refractor(aa): rename base struct from RuleBase to Base

This commit is contained in:
Alexandre Pujol 2024-06-25 19:50:27 +01:00
parent 5b73923385
commit 272072d2a5
Failed to generate hash of commit
24 changed files with 150 additions and 150 deletions

View file

@ -9,11 +9,11 @@ const (
)
type All struct {
RuleBase
Base
}
func newAll(q Qualifier, rule rule) (Rule, error) {
return &All{RuleBase: newBase(rule)}, nil
return &All{Base: newBase(rule)}, nil
}
func (r *All) Validate() error {
@ -26,8 +26,8 @@ func (r *All) Compare(other Rule) int {
func (r *All) Merge(other Rule) bool {
o, _ := other.(*All)
b := &r.RuleBase
return b.merge(o.RuleBase)
b := &r.Base
return b.merge(o.Base)
}
func (r *All) String() string {

View file

@ -40,7 +40,7 @@ func TestAppArmorProfileFile_String(t *testing.T) {
name: "foo",
f: &AppArmorProfileFile{
Preamble: Rules{
&Comment{RuleBase: RuleBase{Comment: " Simple test profile for the AppArmorProfileFile.String() method", IsLineRule: true}},
&Comment{Base: Base{Comment: " Simple test profile for the AppArmorProfileFile.String() method", IsLineRule: true}},
nil,
&Abi{IsMagic: true, Path: "abi/4.0"},
&Alias{Path: "/mnt/usr", RewrittenPath: "/usr"},
@ -66,7 +66,7 @@ func TestAppArmorProfileFile_String(t *testing.T) {
&Network{Domain: "inet", Type: "stream"},
&Network{Domain: "inet6", Type: "stream"},
&Mount{
RuleBase: RuleBase{Comment: " failed perms check"},
Base: Base{Comment: " failed perms check"},
MountConditions: MountConditions{
FsType: "fuse.portal",
Options: []string{"rw", "rbind"},
@ -204,9 +204,9 @@ func TestAppArmorProfileFile_Integration(t *testing.T) {
name: "aa-status",
f: &AppArmorProfileFile{
Preamble: Rules{
&Comment{RuleBase: RuleBase{Comment: " apparmor.d - Full set of apparmor profiles", IsLineRule: true}},
&Comment{RuleBase: RuleBase{Comment: " Copyright (C) 2021-2024 Alexandre Pujol <alexandre@pujol.io>", IsLineRule: true}},
&Comment{RuleBase: RuleBase{Comment: " SPDX-License-Identifier: GPL-2.0-only", IsLineRule: true}},
&Comment{Base: Base{Comment: " apparmor.d - Full set of apparmor profiles", IsLineRule: true}},
&Comment{Base: Base{Comment: " Copyright (C) 2021-2024 Alexandre Pujol <alexandre@pujol.io>", IsLineRule: true}},
&Comment{Base: Base{Comment: " SPDX-License-Identifier: GPL-2.0-only", IsLineRule: true}},
nil,
&Abi{IsMagic: true, Path: "abi/3.0"},
&Include{IsMagic: true, Path: "tunables/global"},

