[apparmor] [patch] make 'ldd' variable non-global

Christian Boltz apparmor at cboltz.de
Tue Oct 20 17:47:45 UTC 2015


Hello,

the 'ldd' variable in aa.py is only used by get_reqs(), therefore move
setting it (based on the configfile) into the function.

get_reqs() doesn't run too often (only called by create_new_profile(),
which means aa-genprof or when adding a Px or Cx rule to a non-existing
profile). This might even lead to a minor performance win - on average,
I'd guess not every aa-logprof run will lead to a completely new profile
or child profile. And, more important, we get rid of a global variable.


[ 97-make-ldd-non-global.diff ]

--- utils/apparmor/aa.py        2015-10-18 22:25:27.421086000 +0200
+++ utils/apparmor/aa.py        2015-10-20 19:29:10.735274914 +0200
@@ -82,7 +82,6 @@
 repo_cfg = None
 
 parser = None
-ldd = None
 logger = None
 profile_dir = None
 extra_profile_dir = None
@@ -360,6 +359,11 @@
     pattern1 = re.compile('^\s*\S+ => (\/\S+)')
     pattern2 = re.compile('^\s*(\/\S+)')
     reqs = []
+
+    ldd = conf.find_first_file(cfg['settings']['ldd']) or '/usr/bin/ldd'
+    if not os.path.isfile(ldd) or not os.access(ldd, os.EX_OK):
+        raise AppArmorException('Can\'t find ldd')
+
     ret, ldd_out = get_output([ldd, file])
     if ret == 0:
         for line in ldd_out:
@@ -4388,10 +4392,6 @@
 if not os.path.isfile(parser) or not os.access(parser, os.EX_OK):
     raise AppArmorException('Can\'t find apparmor_parser')
 
-ldd = conf.find_first_file(cfg['settings']['ldd']) or '/usr/bin/ldd'
-if not os.path.isfile(ldd) or not os.access(ldd, os.EX_OK):
-    raise AppArmorException('Can\'t find ldd')
-
 logger = conf.find_first_file(cfg['settings']['logger']) or '/bin/logger'
 if not os.path.isfile(logger) or not os.access(logger, os.EX_OK):
     raise AppArmorException('Can\'t find logger')


Regards,

Christian Boltz
-- 
Wenn ich eine SuSE-CD an ein Schwein binde und dieses trete, laufen
KDE & Co. auch ohne RAM recht schnell.
                 [Robin S. Socha in de.comp.os.unix.linux.newusers]




More information about the AppArmor mailing list