• John Johansen's avatar
    Initialize AppArmor mediation · 2a881a9e
    John Johansen authored
    When starting dbus-daemon, autodetect AppArmor kernel support and use
    the results from parsing the busconfig to determine if mediation should
    be enabled.
    
    In the busconfig, "enabled" means that kernel support is autodetected
    and, if available, AppArmor mediation occurs in dbus-daemon. In
    "enabled" mode, if kernel support is not detected, mediation is
    disabled. "disabled" means that mediation does not occur. "required"
    means that kernel support must be detected for dbus-daemon to start.
    
    Additionally, when libaudit support is built into dbus-daemon, the
    AppArmor initialization routines set up the audit connection.
    
    Bug: https://bugs.freedesktop.org/show_bug.cgi?id=75113Signed-off-by: default avatarJohn Johansen <john.johansen@canonical.com>
    [tyhicks: Honor enforcement modes and detect AppArmor dbus rule support]
    [tyhicks: fix unreachable return when AppArmor support is built]
    [tyhicks: make bus_apparmor_full_init() able to raise a DBusError]
    Signed-off-by: default avatarTyler Hicks <tyhicks@canonical.com>
    [smcv: _bus_apparmor_aa_supports_dbus: document necessary kernel API guarantee]
    [smcv: bus_apparmor_pre_init: distinguish between OOM and AppArmor not enabled]
    [smcv: document why we open() and not just stat()]
    Reviewed-by: default avatarSimon McVittie <simon.mcvittie@collabora.co.uk>
    Reviewed-by: default avatarTyler Hicks <tyhicks@canonical.com>
    2a881a9e
Name
Last commit
Last update
bus Loading commit data...
cmake Loading commit data...
dbus Loading commit data...
doc Loading commit data...
m4 Loading commit data...
test Loading commit data...
tools Loading commit data...
.gitignore Loading commit data...
.mailmap Loading commit data...
AUTHORS Loading commit data...
COPYING Loading commit data...
ChangeLog Loading commit data...
ChangeLog.pre-1-0 Loading commit data...
ChangeLog.pre-1-2 Loading commit data...
Doxyfile.in Loading commit data...
HACKING Loading commit data...
INSTALL Loading commit data...
Makefile.am Loading commit data...
Makefile.cvs Loading commit data...
NEWS Loading commit data...
NEWS.pre-1-0 Loading commit data...
NEWS.pre-1-2 Loading commit data...
README Loading commit data...
README.cmake Loading commit data...
README.cygwin Loading commit data...
README.launchd Loading commit data...
README.valgrind Loading commit data...
README.win Loading commit data...
README.wince Loading commit data...
autogen.sh Loading commit data...
cleanup-man-pages.sh Loading commit data...
configure.ac Loading commit data...
dbus-1-uninstalled.pc.in Loading commit data...
dbus-1.pc.in Loading commit data...