View file

@ -8,7 +8,7 @@ import (
"strings"
)
type RuleBase struct {
type Base struct {
IsLineRule bool
Comment string
NoNewPrivs bool
@ -19,7 +19,7 @@ type RuleBase struct {
Optional bool
}
func newBase(rule rule) RuleBase {
func newBase(rule rule) Base {
comment := ""
fileInherit, noNewPrivs, optional := false, false, false
@ -44,7 +44,7 @@ func newBase(rule rule) RuleBase {
optional = true
comment = strings.Replace(comment, "optional: ", "", 1)
}
return RuleBase{
return Base{
Comment: comment,
NoNewPrivs: noNewPrivs,
FileInherit: fileInherit,
@ -52,7 +52,7 @@ func newBase(rule rule) RuleBase {
}
}
func newBaseFromLog(log map[string]string) RuleBase {
func newBaseFromLog(log map[string]string) Base {
comment := ""
fileInherit, noNewPrivs, optional := false, false, false
@ -70,7 +70,7 @@ func newBaseFromLog(log map[string]string) RuleBase {
if log["info"] != "" {
comment += " " + log["info"]
}
return RuleBase{
return Base{
IsLineRule: false,
Comment: comment,
NoNewPrivs: noNewPrivs,
@ -79,11 +79,11 @@ func newBaseFromLog(log map[string]string) RuleBase {
}
}
func (r RuleBase) Merge(other Rule) bool {
func (r Base) Merge(other Rule) bool {
return false
}
func (r *RuleBase) merge(other RuleBase) bool {
func (r *Base) merge(other Base) bool {
if other.Comment != "" {
r.Comment += " " + other.Comment
}

View file

@ -10,7 +10,7 @@ const (
// Hat represents a single AppArmor hat.
type Hat struct {
RuleBase
Base
Name string
Rules Rules
}

View file

@ -26,7 +26,7 @@ func init() {
}
type Capability struct {
RuleBase
Base
Qualifier
Names []string
}
@ -37,7 +37,7 @@ func newCapability(q Qualifier, rule rule) (Rule, error) {
return nil, err
}
return &Capability{
RuleBase: newBase(rule),
Base: newBase(rule),
Qualifier: q,
Names: names,
}, nil
@ -45,7 +45,7 @@ func newCapability(q Qualifier, rule rule) (Rule, error) {
func newCapabilityFromLog(log map[string]string) Rule {
return &Capability{
RuleBase: newBaseFromLog(log),
Base: newBaseFromLog(log),
Qualifier: newQualifierFromLog(log),
Names: Must(toValues(CAPABILITY, "name", log["capname"])),
}

View file

@ -18,7 +18,7 @@ func init() {
}
type ChangeProfile struct {
RuleBase
Base
Qualifier
ExecMode string
Exec string
@ -49,7 +49,7 @@ func newChangeProfile(q Qualifier, rule rule) (Rule, error) {
}
}
return &ChangeProfile{
RuleBase: newBase(rule),
Base: newBase(rule),
Qualifier: q,
ExecMode: mode,
Exec: exec,
@ -59,7 +59,7 @@ func newChangeProfile(q Qualifier, rule rule) (Rule, error) {
func newChangeProfileFromLog(log map[string]string) Rule {
return &ChangeProfile{
RuleBase: newBaseFromLog(log),
Base: newBaseFromLog(log),
Qualifier: newQualifierFromLog(log),
ExecMode: log["mode"],
Exec: log["exec"],

View file

@ -6,8 +6,8 @@ package aa
var (
// Comment
comment1 = &Comment{RuleBase: RuleBase{Comment: "comment", IsLineRule: true}}
comment2 = &Comment{RuleBase: RuleBase{Comment: "another comment", IsLineRule: true}}
comment1 = &Comment{Base: Base{Comment: "comment", IsLineRule: true}}
comment2 = &Comment{Base: Base{Comment: "another comment", IsLineRule: true}}
// Abi
abi1 = &Abi{IsMagic: true, Path: "abi/4.0"}
@ -28,7 +28,7 @@ var (
// All
all1 = &All{}
all2 = &All{RuleBase: RuleBase{Comment: "comment"}}
all2 = &All{Base: Base{Comment: "comment"}}
// Rlimit
rlimit1 = &Rlimit{Key: "nproc", Op: "<=", Value: "200"}
@ -94,13 +94,13 @@ var (
"flags": "rw, rbind",
}
mount1 = &Mount{
RuleBase: RuleBase{Comment: " failed perms check"},
Base: Base{Comment: " failed perms check"},
MountConditions: MountConditions{FsType: "overlay"},
Source: "overlay",
MountPoint: "/var/lib/docker/overlay2/opaque-bug-check1209538631/merged/",
}
mount2 = &Mount{
RuleBase: RuleBase{Comment: " failed perms check"},
Base: Base{Comment: " failed perms check"},
MountConditions: MountConditions{Options: []string{"rw", "rbind"}},
Source: "/oldroot/dev/tty",
MountPoint: "/newroot/dev/tty",
@ -238,9 +238,9 @@ var (
PeerLabel: "dbus-daemon",
}
unix2 = &Unix{
RuleBase: RuleBase{FileInherit: true},
Access: []string{"receive"},
Type: "stream",
Base: Base{FileInherit: true},
Access: []string{"receive"},
Type: "stream",
}
// Dbus
@ -318,10 +318,10 @@ var (
}
file1 = &File{Path: "/usr/share/poppler/cMap/Identity-H", Access: []string{"r"}}
file2 = &File{
RuleBase: RuleBase{NoNewPrivs: true},
Owner: true,
Path: "@{PROC}/4163/cgroup",
Access: []string{"r"},
Base: Base{NoNewPrivs: true},
Owner: true,
Path: "@{PROC}/4163/cgroup",
Access: []string{"r"},
}
// Link

