[Apparmor-dev] Re: Apparmor-dev Digest, Vol 21, Issue 4

Peter Harmsen phaceton at gmail.com
Sun Oct 21 00:53:11 MDT 2007 

I was strugling with quilt in order to patch the kernel with AppArmor.
Without a proper result i think. Since it is the first time i patch this way.

I used the steps outlined on: http://en.opensuse.org/AppArmor_Geeks

"tar zxvf apparmor.tar.gz
 ln -sf apparmor ~/path/to/kernel/sources/patches
 cd ~/path/to/kernel/sources
 quilt push -a"

However i suspected that there are some missing steps because i get continuously
the message:"no patches in series"

So i googled around a little more and crossed this site:
http://web.media.mit.edu/~stefie10/technical/illicit_forks.html

I have the git directory linux-2.6 and apparmor-2.1-961/  in /usr/src
Still the "no patches in series comes up"

Any hint very much appreciated:-)

kind regards,

Peter Harmsen

On 10/20/07, apparmor-dev-request at forge.novell.com
<apparmor-dev-request at forge.novell.com> wrote:
> Send Apparmor-dev mailing list submissions to
>         apparmor-dev at forge.novell.com
>
> To subscribe or unsubscribe via the World Wide Web, visit
>         http://forge.novell.com/mailman/listinfo/apparmor-dev
> or, via email, send a message with subject or body 'help' to
>         apparmor-dev-request at forge.novell.com
>
> You can reach the person managing the list at
>         apparmor-dev-owner at forge.novell.com
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of Apparmor-dev digest..."
>
>
> Today's Topics:
>
>    1. Re: custom kernel+AppArmor (Crispin Cowan)
>    2. [RFR] patch to add checking for newer profile on  exec
>       transition (Dominic Reynolds)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Fri, 19 Oct 2007 14:22:42 -0700
> From: Crispin Cowan <crispin at mercenarylinux.com>
> Subject: Re: [Apparmor-dev] custom kernel+AppArmor
> To: apparmor-dev at forge.novell.com
> Message-ID: <47192022.9050607 at mercenarylinux.com>
> Content-Type: text/plain; charset=ISO-8859-1
>
> Peter Harmsen wrote:
> > Hello,
> >
> > I have compiled kernel 2.6.23 on OpenSuSE 10.3
> > Now obviously AppArmor isn't loaded.
> > Is there a quick and dirty way of getting the AppArmor module loaded?
> >
> The AppArmor module for 10.3 depends on a rather large kernel patch. We
> are working to upstream it, but it is not there yet, so you will have to
> patch your kernel to get the module to load.
>
> Crispin
>
> --
> Crispin Cowan, Ph.D.               http://mercenarylinux.com/
>                Itanium. Vista. GPLv3. Complexity at work
>
>
>
> ------------------------------
>
> Message: 2
> Date: Fri, 19 Oct 2007 15:39:58 -0600
> From: Dominic Reynolds <dominic at mercenarylinux.com>
> Subject: [Apparmor-dev] [RFR] patch to add checking for newer profile
>         on      exec transition
> To: apparmor-dev at forge.novell.com
> Message-ID: <20071019213921.GA26021 at mail.lantnern.com>
> Content-Type: text/plain; charset="us-ascii"
>
> Attached patch extends the patch posted by jesse
> (http://marc.info/?l=apparmor-dev&m=119084823931563&w=2) and adds code along
> the lines that jesse suggests in the email to make sure that we don't recheck
> the repo for a newer version if the profile now satisfies the exec/hat log
> entry being processed.
>
> This patch addresses the bug:
>
> https://bugzilla.novell.com/show_bug.cgi?id=328707
>
> The net result repo interaction is that we will check for new profile when:
>    - processing an unknown hat/execute rejection if its not already in the
>      profile
>    - at the start of processing all the remain events for the profile
>
> There is a window between checking for execs/hats that the profile could be
> updated (so presenting the same problem of a new profile overwriting user
> selections for exec/hats) - however this window is small and the user can
> view the changes before updating the profile.
>
> -dom
> -------------- next part --------------
> A non-text attachment was scrubbed...
> Name: repo-update-check.diff
> Type: text/x-patch
> Size: 4351 bytes
> Desc: not available
> Url : http://forge.novell.com/pipermail/apparmor-dev/attachments/20071019/df80e778/repo-update-check-0001.bin
>
> ------------------------------
>
> _______________________________________________
> Apparmor-dev mailing list
> Apparmor-dev at forge.novell.com
> http://forge.novell.com/mailman/listinfo/apparmor-dev
>
> End of Apparmor-dev Digest, Vol 21, Issue 4
> *******************************************
>


-- 
I have made this letter longer than usual, because i lack the time to
make it short.

More information about the Apparmor-dev mailing list