summary |
shortlog | log |
commit |
commitdiff |
tree
first ⋅ prev ⋅ next
Adrian Szyndela [Thu, 16 Aug 2018 12:40:21 +0000 (14:40 +0200)]
policychecker: removed at_console from checking duplicates
At_console has its own "deprecated" checking rule, so we assume that
at_console rules are those to be removed. Thus, there is no point
in showing "duplicate" warning for duplicate rules in other contexts.
Change-Id: Ifdf7e3745d7ece49772ba3a3aad01a213b657d0c
Adrian Szyndela [Tue, 14 Aug 2018 13:54:50 +0000 (15:54 +0200)]
policychecker: modified 'Unconstrained allow' rule
Unconstrained allow rule was reporting any allow in context default
or mandatory.
Now, it reports those rules in both contexts that:
- allow send_type='method_call' but do not specify destination and interface;
- allow send_path but do not specify destination;
- allow receive_type='method_call' but do not specify sender and interface;
- allow receive_path but do not specify sender.
Additionally, in user and group context send_destination is required
when send_type="method_call" or send_path is present, and receive_sender
is required when receive_type="method_call" or receive_path is present.
Change-Id: Icd822bf4b3e2f105a07e80ca61415410faaeb00a
Karol Lewandowski [Wed, 11 Jul 2018 10:07:55 +0000 (12:07 +0200)]
packaging: make package 'noarch' as it contains only scripts
Change-Id: Ib7aafe0ce59da009259f22469d83cfc7bf25f701
Karol Lewandowski [Wed, 11 Jul 2018 10:07:45 +0000 (12:07 +0200)]
packaging: minor fixes
Change-Id: I8b61b31c52ff190ac6541e90762fd0895ed018e8
Adrian Szyndela [Thu, 28 Jun 2018 12:49:42 +0000 (14:49 +0200)]
packaging, integrating with Tizen
Also, some improvements in shell scripts.
Change-Id: I10a06b8b30f45722746361b7ce27364baaebc957
Aleksy Barcz [Mon, 25 Jun 2018 14:27:38 +0000 (16:27 +0200)]
Policy checker: initial version
Policy checker is based on Schematron, which allows writing
declarative checks for xml files (see rules.xml file for details) and
yields xml output (which is converted to plain text for readability, but it
can be converted to any format). The checker is a shell script, it
depends only on xsltproc (libxslt-tools package in Tizen), so it's very
lightweight.
We can run the checker on any single dbus configuration file, e.g.:
./check ./test-policy.conf (a test policy containing violations of all
the implemented rules). So, during a package installation we can run
the checker on it's dbus configuration file.
Change-Id: I523b7a730fc93a0d4f99bc8ba750be7b6f0e051c
Tizen Infrastructure [Fri, 22 Jun 2018 05:43:52 +0000 (05:43 +0000)]
Initial empty repository