View file

@ -21,7 +21,7 @@ func init() {
}
type Dbus struct {
RuleBase
Base
Qualifier
Access []string
Bus string
@ -39,7 +39,7 @@ func newDbus(q Qualifier, rule rule) (Rule, error) {
return nil, err
}
return &Dbus{
RuleBase: newBase(rule),
Base: newBase(rule),
Qualifier: q,
Access: accesses,
Bus: rule.GetValuesAsString("bus"),
@ -61,7 +61,7 @@ func newDbusFromLog(log map[string]string) Rule {
peerName = log["name"]
}
return &Dbus{
RuleBase: newBaseFromLog(log),
Base: newBaseFromLog(log),
Qualifier: newQualifierFromLog(log),
Access: []string{log["mask"]},
Bus: log["bus"],
@ -120,8 +120,8 @@ func (r *Dbus) Merge(other Rule) bool {
r.Interface == o.Interface && r.Member == o.Member &&
r.PeerName == o.PeerName && r.PeerLabel == o.PeerLabel {
r.Access = merge(r.Kind(), "access", r.Access, o.Access)
b := &r.RuleBase
return b.merge(o.RuleBase)
b := &r.Base
return b.merge(o.Base)
}
return false
}

View file

@ -38,7 +38,7 @@ func isOwner(log map[string]string) bool {
}
type File struct {
RuleBase
Base
Qualifier
Owner bool
Path string
@ -76,7 +76,7 @@ func newFile(q Qualifier, rule rule) (Rule, error) {
return nil, err
}
return &File{
RuleBase: newBase(rule),
Base: newBase(rule),
Qualifier: q,
Owner: owner,
Path: path,
@ -94,7 +94,7 @@ func newFileFromLog(log map[string]string) Rule {
return newLinkFromLog(log)
}
return &File{
RuleBase: newBaseFromLog(log),
Base: newBaseFromLog(log),
Qualifier: newQualifierFromLog(log),
Owner: isOwner(log),
Path: log["name"],
@ -138,8 +138,8 @@ func (r *File) Merge(other Rule) bool {
}
if r.Owner == o.Owner && r.Path == o.Path && r.Target == o.Target {
r.Access = merge(r.Kind(), "access", r.Access, o.Access)
b := &r.RuleBase
return b.merge(o.RuleBase)
b := &r.Base
return b.merge(o.Base)
}
return false
}
@ -157,7 +157,7 @@ func (r *File) Kind() Kind {
}
type Link struct {
RuleBase
Base
Qualifier
Owner bool
Subset bool
@ -190,7 +190,7 @@ func newLink(q Qualifier, rule rule) (Rule, error) {
}
}
return &Link{
RuleBase: newBase(rule),
Base: newBase(rule),
Qualifier: q,
Owner: owner,
Subset: subset,
@ -201,7 +201,7 @@ func newLink(q Qualifier, rule rule) (Rule, error) {
func newLinkFromLog(log map[string]string) Rule {
return &Link{
RuleBase: newBaseFromLog(log),
Base: newBaseFromLog(log),
Qualifier: newQualifierFromLog(log),
Owner: isOwner(log),
Path: log["name"],

