[apparmor] [PATCH 7/8] remove support for change_hat 1.4
John Johansen
john.johansen at canonical.com
Sat Sep 21 05:02:27 UTC 2013
On 09/13/2013 09:12 AM, Steve Beattie wrote:
> On Wed, Sep 11, 2013 at 01:47:46AM -0700, Tyler Hicks wrote:
>> From: John Johansen <john.johansen at canonical.com>
>>
>> change_hat 1.4 was an experiement is more directly controlling change_hat
>> by adding hat rulles to the profile. It has not been used since the
>> original experiment (4 years). So remove it
>>
>> Signed-off-by: John Johansen <john.johansen at canonical.com>
>> Acked-by: Seth Arnold <seth.arnold at canonical.com>
>
> Acked-by: Steve Beattie <steve at nxnw.org>
>
> Poking around the modern features directory, I don't see where there's
> a change_hat 1.5 mentioned. Is there a reason to not get rid of the
> rest of the changehat versioning code, like so?
>
None that I can think of
Acked-by: John Johansen <john.johansen at canonical.com>
> Index: b/parser/parser.h
> ===================================================================
> --- a/parser/parser.h
> +++ b/parser/parser.h
> @@ -217,9 +217,6 @@ struct var_string {
>
> #define BOOL int
>
> -#define FLAG_CHANGEHAT_1_4 2
> -#define FLAG_CHANGEHAT_1_5 3
> -
> extern int preprocess_only;
>
> #define PATH_CHROOT_REL 0x1
> @@ -283,7 +280,6 @@ extern int net_af_max_override;
> extern int kernel_load;
> extern int kernel_supports_network;
> extern int kernel_supports_mount;
> -extern int flag_changehat_version;
> extern int conf_verbose;
> extern int conf_quiet;
> extern int names_only;
> Index: b/parser/parser_common.c
> ===================================================================
> --- a/parser/parser_common.c
> +++ b/parser/parser_common.c
> @@ -27,7 +27,6 @@ int net_af_max_override = -1;
> int kernel_load = 1;
> int kernel_supports_network = 1; /* kernel supports network rules */
> int kernel_supports_mount = 0; /* kernel supports mount rules */
> -int flag_changehat_version = FLAG_CHANGEHAT_1_5;
> int conf_verbose = 0;
> int conf_quiet = 0;
> int names_only = 0;
> Index: b/parser/parser_main.c
> ===================================================================
> --- a/parser/parser_main.c
> +++ b/parser/parser_main.c
> @@ -854,13 +854,6 @@ static void get_flags_string(char **flag
> (*flags)[size] = 0;
>
> fclose(f);
> - pos = strstr(*flags, "change_hat=");
> - if (pos) {
> - if (strncmp(pos, "change_hat=1.4", 14) == 0)
> - flag_changehat_version = FLAG_CHANGEHAT_1_4;
> -//fprintf(stderr, "flags string: %s\n", flags_string);
> -//fprintf(stderr, "changehat %d\n", flag_changehat_version);
> - }
> return;
>
> fail:
>
>
>
More information about the AppArmor
mailing list