[apparmor] [patch] Set log_event flag in collapse_log()

[Christian Boltz]

Hello,

collapse_log() creates temporary SignalRule etc. objects which are then
checked against the existing profile content.

These temporary objects are based on log events, therefore flag them as
such. This will ensure proper handling and escaping by the AARE class.


[ 36-collapse-log-set-log_event.diff ]

=== modified file ./utils/apparmor/aa.py
--- utils/apparmor/aa.py        2015-12-08 19:30:43.210864711 +0100
+++ utils/apparmor/aa.py        2015-12-10 12:38:08.008844270 +0100
@@ -2509,26 +2509,26 @@
                 for cap in prelog[aamode][profile][hat]['capability'].keys():
                     # If capability not already in profile
                     # XXX remove first check when we have proper profile initialisation
-                    if aa[profile][hat].get('capability', False) and not aa[profile][hat]['capability'].is_covered(CapabilityRule(cap)):
+                    if aa[profile][hat].get('capability', False) and not aa[profile][hat]['capability'].is_covered(CapabilityRule(cap, log_event=True)):
                         log_dict[aamode][profile][hat]['capability'][cap] = True
 
                 nd = prelog[aamode][profile][hat]['netdomain']
                 for family in nd.keys():
                     for sock_type in nd[family].keys():
-                        if not is_known_rule(aa[profile][hat], 'network', NetworkRule(family, sock_type)):
+                        if not is_known_rule(aa[profile][hat], 'network', NetworkRule(family, sock_type, log_event=True)):
                             log_dict[aamode][profile][hat]['netdomain'][family][sock_type] = True
 
                 ptrace = prelog[aamode][profile][hat]['ptrace']
                 for peer in ptrace.keys():
                     for access in ptrace[peer].keys():
-                        if not is_known_rule(aa[profile][hat], 'ptrace', PtraceRule(access, peer)):
+                        if not is_known_rule(aa[profile][hat], 'ptrace', PtraceRule(access, peer, log_event=True)):
                             log_dict[aamode][profile][hat]['ptrace'][peer][access] = True
 
                 sig = prelog[aamode][profile][hat]['signal']
                 for peer in sig.keys():
                     for access in sig[peer].keys():
                         for signal in sig[peer][access].keys():
-                            if not is_known_rule(aa[profile][hat], 'signal', SignalRule(access, signal, peer)):
+                            if not is_known_rule(aa[profile][hat], 'signal', SignalRule(access, signal, peer, log_event=True)):
                                 log_dict[aamode][profile][hat]['signal'][peer][access][signal] = True
 
 


Regards,

Christian Boltz
-- 
Wie meinte doch neulich ein OS/2 oder CygWin-User:
PATH=C:\backspace\return;E:\tab\newline;D:\home
W:\pakete\mypaket\configure --prefix=F:\fondlinge
[Ralf Corsepius in suse-programming]