[apparmor] [patch] [2/7] replace other.aa with log_dict['merge']

Seth Arnold seth.arnold at canonical.com
Tue Jan 17 20:48:33 UTC 2017 

On Sun, Jan 15, 2017 at 04:23:20PM +0100, Christian Boltz wrote:
> Hello,
> 
> this patch sets log_dict['merge'] = other.aa and aamode = 'merge', and 
> uses log_dict[aamode] everywhere.
> 
> This brings aa-mergeprof ask_the_questions() closer to the code in aa.py.
> 
> 
> [ 02-mergeprof-use-log_dict.diff ]

Acked-by: Seth Arnold <seth.arnold at canonical.com>

Thanks

> 
> --- utils/aa-mergeprof	2017-01-14 22:43:55.072229682 +0100
> +++ utils/aa-mergeprof	2017-01-14 22:42:54.052499879 +0100
> @@ -1,7 +1,7 @@
>  #! /usr/bin/python3
>  # ----------------------------------------------------------------------
>  #    Copyright (C) 2013 Kshitij Gupta <kgupta8592 at gmail.com>
> -#    Copyright (C) 2014-2016 Christian Boltz <apparmor at cboltz.de>
> +#    Copyright (C) 2014-2017 Christian Boltz <apparmor at cboltz.de>
>  #
>  #    This program is free software; you can redistribute it and/or
>  #    modify it under the terms of version 2 of the GNU General Public
> @@ -194,11 +194,13 @@
>          changed = apparmor.aa.changed  # (and be more in sync with aa.py ask_the_questions())
>  
>          other = self.base
> +        log_dict = {'merge': other.aa}
> +        aamode = 'merge'
>  
> -        #Add the file-wide includes from the other profile to the user profile
>          apparmor.aa.loadincludes()
>          done = False
>  
> +        #Add the file-wide includes from the other profile to the user profile
>          options = []
>          for inc in other.filelist[other.filename]['include'].keys():
>              if not inc in self.user.filelist[self.user.filename]['include'].keys():
> @@ -233,7 +236,7 @@
>          sev_db.unload_variables()
>          sev_db.load_variables(get_profile_filename(profile))
>  
> -        for hat in sorted(other.aa[profile].keys()):
> +        for hat in sorted(log_dict[aamode][profile].keys()):
>  
>              if not aa[profile].get(hat):
>                  ans = ''
> @@ -241,7 +244,7 @@
>                      q = aaui.PromptQuestion()
>                      q.headers += [_('Profile'), profile]
>  
> -                    if other.aa[profile][hat]['profile']:
> +                    if log_dict[aamode][profile][hat]['profile']:
>                          q.headers += [_('Requested Subprofile'), hat]
>                          q.functions.append('CMD_ADDSUBPROFILE')
>                      else:
> @@ -260,7 +263,7 @@
>                  if ans == 'CMD_DENY':
>                      continue  # don't ask about individual rules if the user doesn't want the additional subprofile/hat
>  
> -                if other.aa[profile][hat]['profile']:
> +                if log_dict[aamode][profile][hat]['profile']:
>                      aa[profile][hat] = profile_storage(profile, hat, 'mergeprof ask_the_questions() - missing subprofile')
>                      aa[profile][hat]['profile'] = True
>                  else:
> @@ -271,7 +274,7 @@
>              done = False
>  
>              options = []
> -            for inc in other.aa[profile][hat]['include'].keys():
> +            for inc in log_dict[aamode][profile][hat]['include'].keys():
>                  if not inc in aa[profile][hat]['include'].keys():
>                      options.append('#include <%s>' %inc)
>  
> @@ -301,11 +304,11 @@
>                      return
>  
>              # check for and ask about conflicting exec modes
> -            self.ask_conflict_mode(profile, hat, aa[profile][hat], other.aa[profile][hat])
> +            self.ask_conflict_mode(profile, hat, aa[profile][hat], log_dict[aamode][profile][hat])
>  
>              for ruletype in apparmor.aa.ruletypes:
> -                if other.aa[profile][hat].get(ruletype, False): # needed until we have proper profile initialization
> -                    for rule_obj in other.aa[profile][hat][ruletype].rules:
> +                if log_dict[aamode][profile][hat].get(ruletype, False): # needed until we have proper profile initialization
> +                    for rule_obj in log_dict[aamode][profile][hat][ruletype].rules:
>  
>                          if is_known_rule(aa[profile][hat], ruletype, rule_obj):
>                              continue
> 
> 
> 
> Regards,
> 
> Christian Boltz
> -- 
> Next I can reboot and install witouth the need to burn a DVD. Remember
> that then [the local installation source] should be on a partition you
> are not going to format, because it is very hard to read data from a
> partition you just formatted. ;-)   [houghi in opensuse]



> -- 
> AppArmor mailing list
> AppArmor at lists.ubuntu.com
> Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20170117/1b25ec22/attachment.pgp>

More information about the AppArmor mailing list