[apparmor] [PATCH 01/31] change cache check so that debugging can see which file caused failure
Christian Boltz
apparmor at cboltz.de
Sat Dec 6 14:05:51 UTC 2014
Hello,
Am Freitag, 5. Dezember 2014 schrieb Tyler Hicks:
> Currently the cache tracks the most recent timestamp of parsed files
> and then compares that to the cache timestamp. This unfortunately
> prevents the parser from being able to know which files caused the
> cache check failure.
>
> Rework the cache check so that there is a debug option, and that
> the cache file timestamp is set first so that we can output
> a deug message for each file that causes a cache check failure.
So you have the timestamp of the newest file that is involved in the
profile? Nice :-)
When writing the cache file, can you please set that timestamp on it?
That would reduce the risk to see
https://bugs.launchpad.net/apparmor/+bug/1392042
https://bugzilla.novell.com/show_bug.cgi?id=904620#c7
a lot.
Including a checksum in the cache file would be even better, but that's
a bigger and more invasive patch - probably not you want to include in
this patch series.
Regards,
Christian Boltz
--
Das hätte man auch kürzer sagen können:
| "Please don't use evolution anymore. It's not intended as a
| mailingprogramm, we're just riding around a little bit on our
| C-Compilers to find out how to break the rules."
Yes, sir. Nice outlooks. [Ratti in suse-linux]
More information about the AppArmor
mailing list