[apparmor] [patch] Change log_dict to use profile_storage() and simplify log translation
Christian Boltz
apparmor at cboltz.de
Sun Feb 21 21:18:37 UTC 2016
Hello,
Am Montag, 22. Februar 2016, 02:07:42 CET schrieb Kshitij Gupta:
> On Fri, Dec 25, 2015 at 8:57 PM, Christian Boltz wrote:
> > [ 45-change-log_dict-to-profile_storage.diff ]
> >
> > === modified file ./utils/apparmor/aa.py
> > --- utils/apparmor/aa.py 2015-12-25 15:10:26.931746576 +0100
> > +++ utils/apparmor/aa.py 2015-12-25 15:12:17.323014813 +0100
> > for ruletype in ruletypes:
> > - # XXX aa-mergeprof also has this code - if you
> > change it, keep aa-mergeprof in sync!
> > - for rule_obj in
> > log_obj[profile][hat][ruletype].rules: -
> > - if rule_obj.log_event != aamode: # XXX
> > does it really make sense to handle enforce and complain mode
> > changes in different rounds?
> > - continue
> > + for rule_obj in
> > log_dict[aamode][profile][hat][ruletype].rules:
> > + # XXX aa-mergeprof also has this code - if
> > you change it, keep aa-mergeprof in sync!
>
> sure it still does after the above change? Plus what does the *this
> code* even refer to?
To the code starting at this comment, until...
> > if is_known_rule(aa[profile][hat],
> > ruletype,
> >
> > rule_obj):
> > continue
> >
> > @@ -1789,8 +1762,8 @@
> >
> > # END of code (mostly) shared with aa-mergeprof
... this comment.
The patch didn't change anything in between, so it should still be in sync.
For the records: remaining pending "old" patches are:
- 46-serialize_profile_from_old_profile-fix-wrong-access-to-write_prof_data.msg
Fix wrong usage of write_prof_data in serialize_profile_from_old_profile()
- the DBUS series (except 1/9)
- document-empty-quotes-in-variables.msg
Document empty quotes ("") as empty value of a variable
- profiles-smbd-cap-sys_admin.msg
smbd profile needs capability sys_admin
Regards,
Christian Boltz
--
Ich bezweifle, dass jeder 1984 gelesen hat. Denn dann wüsten die
Kommentatoren, dass das Gros der Bürger gar nicht überwacht, sondern
einfach nur verdummt wurde. Privatfernsehen wurde übrigens in
Deutschland zum 1. Januar 1984 eingeführt. [Peter Brülls zu
http://blog.koehntopp.de/archives/3237-Kleine-Kinder-spielen-verstecken.html]
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20160221/68b8032c/attachment.pgp>
More information about the AppArmor
mailing list