[apparmor] [patch] split off serialize_parse_profile_start_line()
Christian Boltz
apparmor at cboltz.de
Tue Mar 3 22:43:28 UTC 2015
Hello,
this patch splits off serialize_parse_profile_start_line() from
serialize_profile_from_old_profile() in aa.py, as a preparation to add
tests and then switch to the upcoming RE_PROFILE_START wrapper function.
Besides moving the code, I replaced write_prof_data[profile][hat]['profile']
and write_prof_data[profile][hat]['external'] with function parameters
to avoid that I have to pass around the full write_prof_data.
Note: The "lineno" parameter is technically superfluous - I kept it to
have the parameters as close to parse_profile_start() as possible and
hope that I can merge those functions later (when we have test coverage).
BTW: serialize_profile_from_old_profile() is the function behind
"(V)iew changes)" in aa-logprof.
As usual, I propose this patch for 2.9 and trunk.
[ split-off-serialize_parse_profile_start.diff ]
=== modified file 'utils/apparmor/aa.py'
--- utils/apparmor/aa.py 2015-03-03 19:15:00 +0000
+++ utils/apparmor/aa.py 2015-03-03 22:26:27 +0000
@@ -3715,6 +3720,35 @@
return string + '\n'
+def serialize_parse_profile_start(line, file, lineno, profile, hat, prof_data_profile, prof_data_external, correct):
+ matches = RE_PROFILE_START.search(line).groups()
+ if profile and profile == hat and matches[3]:
+ hat = matches[3]
+ in_contained_hat = True
+ if prof_data_profile:
+ pass
+ else:
+ if matches[1]:
+ profile = matches[1]
+ else:
+ profile = matches[3]
+ if len(profile.split('//')) >= 2:
+ profile, hat = profile.split('//')[:2]
+ else:
+ hat = None
+ in_contained_hat = False
+ if hat and not prof_data_external:
+ correct = False
+ else:
+ hat = profile
+
+ flags = matches[6]
+ profile = strip_quotes(profile)
+ if hat:
+ hat = strip_quotes(hat)
+
+ return (profile, hat, flags, in_contained_hat, correct)
+
def serialize_profile_from_old_profile(profile_data, name, options):
data = []
string = ''
@@ -3821,31 +3855,9 @@
line = line.rstrip('\n')
#data.append(' ')#data.append('read: '+line)
if RE_PROFILE_START.search(line):
- matches = RE_PROFILE_START.search(line).groups()
- if profile and profile == hat and matches[3]:
- hat = matches[3]
- in_contained_hat = True
- if write_prof_data[profile][hat]['profile']:
- pass
- else:
- if matches[1]:
- profile = matches[1]
- else:
- profile = matches[3]
- if len(profile.split('//')) >= 2:
- profile, hat = profile.split('//')[:2]
- else:
- hat = None
- in_contained_hat = False
- if hat and not write_prof_data[profile][hat]['external']:
- correct = False
- else:
- hat = profile
- flags = matches[6]
- profile = strip_quotes(profile)
- if hat:
- hat = strip_quotes(hat)
+ (profile, hat, flags, in_contained_hat, correct) = serialize_parse_profile_start(
+ line, prof_filename, None, profile, hat, write_prof_data[profile][hat]['profile'], write_prof_data[profile][hat]['external'], correct)
if not write_prof_data[hat]['name'] == profile:
correct = False
Regards,
Christian Boltz
--
BUGS
It is not yet possible to change operating system by writing
to /proc/sys/kernel/ostype. -- Linux sysctl(2) manpage
More information about the AppArmor
mailing list