  
>  LOADPIN SECURITY MODULE
>  M:   Kees Cook 
> diff --git a/security/apparmor/match.c b/security/apparmor/match.c
> index 960c913381e2..72c604350e80 100644
> --- a/security/apparmor/match.c
> +++ b/security/apparmor/match.c
> @@ -226,7 +226,7 @@ void aa_dfa_free_kref(struct kref *kref)
>   * @flags: flags controlling what type of accept tables are acceptable
>   *

Re: [PATCH 09/17] doc: ReSTify apparmor.txt

2017-05-13 Thread John Johansen

On 05/13/2017 04:51 AM, Kees Cook wrote:
> Adjusts for ReST markup and moves under LSM admin guide.
> 
> Cc: John Johansen 
> Signed-off-by: Kees Cook 
Acked-by: John Johansen 

> ---
>  .../apparmor.txt => admin-guide/LSM/apparmor.rst}  | 36 
> ++
>  Documentation/admin-guide/LSM/index.rst|  1 +
>  Documentation/security/00-INDEX|  2 --
>  MAINTAINERS|  1 +
>  security/apparmor/match.c  |  2 +-
>  security/apparmor/policy_unpack.c  |  2 +-
>  6 files changed, 28 insertions(+), 16 deletions(-)
>  rename Documentation/{security/apparmor.txt => admin-guide/LSM/apparmor.rst} 
> (65%)
> 
> diff --git a/Documentation/security/apparmor.txt 
> b/Documentation/admin-guide/LSM/apparmor.rst
> similarity index 65%
> rename from Documentation/security/apparmor.txt
> rename to Documentation/admin-guide/LSM/apparmor.rst
> index 93c1fd7d0635..3e9734bd0e05 100644
> --- a/Documentation/security/apparmor.txt
> +++ b/Documentation/admin-guide/LSM/apparmor.rst
> @@ -1,4 +1,9 @@
>  What is AppArmor? ---
> +
> +AppArmor
> +
> +
> +What is AppArmor?
> +=
>  
>  AppArmor is MAC style security extension for the Linux kernel.  It implements
>  a task centered policy, with task "profiles" being created and loaded
> @@ -6,34 +11,41 @@ from user space.  Tasks on the system that do not have a 
> profile defined for
>  them run in an unconfined state which is equivalent to standard Linux DAC
>  permissions.
>  
>  How to enable/disable ---
> +How to enable/disable
> +=
> +
> +set ``CONFIG_SECURITY_APPARMOR=y``
>  
> -set CONFIG_SECURITY_APPARMOR=y
> +If AppArmor should be selected as the default security module then set::
>  
> -If AppArmor should be selected as the default security module then
> -   set CONFIG_DEFAULT_SECURITY="apparmor"
> -   and CONFIG_SECURITY_APPARMOR_BOOTPARAM_VALUE=1
> +   CONFIG_DEFAULT_SECURITY="apparmor"
> +   CONFIG_SECURITY_APPARMOR_BOOTPARAM_VALUE=1
>  
>  Build the kernel
>  
>  If AppArmor is not the default security module it can be enabled by passing
> -security=apparmor on the kernel's command line.
> +``security=apparmor`` on the kernel's command line.
>  
>  If AppArmor is the default security module it can be disabled by passing
> -apparmor=0, security= (where XXX is valid security module), on the
> -kernel's command line
> +``apparmor=0, security=`` (where ```` is valid security module), on 
> the
> +kernel's command line.
>  
>  For AppArmor to enforce any restrictions beyond standard Linux DAC 
> permissions
>  policy must be loaded into the kernel from user space (see the Documentation
>  and tools links).
>  
>  Documentation ---
> +Documentation
> +=
>  
> -Documentation can be found on the wiki.
> +Documentation can be found on the wiki, linked below.
>  
>  Links ---
> +Links
> +=
>  
>  Mailing List - appar...@lists.ubuntu.com
> +
>  Wiki - http://apparmor.wiki.kernel.org/
> +
>  User space tools - https://launchpad.net/apparmor
> +
>  Kernel module - 
> git://git.kernel.org/pub/scm/linux/kernel/git/jj/apparmor-dev.git
> diff --git a/Documentation/admin-guide/LSM/index.rst 
> b/Documentation/admin-guide/LSM/index.rst
> index cc0e04d63bf9..a4db29410ea0 100644
> --- a/Documentation/admin-guide/LSM/index.rst
> +++ b/Documentation/admin-guide/LSM/index.rst
> @@ -33,4 +33,5 @@ the one "major" module (e.g. SELinux) if there is one 
> configured.
>  .. toctree::
> :maxdepth: 1
>  
> +   apparmor
> SELinux
> diff --git a/Documentation/security/00-INDEX b/Documentation/security/00-INDEX
> index aaa0195418b3..22ebdc02f0dc 100644
> --- a/Documentation/security/00-INDEX
> +++ b/Documentation/security/00-INDEX
> @@ -4,8 +4,6 @@ Smack.txt
>   - documentation on the Smack Linux Security Module.
>  Yama.txt
>   - documentation on the Yama Linux Security Module.
> -apparmor.txt
> - - documentation on the AppArmor security extension.
>  keys-ecryptfs.txt
>   - description of the encryption keys for the ecryptfs filesystem.
>  keys-request-key.txt
> diff --git a/MAINTAINERS b/MAINTAINERS
> index c85108b4f6c7..184cdd32a67e 100644
> --- a/MAINTAINERS
> +++ b/MAINTAINERS
> @@ -11560,6 +11560,7 @@ W:apparmor.wiki.kernel.org
>  T:   git git://git.kernel.org/pub/scm/linux/kernel/git/jj/apparmor-dev.git
>  S:   Supported
>  F:   security/apparmor/
> +F:   Documentation/admin-guide/LSM/apparmor.rst
>  
>  LOADPIN SECURITY MODULE
>  M:   Kees Cook 
> diff --git a/security/apparmor/match.c b/security/apparmor/match.c
> index 960c913381e2..72c604350e80 100644
> --- a/security/apparmor/match.c
> +++ b/security/apparmor/match.c
> @@ -226,7 +226,7 @@ void aa_dfa_free_kref(struct kref *kref)
>   * @flags: flags controlling what type of accept tables are acceptable
>   *
>   * Unpack a dfa that has been serialized.  To find information on the dfa
> - * format look in

