[apparmor] [patch] Drop 'log' parameter from ReadLog
Christian Boltz
apparmor at cboltz.de
Sun Aug 27 16:06:16 UTC 2017
Hello,
$subject.
This parameter is always [], so we can simplify the ReadLog __init__()
parameters.
Note that some tests handed over '' instead of []. This was a bug, but
didn't matter because those tests only use a small portion of ReadLog.
[ 05-ReadLog-drop-log-param.diff ]
=== modified file ./utils/apparmor/aa.py
--- utils/apparmor/aa.py 2017-08-27 17:47:38.287434698 +0200
+++ utils/apparmor/aa.py 2017-08-27 17:54:01.050133816 +0200
@@ -1770,7 +1770,7 @@
## if not repo_cfg['repository'].get('enabled', False) or repo_cfg['repository]['enabled'] not in ['yes', 'no']:
## UI_ask_to_enable_repo()
- log_reader = apparmor.logparser.ReadLog(log_pid, logfile, existing_profiles, profile_dir, [])
+ log_reader = apparmor.logparser.ReadLog(log_pid, logfile, existing_profiles, profile_dir)
log = log_reader.read_log(logmark)
#read_log(logmark)
=== modified file ./utils/apparmor/logparser.py
--- utils/apparmor/logparser.py 2017-07-30 22:11:24.021173783 +0200
+++ utils/apparmor/logparser.py 2017-08-27 17:57:20.777489873 +0200
@@ -43,12 +43,12 @@
# used to pre-filter log lines so that we hand over only relevant lines to LibAppArmor parsing
RE_LOG_ALL = re.compile('(' + '|'.join(RE_log_parts) + ')')
- def __init__(self, pid, filename, existing_profiles, profile_dir, log):
+ def __init__(self, pid, filename, existing_profiles, profile_dir):
self.filename = filename
self.profile_dir = profile_dir
self.pid = pid
self.existing_profiles = existing_profiles
- self.log = log
+ self.log = []
self.debug_logger = DebugLogger('ReadLog')
self.LOG = None
self.logmark = ''
=== modified file ./utils/test/test-capability.py
--- utils/test/test-capability.py 2016-11-18 22:34:24.699780229 +0100
+++ utils/test/test-capability.py 2017-08-27 17:55:31.697839439 +0200
@@ -96,7 +96,7 @@
# })
def test_cap_from_log(self):
- parser = ReadLog('', '', '', '', '')
+ parser = ReadLog('', '', '', '')
event = 'type=AVC msg=audit(1415403814.628:662): apparmor="ALLOWED" operation="capable" profile="/bin/ping" pid=15454 comm="ping" capability=13 capname="net_raw"'
parsed_event = parser.parse_event(event)
@@ -138,7 +138,7 @@
self.assertEqual(obj.get_raw(1), ' capability net_raw,')
# def test_cap_from_invalid_log(self):
-# parser = ReadLog('', '', '', '', '')
+# parser = ReadLog('', '', '', '')
# # invalid log entry, name= should contain the capability name
# event = 'type=AVC msg=audit(1415403814.628:662): apparmor="ALLOWED" operation="capable" profile="/bin/ping" pid=15454 comm="ping" capability=13 capname=""'
#
@@ -153,7 +153,7 @@
# obj.get_raw(1)
#
# def test_cap_from_non_cap_log(self):
-# parser = ReadLog('', '', '', '', '')
+# parser = ReadLog('', '', '', '')
# # log entry for different rule type
# event = 'type=AVC msg=audit(1415403814.973:667): apparmor="ALLOWED" operation="setsockopt" profile="/home/sys-tmp/ping" pid=15454 comm="ping" lport=1 family="inet" sock_type="raw" protocol=1'
#
@@ -611,7 +611,7 @@
# def _test_log_covered(self, expected, capability):
# event_base = 'type=AVC msg=audit(1415403814.628:662): apparmor="ALLOWED" operation="capable" profile="/bin/ping" pid=15454 comm="ping" capability=13 capname="%s"'
-# parser = ReadLog('', '', '', '', '')
+# parser = ReadLog('', '', '', '')
# self.assertEqual(expected, self.ruleset.is_log_covered(parser.parse_event(event_base%capability)))
#
# def test_ruleset_is_log_covered_1(self):
@@ -627,7 +627,7 @@
