[apparmor] [patch] add attachment to parse_profile_start() return values
Christian Boltz
apparmor at cboltz.de
Sat Mar 14 01:05:58 UTC 2015
Hello,
this patch adds the attachment to the parse_profile_start() and
serialize_parse_profile_start() return values, and adjusts the functions
calling the *parse_profile_start() functions to save the attachment in
the "attachment" variable (which isn't used yet).
The patch also adjusts the tests for the added return value.
(Sorry for not getting the resultset right from the beginning!)
I propose this patch for trunk and 2.9.
[ 19-add-attachment-to-parse_profile_start-return-values.diff ]
=== modified file utils/apparmor/aa.py
--- utils/apparmor/aa.py 2015-03-14 01:42:16.776442896 +0100
+++ utils/apparmor/aa.py 2015-03-14 01:20:04.539158271 +0100
@@ -2658,9 +2658,10 @@
else:
hat = profile
+ attachment = matches['attachment']
flags = matches['flags']
- return (profile, hat, flags, in_contained_hat, pps_set_profile, pps_set_hat_external)
+ return (profile, hat, attachment, flags, in_contained_hat, pps_set_profile, pps_set_hat_external)
def parse_profile_data(data, file, do_include):
profile_data = hasher()
@@ -2685,7 +2686,7 @@
lastline = None
# Starting line of a profile
if RE_PROFILE_START.search(line):
- (profile, hat, flags, in_contained_hat, pps_set_profile, pps_set_hat_external) = parse_profile_start(line, file, lineno, profile, hat)
+ (profile, hat, attachment, flags, in_contained_hat, pps_set_profile, pps_set_hat_external) = parse_profile_start(line, file, lineno, profile, hat)
if pps_set_profile:
profile_data[profile][hat]['profile'] = True
if pps_set_hat_external:
@@ -3731,9 +3734,10 @@
else:
hat = profile
+ attachment = matches['attachment']
flags = matches['flags']
- return (profile, hat, flags, in_contained_hat, correct)
+ return (profile, hat, attachment, flags, in_contained_hat, correct)
def serialize_profile_from_old_profile(profile_data, name, options):
data = []
@@ -3842,7 +3846,7 @@
#data.append(' ')#data.append('read: '+line)
if RE_PROFILE_START.search(line):
- (profile, hat, flags, in_contained_hat, correct) = serialize_parse_profile_start(
+ (profile, hat, attachment, flags, in_contained_hat, correct) = serialize_parse_profile_start(
line, prof_filename, None, profile, hat, write_prof_data[profile][hat]['profile'], write_prof_data[profile][hat]['external'], correct)
if not write_prof_data[hat]['name'] == profile:
=== modified file utils/test/test-aa.py
--- utils/test/test-aa.py 2015-03-14 01:42:16.776442896 +0100
+++ utils/test/test-aa.py 2015-03-14 01:20:04.540158212 +0100
@@ -271,32 +271,32 @@
def test_parse_profile_start_01(self):
result = self._parse('/foo {', None, None)
- expected = ('/foo', '/foo', None, False, False, False)
+ expected = ('/foo', '/foo', None, None, False, False, False)
self.assertEqual(result, expected)
def test_parse_profile_start_02(self):
result = self._parse('/foo (complain) {', None, None)
- expected = ('/foo', '/foo', 'complain', False, False, False)
+ expected = ('/foo', '/foo', None, 'complain', False, False, False)
self.assertEqual(result, expected)
def test_parse_profile_start_03(self):
result = self._parse('profile foo /foo {', None, None) # named profile
- expected = ('foo /foo', 'foo /foo', None, False, False, False) # XXX yes, that's what happens with the current code :-/
+ expected = ('foo /foo', 'foo /foo', '/foo', None, False, False, False) # XXX yes, that's what happens with the current code :-/
self.assertEqual(result, expected)
def test_parse_profile_start_04(self):
result = self._parse('profile /foo {', '/bar', '/bar') # child profile
- expected = ('/bar', '/foo', None, True, True, False)
+ expected = ('/bar', '/foo', None, None, True, True, False)
self.assertEqual(result, expected)
def test_parse_profile_start_05(self):
result = self._parse('/foo//bar {', None, None) # external hat
- expected = ('/foo', 'bar', None, False, False, True)
+ expected = ('/foo', 'bar', None, None, False, False, True)
self.assertEqual(result, expected)
def test_parse_profile_start_06(self):
result = self._parse('profile "/foo" (complain) {', None, None)
- expected = ('/foo', '/foo', 'complain', False, False, False)
+ expected = ('/foo', '/foo', None, 'complain', False, False, False)
self.assertEqual(result, expected)
@@ -348,77 +348,77 @@
def test_serialize_parse_profile_start_01(self):
result = self._parse('/foo {', None, None, False, False)
- expected = ('/foo', '/foo', None, False, True)
+ expected = ('/foo', '/foo', None, None, False, True)
self.assertEqual(result, expected)
