[apparmor] [patch] Get variable names in aa-mergeprof ask_the_questions() in sync with aa.py
Christian Boltz
apparmor at cboltz.de
Mon May 25 11:36:00 UTC 2015
Hallo,
this patch adds two variable references (aa and changed) in aa-mergeprof
ask_the_questions() so that the code can use the short name and be more
in sync with aa.py ask_the_questions().
With this patch applied, the "for ruletype in ['capability', 'network']:"
block is in sync, with the exception of the sections that intentionally
differ:
- the check for the profile mode
- the default button selection based on profile mode
- the seen_events counter
[ 30-mergeprof-sync-varnames.diff ]
=== modified file utils/aa-mergeprof
--- utils/aa-mergeprof 2015-05-25 13:19:39.629499717 +0200
+++ utils/aa-mergeprof 2015-05-25 13:27:30.773140412 +0200
@@ -235,6 +235,9 @@
done = True
def ask_the_questions(self, other, profile):
+ aa = self.user.aa # keep references so that the code in this function can use the short name
+ changed = apparmor.aa.changed # (and be more in sync with aa.py ask_the_questions())
+
if other == 'other':
other = self.other
else:
@@ -627,12 +630,12 @@
if other.aa[profile][hat].get(ruletype, False): # needed until we have proper profile initialization
for rule_obj in other.aa[profile][hat][ruletype].rules:
- if is_known_rule(self.user.aa[profile][hat], ruletype, rule_obj):
+ if is_known_rule(aa[profile][hat], ruletype, rule_obj):
continue
default_option = 1
options = []
- newincludes = match_includes(self.user.aa[profile][hat], ruletype, rule_obj)
+ newincludes = match_includes(aa[profile][hat], ruletype, rule_obj)
q = aaui.PromptQuestion()
if newincludes:
options += list(map(lambda inc: '#include <%s>' % inc, sorted(set(newincludes))))
@@ -675,32 +678,32 @@
elif ans == 'CMD_ALLOW':
done = True
- apparmor.aa.changed[profile] = True
+ changed[profile] = True
selection = options[selected]
inc = re_match_include(selection)
if inc:
- deleted = delete_duplicates(self.user.aa[profile][hat], inc)
+ deleted = delete_duplicates(aa[profile][hat], inc)
- self.user.aa[profile][hat]['include'][inc] = True
+ aa[profile][hat]['include'][inc] = True
aaui.UI_Info(_('Adding %s to profile.') % selection)
if deleted:
aaui.UI_Info(_('Deleted %s previous matching profile entries.') % deleted)
else:
- self.user.aa[profile][hat][ruletype].add(rule_obj)
+ aa[profile][hat][ruletype].add(rule_obj)
aaui.UI_Info(_('Adding %s to profile.') % rule_obj.get_clean())
elif ans == 'CMD_DENY':
done = True
- apparmor.aa.changed[profile] = True
+ changed[profile] = True
rule_obj.deny = True
rule_obj.raw_rule = None # reset raw rule after manually modifying rule_obj
- self.user.aa[profile][hat][ruletype].add(rule_obj)
+ aa[profile][hat][ruletype].add(rule_obj)
aaui.UI_Info(_('Adding %s to profile.') % rule_obj.get_clean())
else:
Regards,
Christian Boltz
--
Ich selbst benutze kweather nicht (ich guck einfach aus dem Fenster).
[Hartmut Meyer in suse-linux]
More information about the AppArmor
mailing list