[apparmor] [patch] [1/7] Add a 'details' group to RE_PROFILE_PTRACE

John Johansen john.johansen at canonical.com
Sat Dec 26 23:33:59 UTC 2015 

On 12/08/2015 11:30 AM, Christian Boltz wrote:
> Hello,
> 
> as a preparation for the PtraceRule class, add a <details> match group
> to RE_PROFILE_PTRACE.
> 
> Also adjust test-regex_matches.py for the added group.
> 
> Note: RE_PROFILE_PTRACE is only used in aa.py, and only matches[0..2]
> are used. 0 and 1 are audit and allow/deny and 2 is and stays the whole
> rule (except audit and allow/deny). Therefore no aa.py changes are
> needed.
> 
> 
So this series (in my poor python review fashion) looks good

Acked-by: John Johansen <john.johansen at canonical.com>

> [ 28-add-details-group-to-RE_PROFILE_PTRACE.diff ]
> 
> === modified file ./utils/apparmor/regex.py
> --- utils/apparmor/regex.py     2015-11-19 17:42:26.313879200 +0100
> +++ utils/apparmor/regex.py     2015-11-23 21:15:07.903293871 +0100
> @@ -49,7 +49,7 @@
>  RE_PROFILE_DBUS         = re.compile(RE_AUDIT_DENY + '(dbus\s*,|dbus\s+[^#]*\s*,)' + RE_EOL)
>  RE_PROFILE_MOUNT        = re.compile(RE_AUDIT_DENY + '((mount|remount|umount|unmount)(\s+[^#]*)?\s*,)' + RE_EOL)
>  RE_PROFILE_SIGNAL       = re.compile(RE_AUDIT_DENY + '(signal\s*,|signal(?P<details>\s+[^#]*)\s*,)' + RE_EOL)
> -RE_PROFILE_PTRACE       = re.compile(RE_AUDIT_DENY + '(ptrace\s*,|ptrace\s+[^#]*\s*,)' + RE_EOL)
> +RE_PROFILE_PTRACE       = re.compile(RE_AUDIT_DENY + '(ptrace\s*,|ptrace(?P<details>\s+[^#]*)\s*,)' + RE_EOL)
>  RE_PROFILE_PIVOT_ROOT   = re.compile(RE_AUDIT_DENY + '(pivot_root\s*,|pivot_root\s+[^#]*\s*,)' + RE_EOL)
>  RE_PROFILE_UNIX         = re.compile(RE_AUDIT_DENY + '(unix\s*,|unix\s+[^#]*\s*,)' + RE_EOL)
>  
> === modified file ./utils/test/test-regex_matches.py
> --- utils/test/test-regex_matches.py    2015-11-19 17:42:26.313879200 +0100
> +++ utils/test/test-regex_matches.py    2015-11-23 21:29:00.314250380 +0100
> @@ -321,14 +321,13 @@
>          self.regex = aa.RE_PROFILE_PTRACE
>  
>      tests = [
> -        ('   ptrace,', (None, None, 'ptrace,', None)),
> -        ('   audit ptrace,', ('audit', None, 'ptrace,', None)),
> -        ('   ptrace trace,', (None, None, 'ptrace trace,', None)),
> -        ('   ptrace (tracedby, readby),',
> -         (None, None, 'ptrace (tracedby, readby),', None)),
> -        ('   audit ptrace (read),', ('audit', None, 'ptrace (read),', None)),
> -        ('   ptrace trace peer=/usr/sbin/daemon,',
> -         (None, None, 'ptrace trace peer=/usr/sbin/daemon,', None)),
> +        #                                            audit      allow  rule                                     rule details                    comment
> +        ('   ptrace,',                              (None,      None, 'ptrace,',                                None,                           None)),
> +        ('   audit ptrace,',                        ('audit',   None, 'ptrace,',                                None,                           None)),
> +        ('   ptrace trace,',                        (None,      None, 'ptrace trace,',                          'trace',                        None)),
> +        ('   ptrace (tracedby, readby),',           (None,      None, 'ptrace (tracedby, readby),',             '(tracedby, readby)',           None)),
> +        ('   audit ptrace (read),',                 ('audit',   None, 'ptrace (read),',                         '(read)',                       None)),
> +        ('   ptrace trace peer=/usr/sbin/daemon,',  (None,      None, 'ptrace trace peer=/usr/sbin/daemon,',    'trace peer=/usr/sbin/daemon',  None)),
>  
>          ('   ptraceback,', False),
>          ('   audit ptraceback,', False),
> 
> 
> 
> Regards,
> 
> Christian Boltz
>

More information about the AppArmor mailing list