# def test_ruleset_is_log_covered_6(self):
# event_base = 'type=AVC msg=audit(1415403814.628:662): apparmor="ALLOWED" operation="capable" profile="/bin/ping" pid=15454 comm="ping" capability=13 capname="%s"'
#
-# parser = ReadLog('', '', '', '', '')
+# parser = ReadLog('', '', '', '')
# self.assertEqual(True, self.ruleset.is_log_covered(parser.parse_event(event_base%'chgrp'), False)) # ignores allow/deny
class CapabilityGlobTest(AATest):
=== modified file ./utils/test/test-change_profile.py
--- utils/test/test-change_profile.py 2016-11-18 22:34:24.699780229 +0100
+++ utils/test/test-change_profile.py 2017-08-27 17:55:40.157812153 +0200
@@ -93,7 +93,7 @@
class ChangeProfileTestParseFromLog(ChangeProfileTest):
def test_change_profile_from_log(self):
- parser = ReadLog('', '', '', '', '')
+ parser = ReadLog('', '', '', '')
event = 'type=AVC msg=audit(1428699242.551:386): apparmor="DENIED" operation="change_profile" profile="/foo/changeprofile" pid=3459 comm="changeprofile" target="/foo/rename"'
=== modified file ./utils/test/test-dbus.py
--- utils/test/test-dbus.py 2017-03-01 13:47:22.893362000 +0100
+++ utils/test/test-dbus.py 2017-08-27 17:55:46.745790929 +0200
@@ -123,7 +123,7 @@
class DbusTestParseFromLog(DbusTest):
def test_dbus_from_log(self):
- parser = ReadLog('', '', '', '', '')
+ parser = ReadLog('', '', '', '')
event = 'type=USER_AVC msg=audit(1375323372.644:157): pid=363 uid=102 auid=4294967295 ses=4294967295 msg=\'apparmor="DENIED" operation="dbus_method_call" bus="system" name="org.freedesktop.DBus" path="/org/freedesktop/DBus" interface="org.freedesktop.DBus" member="Hello" mask="send" pid=2833 profile="/tmp/apparmor-2.8.0/tests/regression/apparmor/dbus_service" peer_profile="unconfined" exe="/bin/dbus-daemon" sauid=102 hostname=? addr=? terminal=?\''
parsed_event = parser.parse_event(event)
=== modified file ./utils/test/test-file.py
--- utils/test/test-file.py 2016-11-18 22:34:24.699780229 +0100
+++ utils/test/test-file.py 2017-08-27 17:55:52.485772453 +0200
@@ -135,7 +135,7 @@
class FileTestParseFromLog(FileTest):
def test_file_from_log(self):
- parser = ReadLog('', '', '', '', '')
+ parser = ReadLog('', '', '', '')
event = 'Nov 11 07:33:07 myhost kernel: [50812.879558] type=1502 audit(1236774787.169:369): operation="inode_permission" requested_mask="::r" denied_mask="::r" fsuid=1000 name="/bin/dash" pid=13726 profile="/bin/foobar"'
parsed_event = parser.parse_event(event)
=== modified file ./utils/test/test-libapparmor-test_multi.py
--- utils/test/test-libapparmor-test_multi.py 2017-05-19 23:14:20.278362000 +0200
+++ utils/test/test-libapparmor-test_multi.py 2017-08-27 17:56:19.345686168 +0200
@@ -37,7 +37,7 @@
self.assertEqual(len(loglines2), 1, '%s.in should only contain one line!' % params)
- parser = ReadLog('', '', '', '', '')
+ parser = ReadLog('', '', '', '')
parsed_event = parser.parse_event(loglines2[0])
if parsed_event and expected:
@@ -195,7 +195,7 @@
profile_dummy_file = 'AATest_does_exist'
# we need to find out the profile name and aamode (complain vs. enforce mode) so that the test can access the correct place in storage
- parser = ReadLog('', '', '', '', '')
+ parser = ReadLog('', '', '', '')
parsed_event = parser.parse_event(read_file(logfile))
if not parsed_event: # AA_RECORD_INVALID
@@ -224,7 +224,7 @@
apparmor.aa.existing_profiles = {profile: profile_dummy_file}
- log_reader = ReadLog(dict(), logfile, apparmor.aa.existing_profiles, '', [])