def test_serialize_parse_profile_start_02(self):
result = self._parse('/foo (complain) {', None, None, False, False)
- expected = ('/foo', '/foo', 'complain', False, True)
+ expected = ('/foo', '/foo', None, 'complain', False, True)
self.assertEqual(result, expected)
def test_serialize_parse_profile_start_03(self):
result = self._parse('profile foo /foo {', None, None, False, False) # named profile
- expected = ('foo /foo', 'foo /foo', None, False, True) # XXX yes, that's what happens with the current code :-/
+ expected = ('foo /foo', 'foo /foo', '/foo', None, False, True) # XXX yes, that's what happens with the current code :-/
self.assertEqual(result, expected)
def test_serialize_parse_profile_start_04(self):
result = self._parse('profile /foo {', '/bar', '/bar', False, False) # child profile
- expected = ('/bar', '/foo', None, True, True)
+ expected = ('/bar', '/foo', None, None, True, True)
self.assertEqual(result, expected)
def test_serialize_parse_profile_start_05(self):
result = self._parse('/foo//bar {', None, None, False, False) # external hat
- expected = ('/foo', 'bar', None, False, False) # note correct == False here
+ expected = ('/foo', 'bar', None, None, False, False) # note correct == False here
self.assertEqual(result, expected)
def test_serialize_parse_profile_start_06(self):
result = self._parse('profile "/foo" (complain) {', None, None, False, False)
- expected = ('/foo', '/foo', 'complain', False, True)
+ expected = ('/foo', '/foo', None, 'complain', False, True)
self.assertEqual(result, expected)
def test_serialize_parse_profile_start_07(self):
result = self._parse('/foo {', None, None, True, False)
- expected = ('/foo', '/foo', None, False, True)
+ expected = ('/foo', '/foo', None, None, False, True)
self.assertEqual(result, expected)
def test_serialize_parse_profile_start_08(self):
result = self._parse('/foo {', None, None, False, True)
- expected = ('/foo', '/foo', None, False, True)
+ expected = ('/foo', '/foo', None, None, False, True)
self.assertEqual(result, expected)
def test_serialize_parse_profile_start_09(self):
result = self._parse('/foo {', None, None, True, True)
- expected = ('/foo', '/foo', None, False, True)
+ expected = ('/foo', '/foo', None, None, False, True)
self.assertEqual(result, expected)
def test_serialize_parse_profile_start_10(self):
result = self._parse('profile /foo {', '/bar', '/bar', True, False) # child profile
- expected = ('/bar', '/foo', None, True, True)
+ expected = ('/bar', '/foo', None, None, True, True)
self.assertEqual(result, expected)
def test_serialize_parse_profile_start_11(self):
result = self._parse('profile /foo {', '/bar', '/bar', False, True) # child profile
- expected = ('/bar', '/foo', None, True, True)
+ expected = ('/bar', '/foo', None, None, True, True)
self.assertEqual(result, expected)
def test_serialize_parse_profile_start_12(self):
result = self._parse('profile /foo {', '/bar', '/bar', True, True) # child profile
- expected = ('/bar', '/foo', None, True, True)
+ expected = ('/bar', '/foo', None, None, True, True)
self.assertEqual(result, expected)
def test_serialize_parse_profile_start_13(self):
result = self._parse('/foo {', '/bar', '/bar', False, False) # child profile without 'profile' keyword - XXX should this error out?
- expected = ('/foo', '/foo', None, False, True) # note that in_contained_hat == False and that profile == hat == child profile
+ expected = ('/foo', '/foo', None, None, False, True) # note that in_contained_hat == False and that profile == hat == child profile
self.assertEqual(result, expected)
def test_serialize_parse_profile_start_14(self):
result = self._parse('/ext//hat {', '/bar', '/bar', True, True) # external hat inside a profile - XXX should this error out?
- expected = ('/ext', '/ext', None, False, True) # XXX additionally note that hat == profile, but should be 'hat'
+ expected = ('/ext', '/ext', None, None, False, True) # XXX additionally note that hat == profile, but should be 'hat'
self.assertEqual(result, expected)
def test_serialize_parse_profile_start_15(self):
result = self._parse('/ext//hat {', '/bar', '/bar', True, False) # external hat inside a profile - XXX should this error out?
- expected = ('/ext', 'hat', None, False, False)
+ expected = ('/ext', 'hat', None, None, False, False)
self.assertEqual(result, expected)
Regards,
Christian Boltz
--
Please, if you use any of my code in your giant list of bad coding
practices, feel free to not attribute me. :) [Seth Arnold in apparmor]
More information about the AppArmor
mailing list