[apparmor] [patch] [3/3] Move 'ruletypes' to profile_storage.py

Seth Arnold seth.arnold at canonical.com
Tue Jul 11 00:11:50 UTC 2017 

On Sun, Jul 09, 2017 at 09:33:58PM +0200, Christian Boltz wrote:
> Hello,
> 
> $subject.
> 
> Also make 'ruletypes' a dict pointing to the *Ruleset class, and change
> ProfileStorage __init__() to iterate over 'ruleset'.
> 
> 
> [ 04-move-ruletypes.diff ]

Acked-by: Seth Arnold <seth.arnold at canonical.com>

Thanks

> 
> === modified file ./utils/apparmor/aa.py
> --- utils/apparmor/aa.py        2017-07-09 18:40:49.205839507 +0200
> +++ utils/apparmor/aa.py        2017-07-09 16:33:42.196851342 +0200
> @@ -49,7 +49,7 @@
>                              RE_PROFILE_UNIX, RE_RULE_HAS_COMMA, RE_HAS_COMMENT_SPLIT,
>                              strip_quotes, parse_profile_start_line, re_match_include )
>  
> -from apparmor.profile_storage import ProfileStorage
> +from apparmor.profile_storage import ProfileStorage, ruletypes
>  
>  import apparmor.rules as aarules
>  
> @@ -63,8 +63,6 @@
>  from apparmor.rule.signal           import SignalRule
>  from apparmor.rule import quote_if_needed
>  
> -ruletypes = ['capability', 'change_profile', 'dbus', 'file', 'network', 'ptrace', 'rlimit', 'signal']
> -
>  # setup module translations
>  from apparmor.translations import init_translation
>  _ = init_translation()
> === modified file ./utils/apparmor/profile_storage.py
> --- utils/apparmor/profile_storage.py   2017-07-09 18:40:49.205839507 +0200
> +++ utils/apparmor/profile_storage.py   2017-07-09 18:48:23.944151067 +0200
> @@ -25,6 +25,17 @@
>  from apparmor.rule.rlimit           import RlimitRuleset
>  from apparmor.rule.signal           import SignalRuleset
>  
> +ruletypes = {
> +    'capability':       {'ruleset': CapabilityRuleset},
> +    'change_profile':   {'ruleset': ChangeProfileRuleset},
> +    'dbus':             {'ruleset': DbusRuleset},
> +    'file':             {'ruleset': FileRuleset},
> +    'network':          {'ruleset': NetworkRuleset},
> +    'ptrace':           {'ruleset': PtraceRuleset},
> +    'rlimit':           {'ruleset': RlimitRuleset},
> +    'signal':           {'ruleset': SignalRuleset},
> +}
> +
>  class ProfileStorage:
>      '''class to store the content (header, rules, comments) of a profilename
>  
> @@ -36,14 +47,8 @@
>          # self.data['info'] isn't used anywhere, but can be helpful in debugging.
>          data['info'] = {'profile': profilename, 'hat': hat, 'calledby': calledby}
>  
> -        data['capability']       = CapabilityRuleset()
> -        data['dbus']             = DbusRuleset()
> -        data['file']             = FileRuleset()
> -        data['change_profile']   = ChangeProfileRuleset()
> -        data['network']          = NetworkRuleset()
> -        data['ptrace']           = PtraceRuleset()
> -        data['rlimit']           = RlimitRuleset()
> -        data['signal']           = SignalRuleset()
> +        for rule in ruletypes:
> +            data[rule] = ruletypes[rule]['ruleset']()
>  
>          data['alias']            = dict()
>          data['include']          = dict()
> 
> 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20170710/cafa5184/attachment.pgp>

More information about the AppArmor mailing list