+ log_reader = ReadLog(dict(), logfile, apparmor.aa.existing_profiles, '')
log = log_reader.read_log('')
for root in log:
=== modified file ./utils/test/test-logparser.py
--- utils/test/test-logparser.py 2017-07-30 22:11:24.021173783 +0200
+++ utils/test/test-logparser.py 2017-08-27 17:56:30.977648890 +0200
@@ -18,7 +18,7 @@
class TestParseEvent(unittest.TestCase):
def setUp(self):
- self.parser = ReadLog('', '', '', '', '')
+ self.parser = ReadLog('', '', '', '')
def test_parse_event_audit_1(self):
event = 'type=AVC msg=audit(1345027352.096:499): apparmor="ALLOWED" operation="rename_dest" parent=6974 profile="/usr/sbin/httpd2-prefork//vhost_foo" name=2F686F6D652F7777772F666F6F2E6261722E696E2F68747470646F63732F61707061726D6F722F696D616765732F746573742F696D61676520312E6A7067 pid=20143 comm="httpd2-prefork" requested_mask="wc" denied_mask="wc" fsuid=30 ouid=30'
=== modified file ./utils/test/test-network.py
--- utils/test/test-network.py 2016-10-01 21:00:58.949770000 +0200
+++ utils/test/test-network.py 2017-08-27 17:56:36.157632307 +0200
@@ -72,7 +72,7 @@
class NetworkTestParseFromLog(NetworkTest):
def test_net_from_log(self):
- parser = ReadLog('', '', '', '', '')
+ parser = ReadLog('', '', '', '')
event = 'type=AVC msg=audit(1428699242.551:386): apparmor="DENIED" operation="create" profile="/bin/ping" pid=10589 comm="ping" family="inet" sock_type="raw" protocol=1'
parsed_event = parser.parse_event(event)
=== modified file ./utils/test/test-ptrace.py
--- utils/test/test-ptrace.py 2016-11-18 22:34:24.699780229 +0100
+++ utils/test/test-ptrace.py 2017-08-27 17:56:40.401618728 +0200
@@ -84,7 +84,7 @@
class PtraceTestParseFromLog(PtraceTest):
def test_ptrace_from_log(self):
- parser = ReadLog('', '', '', '', '')
+ parser = ReadLog('', '', '', '')
event = 'type=AVC msg=audit(1409700683.304:547661): apparmor="DENIED" operation="ptrace" profile="/home/ubuntu/bzr/apparmor/tests/regression/apparmor/ptrace" pid=22465 comm="ptrace" requested_mask="tracedby" denied_mask="tracedby" peer="/home/ubuntu/bzr/apparmor/tests/regression/apparmor/ptrace"'
=== modified file ./utils/test/test-rlimit.py
--- utils/test/test-rlimit.py 2016-10-01 21:00:58.949770000 +0200
+++ utils/test/test-rlimit.py 2017-08-27 17:56:45.105603685 +0200
@@ -96,7 +96,7 @@
class RlimitTestParseFromLog(RlimitTest):
pass
# def test_net_from_log(self):
- # parser = ReadLog('', '', '', '', '')
+ # parser = ReadLog('', '', '', '')
# event = 'type=AVC ...'
=== modified file ./utils/test/test-signal.py
--- utils/test/test-signal.py 2016-11-18 22:34:24.699780229 +0100
+++ utils/test/test-signal.py 2017-08-27 17:56:49.661589123 +0200
@@ -89,7 +89,7 @@
class SignalTestParseFromLog(SignalTest):
def test_signal_from_log(self):
- parser = ReadLog('', '', '', '', '')
+ parser = ReadLog('', '', '', '')
event = 'type=AVC msg=audit(1409438250.564:201): apparmor="DENIED" operation="signal" profile="/usr/bin/pulseaudio" pid=2531 comm="pulseaudio" requested_mask="send" denied_mask="send" signal=term peer="/usr/bin/pulseaudio///usr/lib/pulseaudio/pulse/gconf-helper"'
parsed_event = parser.parse_event(event)
Regards,
Christian Boltz
--
> Am Besten wäre natürlich, den Owner von /dev/usbkabel ;-) zu
> überprüfen *g*
Dieses Device ist IMHO aber erst im neuen Kernel vorgesehen. Hast
Du da etwa schon einen Patch für den SuSE-Kernel? ;-)
[> Christian Boltz und Harald Krause in suse-linux]
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20170827/4565adf7/attachment.pgp>
More information about the AppArmor
mailing list