[apparmor] [patch 05/21] Add stub rules to indicate compilation support for given features.
John Johansen
john.johansen at canonical.com
Wed Mar 19 00:14:27 UTC 2014
On 03/18/2014 05:03 PM, Steve Beattie wrote:
> On Tue, Mar 18, 2014 at 04:48:01PM -0700, John Johansen wrote:
>> On 03/18/2014 04:21 PM, Steve Beattie wrote:
>>> On Mon, Mar 17, 2014 at 04:29:15PM -0700, john.johansen at canonical.com wrote:
<snip>
> Okay, I just found it a bit goofy to get the following:
>
> $ echo 'profile foo { /usr/bin/foo rix, } ' | ./apparmor_parser --dump rule-exprs -Q
> Warning from stdin (line 1): ./apparmor_parser: cannot use or update cache, disable, or force-complain via stdin
> aare: foo -> foo
> aare: /usr/bin/foo -> /usr/bin/foo
> rule: /usr/bin/foo -> /usr/bin/foo (0x914245/0)(((((< 0x201>|< 0x4>)|<
> 0x40>)|< 0x804000>)|< 0x10000>)|< 0x100000>)
>
> rule: \d7 -> \a (0x4/0)< 0x4>
>
> rule: \d32 -> \ (0x4/0)< 0x4>
>
> And I worry about dumping out random garbage from the CharNode that gets
> created for these.
>
Right char node should be able to handle it, but we certainly could make its
output more robust.
More information about the AppArmor
mailing list