[apparmor] GSoC review r80..84

Christian Boltz apparmor at cboltz.de
Mon Sep 23 19:07:19 UTC 2013 

Hello,

the review for r80 is attached. Maybe I'll add some comments on the UI 
later after actually testing aa-mergeprof ;-)

r81..84 look fine :-)


Regards,

Christian Boltz
-- 
http://www1.giga.de/gigahelp/index_gigahelp/0,3597,,00.html
| Leider scheint Euer Browser den Aufbau von Frames zu unterstützen ...
*Leider?* :)
Tut Lynx doch gar nicht. :)   [Andreas Kneib in suse-linux]
-------------- next part --------------
------------------------------------------------------------
revno: 80
committer: Kshitij Gupta <kgupta8592 at gmail.com
branch nick: apparmor-profile-tools
timestamp: Mon 2013-09-23 23:05:25 +0530
message:
  Fixes netrule deletion for includes


=== modified file 'Tools/aa-mergeprof'
--- Tools/aa-mergeprof	2013-09-23 14:02:25 +0000
+++ Tools/aa-mergeprof	2013-09-23 17:35:25 +0000
@@ -97,6 +97,36 @@
         base_other = cleanprofile.CleanProf(False, self.base, self.other)
         deleted += user_base.compare_profiles()
 
+    def conflict_mode(self, profile, hat, allow, path, mode, new_mode, old_mode):
+        conflict_modes = set('uUpPcCiIxX')

# uppercase I should never appear (but it can't hurt to check for it nevertheless ;-)
# also, I'm not aware of uppercase X

+        conflict_x= (old_mode | mode) & conflict_modes
+        if conflict_x:
+        #We may have conflicting x modes
+            if conflict_x & set('x'):
+                conflict_x.remove('x')
+            if conflict_x & set('X'):
+                conflict_x.remove('X')
+            if len(conflict_x) > 1:
+                q = apparmor.aa.hasher()
+                q['headers'] = [_('Path'), path]
+                q['headers'] += [_('Select the appropriate mode'), '']
+                options = []
+                options.append('%s: %s' %(mode, path, apparmor.aa.mode_to_str_user(apparmor.aa.flatten_mode((old_mode | new_mode) - (old_mode & conflict_x)))))
+                options.append('%s: %s' %(mode, path, apparmor.aa.mode_to_str_user(apparmor.aa.flatten_mode((old_mode | new_mode) - (new_mode & conflict_x)))))
+                q['options'] = options
+                q['functions'] = ['CMD_ALLOW', 'CMD_ABORT']

# I'll probably add a comment for the user interface after testing it, but it looks ok for now

+                done = False
+                while not done:
+                    ans, selected = apparmor.aa.UI_PromptUser(q)
+                    if ans == 'CMD_ALLOW':
+                        if selection == 0:
+                            self.user.aa[profile][hat][allow][path][mode] = (old_mode | new_mode) - (old_mode & conflict_x)
+                        elif selection == 1:
+                            self.user.aa[profile][hat][allow][path][mode] = (old_mode | new_mode) - (new_mode & conflict_x)
+                        else:
+                            raise apparmor.aa.AppArmorException(_('Unknown selection'))
+                        done = True



vim:ft=diff

More information about the AppArmor mailing list