[PATCH 09/17] doc: ReSTify apparmor.txt

2017-05-13 Thread Kees Cook

Adjusts for ReST markup and moves under LSM admin guide.

Cc: John Johansen 
Signed-off-by: Kees Cook 
---
 .../apparmor.txt => admin-guide/LSM/apparmor.rst}  | 36 ++
 Documentation/admin-guide/LSM/index.rst|  1 +
 Documentation/security/00-INDEX|  2 --
 MAINTAINERS|  1 +
 security/apparmor/match.c  |  2 +-
 security/apparmor/policy_unpack.c  |  2 +-
 6 files changed, 28 insertions(+), 16 deletions(-)
 rename Documentation/{security/apparmor.txt => admin-guide/LSM/apparmor.rst} 
(65%)

diff --git a/Documentation/security/apparmor.txt 
b/Documentation/admin-guide/LSM/apparmor.rst
similarity index 65%
rename from Documentation/security/apparmor.txt
rename to Documentation/admin-guide/LSM/apparmor.rst
index 93c1fd7d0635..3e9734bd0e05 100644
--- a/Documentation/security/apparmor.txt
+++ b/Documentation/admin-guide/LSM/apparmor.rst
@@ -1,4 +1,9 @@
 What is AppArmor? ---
+
+AppArmor
+
+
+What is AppArmor?
+=
 
 AppArmor is MAC style security extension for the Linux kernel.  It implements
 a task centered policy, with task "profiles" being created and loaded
@@ -6,34 +11,41 @@ from user space.  Tasks on the system that do not have a 
profile defined for
 them run in an unconfined state which is equivalent to standard Linux DAC
 permissions.
 
 How to enable/disable ---
+How to enable/disable
+=
+
+set ``CONFIG_SECURITY_APPARMOR=y``
 
-set CONFIG_SECURITY_APPARMOR=y
+If AppArmor should be selected as the default security module then set::
 
-If AppArmor should be selected as the default security module then
-   set CONFIG_DEFAULT_SECURITY="apparmor"
-   and CONFIG_SECURITY_APPARMOR_BOOTPARAM_VALUE=1
+   CONFIG_DEFAULT_SECURITY="apparmor"
+   CONFIG_SECURITY_APPARMOR_BOOTPARAM_VALUE=1
 
 Build the kernel
 
 If AppArmor is not the default security module it can be enabled by passing
-security=apparmor on the kernel's command line.
+``security=apparmor`` on the kernel's command line.
 
 If AppArmor is the default security module it can be disabled by passing
-apparmor=0, security= (where XXX is valid security module), on the
-kernel's command line
+``apparmor=0, security=`` (where ```` is valid security module), on the
+kernel's command line.
 
