[apparmor] [PATCH] add --include-template-dir and --include-policy-groups-dir to easyprof

Jamie Strandboge jamie at canonical.com
Sat Mar 28 04:12:14 UTC 2015 

On 03/27/2015 05:53 PM, Seth Arnold wrote:
> On Fri, Mar 27, 2015 at 05:15:25PM -0500, Jamie Strandboge wrote:
> 
> I only noticed two odddities, one small enough to not mention unless the
> other oddity is worth fixing, might sa well fix both at once.
> 
> If "warn" is desired below, then:
> 
> Acked-by: Seth Arnold <seth.arnold at canonical.com>
> 
> 
>> -            files = [os.path.join(easyp.dirs['templates'], options.template)]
>> -            apparmor.easyprof.print_files(files)
>> +            sys_t = os.path.join(easyp.dirs['templates'], options.template)
>> +            inc_t = None
>> +            if options.include_templates_dir:
>> +                inc_t = os.path.join(easyp.dirs['templates_include'],
>> +                                     options.template)
>> +
>> +            if os.path.exists(sys_t):
>> +                apparmor.easyprof.print_files([sys_t])
>> +            elif os.path.exists(inc_t):
>> +                apparmor.easyprof.print_files([inc_t])
>> +            else:
>> +                error("Could not find '%s'" % options.template)
>>              sys.exit(0)
>>          elif options.list_policy_groups:
>>              apparmor.easyprof.print_basefilenames(easyp.get_policy_groups())
>>              sys.exit(0)
>>          elif options.policy_groups and options.show_policy_group:
>> +            files = []
>>              for g in options.policy_groups.split(','):
>> -                files = [os.path.join(easyp.dirs['policygroups'], g)]
>> -                apparmor.easyprof.print_files(files)
>> +                sys_g = os.path.join(easyp.dirs['policygroups'], g)
>> +                inc_g = None
>> +                if options.include_policy_groups_dir:
>> +                    inc_g = os.path.join(easyp.dirs['policygroups_include'], g)
>> +
>> +                if os.path.exists(sys_g):
>> +                    files.append(sys_g)
>> +                elif os.path.exists(inc_g):
>> +                    files.append(inc_g)
>> +                else:
>> +                    warn("Could not find '%s'" % g)
> 
> Is this warn() correct? for the similar error of missing templates you're
> using exit().
> 

I did warn() instead of error() because you can only show one template per
invocation whereas you can show multiple groups with just one. The previous
behavior was to simply traceback, which is a form of exit I suppose. I don't
feel strongly either way so if you have a preference for error(), I'm happy to
change it.

-- 
Jamie Strandboge                 http://www.ubuntu.com/

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20150327/5ca9c422/attachment.pgp>

More information about the AppArmor mailing list