[apparmor] [patch] [parser] allow the parser to process directories as a parameter

John Johansen john.johansen at canonical.com
Sun Sep 29 11:29:10 UTC 2013 

On 09/29/2013 04:06 AM, Christian Boltz wrote:
> Hello,
> 
> Am Sonntag, 29. September 2013 schrieb John Johansen:
>> allow directories to be passed to the parser
>>
>> Allow directories to be passed directly to the parser and handled
>> instead of needing an initscript to find the files in the directory.
> 
> Sounds like a good idea :-)
> 
>> Signed-off-by: John Johansen <john.johansen at canonical.com>
> 
>> --- a/parser/parser_main.c
>> +++ b/parser/parser_main.c
>> @@ -1106,6 +1106,48 @@ out:
>>  	return retval;
>>  }
>>
>> +/* data - name of parent dir */
>> +static int profile_dir_cb(__unused DIR *dir, const char *name, struct
>> stat *st, 
> 
> It may be a silly question, but: what's the purpose of "__unused DIR 
> *dir"? It looks, well, unused (and therefore superfluous) to me ;-)
> 
>> +/* data - name of parent dir */
>> +static int binary_dir_cb(__unused DIR *dir, const char *name, struct
>> stat *st,
> 
> Same silly question about "__unused DIR *dir" here ;-)
> 
the __unused pragma tells the compiler that the parameter is unused in
this function. This keeps the compiler from issuing a warning

The reason we don't just remove the parameter is because this is a
callback from a generic reoutine, and it is used in some of the other
callback functions.

>> diff --git a/parser/parser_misc.c b/parser/parser_misc.c
>> index 67a7779..e3b9d6a 100644
>> --- a/parser/parser_misc.c
>> +++ b/parser/parser_misc.c
>> @@ -51,6 +51,47 @@
> 
>> +static struct ignored_suffix_t ignored_suffixes[] = {
>> +	/* Debian packging files, which are in flux during install
>> +           should be silently ignored. */
>> +	{ ".dpkg-new", 9, 1 },
>> +	{ ".dpkg-old", 9, 1 },
>> +	{ ".dpkg-dist", 10, 1 },
>> +	{ ".dpkg-bak", 9, 1 },
>> +	/* RPM packaging files have traditionally not been silently
>> +           ignored */
>> +	{ ".rpmnew", 7, 0 },
>> +	{ ".rpmsave", 8, 0 },
>> +	/* Backup files should be mentioned */
>> +	{ "~", 1, 0 },
>> +	{ NULL, 0, 0 }
>> +};
> 
> Should we also ignore *.orig and *.rej (from recected patches)? 
> (They should be mentioned.)
> 
yes we could add those, I was just moving/reusing the existing routine.
My plan has been to eventually make this a regex that can be
expanded/overriden with an option

> 
> Regards,
> 
> Christian Boltz
>

More information about the AppArmor mailing list