[apparmor] [patch 09/11] utils: split out aa-genprof command [v2]

Steve Beattie steve at nxnw.org
Thu Mar 6 18:58:26 UTC 2014 

On Thu, Mar 06, 2014 at 09:41:02AM -0800, Steve Beattie wrote:
> On Thu, Mar 06, 2014 at 01:29:41PM +0100, Christian Boltz wrote:
> > Am Mittwoch, 5. März 2014 schrieb Steve Beattie:
> > > This patch splits out the genprof tool functionality into a separate
> > > command function, merging with the use_autodep function that already
> > > existed.
> > > 
> > > Signed-off-by: Steve Beattie <steve at nxnw.org>
> > ...
> > > Index: b/utils/apparmor/tools.py
> > > ===================================================================
> > > --- a/utils/apparmor/tools.py
> > > +++ b/utils/apparmor/tools.py
> > ...
> > > @@ -209,6 +206,23 @@ class aa_tools:
> > >              if cmd_info[0] != 0:
> > >                  raise apparmor.AppArmorException(cmd_info[1])
> > > 
> > > +    def cmd_autodep(self):
> > > +        for (program, profile) in self.get_next_to_profile():
> > > +            if not program:
> > > +                aaui.UI_Info('Profile %s already exists - skipping.'
> > > % profile) 
> > > +                continue
> > 
> > NAK - this breaks the --force option (assuming the error message is 
> > correct - I didn't test it)
> 
> Not quite. When program is None but profile is not, it indicates that
> the user passed the profile on the command line and not the program. So
> --force will still work if you give the program name on the command
> line.  I agree that the error message should be different/better.
> 
> I hadn't looked to see if we have a function for digging the program
> name out of an existing profile, but I suppose that could happen for
> this situation, and --force would be required in any event. But it's
> a little weird to pass aa-autodep a profile name rather than a program
> name/path to begin with.

How about the attached patch?

-- 
Steve Beattie
<sbeattie at ubuntu.com>
http://NxNW.org/~steve/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: utils-split_out_aa-autodep.patch
Type: text/x-diff
Size: 3347 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20140306/e58388c8/attachment.patch>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20140306/e58388c8/attachment.pgp>

More information about the AppArmor mailing list