[apparmor] [patch 3/3] utils: use capability rule class in aa.py and cleanprof.py
Steve Beattie
steve at nxnw.org
Thu Dec 4 17:55:19 UTC 2014
On Wed, Dec 03, 2014 at 11:56:51PM +0100, Christian Boltz wrote:
> Some more testing showed that aa-cleanprof deletes some capability
> rules that are not covered by any abstraction.
>
> Please apply the following patch on top of the patchset to fix this.
Acked-by: Steve Beattie <steve at nxnw.org>
> diff -u -p -r v5-utils-sbeattie/apparmor/cleanprofile.py utils/apparmor/cleanprofile.py
> --- v5-utils-sbeattie/apparmor/cleanprofile.py 2014-12-03 20:24:23.377470648 +0100
> +++ utils/apparmor/cleanprofile.py 2014-12-03 23:28:52.117687706 +0100
> @@ -65,7 +65,7 @@ class CleanProf(object):
> deleted += apparmor.aa.delete_duplicates(self.other.aa[program][hat], inc)
>
> #Clean the duplicates of caps in other profile
> - if self.same_file:
> + if not self.same_file:
> deleted += self.other.aa[program][hat]['capability'].delete_duplicates(self.profile.aa[program][hat]['capability'])
>
> #Clean the duplicates of path in other profile
--
Steve Beattie
<sbeattie at ubuntu.com>
http://NxNW.org/~steve/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20141204/9f7f26d4/attachment.pgp>
More information about the AppArmor
mailing list