[apparmor] [PATCH] add --include-template-dir and --include-policy-groups-dir to easyprof

Seth Arnold seth.arnold at canonical.com
Fri Mar 27 22:53:36 UTC 2015 

On Fri, Mar 27, 2015 at 05:15:25PM -0500, Jamie Strandboge wrote:

I only noticed two odddities, one small enough to not mention unless the
other oddity is worth fixing, might sa well fix both at once.

If "warn" is desired below, then:

Acked-by: Seth Arnold <seth.arnold at canonical.com>


> -            files = [os.path.join(easyp.dirs['templates'], options.template)]
> -            apparmor.easyprof.print_files(files)
> +            sys_t = os.path.join(easyp.dirs['templates'], options.template)
> +            inc_t = None
> +            if options.include_templates_dir:
> +                inc_t = os.path.join(easyp.dirs['templates_include'],
> +                                     options.template)
> +
> +            if os.path.exists(sys_t):
> +                apparmor.easyprof.print_files([sys_t])
> +            elif os.path.exists(inc_t):
> +                apparmor.easyprof.print_files([inc_t])
> +            else:
> +                error("Could not find '%s'" % options.template)
>              sys.exit(0)
>          elif options.list_policy_groups:
>              apparmor.easyprof.print_basefilenames(easyp.get_policy_groups())
>              sys.exit(0)
>          elif options.policy_groups and options.show_policy_group:
> +            files = []
>              for g in options.policy_groups.split(','):
> -                files = [os.path.join(easyp.dirs['policygroups'], g)]
> -                apparmor.easyprof.print_files(files)
> +                sys_g = os.path.join(easyp.dirs['policygroups'], g)
> +                inc_g = None
> +                if options.include_policy_groups_dir:
> +                    inc_g = os.path.join(easyp.dirs['policygroups_include'], g)
> +
> +                if os.path.exists(sys_g):
> +                    files.append(sys_g)
> +                elif os.path.exists(inc_g):
> +                    files.append(inc_g)
> +                else:
> +                    warn("Could not find '%s'" % g)

Is this warn() correct? for the similar error of missing templates you're
using exit().

> +
> +            apparmor.easyprof.print_files(files)
>              sys.exit(0)
>          elif binary == None and not options.profile_name and \
>               not options.manifest:

[...]

>              for p in policygroups.split(','):
> -                if not p.startswith('/'):
> -                    p = os.path.join(self.dirs['policygroups'], p)
> -                if not os.path.exists(p):
> +                # If have abs path, just use it
> +                if p.startswith('/'):
> +                    if not os.path.exists(p):
> +                        raise AppArmorException('%s does not exist' % (p))
> +                    self.policy_groups.append(p)
> +                    continue
> +
> +                # Find the policy group since we don't have and abs path

Typo, should be "have an abs"; not really worth fixing if nothing else is
changed..

Thanks
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20150327/e77e1d28/attachment-0001.pgp>

More information about the AppArmor mailing list