[apparmor] [patch] utils: remove aa-enforce '--remove' option

Seth Arnold seth.arnold at canonical.com
Mon Mar 3 22:40:40 UTC 2014 

On Mon, Mar 03, 2014 at 02:09:15PM -0800, Steve Beattie wrote:
> This patch removes the '--remove' option on aa-enforce as well as from
> the man page. It also removes the test entry that contains it, but I
> don't think this is entirely correct because I think the second half
> of the test is dependent on the (now deleted) first half of the test.
> 
> (It also removes a missed reference to --revert in the aa-disable man
> page.)
> 
> Signed-off-by: Steve Beattie <steve at nxnw.org>

Nice, thanks!

Acked-by: Seth Arnold <seth.arnold at canonical.com>

> ---
>  utils/aa-disable.pod         |    2 --
>  utils/aa-enforce             |    7 ++++---
>  utils/aa-enforce.pod         |    7 -------
>  utils/test/minitools_test.py |    5 -----
>  4 files changed, 4 insertions(+), 17 deletions(-)
> 
> Index: b/utils/aa-disable.pod
> ===================================================================
> --- a/utils/aa-disable.pod
> +++ b/utils/aa-disable.pod
> @@ -43,8 +43,6 @@ profile from being loaded on AppArmor st
>  The I<aa-enforce> and I<aa-complain> utilities may be used to to change
>  this behavior.
>  
> -The I<--revert> option can be used to enable the profile.
> -
>  =head1 BUGS
>  
>  If you find any bugs, please report them at
> Index: b/utils/aa-enforce
> ===================================================================
> --- a/utils/aa-enforce
> +++ b/utils/aa-enforce
> @@ -22,11 +22,12 @@ _ = init_translation()
>  
>  parser = argparse.ArgumentParser(description=_('Switch the given program to enforce mode'))
>  parser.add_argument('-d', '--dir', type=str, help=_('path to profiles'))
> -parser.add_argument('-r', '--remove', action='store_true', help=_('switch to complain mode'))
>  parser.add_argument('program', type=str, nargs='+', help=_('name of program'))
>  args = parser.parse_args()
> -# Flipping the remove flag since complain = !enforce
> -args.remove = not args.remove
> +# Set the remove flag since complain = !enforce
> +# XXX remove this entirely once conversion to individual cmd methods
> +# on the Tool class are implemented
> +args.remove = True
>  
>  enforce = apparmor.tools.aa_tools('complain', args)
>  
> Index: b/utils/aa-enforce.pod
> ===================================================================
> --- a/utils/aa-enforce.pod
> +++ b/utils/aa-enforce.pod
> @@ -36,10 +36,6 @@ B<-d --dir / path/to/profiles>
>     Specifies where to look for the AppArmor security profile set.
>     Defaults to /etc/apparmor.d.
>  
> -B<-r --remove>
> -
> -   Removes the enforce mode for the profile.  
> -
>  =head1 DESCRIPTION
>  
>  B<aa-enforce> is used to set one or more profiles to I<enforce> mode.
> @@ -49,9 +45,6 @@ unloads and disables a profile.
>  The default mode for a security policy is enforce and the I<aa-complain>
>  utility must be run to change this behavior.
>  
> -The I<--remove> option can be used to remove the enforce mode for the profile,
> -setting it to complain mode.
> -
>  =head1 BUGS
>  
>  If you find any bugs, please report them at
> Index: b/utils/test/minitools_test.py
> ===================================================================
> --- a/utils/test/minitools_test.py
> +++ b/utils/test/minitools_test.py
> @@ -77,11 +77,6 @@ class Test(unittest.TestCase):
>  
>      def test_enforce(self):
>          #Set ntpd profile to complain mode and check if it was correctly set
> -        subprocess.check_output('%s ./../aa-enforce -d ./profiles -r %s'%(python_interpreter, test_path), shell=True)
> -
> -        self.assertEqual(os.path.islink('./profiles/force-complain/%s'%os.path.basename(local_profilename)), True, 'Failed to create a symlink for %s in force-complain'%local_profilename)
> -        self.assertEqual(apparmor.get_profile_flags(local_profilename, test_path), 'complain', 'Complain flag could not be set in profile %s'%local_profilename)
> -
>  
>          #Set ntpd profile to enforce mode and check if it was correctly set
>          subprocess.check_output('%s ./../aa-enforce -d ./profiles %s'%(python_interpreter, test_path), shell=True)
> -- 
> Steve Beattie
> <sbeattie at ubuntu.com>
> http://NxNW.org/~steve/



> -- 
> AppArmor mailing list
> AppArmor at lists.ubuntu.com
> Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20140303/0b356c1e/attachment.pgp>

More information about the AppArmor mailing list