[apparmor] [patch] convert serialize_parse_profile_start() to use parse_profile_start_line()

Christian Boltz apparmor at cboltz.de
Wed Apr 1 08:51:34 UTC 2015 

Hello,

Am Dienstag, 31. März 2015 schrieb Steve Beattie:
> On Thu, Mar 05, 2015 at 09:19:01PM +0100, Christian Boltz wrote:
...
> > [
> > 14-convert-serialize_parse_profile_start-to-use-parse_profile_start
> > _line.diff ]
...
> > --- utils/test/test-aa.py       2015-03-05 19:35:43.910167560 +0100
> > +++ utils/test/test-aa.py       2015-03-05 20:40:14.951079779 +0100
> > @@ -261,9 +261,19 @@ class AaTest_serialize_parse_profile_sta
> > 
> >          expected = ('/foo', '/foo', None, False, True) # note that
> >          in_contained_hat == False and that profile == hat == child
> >          profile self.assertEqual(result, expected)
> > 
> > +    def test_serialize_parse_profile_start_14(self):
> > +        result = self._parse('/ext//hat {', '/bar', '/bar', True,
> > True) # external hat inside a profile - XXX should this error out?
> > +        expected = ('/ext', '/ext', None, False, True) # XXX
> > additionally note that hat == profile, but should be 'hat' +       
> > self.assertEqual(result, expected)
> > +
> > +    def test_serialize_parse_profile_start_15(self):
> > +        result = self._parse('/ext//hat {', '/bar', '/bar', True,
> > False) # external hat inside a profile - XXX should this error out?
> > +        expected = ('/ext', 'hat', None, False, False)
> > +        self.assertEqual(result, expected)
> 
> Interestingly, the parser won't accept these:
> 
>   $ echo 'profile foo { /ext//hat { /bin/true r, } /bin/false r, }'  |
> apparmor_parser -dd -QK AppArmor parser error, in stdin line 1:
> syntax error, unexpected TOK_OPEN, expecting TOK_MODE
> 
> but will accept it when given the profile keyword:
...
> I suspect you're correct that the tools should raise an exception for
> the cases you added.

This was on my TODO list - "was" because patch 27 already raises 
exception for the cases quoted above ;-)


Regards,

Christian Boltz
-- 
> David, bitte wegschauen... Nein David, das hast Du nicht gesehen. Es
> ist alles OK, David... Ganz ruhig... :-)
*augen wieder aufmach* *haende von den ohren nehm*
Haeh? Was? Hab ich was verpasst?
[> Thomas Hertweck und David Haller in suse-linux]

More information about the AppArmor mailing list