[apparmor] [parser patch] fix apparmor cache tempfile location to use passed arg v2
John Johansen
john.johansen at canonical.com
Fri Jul 26 07:12:30 UTC 2013
On 07/25/2013 11:57 PM, Steve Beattie wrote:
> On Thu, Jul 25, 2013 at 07:17:19PM -0700, Seth Arnold wrote:
>> Acked-by: Seth Arnold <seth.arnold at canonical.com>
>
> In case people were wondering why I hadn't committed this yet,
> I self-NACKed my patch because I had committed the unpardonable sin
> of not writing a testcase to demonstrate the issue and to address
> Tyler's question about PERROR vs. pwarn() for this specific case.
> Below is v2 of the patch with a couple of testcases added and the
> conversion to pwarn() so that -q will silence the warning if it failed
> to rename() the cache file into place.
>
> Also, submitting this for 2.8 as well. (It should be noted that Ubuntu
> has incorporated v1 of this patch in the saucy devel release.)
>
> Subject: [patch] fix apparmor cache tempfile location to use passed arg v2
>
> This patch fixes problems in the handling of both the final cache
> name location and the temporary cache file when an alternate location
> is specified.
>
> The first issue is that if the alternate cache directory location was
> specified, the alternate directory name would be used as the final location for
> the cache file, rather than the alternate directory + the basename of
> the profile.
>
> The second issue is that it would generate the temporary file that it
> stores the cache file in [basedir]/cache even if an alternate cache
> location was specified on the command line. This causes a problem
> if [basedir]/cache is on a separate device than the alternate cache
> location, because the rename() of the tempfile into the final location
> would fail (which the parser would not check the return code of).
>
> This patch fixes the above by incorporating the basename into the cache
> file name if the alternate cache location has been specified, bases the
> temporary cache file name on the destination cache name (such that they
> end up in the same directory), and finally detects if the rename fails
> and unlinks the temporary file if that happens (rather than leave it
> around). It also has been updated to add a couple of testcases to verify
> that writing and reading from an alternate cache location work.
>
> Patch history:
> v1: first draft of patch
> v2: add testcases, convert PERROR() to pwarn() if rename() fails for
> placing cachefile into place.
>
> Signed-off-by: Steve Beattie <sbeattie at ubuntu.com>
>
Acked-by: John Johansen <john.johansen at canonical.com>
More information about the AppArmor
mailing list