[apparmor] [patch] Let aa-complain delete the disable symlink
Kshitij Gupta
kgupta8592 at gmail.com
Sat May 30 18:26:12 UTC 2015
Hello,
On Mon, May 25, 2015 at 9:42 PM, Christian Boltz <apparmor at cboltz.de> wrote:
> Hello,
>
> aa-complain is part of the enforce/complain/disable triple. Therefore
> I expect it to actually load a profile in complain mode.
>
> To do this, it has to delete the 'disable' symlink, but set_complain()
> in aa.py didn't do this (and therefore kept the profile disabled).
>
>
> I propose this patch for trunk and 2.9.
>
>
> [ 38-aa-complain-delete-disable-symlink.diff ]
>
> === modified file utils/apparmor/aa.py
> --- utils/apparmor/aa.py 2015-05-25 12:17:39.156441255 +0200
> +++ utils/apparmor/aa.py 2015-05-25 18:06:42.137124875 +0200
> @@ -284,6 +284,7 @@
> aaui.UI_Info(_('Setting %s to complain mode.') % (filename if program
> is None else program))
> # a force-complain symlink is more packaging-friendly, but breaks
> caching
> # create_symlink('force-complain', filename)
> + delete_symlink('disable', filename)
> change_profile_flags(filename, program, 'complain', True)
>
> def set_enforce(filename, program):
>
>
> Thanks for the patch.
Acked-by: Kshitij Gupta <kgupta8592 at gmail.com>.
Regards,
Kshitij Gupta
>
> Regards,
>
> Christian Boltz
> --
> > Also, Hosen runter:
> Hose*n*! Du hast nur "die" Hose runtergelassen und die Unterhose
> anbehalten. Nix da!
> [> Stefan G. Weichinger und Peer Heinlein in postfixbuch-users]
>
>
> --
> AppArmor mailing list
> AppArmor at lists.ubuntu.com
> Modify settings or unsubscribe at:
> https://lists.ubuntu.com/mailman/listinfo/apparmor
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20150530/281e9562/attachment.html>
More information about the AppArmor
mailing list