[apparmor] patch for aa-logprof -f given a special file
Christian Boltz
apparmor at cboltz.de
Tue Nov 4 23:49:31 UTC 2014
Hello,
Am Dienstag, 4. November 2014 schrieb Steve Beattie:
> On Tue, Nov 04, 2014 at 03:15:40PM -0500, Peter Maloney wrote:
> > The perl tools allowed using aa-logprof -f <(...), but the python
> > ones don't. I find it very useful to use with grep to shorten the
> > list of questions for modifying a specific profile, without
> > bothering with updating other profiles with lots of spam you don't
> > care about. And in this particular case I was using head to try to
> > find out which line somewhere makes aa-logprof crash with another
> > problem I'm working on.
> >
> > Would you please accept this patch to change it so it will allow
> > special files again?
>
> Ah yep, that's a good catch. Thanks, I'll apply it.
I know halloween was some days ago, but let me give you "Saures"
nevertheless ;-)
Using the latest aa-logprof with your patch already included:
# aa-logprof -f /
Reading log entries from /.
Updating AppArmor profiles in /etc/apparmor.d.
Traceback (most recent call last):
File "/home/cb/apparmor/HEAD-CLEAN/utils/apparmor/logparser.py", line 333, in read_log
self.LOG = open_file_read(self.filename)
File "/home/cb/apparmor/HEAD-CLEAN/utils/apparmor/common.py", line 171, in open_file_read
return open_file_anymode('r', path, encoding)
File "/home/cb/apparmor/HEAD-CLEAN/utils/apparmor/common.py", line 184, in open_file_anymode
orig = codecs.open(path, mode, encoding, errors=errorhandling)
File "/usr/lib64/python3.4/codecs.py", line 896, in open
file = builtins.open(filename, mode, buffering)
IsADirectoryError: [Errno 21] Is a directory: '/'
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "aa-logprof", line 52, in <module>
apparmor.do_logprof_pass(logmark)
File "/home/cb/apparmor/HEAD-CLEAN/utils/apparmor/aa.py", line 2266, in do_logprof_pass
log = log_reader.read_log(logmark)
File "/home/cb/apparmor/HEAD-CLEAN/utils/apparmor/logparser.py", line 335, in read_log
raise AppArmorException('Can not read AppArmor logfile: ' + self.filename)
apparmor.common.AppArmorException: 'Can not read AppArmor logfile: /'
That's nice, isn't it? ;-)
I propose the following pumpkin^Wpatch (in addition to your patch):
=== modified file 'utils/aa-logprof'
--- utils/aa-logprof 2014-11-04 20:55:26 +0000
+++ utils/aa-logprof 2014-11-04 23:33:43 +0000
@@ -35,6 +35,8 @@
if filename:
if not os.path.exists(filename):
raise apparmor.AppArmorException(_('The logfile %s does not exist. Please check the path') % filename)
+ elif os.path.isdir(filename):
+ raise apparmor.AppArmorException(_('%s is a directory. Please specify a file as logfile') % filename)
else:
apparmor.filename = filename
BTW: aa-genprof has similar code, so it also needs a patch:
=== modified file 'utils/aa-genprof'
--- utils/aa-genprof 2014-10-08 20:07:18 +0000
+++ utils/aa-genprof 2014-11-04 23:37:49 +0000
@@ -65,8 +65,10 @@
if filename:
- if not os.path.isfile(filename):
+ if not os.path.exists(filename):
raise apparmor.AppArmorException(_('The logfile %s does not exist. Please check the path') % filename)
+ elif os.path.isdir(filename):
+ raise apparmor.AppArmorException(_('%s is a directory. Please specify a file as logfile') % filename)
else:
apparmor.filename = filename
(hmm, maybe we should move those checks into aa.py?)
Regards,
Christian Boltz
--
Look at Debian... its stable, works on a variety of platforms.... and
development is racing along at the speed of a turtle with 3 broken legs.
[Joseph M. Gaffney in opensuse]
More information about the AppArmor
mailing list