[apparmor] Exception handling in aa-* tools
Steve Beattie
steve at nxnw.org
Wed Nov 5 22:29:57 UTC 2014
On Wed, Nov 05, 2014 at 08:45:18PM +0100, Christian Boltz wrote:
> I discussed this with Kshitij two weeks ago (2014-10-26) on IRC, and it
> looks like using http://pymotw.com/2/cgitb/ (in "write a logfile" mode)
> would make sense in most cases.
>
> Besides hiding the exception details from the user (which are probably
> confusing for non-technical people), cgitb has the advantage that it
> logs the value of variables - that means we get a better picture why
> something crashed without adding lots of debugging code.
>
> The only exception to using cgitb would be AppArmorException - we don't
> really need big logfiles for those exceptions because we already know
> the reason why we raise them ;-) so for AppArmorExceptions, we should
> just print the message.
Well, until we discover we're raising an AppArmor exception and we
don't understand why.
But using cgitb (which is part of python's standard library, for
people like me who didn't already know that) looks like a good choice
for generating debug log information.
--
Steve Beattie
<sbeattie at ubuntu.com>
http://NxNW.org/~steve/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20141105/3defcaa5/attachment.pgp>
More information about the AppArmor
mailing list