View file

@ -17,7 +17,7 @@ func init() {
}
type IOUring struct {
RuleBase
Base
Qualifier
Access []string
Label string
@ -29,7 +29,7 @@ func newIOUring(q Qualifier, rule rule) (Rule, error) {
return nil, err
}
return &IOUring{
RuleBase: newBase(rule),
Base: newBase(rule),
Qualifier: q,
Access: accesses,
Label: rule.GetValuesAsString("label"),
@ -38,7 +38,7 @@ func newIOUring(q Qualifier, rule rule) (Rule, error) {
func newIOUringFromLog(log map[string]string) Rule {
return &IOUring{
RuleBase: newBaseFromLog(log),
Base: newBaseFromLog(log),
Qualifier: newQualifierFromLog(log),
Access: Must(toAccess(IOURING, log["requested"])),
Label: log["label"],
@ -71,8 +71,8 @@ func (r *IOUring) Merge(other Rule) bool {
}
if r.Label == o.Label {
r.Access = merge(r.Kind(), "access", r.Access, o.Access)
b := &r.RuleBase
return b.merge(o.RuleBase)
b := &r.Base
return b.merge(o.Base)
}
return false
}

View file

@ -74,7 +74,7 @@ func (m *MountConditions) Merge(other MountConditions) bool {
}
type Mount struct {
RuleBase
Base
Qualifier
MountConditions
Source string
@ -102,7 +102,7 @@ func newMount(q Qualifier, rule rule) (Rule, error) {
return nil, err
}
return &Mount{
RuleBase: newBase(rule),
Base: newBase(rule),
Qualifier: q,
MountConditions: conditions,
Source: src,
@ -112,7 +112,7 @@ func newMount(q Qualifier, rule rule) (Rule, error) {
func newMountFromLog(log map[string]string) Rule {
return &Mount{
RuleBase: newBaseFromLog(log),
Base: newBaseFromLog(log),
Qualifier: newQualifierFromLog(log),
MountConditions: newMountConditionsFromLog(log),
Source: log["srcname"],
@ -150,8 +150,8 @@ func (r *Mount) Merge(other Rule) bool {
}
if r.Source == o.Source && r.MountPoint == o.MountPoint &&
mc.Merge(o.MountConditions) {
b := &r.RuleBase
return b.merge(o.RuleBase)
b := &r.Base
return b.merge(o.Base)
}
return false
}
@ -169,7 +169,7 @@ func (r *Mount) Kind() Kind {
}
type Umount struct {
RuleBase
Base
Qualifier
MountConditions
MountPoint string
@ -186,7 +186,7 @@ func newUmount(q Qualifier, rule rule) (Rule, error) {
return nil, err
}
return &Umount{
RuleBase: newBase(rule),
Base: newBase(rule),
Qualifier: q,
MountConditions: conditions,
MountPoint: mount,
@ -195,7 +195,7 @@ func newUmount(q Qualifier, rule rule) (Rule, error) {
func newUmountFromLog(log map[string]string) Rule {
return &Umount{
RuleBase: newBaseFromLog(log),
Base: newBaseFromLog(log),
Qualifier: newQualifierFromLog(log),
MountConditions: newMountConditionsFromLog(log),
MountPoint: log["name"],
@ -228,8 +228,8 @@ func (r *Umount) Merge(other Rule) bool {
return false
}
if r.MountPoint == o.MountPoint && mc.Merge(o.MountConditions) {
b := &r.RuleBase
return b.merge(o.RuleBase)
b := &r.Base
return b.merge(o.Base)
}
return false
}
@ -247,7 +247,7 @@ func (r *Umount) Kind() Kind {
}
type Remount struct {
RuleBase
Base
Qualifier
MountConditions
MountPoint string
@ -265,7 +265,7 @@ func newRemount(q Qualifier, rule rule) (Rule, error) {
return nil, err
}
return &Remount{
RuleBase: newBase(rule),
Base: newBase(rule),
Qualifier: q,
MountConditions: conditions,
MountPoint: mount,
@ -274,7 +274,7 @@ func newRemount(q Qualifier, rule rule) (Rule, error) {
func newRemountFromLog(log map[string]string) Rule {
return &Remount{
RuleBase: newBaseFromLog(log),
Base: newBaseFromLog(log),
Qualifier: newQualifierFromLog(log),
MountConditions: newMountConditionsFromLog(log),
MountPoint: log["name"],
@ -307,8 +307,8 @@ func (r *Remount) Merge(other Rule) bool {
return false
}
if r.MountPoint == o.MountPoint && mc.Merge(o.MountConditions) {
b := &r.RuleBase
return b.merge(o.RuleBase)
b := &r.Base
return b.merge(o.Base)
}
return false
}

