[apparmor] [PATCH] add --set-env option to aa-sandbox and move os.chdir()

Thu Feb 6 21:16:50 UTC 2014

On 02/06/2014 02:50 PM, Steve Beattie wrote:
> On Thu, Feb 06, 2014 at 02:34:12PM -0500, Jamie Strandboge wrote:

...

>> @@ -714,6 +720,13 @@
>>      # Only used with dynamic profiles
>>      required_rules = ['audit deny @{HOME}/.Xauthority mrwlk,']
>>  
>> +    for e in opt.setenv_vars:
>> +        if '=' not in e:
>> +            continue
>> +        (key, val) = e.split("=", 1)
>> +        x.new_environ[key] = val
>> +    print(x.new_environ)
> 
> Did the print leak in?

Hehe, yes :)

> Also, this is in run_xsandbox(). Do you not need to do something
> similar in run_sandbox(), or is there a reason to expect not to
> support setting/modifying environment variables for non-graphical apps?
> 
>> +
>>      # aa-exec
>>      try:
>>          rc, report = aa_exec(command, opt, x.new_environ, required_rules)

I do want to do that. See updated patch.

Thanks for the review!

-- 
Jamie Strandboge                 http://www.ubuntu.com/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: aa-sandbox_add_set-env_option-v2.patch
Type: text/x-patch
Size: 1955 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20140206/501ded24/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 884 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20140206/501ded24/attachment.pgp>