 For AppArmor to enforce any restrictions beyond standard Linux DAC permissions
 policy must be loaded into the kernel from user space (see the Documentation
 and tools links).
 
 Documentation ---
+Documentation
+=
 
-Documentation can be found on the wiki.
+Documentation can be found on the wiki, linked below.
 
 Links ---
+Links
+=
 
 Mailing List - appar...@lists.ubuntu.com
+
 Wiki - http://apparmor.wiki.kernel.org/
+
 User space tools - https://launchpad.net/apparmor
+
 Kernel module - 
git://git.kernel.org/pub/scm/linux/kernel/git/jj/apparmor-dev.git
diff --git a/Documentation/admin-guide/LSM/index.rst 
b/Documentation/admin-guide/LSM/index.rst
index cc0e04d63bf9..a4db29410ea0 100644
--- a/Documentation/admin-guide/LSM/index.rst
+++ b/Documentation/admin-guide/LSM/index.rst
@@ -33,4 +33,5 @@ the one "major" module (e.g. SELinux) if there is one 
configured.
 .. toctree::
:maxdepth: 1
 
+   apparmor
SELinux
diff --git a/Documentation/security/00-INDEX b/Documentation/security/00-INDEX
index aaa0195418b3..22ebdc02f0dc 100644
--- a/Documentation/security/00-INDEX
+++ b/Documentation/security/00-INDEX
@@ -4,8 +4,6 @@ Smack.txt
- documentation on the Smack Linux Security Module.
 Yama.txt
- documentation on the Yama Linux Security Module.
-apparmor.txt
-   - documentation on the AppArmor security extension.
 keys-ecryptfs.txt
- description of the encryption keys for the ecryptfs filesystem.
 keys-request-key.txt
diff --git a/MAINTAINERS b/MAINTAINERS
index c85108b4f6c7..184cdd32a67e 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -11560,6 +11560,7 @@ W:  apparmor.wiki.kernel.org
 T: git git://git.kernel.org/pub/scm/linux/kernel/git/jj/apparmor-dev.git
 S: Supported
 F: security/apparmor/
+F: Documentation/admin-guide/LSM/apparmor.rst
 
 LOADPIN SECURITY MODULE
 M: Kees Cook 
diff --git a/security/apparmor/match.c b/security/apparmor/match.c
index 960c913381e2..72c604350e80 100644
--- a/security/apparmor/match.c
+++ b/security/apparmor/match.c
@@ -226,7 +226,7 @@ void aa_dfa_free_kref(struct kref *kref)
  * @flags: flags controlling what type of accept tables are acceptable
  *
  * Unpack a dfa that has been serialized.  To find information on the dfa
- * format look in Documentation/security/apparmor.txt
+ * format look in Documentation/admin-guide/LSM/apparmor.rst
  * Assumes the dfa @blob stream has been aligned on a 8 byte boundary
  *
  * Returns: an unpacked dfa ready for matching or ERR_PTR on failure
diff --git

[PATCH 09/17] doc: ReSTify apparmor.txt

2017-05-13 Thread Kees Cook

Adjusts for ReST markup and moves under LSM admin guide.

Cc: John Johansen 
Signed-off-by: Kees Cook 
---
 .../apparmor.txt => admin-guide/LSM/apparmor.rst}  | 36 ++
 Documentation/admin-guide/LSM/index.rst|  1 +
 Documentation/security/00-INDEX|  2 --
 MAINTAINERS|  1 +
 security/apparmor/match.c  |  2 +-
 security/apparmor/policy_unpack.c  |  2 +-
 6 files changed, 28 insertions(+), 16 deletions(-)
 rename Documentation/{security/apparmor.txt => admin-guide/LSM/apparmor.rst} 
(65%)

diff --git a/Documentation/security/apparmor.txt 
b/Documentation/admin-guide/LSM/apparmor.rst
similarity index 65%
rename from Documentation/security/apparmor.txt
rename to Documentation/admin-guide/LSM/apparmor.rst
index 93c1fd7d0635..3e9734bd0e05 100644
--- a/Documentation/security/apparmor.txt
+++ b/Documentation/admin-guide/LSM/apparmor.rst
@@ -1,4 +1,9 @@
 What is AppArmor? ---
+
+AppArmor
+
+
+What is AppArmor?
+=
 
 AppArmor is MAC style security extension for the Linux kernel.  It implements
 a task centered policy, with task "profiles" being created and loaded
@@ -6,34 +11,41 @@ from user space.  Tasks on the system that do not have a 
profile defined for
 them run in an unconfined state which is equivalent to standard Linux DAC
 permissions.
 
