[apparmor] [patch 05/11] utils: let aa-disable take profile name as arguments
Seth Arnold
seth.arnold at canonical.com
Thu Mar 6 06:44:46 UTC 2014
On Wed, Mar 05, 2014 at 05:44:39PM -0800, Steve Beattie wrote:
> This patch modifies the aa-disable tool implementation to allow it to
> take a profile name (rather than a program name) as the argument(s)
> for what to disable, as this was supported behavior in the perl
> tools. (The rest of the commands that make use of the aa_tools.act()
> method have not been exercised with this patch in place, as further
> patches will separate those out.)
>
> Signed-off-by: Steve Beattie <steve at nxnw.org>
Acked-by: Seth Arnold <seth.arnold at canonical.com>
Thanks
> ---
> utils/apparmor/tools.py | 46 ++++++++++++++++++++++++++++++++++------------
> 1 file changed, 34 insertions(+), 12 deletions(-)
>
> Index: b/utils/apparmor/tools.py
> ===================================================================
> --- a/utils/apparmor/tools.py
> +++ b/utils/apparmor/tools.py
> @@ -55,22 +55,43 @@ class aa_tools:
> raise apparmor.AppArmorException("Can't find AppArmor disable directory %s" % self.disabledir)
>
> def get_next_to_profile(self):
> + '''Iterator function to walk the list of arguments passed'''
> +
> for p in self.profiling:
> if not p:
> continue
>
> - program = p
> + program = None
> + profile = None
> if os.path.exists(p):
> - program = apparmor.get_full_path(p).strip()
> + fq_path = apparmor.get_full_path(p).strip()
> + if os.path.commonprefix([apparmor.profile_dir, fq_path]) == apparmor.profile_dir:
> + program = None
> + profile = fq_path
> + else:
> + program = fq_path
> + profile = apparmor.get_profile_filename(fq_path)
> else:
> which = apparmor.which(p)
> - if which:
> + if which is not None:
> program = apparmor.get_full_path(which)
> + profile = apparmor.get_profile_filename(program)
> + elif os.path.exists(os.path.join(apparmor.profile_dir, p)):
> + program = None
> + profile = apparmor.get_full_path(os.path.join(apparmor.profile_dir, p)).strip()
> + else:
> + if '/' not in p:
> + aaui.UI_Info(_("Can't find %s in the system path list. If the name of the application\nis correct, please run 'which %s' as a user with correct PATH\nenvironment set up in order to find the fully-qualified path and\nuse the full path as parameter.") % (p, p))
> + else:
> + aaui.UI_Info(_("%s does not exist, please double-check the path.") % p)
> + continue
>
> - yield program
> + yield (program, profile)
>
> def act(self):
> - for program in self.get_next_to_profile():
> + for (program, profile) in self.get_next_to_profile():
> + if program is None:
> + program = profile
>
> apparmor.read_profiles()
>
> @@ -124,19 +145,20 @@ class aa_tools:
> sys.exit(1)
>
> def cmd_disable(self):
> - for program in self.get_next_to_profile():
> - filename = apparmor.get_profile_filename(program)
> + for (program, profile) in self.get_next_to_profile():
> +
> + output_name = profile if program is None else program
>
> - if not os.path.isfile(filename) or apparmor.is_skippable_file(filename):
> - aaui.UI_Info(_('Profile for %s not found, skipping') % program)
> + if not os.path.isfile(profile) or apparmor.is_skippable_file(profile):
> + aaui.UI_Info(_('Profile for %s not found, skipping') % output_name)
> continue
>
> - aaui.UI_Info(_('Disabling %s.') % program)
> - self.disable_profile(filename)
> + aaui.UI_Info(_('Disabling %s.') % output_name)
> + self.disable_profile(profile)
>
> # FIXME: this should be a profile_remove function/method
> # FIXME: should ensure profile is loaded before unloading
> - cmd_info = cmd([apparmor.parser, '-I%s' % apparmor.profile_dir, '-R', filename])
> + cmd_info = cmd([apparmor.parser, '-I%s' % apparmor.profile_dir, '-R', profile])
>
> if cmd_info[0] != 0:
> raise apparmor.AppArmorException(cmd_info[1])
>
>
> --
> AppArmor mailing list
> AppArmor at lists.ubuntu.com
> Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20140305/5e7f2aa2/attachment.pgp>
More information about the AppArmor
mailing list