[apparmor] [patch] [8/9] Add support for handling dbus rules everywhere

[Christian Boltz]

Hello,

$subject.

"Everywhere" means aa-mergeprof and aa-cleanprof. In theory also
aa-logprof, but that needs some code that parses dbus log events ;-)

Also add some dbus rules to the aa-cleanprof test profiles to ensure
superfluous dbus rules get deleted.


[ 59-enable-DbusRule-everywhere.diff ]

--- utils/apparmor/aa.py        2015-12-26 16:24:40.246989550 +0100
+++ utils/apparmor/aa.py        2015-12-26 16:25:29.090656074 +0100
@@ -62,7 +62,7 @@
 from apparmor.rule.signal     import SignalRuleset,    SignalRule
 from apparmor.rule import parse_modifiers, quote_if_needed
 
-ruletypes = ['capability', 'change_profile', 'network', 'ptrace', 'rlimit', 'signal']
+ruletypes = ['capability', 'change_profile', 'dbus', 'network', 'ptrace', 'rlimit', 'signal']
 
 from apparmor.yasti import SendDataToYast, GetDataFromYast, shutdown_yast
 
=== modified file ./utils/test/cleanprof_test.in
--- utils/test/cleanprof_test.in        2015-12-26 17:39:09.224196858 +0100
+++ utils/test/cleanprof_test.in        2015-12-26 21:16:59.623391061 +0100
@@ -22,6 +22,9 @@
     ptrace tracedby,
     unix (receive) type=dgram,
 
+    dbus send bus=session,
+    dbus send bus=session peer=(label=foo),
+
     set rlimit nofile <= 256,
     set rlimit nofile <= 64,
 
=== modified file ./utils/test/cleanprof_test.out
--- utils/test/cleanprof_test.out       2015-12-26 17:39:09.224196858 +0100
+++ utils/test/cleanprof_test.out       2015-12-26 18:13:19.051300600 +0100
@@ -12,6 +12,8 @@
 
   network stream,
 
+  dbus send bus=session,
+
   signal set=(abrt alrm bus chld fpe hup ill int kill pipe quit segv stkflt term trap usr1 usr2),
 
   ptrace tracedby,


Regards,

Christian Boltz
-- 
[tgz Datei entpacken]           tar xzf <Archiv>
Für weitere Informationen lesen Sie bitte die Manpage oder Ihren Admin.
[Torsten Hallmann in suse-linux]
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20151227/f5547b38/attachment.pgp>