[apparmor] [patch] Handle ldd $? == 1 in get_reqs()

John Johansen john.johansen at canonical.com
Fri Dec 30 22:05:52 UTC 2016 

On 12/30/2016 01:13 PM, Christian Boltz wrote:
> Hello,
> 
> ldd exits with $? == 1 if a file is 'not a dynamic executable'.
> This is correct behaviour of ldd, so we should handle it instead of
> raising an exception ;-)
> 
> Also extend fake_ldd and add a test to test-aa.py to cover this.
> 
> 
> I propose this patch for trunk, 2.10 and 2.9.
> 
> Note that 2.10 and 2.9 don't have tests for get_reqs() nor fake_ldd,
> so those branches will only get the aa.py changes.
> 
> 
Acked-by: John Johansen <john.johansen at canonical.com>

> 
> [ 01-ldd-ret-1.diff ]
> 
> === modified file ./utils/apparmor/aa.py
> --- utils/apparmor/aa.py        2016-10-14 20:31:20.282043000 +0200
> +++ utils/apparmor/aa.py        2016-12-30 22:05:14.686659297 +0100
> @@ -363,9 +363,9 @@
>          raise AppArmorException('Can\'t find ldd')
>  
>      ret, ldd_out = get_output([ldd, file])
> -    if ret == 0:
> +    if ret == 0 or ret == 1:
>          for line in ldd_out:
> -            if 'not a dynamic executable' in line:
> +            if 'not a dynamic executable' in line:  # comes with ret == 1
>                  break
>              if 'cannot read header' in line:
>                  break
> === modified file ./utils/test/fake_ldd
> --- utils/test/fake_ldd 2016-10-01 20:33:23.421684000 +0200
> +++ utils/test/fake_ldd 2016-12-30 21:59:18.940461775 +0100
> @@ -44,6 +44,10 @@
>      print('        linux-vdso.so.1 (0x00007ffde132b000)')
>  
>  
> +elif sys.argv[1] == '/AATest/sbin/ldconfig':
> +    print('        not a dynamic executable')
> +    sys.exit(1)  # ldd exits with $? == 1 in this case
> +
>  elif sys.argv[1].startswith('/tmp/aa-test-'):  # test file generated by test-aa.py
>      print('        not a dynamic executable')
>  
> === modified file ./utils/test/test-aa.py
> --- utils/test/test-aa.py       2016-10-01 21:00:58.949770000 +0200
> +++ utils/test/test-aa.py       2016-12-30 22:01:06.867913164 +0100
> @@ -94,6 +94,7 @@
>      tests = [
>          ('/AATest/bin/bash',    ['/AATest/lib64/libreadline.so.6', '/AATest/lib64/libtinfo.so.6', '/AATest/lib64/libdl.so.2', '/AATest/lib64/libc.so.6', '/AATest/lib64/ld-linux-x86-64.so.2']),
>          ('/tmp/aa-test-foo',    []),
> +        ('/AATest/sbin/ldconfig', []),  # comes with $? == 1
>      ]
>  
>      def _run_test(self, params, expected):
> 
> 
> Regards,
> 
> Christian Boltz
> 
> 
>

More information about the AppArmor mailing list