[apparmor] GSoC review r34

Christian Boltz apparmor at cboltz.de
Sat Aug 10 11:39:07 UTC 2013 

Hello,

Am Samstag, 10. August 2013 schrieb Christian Boltz:
> one more (quite harmless) review ;-)

I noticed two additional small issues, see the [v2] in the updated 
review.


Regards,

Christian Boltz
-- 
dU hAsT nAtUeRlIcH rEcHt. MaN mUsS sIcH bEiM lEsEn NuR dArAn GeWoEhNeN.
mAcHt DaNn KeInEn UnTeRsChIeD mEhR.       [Andreas Kneib in suse-linux]
-------------- next part --------------
------------------------------------------------------------
revno: 34
committer: Kshitij Gupta <kgupta8592 at gmail.com
branch nick: apparmor-profile-tools
timestamp: Tue 2013-08-06 01:53:28 +0530
message:
  Some code for logprof

=== added directory 'Tools'
=== added file 'Tools/aa-logprof.py'
--- Tools/aa-logprof.py	1970-01-01 00:00:00 +0000
+++ Tools/aa-logprof.py	2013-08-05 20:23:28 +0000
@@ -0,0 +1,13 @@

+os.environb.putenv('PATH', '/bin/:/sbin/:/usr/bin/:/usr/sbin')

# what's the reason for overriding $PATH ?


=== modified file 'apparmor/aa.py'
--- apparmor/aa.py	2013-08-05 13:25:34 +0000
+++ apparmor/aa.py	2013-08-05 20:23:28 +0000
@@ -3361,17 +3365,25 @@
 
+def store_list_var(var, list_var, value, var_operation):
...
+    if var_operation == '=': 
+        if not var.get(list_var, False):
+            var[list_var] = set(vlist)
+        else:
+            raise AppArmorException('An existing variable redefined')

# better error message please - it's easy to include the variable name

+    else:

# [v2] a comment saying "else" means "+=" would be nice
# [v2] or, better, explicitely check for "+=" and add an else: that errors out saying "invalid var_operation"

+        if var.get(list_var, False):
+            var[list_var] = set(var[list_var] + vlist)
+        else:
+            raise AppArmorException('An existing variable redefined')

# [v2] wrong error message, should be "attemped to append to non-existing variable"
 
# better error message please - it's easy to include the variable name

@@ -3829,8 +3841,8 @@
 
 def get_include_data(filename):
     data = []
-    if os.path.exists(profile_dir + '/' + filename):
-        with open_file_read(profile_dir + '/' + filename) as f_in:
+    if os.path.exists(filename):
+        with open_file_read(filename) as f_in:

# this means get_include_data() needs the full path as parameter



vim:ft=diff

More information about the AppArmor mailing list