[apparmor] [patch] drop dead code from logparser.py parse_event_for_tree()

Christian Boltz apparmor at cboltz.de
Sun Jun 25 09:08:47 UTC 2017 

Hello,

$subject.

In parse_event_for_tree(), map_log_type() never gets called. Also,
aamode is never 'UNKNOWN'.

Proof for both: I have a local patch that raises an exception for both
cases since two years ;-)

This patch drops the call to map_log_type() and the function itsself.
It also adds a safety check for 'UNKNOWN' - instead of silently ignoring
it, raise an exception (which will most probably never happen).



[ 02-logparser-dead-code.diff ]

--- utils/apparmor/logparser.py 2017-06-25 11:00:12.009972611 +0200
+++ utils/apparmor/logparser.py 2017-06-25 11:00:02.678014174 +0200
@@ -197,31 +197,13 @@
             (pid, parent, mode, details) = e
             self.add_to_tree(pid, parent, mode, details)
 
-    def map_log_type(self, log_type):
-            if re.search('(UNKNOWN\[1501\]|APPARMOR_AUDIT|1501)', log_type):
-                aamode = 'AUDIT'
-            elif re.search('(UNKNOWN\[1502\]|APPARMOR_ALLOWED|1502)', log_type):
-                aamode = 'PERMITTING'
-            elif re.search('(UNKNOWN\[1503\]|APPARMOR_DENIED|1503)', log_type):
-                aamode = 'REJECTING'
-            elif re.search('(UNKNOWN\[1504\]|APPARMOR_HINT|1504)', log_type):
-                aamode = 'HINT'
-            elif re.search('(UNKNOWN\[1505\]|APPARMOR_STATUS|1505)', log_type):
-                aamode = 'STATUS'
-            elif re.search('(UNKNOWN\[1506\]|APPARMOR_ERROR|1506)', log_type):
-                aamode = 'ERROR'
-            else:
-                aamode = 'UNKNOWN'
-
-            return aamode
-
     def parse_event_for_tree(self, e):
         aamode = e.get('aamode', 'UNKNOWN')
 
-        if e.get('type', False):
-            aamode = self.map_log_type(e['type'])
+        if aamode == 'UNKNOWN':
+            raise AppArmorBug('aamode is UNKNOWN - %s' % e['type'])  # should never happen
 
-        if aamode in ['UNKNOWN', 'AUDIT', 'STATUS', 'ERROR']:
+        if aamode in ['AUDIT', 'STATUS', 'ERROR']:
             return None
 
         if 'profile_set' in e['operation']:



Regards,

Christian Boltz
-- 
Und weshalb nicht vorerst weiterhin sysvinit benutzen? systemd
ist so frisch und appetitlich wie ein dampfender Kuhfladen. ;)
[Lars Müller in opensuse-de]
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20170625/2ab6e9ec/attachment.pgp>

More information about the AppArmor mailing list