 How to enable/disable ---
+How to enable/disable
+=
+
+set ``CONFIG_SECURITY_APPARMOR=y``
 
-set CONFIG_SECURITY_APPARMOR=y
+If AppArmor should be selected as the default security module then set::
 
-If AppArmor should be selected as the default security module then
-   set CONFIG_DEFAULT_SECURITY="apparmor"
-   and CONFIG_SECURITY_APPARMOR_BOOTPARAM_VALUE=1
+   CONFIG_DEFAULT_SECURITY="apparmor"
+   CONFIG_SECURITY_APPARMOR_BOOTPARAM_VALUE=1
 
 Build the kernel
 
 If AppArmor is not the default security module it can be enabled by passing
-security=apparmor on the kernel's command line.
+``security=apparmor`` on the kernel's command line.
 
 If AppArmor is the default security module it can be disabled by passing
-apparmor=0, security= (where XXX is valid security module), on the
-kernel's command line
+``apparmor=0, security=`` (where ```` is valid security module), on the
+kernel's command line.
 
 For AppArmor to enforce any restrictions beyond standard Linux DAC permissions
 policy must be loaded into the kernel from user space (see the Documentation
 and tools links).
 
 Documentation ---
+Documentation
+=
 
-Documentation can be found on the wiki.
+Documentation can be found on the wiki, linked below.
 
 Links ---
+Links
+=
 
 Mailing List - appar...@lists.ubuntu.com
+
 Wiki - http://apparmor.wiki.kernel.org/
+
 User space tools - https://launchpad.net/apparmor
+
 Kernel module - 
git://git.kernel.org/pub/scm/linux/kernel/git/jj/apparmor-dev.git
diff --git a/Documentation/admin-guide/LSM/index.rst 
b/Documentation/admin-guide/LSM/index.rst
index cc0e04d63bf9..a4db29410ea0 100644
--- a/Documentation/admin-guide/LSM/index.rst
+++ b/Documentation/admin-guide/LSM/index.rst
@@ -33,4 +33,5 @@ the one "major" module (e.g. SELinux) if there is one 
configured.
 .. toctree::
:maxdepth: 1
 
+   apparmor
SELinux
diff --git a/Documentation/security/00-INDEX b/Documentation/security/00-INDEX
index aaa0195418b3..22ebdc02f0dc 100644
--- a/Documentation/security/00-INDEX
+++ b/Documentation/security/00-INDEX
@@ -4,8 +4,6 @@ Smack.txt
- documentation on the Smack Linux Security Module.
 Yama.txt
- documentation on the Yama Linux Security Module.
-apparmor.txt
-   - documentation on the AppArmor security extension.
 keys-ecryptfs.txt
- description of the encryption keys for the ecryptfs filesystem.
 keys-request-key.txt
diff --git a/MAINTAINERS b/MAINTAINERS
index c85108b4f6c7..184cdd32a67e 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -11560,6 +11560,7 @@ W:  apparmor.wiki.kernel.org
 T: git git://git.kernel.org/pub/scm/linux/kernel/git/jj/apparmor-dev.git
 S: Supported
 F: security/apparmor/
+F: Documentation/admin-guide/LSM/apparmor.rst
 
 LOADPIN SECURITY MODULE
 M: Kees Cook 
diff --git a/security/apparmor/match.c b/security/apparmor/match.c
index 960c913381e2..72c604350e80 100644
--- a/security/apparmor/match.c
+++ b/security/apparmor/match.c
@@ -226,7 +226,7 @@ void aa_dfa_free_kref(struct kref *kref)
  * @flags: flags controlling what type of accept tables are acceptable
  *
  * Unpack a dfa that has been serialized.  To find information on the dfa
- * format look in Documentation/security/apparmor.txt
+ * format look in Documentation/admin-guide/LSM/apparmor.rst
  * Assumes the dfa @blob stream has been aligned on a 8 byte boundary
  *
  * Returns: an unpacked dfa ready for matching or ERR_PTR on failure
diff --git a/security/apparmor/policy_unpack.c 
b/security/apparmor/policy_unpack.c

Re: [PATCH 09/17] doc: ReSTify apparmor.txt

Re: [PATCH 09/17] doc: ReSTify apparmor.txt

[PATCH 09/17] doc: ReSTify apparmor.txt

[PATCH 09/17] doc: ReSTify apparmor.txt

4 matches

Site Navigation

Mail list logo

Footer information