[apparmor] [patch] [20/38] Re-add '(N)ew' to aa-logprof
Christian Boltz
apparmor at cboltz.de
Fri Aug 12 20:58:51 UTC 2016
Hello,
this patch brings back the edit option for the path of file rules.
Also add it to aa-mergeprof to keep ask_the_questions() in sync.
Note: aa-mergeprof will ask about path mismatchs basically always.
That's because AARE is too careful on the matching - something to be
fixed in a later patch.
[ 20-re-add-new-to-logprof.diff ]
=== modified file ./utils/aa-mergeprof
--- utils/aa-mergeprof 2016-03-28 20:01:55.574692469 +0200
+++ utils/aa-mergeprof 2016-03-28 22:18:16.188493767 +0200
@@ -731,6 +731,28 @@
globbed_rule_obj.glob_ext()
options, default_option = add_to_options(options, globbed_rule_obj.get_raw())
+ elif ans == 'CMD_NEW':
+ if not re_match_include(selection):
+ edit_rule_obj = selection_to_rule_obj(rule_obj, selection)
+ prompt, oldpath = edit_rule_obj.edit_header()
+
+ newpath = aaui.UI_GetString(prompt, oldpath)
+ if newpath:
+ try:
+ input_matches_path = rule_obj.validate_edit(newpath) # note that we check against the original rule_obj here, not edit_rule_obj (which might be based on a globbed path)
+ except AppArmorException:
+ aaui.UI_Important(_('The path you entered is invalid (not starting with / or a variable)!'))
+ continue
+
+ if not input_matches_path:
+ ynprompt = _('The specified path does not match this log entry:\n\n Log Entry: %(path)s\n Entered Path: %(ans)s\nDo you really want to use this path?') % { 'path': oldpath, 'ans': newpath }
+ key = aaui.UI_YesNo(ynprompt, 'n')
+ if key == 'n':
+ continue
+
+ edit_rule_obj.store_edit(newpath)
+ options, default_option = add_to_options(options, edit_rule_obj.get_raw())
+
else:
done = False
=== modified file ./utils/apparmor/aa.py
--- utils/apparmor/aa.py 2016-03-28 20:01:55.574692469 +0200
+++ utils/apparmor/aa.py 2016-03-28 22:18:54.340287309 +0200
@@ -1641,6 +1641,28 @@
globbed_rule_obj.glob_ext()
options, default_option = add_to_options(options, globbed_rule_obj.get_raw())
+ elif ans == 'CMD_NEW':
+ if not re_match_include(selection):
+ edit_rule_obj = selection_to_rule_obj(rule_obj, selection)
+ prompt, oldpath = edit_rule_obj.edit_header()
+
+ newpath = aaui.UI_GetString(prompt, oldpath)
+ if newpath:
+ try:
+ input_matches_path = rule_obj.validate_edit(newpath) # note that we check against the original rule_obj here, not edit_rule_obj (which might be based on a globbed path)
+ except AppArmorException:
+ aaui.UI_Important(_('The path you entered is invalid (not starting with / or a variable)!'))
+ continue
+
+ if not input_matches_path:
+ ynprompt = _('The specified path does not match this log entry:\n\n Log Entry: %(path)s\n Entered Path: %(ans)s\nDo you really want to use this path?') % { 'path': oldpath, 'ans': newpath }
+ key = aaui.UI_YesNo(ynprompt, 'n')
+ if key == 'n':
+ continue
+
+ edit_rule_obj.store_edit(newpath)
+ options, default_option = add_to_options(options, edit_rule_obj.get_raw())
+
else:
done = False
# END of code (mostly) shared with aa-mergeprof
@@ -1960,6 +1982,9 @@
if rule_obj.can_glob_ext:
buttons += ['CMD_GLOBEXT']
+ if rule_obj.can_edit:
+ buttons += ['CMD_NEW']
+
if rule_obj.audit:
buttons += ['CMD_AUDIT_OFF']
else:
Regards,
Christian Boltz
--
Linux wurde nur möglich, weil 20 Jahre Betriessystemforschung
sorgfältig studiert, analysiert, diskutiert und verworfen
wurden. [Ingo Molnar auf linux-kernel]
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20160812/b7209701/attachment.pgp>
More information about the AppArmor
mailing list