[apparmor] [patch] make parser's definition of allowed var names consistent

Christian Boltz apparmor at cboltz.de
Thu Mar 31 21:14:55 UTC 2011 

Hello,

Am Donnerstag, 31. März 2011 schrieb Steve Beattie:
> On Thu, Mar 31, 2011 at 08:12:32PM +0200, Christian Boltz wrote:
> > Am Mittwoch, 30. März 2011 schrieb Christian Boltz:

> Trunk has the shortcut lp:apparmor (or alternatively
> bzr+ssh://bazaar.launchpad.net/+branch/apparmor/), so you can do:
> 
>   bzr checkout lp:apparmor

OK, that worked (after finding out how to set a sane userid in launchpad 
and where the SSH key upload is hidden - is it really only linked on 
some help.launchpad.net pages?

> The 2.6 branch is available from lp:apparmor/2.6 (and similar for the
> 2.5 branch).

Trunk is enough for me ;-)

> (Yes, we need to document this on http://wiki.apparmor.net, sorry
> about that.)

Just paste your mail there...

> > Related question: Where exactly in the source tree should I put
> > apparmor.vim.in and the script to generate apparmor.vim? (The best
> > way is IMHO: one of you creates a directory for apparmor.vim and
> > tells me where it is.)
> 
> The existing apparmor.vim file is in the utils/ subdirectory of the
> tree. That seems a reasonable location to me. Ideally, it would get
> integrated as part of the build (i.e. make) process.

I'd prefer to use a separate (sub)directory so that
a) apparmor.vim stuff doesn't conflict with something else
b) I don't have too many (unrelated) files lying around

What about utils/apparmor_vim/ ?

To give you an idea: my current directory with apparmor.vim looks like 
this (with some comments on what the files are/do):

directly related to apparmor.vim:
-rw-r--r-- 1 cb users 15519 28. Mär 13:23 apparmor.vim
-rw-r--r-- 1 cb users 11689 28. Mär 13:23 apparmor.vim.in
-rwxr-xr-x 1 cb users  5322 11. Jan 16:46 make
-rw-r--r-- 1 cb users    53 11. Jan 16:44 Makefile

some test profiles and sniplets - some with valid, some with 
intentionally broken syntax (to test detection of invalid rules):
-rw-r--r-- 1 cb users  1456 25. Sep 2008  
                                 test_aa_abstractions_authentication
-rw-r--r-- 1 cb users 15456  1. Feb 00:01 test_usr.sbin.httpd2-prefork
-rw-r--r-- 1 cb users   902 25. Sep 2008  test_usr.sbin.identd
-rw-r--r-- 1 cb users  3473  1. Feb 22:31 test_usr.unattached

historical versions (not worth to be pushed to bzr IMHO):
drwxr-xr-x 2 cb users  4096 16. Sep 2008  versionen-opensuse102/
drwxr-xr-x 2 cb users  4096 21. Sep 2008  versionen-opensuse103/
drwxr-xr-x 2 cb users  4096 19. Dez 20:48 versionen-opensuse110/

openSUSE-related script to create a fire-and-forget branch of vim:
(not sure if I should put it to bzr)
-rwxr-xr-x 1 cb users    50 31. Jan 23:59 osc-branch-and-checkout-vim

> Though when thinking about the issue of auto-generating stuff like
> the network protocols, I did have the thought that we could possibly
> build it when generating the tarball for snapshot or release (like we
> currently do for the small amount of autoconf stuff that we have). It
> would require whoever does the release to have the most recent kernel
> headers installed, but that's doable, I think.

Rebuilding the list of network protocols etc. when generating a tarball 
is a very good idea to keep them up-to-date. 

There should also be an easy way to generate these lists so that I can 
build apparmor.vim locally without problems. In other words: the same 
script that you use when generating the tarball ;-)


Regards,

Christian Boltz
-- 
> > That's the part where we create a flame war and then try to
> > collect some useful ideas afterwards. ;-)
> Let's collect ideas directly ;-)
Humm.. interesting.. never thought about that approach. :-)
[> Andreas Jaeger and (>>) Gustavo Niemeyer in opensuse-packaging]

More information about the AppArmor mailing list