[apparmor] Exception handling in aa-* tools
Christian Boltz
apparmor at cboltz.de
Wed Nov 5 19:45:18 UTC 2014
Hello,
let me separate this part from the "Re: patch for aa-logprof -f given a
special file" discussion:
Am Mittwoch, 5. November 2014 schrieb Steve Beattie:
> Also, it'd be nice to not dump the stack trace by default, but rather
> catch the exception at the top level and report just the message to
> the user (unless perhaps a debugging flag is passed?).
I discussed this with Kshitij two weeks ago (2014-10-26) on IRC, and it
looks like using http://pymotw.com/2/cgitb/ (in "write a logfile" mode)
would make sense in most cases.
Besides hiding the exception details from the user (which are probably
confusing for non-technical people), cgitb has the advantage that it
logs the value of variables - that means we get a better picture why
something crashed without adding lots of debugging code.
The only exception to using cgitb would be AppArmorException - we don't
really need big logfiles for those exceptions because we already know
the reason why we raise them ;-) so for AppArmorExceptions, we should
just print the message.
Regards,
Christian Boltz
--
15:00:48 <bugbot> Meeting started [...] The chair is vuntz. [...]
15:01:58 <coolo> if vuntz is the chair, I'm the table :)
15:02:23 <vuntz> coolo: now tell me, is it best to be the table?
15:02:30 <vuntz> :-)
15:02:36 <Ilmehtar> can we put our feet up on the table?
[from #opensuse-project]
More information about the AppArmor
mailing list