[apparmor] [patch] Change RE_PROFILE_START to accept variables

Kshitij Gupta kgupta8592 at gmail.com
Sun Aug 2 19:12:26 UTC 2015 

Hello,

On Sun, Jul 12, 2015 at 7:12 PM, Christian Boltz <apparmor at cboltz.de> wrote:

> Hello,
>
> profile name and attachment can contain variables, so the
> RE_PROFILE_START regex should accept it.
> (Note: the variable content isn't checked.)
>
> Also add some tests with variables.
>
>
> [ 72-profile-name-variables.diff ]
>
> diff -ru --exclude .bzr/ ../HEAD-patches-applied/utils/apparmor/regex.py
> ./utils/apparmor/regex.py
> --- utils/apparmor/regex.py     2015-07-09 22:45:43.988215971 +0200
> +++ ./utils/apparmor/regex.py   2015-07-12 15:33:48.267111203 +0200
> @@ -66,9 +66,9 @@
>  RE_PROFILE_START          = re.compile(
>      '^(?P<leadingspace>\s*)' +
>      '(' +
> -        RE_PROFILE_PATH % 'plainprofile' + # just a path
> +        RE_PROFILE_PATH_OR_VAR % 'plainprofile' + # just a path
>          '|' + # or
> -        '(' + 'profile' + '\s+' + RE_PROFILE_NAME % 'namedprofile' +
> '(\s+' + RE_PROFILE_PATH % 'attachment' + ')?' + ')' + # 'profile', profile
> name, optionally attachment
> +        '(' + 'profile' + '\s+' + RE_PROFILE_NAME % 'namedprofile' +
> '(\s+' + RE_PROFILE_PATH_OR_VAR % 'attachment' + ')?' + ')' + # 'profile',
> profile name, optionally attachment
>      ')' +
>      '\s+((flags\s*=\s*)?\((?P<flags>.+)\)\s*)?\{' +
>      RE_EOL)
> diff -ru --exclude .bzr/
> ../HEAD-patches-applied/utils/test/test-regex_matches.py
> ./utils/test/test-regex_matches.py
> --- utils/test/test-regex_matches.py    2015-07-12 15:27:50.882030208 +0200
> +++ ./utils/test/test-regex_matches.py  2015-07-12 15:36:02.317509200 +0200
> @@ -418,6 +418,11 @@
>          ('   /foo flags=(complain) {',    { 'plainprofile': '/foo',
> 'namedprofile': None,          'attachment': None,     'flags': 'complain',
> 'comment': None }),
>          ('   /foo (complain) { # x',      { 'plainprofile': '/foo',
> 'namedprofile': None,          'attachment': None,     'flags': 'complain',
> 'comment': '# x'}),
>          ('   /foo flags = ( complain ){#',{ 'plainprofile': '/foo',
> 'namedprofile': None,          'attachment': None,     'flags': ' complain
> ', 'comment': '#'}),
> +        ('  @{foo} {',                    { 'plainprofile': '@{foo}',
> 'namedprofile': None,          'attachment': None,     'flags': None,
>  'comment': None }),
> +        ('  profile @{foo} {',            { 'plainprofile': None,
> 'namedprofile': '@{foo}',      'attachment': None,     'flags': None,
>  'comment': None }),
> +        ('  profile @{foo} /bar {',       { 'plainprofile': None,
> 'namedprofile': '@{foo}',      'attachment': '/bar',   'flags': None,
>  'comment': None }),
> +        ('  profile foo @{bar} {',        { 'plainprofile': None,
> 'namedprofile': 'foo',         'attachment': '@{bar}', 'flags': None,
>  'comment': None }),
> +        ('  profile @{foo} @{bar} {',     { 'plainprofile': None,
> 'namedprofile': '@{foo}',      'attachment': '@{bar}', 'flags': None,
>  'comment': None }),
>
>          ('   /foo {',                     { 'plainprofile': '/foo',
>  'namedprofile': None,   'leadingspace': '   ' }),
>          ('/foo {',                        { 'plainprofile': '/foo',
>  'namedprofile': None,   'leadingspace': ''    }),
> @@ -445,6 +450,11 @@
>          ('/foo {',                        { 'profile': '/foo',
> 'plainprofile': '/foo', 'namedprofile': None,  'leadingspace': None  }),
>          ('   profile foo {',              { 'profile': 'foo',
>  'plainprofile': None,   'namedprofile': 'foo', 'leadingspace': '   ' }),
>          ('profile foo {',                 { 'profile': 'foo',
>  'plainprofile': None,   'namedprofile': 'foo', 'leadingspace': None  }),
> +        ('  @{foo} {',                    { 'profile': '@{foo}',
> 'plainprofile': '@{foo}',  'namedprofile': None,          'attachment':
> None,     'flags': None,       'comment': None }),
> +        ('  profile @{foo} {',            { 'profile': '@{foo}',
> 'plainprofile': None,      'namedprofile': '@{foo}',      'attachment':
> None,     'flags': None,       'comment': None }),
> +        ('  profile @{foo} /bar {',       { 'profile': '@{foo}',
> 'plainprofile': None,      'namedprofile': '@{foo}',      'attachment':
> '/bar',   'flags': None,       'comment': None }),
> +        ('  profile foo @{bar} {',        { 'profile': 'foo',
>  'plainprofile': None,      'namedprofile': 'foo',         'attachment':
> '@{bar}', 'flags': None,       'comment': None }),
> +        ('  profile @{foo} @{bar} {',     { 'profile': '@{foo}',
> 'plainprofile': None,      'namedprofile': '@{foo}',      'attachment':
> '@{bar}', 'flags': None,       'comment': None }),
>      ]
>
>      def _run_test(self, line, expected):
>
>
>
> Thanks for the patch.

Acked-by: Kshitij Gupta <kgupta8592 at gmail.com>.


> Regards,
>
> Christian Boltz
> --
> Vielleicht habe ich ja Glück und fang mir eine tödliche Krankheit ein,
> dann kann ich das Rauchen wieder anfangen.  [Ratti in fontlinge-devel]
>
>
> --
> AppArmor mailing list
> AppArmor at lists.ubuntu.com
> Modify settings or unsubscribe at:
> https://lists.ubuntu.com/mailman/listinfo/apparmor
>



-- 
Regards,

Kshitij Gupta
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20150803/19102a94/attachment.html>

More information about the AppArmor mailing list