[apparmor] [patch] utils: handle versioned ruby interpreters

Steve Beattie steve at nxnw.org
Tue Jan 26 00:14:29 UTC 2016 

On Debian and Ubuntu it's possible to have multiple ruby interpreters
installed, and the default to use is handled by the ruby-defaults
package, which includes a symlink from /usr/bin/ruby to the versioned
ruby interpreter.

This patch makes aa.py:get_interpreter_and_abstraction() take that into
account by using a regex to match possible versions of ruby. Testcases
are included. (I noticed this lack of support because on Ubuntu the ruby
test was failing because get_interpreter_and_abstraction() would get the
complete path, which on my 16.04 laptop would get /usr/bin/ruby2.2.)

Signed-off-by: Steve Beattie <steve at nxnw.org>
---
 utils/apparmor/aa.py  |    2 +-
 utils/test/test-aa.py |    2 ++
 2 files changed, 3 insertions(+), 1 deletion(-)

Index: b/utils/apparmor/aa.py
===================================================================
--- a/utils/apparmor/aa.py
+++ b/utils/apparmor/aa.py
@@ -435,7 +435,7 @@ def get_interpreter_and_abstraction(exec
         abstraction = 'abstractions/perl'
     elif re.search('^python([23]|[23]\.[0-9]+)?$', interpreter):
         abstraction = 'abstractions/python'
-    elif interpreter == 'ruby':
+    elif re.search('^ruby([0-9]+(\.[0-9]+)*)?$', interpreter):
         abstraction = 'abstractions/ruby'
     else:
         abstraction = None
Index: b/utils/test/test-aa.py
===================================================================
--- a/utils/test/test-aa.py
+++ b/utils/test/test-aa.py
@@ -115,6 +115,8 @@ class AaTest_get_interpreter_and_abstrac
         ('#!/usr/bin/python3',      ('/usr/bin/python3',    'abstractions/python')),
         ('#!/usr/bin/python4',      ('/usr/bin/python4',    None)),  # python abstraction is only applied to py2 and py3
         ('#!/usr/bin/ruby',         ('/usr/bin/ruby',       'abstractions/ruby')),
+        ('#!/usr/bin/ruby2.2',      ('/usr/bin/ruby2.2',    'abstractions/ruby')),
+        ('#!/usr/bin/ruby1.9.1',    ('/usr/bin/ruby1.9.1',  'abstractions/ruby')),
         ('#!/usr/bin/foobarbaz',    ('/usr/bin/foobarbaz',  None)),  # we don't have an abstraction for "foobarbaz"
         ('foo',                     (None,                  None)),  # no hashbang - not a script
     ]

-- 
Steve Beattie
<sbeattie at ubuntu.com>
http://NxNW.org/~steve/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20160125/b7cf9bc3/attachment.pgp>

More information about the AppArmor mailing list