[apparmor] [patch] Let 'make check' work without logprof.conf
John Johansen
john.johansen at canonical.com
Tue Oct 20 20:04:26 UTC 2015
On 10/20/2015 12:47 PM, Christian Boltz wrote:
> Hello,
>
> this patch checks if the cfg object is empty (happens if logprof.conf
> doesn't exist). If so, it adds some empty sections to prevent various
> failures in code that expects those sections to exist.
>
> Another source of failures was using cfg['section']['setting']. The
> patch changes various places to cfg['section'].get('setting') to prevent
> those failures. (Those places all have a 'or ...' fallback.)
>
> Finally, find_first_file() in config.py crashed if file_list was Null.
> This is fixed by adding an "if file_list:" check before trying to
> split() it.
>
> With all those changes applied, 'make check' will work even if
> /etc/apparmor/logprof.conf doesn't exist.
>
>
> The patch also fixes the default value for inactive_profiledir
> (I missed aa.py when I changed it to /usr/share/apparmor/extra-profiles/)
>
>
> References: https://bugs.launchpad.net/apparmor/+bug/1393979
>
>
Acked-by: John Johansen <john.johansen at canonical.com>
>
> [ 99-let-make-check-work-without-configfile.diff ]
>
> === modified file ./utils/apparmor/aa.py
> --- utils/apparmor/aa.py 2015-10-20 20:25:44.251781214 +0200
> +++ utils/apparmor/aa.py 2015-10-20 21:25:12.319785415 +0200
> @@ -359,7 +359,7 @@
> pattern2 = re.compile('^\s*(\/\S+)')
> reqs = []
>
> - ldd = conf.find_first_file(cfg['settings']['ldd']) or '/usr/bin/ldd'
> + ldd = conf.find_first_file(cfg['settings'].get('ldd')) or '/usr/bin/ldd'
> if not os.path.isfile(ldd) or not os.access(ldd, os.EX_OK):
> raise AppArmorException('Can\'t find ldd')
>
> @@ -4382,18 +4382,21 @@
> conf = apparmor.config.Config('ini', CONFDIR)
> cfg = conf.read_config('logprof.conf')
>
> -#print(cfg['settings'])
> -#if 'default_owner_prompt' in cfg['settings']:
> +# prevent various failures if logprof.conf doesn't exist
> +if not cfg.sections():
> + cfg.add_section('settings')
> + cfg.add_section('required_hats')
> +
> if cfg['settings'].get('default_owner_prompt', False):
> cfg['settings']['default_owner_prompt'] = ''
>
> -profile_dir = conf.find_first_dir(cfg['settings']['profiledir']) or '/etc/apparmor.d'
> +profile_dir = conf.find_first_dir(cfg['settings'].get('profiledir')) or '/etc/apparmor.d'
> if not os.path.isdir(profile_dir):
> raise AppArmorException('Can\'t find AppArmor profiles')
>
> -extra_profile_dir = conf.find_first_dir(cfg['settings']['inactive_profiledir']) or '/etc/apparmor/profiles/extras/'
> +extra_profile_dir = conf.find_first_dir(cfg['settings'].get('inactive_profiledir')) or '/usr/share/apparmor/extra-profiles/'
>
> -parser = conf.find_first_file(cfg['settings']['parser']) or '/sbin/apparmor_parser'
> +parser = conf.find_first_file(cfg['settings'].get('parser')) or '/sbin/apparmor_parser'
> if not os.path.isfile(parser) or not os.access(parser, os.EX_OK):
> raise AppArmorException('Can\'t find apparmor_parser')
>
> === modified file ./utils/apparmor/config.py
> --- utils/apparmor/config.py 2014-09-10 22:00:36.616976000 +0200
> +++ utils/apparmor/config.py 2015-10-20 21:08:25.223330633 +0200
> @@ -114,10 +114,11 @@
> def find_first_file(self, file_list):
> """Returns name of first matching file None otherwise"""
> filename = None
> - for f in file_list.split():
> - if os.path.isfile(f):
> - filename = f
> - break
> + if file_list:
> + for f in file_list.split():
> + if os.path.isfile(f):
> + filename = f
> + break
> return filename
>
> def find_first_dir(self, dir_list):
>
>
>
> Regards,
>
> Christian Boltz
>
More information about the AppArmor
mailing list