[apparmor] GSoC review r75

Christian Boltz apparmor at cboltz.de
Sun Sep 22 21:27:02 UTC 2013 

Hello,

the review for r75 is attached, with two bugs and a To-Do note included.


Regards,

Christian Boltz
-- 
you are spending too much time in web forums or with apache guys if you
are using "+1" and "-1" :-) [Stefan Seyfried in opensuse-factory]
-------------- next part --------------
------------------------------------------------------------
revno: 75
committer: Kshitij Gupta <kgupta8592 at gmail.com
branch nick: apparmor-profile-tools
timestamp: Mon 2013-09-23 02:14:11 +0530
message:
  Fixed the netrule persistence issue in cleanprof, some elementary work for mergeprof


=== modified file 'Tools/aa-mergeprof'
--- Tools/aa-mergeprof	2013-09-22 18:19:19 +0000
+++ Tools/aa-mergeprof	2013-09-22 20:44:11 +0000
@ -17,13 +16,12 @@
 
 profiles = [args.mine, args.base, args.other]
 
 print(profiles)

# debugging code?




# bugs noticed:

(from aa-cleanprof /usr/sbin/ntpd)
[23:08:29] <cboltz> I'm afraid there is a real bug in cleanprof
[23:08:35] <cboltz> it said "Deleted 4 rules"
[23:08:47] <cboltz> but manually diffing the profile shows that it removed 5 rules ;-)
[23:08:56] <kshitij8> damn! you noticed that :P
[23:09:35] <kshitij8> I noticed that after the commit.




# python aa-mergeprof /etc/apparmor.d/usr.sbin.ntpd ./profiles/usr.sbin.ntpd /dev/null 
['/etc/apparmor.d/usr.sbin.ntpd', 'profiles/usr.sbin.ntpd', '/dev/null']
Traceback (most recent call last):
  File "aa-mergeprof", line 72, in <module>
    main()
  File "aa-mergeprof", line 24, in main
    mergeprofiles.clear_common()
  File "aa-mergeprof", line 56, in clear_common
    user_other = cleanprofile.CleanProf(False, user, other)
NameError: global name 'user' is not defined




[23:22:53] <cboltz> oh, mergeprof can now at least print --help output (no syntax error anymore ;-)
[23:23:24] <cboltz> it seems to enforce 3 parameters
[23:23:46] <cboltz> I'd like to also have a way to merge "only" 2 profiles
[23:25:32] <kshitij8> that shouldn't be hard. I'll make the third param optional.
[23:26:01] <kshitij8> and other changes about it ofcourse.



vim:ft=diff

More information about the AppArmor mailing list