[apparmor] [PATCH 7/8] remove support for change_hat 1.4

Steve Beattie steve at nxnw.org
Fri Sep 13 16:12:40 UTC 2013 

On Wed, Sep 11, 2013 at 01:47:46AM -0700, Tyler Hicks wrote:
> From: John Johansen <john.johansen at canonical.com>
> 
> change_hat 1.4 was an experiement is more directly controlling change_hat
> by adding hat rulles to the profile. It has not been used since the
> original experiment (4 years).  So remove it
> 
> Signed-off-by: John Johansen <john.johansen at canonical.com>
> Acked-by: Seth Arnold <seth.arnold at canonical.com>

Acked-by: Steve Beattie <steve at nxnw.org>

Poking around the modern features directory, I don't see where there's
a change_hat 1.5 mentioned.  Is there a reason to not get rid of the
rest of the changehat versioning code, like so?

Index: b/parser/parser.h
===================================================================
--- a/parser/parser.h
+++ b/parser/parser.h
@@ -217,9 +217,6 @@ struct var_string {
 
 #define BOOL int
 
-#define FLAG_CHANGEHAT_1_4  2
-#define FLAG_CHANGEHAT_1_5  3
-
 extern int preprocess_only;
 
 #define PATH_CHROOT_REL 0x1
@@ -283,7 +280,6 @@ extern int net_af_max_override;
 extern int kernel_load;
 extern int kernel_supports_network;
 extern int kernel_supports_mount;
-extern int flag_changehat_version;
 extern int conf_verbose;
 extern int conf_quiet;
 extern int names_only;
Index: b/parser/parser_common.c
===================================================================
--- a/parser/parser_common.c
+++ b/parser/parser_common.c
@@ -27,7 +27,6 @@ int net_af_max_override = -1;
 int kernel_load = 1;
 int kernel_supports_network = 1;        /* kernel supports network rules */
 int kernel_supports_mount = 0;	        /* kernel supports mount rules */
-int flag_changehat_version = FLAG_CHANGEHAT_1_5;
 int conf_verbose = 0;
 int conf_quiet = 0;
 int names_only = 0;
Index: b/parser/parser_main.c
===================================================================
--- a/parser/parser_main.c
+++ b/parser/parser_main.c
@@ -854,13 +854,6 @@ static void get_flags_string(char **flag
 	(*flags)[size] = 0;
 
 	fclose(f);
-	pos = strstr(*flags, "change_hat=");
-	if (pos) {
-		if (strncmp(pos, "change_hat=1.4", 14) == 0)
-			flag_changehat_version = FLAG_CHANGEHAT_1_4;
-//fprintf(stderr, "flags string: %s\n", flags_string);
-//fprintf(stderr, "changehat %d\n", flag_changehat_version);
-	}
 	return;
 
 fail:

-- 
Steve Beattie
<sbeattie at ubuntu.com>
http://NxNW.org/~steve/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20130913/bf917615/attachment.pgp>

More information about the AppArmor mailing list