[apparmor] debugging aa_change_profile

Steve Beattie steve at nxnw.org
Fri Apr 27 10:46:47 UTC 2012

On Fri, Apr 27, 2012 at 12:16:11AM -0700, Jeroen Ooms wrote:
> > but it worked to manually copy+waste the commands from it. Cluesticks
> > welcome.
> That is actually how people generally use R. It is meant as an
> interactive console. Statistics is very much a trial and error
> practice :-)

Well, sure. But even when I've played statistician (poorly, I might
add), I have tried for reproducible results. :-)

Anyway, I think I figured out how to get R to trap expected failures and
abort if they don't fail as expected. Attached is a patch that does so:

diff --git a/test/test.R b/test/test.R
index d3f1675..902ce06 100644
--- a/test/test.R
+++ b/test/test.R
@@ -12,7 +12,8 @@ read.table("/etc/passwd")
 #test profile
-read.table("/etc/passwd") #deny
+result <- try(read.table("/etc/passwd")) #deny
+if(class(result) != "try-error") stop(result)
 read.table("/etc/group") #allow
 #Change to a hat within the profile, and change back
@@ -20,12 +21,15 @@ mytoken <- as.integer(123);
 aa_change_hat("myhat", mytoken);
 #test hat
-read.table("/etc/passwd") #deny
-read.table("/etc/group") #deny
+result <- try(read.table("/etc/passwd")) #deny
+if(class(result) != "try-error") stop(result)
+result <- try(read.table("/etc/group")) #deny
+if(class(result) != "try-error") stop(result)
 #revert back
 #test without hat
-read.table("/etc/passwd") #deny
+result <- try(read.table("/etc/passwd")) #deny
+if(class(result) != "try-error") stop(result)
 read.table("/etc/group") #allow

This let things continue to work in the face of expected failures in
function calls when invoked like so: R -q --no-save -f test.R

However, it triggered another bug, the ret pointer in the wrapper
functions gets compared to 0, and then gets errno saved to it, but
since it's a valid pointer, it won't equal 0 and so it always gets
errno assigned to it. When operating interactively, I'm guessing
errno is reset between prompts, but when reading from a script,
it definitely does not between R statements, so the aa_revert_hat()
call would fail even though the underlying aa_change_hat() call had
succeeded. The following patch fixes this:

diff --git a/src/aa_change_hat_wrapper.c b/src/aa_change_hat_wrapper.c
index 0040d3b..d853833 100644
--- a/src/aa_change_hat_wrapper.c
+++ b/src/aa_change_hat_wrapper.c
@@ -8,7 +8,7 @@
 void aa_change_hat_wrapper (int *ret, char **subprofile, unsigned long* magic_token) {
   printf("Setting Apparmor Hat...\n");  
   *ret = aa_change_hat (*subprofile,  *magic_token);
-  if(ret != 0){
+  if(*ret != 0){
     *ret = errno;
diff --git a/src/aa_change_profile_wrapper.c b/src/aa_change_profile_wrapper.c
index 1427622..ca8d484 100644
--- a/src/aa_change_profile_wrapper.c
+++ b/src/aa_change_profile_wrapper.c
@@ -7,7 +7,7 @@
 void aa_change_profile_wrapper (int *ret, char **profile) {
   *ret = aa_change_profile (*profile);
-  if(ret != 0){
+  if(*ret != 0){
     *ret = errno;
\ No newline at end of file
diff --git a/src/aa_revert_hat_wrapper.c b/src/aa_revert_hat_wrapper.c
index 367982b..a1a8c6f 100644
--- a/src/aa_revert_hat_wrapper.c
+++ b/src/aa_revert_hat_wrapper.c
@@ -9,7 +9,7 @@ void aa_revert_hat_wrapper (int *ret, unsigned long* magic_token) {
   printf("Trying to revert AppArmor Hat...\n");
   char *nothing;
   *ret = aa_change_hat (nothing, *magic_token);
-  if(ret != 0){
+  if(*ret != 0){
     *ret = errno;

Steve Beattie
<sbeattie at ubuntu.com>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20120427/500612b7/attachment-0001.pgp>

More information about the AppArmor mailing list