Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add passphrases.py AppArmor rule #5705

Merged
merged 2 commits into from Jan 14, 2021
Merged

Add passphrases.py AppArmor rule #5705

merged 2 commits into from Jan 14, 2021

Conversation

emkll
Copy link
Contributor

@emkll emkll commented Jan 14, 2021
edited

Status

Ready for review

Description of Changes

Fixes #5703

Testing

From scratch:

OR, if you already have a 1.7.0-rc1 server (virtualized or hardware) already running:

  • edit /etc/apparmor.d/usr.sbin.apache2 and add the line in the AppArmor config
  • unload the existing rules sudo service apparmor teardown
  • restart apparmor sudo service apparmor restart
  • Cannot reproduce the str in [QA 1.7.0] Admin actions for user management trigger 500 #5703
  • No AppArmor deny errors in /var/log/kern.log

Deployment

These changes for both new and existing installs will be handled by the securedrop-app-code debian package.

Checklist

If you made non-trivial code changes:

  • I have written a test plan and validated it for this PR

@emkll emkll added this to Ready for Review in SecureDrop Team Board Jan 14, 2021
@rmol rmol self-assigned this Jan 14, 2021
@rmol rmol moved this from Ready for Review to Under Review in SecureDrop Team Board Jan 14, 2021
@emkll
Copy link
Contributor Author

emkll commented Jan 14, 2021

Added wordlists/ per @rmol 's feedback, should be ready for re-review now

@emkll
Remove wordlist from AppArmor profile
387a803 
The file no longer exists
rmol
rmol approved these changes Jan 14, 2021
View reviewed changes
Copy link
Contributor

@rmol rmol left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good to merge once green. Checked the latest, no apparmor violations seen, journalist interface user addition working, source generation fine.

@emkll emkll mentioned this pull request Jan 14, 2021
Merged
2 tasks
@codecov-io
Copy link

codecov-io commented Jan 14, 2021
edited

Codecov Report

Merging #5705 (387a803) into develop (dc5338d) will not change coverage.
The diff coverage is n/a.

Impacted file tree graph

@@           Coverage Diff            @@
##           develop    #5705   +/-   ##
========================================
  Coverage    85.58%   85.58%           
========================================
  Files           52       52           
  Lines         3773     3773           
  Branches       471      471           
========================================
  Hits          3229     3229           
  Misses         439      439           
  Partials       105      105

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update dc5338d...387a803. Read the comment docs.

@conorsch conorsch merged commit 90043b1 into develop Jan 14, 2021
SecureDrop Team Board automation moved this from Under Review to Done Jan 14, 2021
@rmol rmol deleted the 5703-update-apparmor branch June 23, 2021 14:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rmol rmol rmol approved these changes

@conorsch conorsch Awaiting requested review from conorsch

@kushaldas kushaldas Awaiting requested review from kushaldas

Assignees

@rmol rmol

Labels
None yet
Projects
No open projects
SecureDrop Team Board
Done
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[QA 1.7.0] Admin actions for user management trigger 500
4 participants
@emkll @codecov-io @rmol @conorsch