[apparmor] [Patch][parser]

[Christian Boltz]

Hello,

Am Freitag, 19. September 2014 schrieb Seth Arnold:
> On Fri, Sep 19, 2014 at 12:27:21PM -0700, John Johansen wrote:
> > fix: Make the parser behave the same as when driven with xargs -n1
> > 
> > Currently the parser is bailing when it fails to load a profile,
> > not processing any potential subsequent profiles in the dir or
> > passed
> > in list. This results in all policy after the first error failing
> > to load, instead of just the profile(s) with the error.
> > 
> > This is a different behavior than what has been done by initscripts
> > that have driven it with xargs -n1, passing it a single profile
> > at a time.
> > 
> > Fix this so that the parser only exits on first error if
> > specifically
> > told to do so.
> > 
> > Note: this does not fix the various failure points in the parser
> > that call exit, instead of returning an error.
> > 
> > Signed-off-by: John Johansen <john.johansen at canonical.com>
> 
> I believe this will address the failures that Jamie's seen. I'm .. on
> the fence about the idea as a whole but I believe this implementation
> is good.

The implementation needs some improvement ;-)

With this patch, the parser exits with $? = 0 even if loading one of the 
profiles fails. Instead, it should set $? != 0 when exiting. I don't 
care too much if it uses the first, the last or the most severe error 
for $? as long as it's != 0 if something failed.

(I already discussed this with John on IRC yesterday, so this mail is 
just a quick summary for the ML archive ;-)


Regards,

Christian Boltz
-- 
Offline ist so ähnlich wie tot, nur langweiliger.
[Kristian Köhntopp in
http://blog.koehntopp.de/archives/2948-Schoener-Wohnen-im-21.-Jahrhundert.html]