View file

@ -23,7 +23,7 @@ func init() {
}
type Mqueue struct {
RuleBase
Base
Qualifier
Access []string
Type string
@ -47,7 +47,7 @@ func newMqueue(q Qualifier, rule rule) (Rule, error) {
return nil, err
}
return &Mqueue{
RuleBase: newBase(rule),
Base: newBase(rule),
Qualifier: q,
Access: accesses,
Type: rule.GetValuesAsString("type"),
@ -64,7 +64,7 @@ func newMqueueFromLog(log map[string]string) Rule {
mqueueType = "sysv"
}
return &Mqueue{
RuleBase: newBaseFromLog(log),
Base: newBaseFromLog(log),
Qualifier: newQualifierFromLog(log),
Access: Must(toAccess(MQUEUE, log["requested"])),
Type: mqueueType,
@ -105,8 +105,8 @@ func (r *Mqueue) Merge(other Rule) bool {
}
if r.Type == o.Type && r.Label == o.Label && r.Name == o.Name {
r.Access = merge(r.Kind(), "access", r.Access, o.Access)
b := &r.RuleBase
return b.merge(o.RuleBase)
b := &r.Base
return b.merge(o.Base)
}
return false
}

View file

@ -58,7 +58,7 @@ func (r AddressExpr) Compare(other AddressExpr) int {
}
type Network struct {
RuleBase
Base
Qualifier
AddressExpr
Domain string
@ -80,7 +80,7 @@ func newNetwork(q Qualifier, rule rule) (Rule, error) {
}
}
return &Network{
RuleBase: newBase(rule),
Base: newBase(rule),
Qualifier: q,
Domain: domain,
Type: nType,
@ -90,7 +90,7 @@ func newNetwork(q Qualifier, rule rule) (Rule, error) {
func newNetworkFromLog(log map[string]string) Rule {
return &Network{
RuleBase: newBaseFromLog(log),
Base: newBaseFromLog(log),
Qualifier: newQualifierFromLog(log),
AddressExpr: newAddressExprFromLog(log),
Domain: log["family"],

View file

@ -755,14 +755,14 @@ var (
@{lib_dirs} = @{lib}/@{name} /opt/@{name} # comment in variable`,
want: "\n\n\n",
rules: Rules{
&Comment{RuleBase: RuleBase{IsLineRule: true, Comment: " IsLineRule comment"}},
&Comment{Base: Base{IsLineRule: true, Comment: " IsLineRule comment"}},
&Include{
RuleBase: RuleBase{Comment: " comment included"},
IsMagic: true, Path: "tunables/global",
Base: Base{Comment: " comment included"},
IsMagic: true, Path: "tunables/global",
},
&Variable{
RuleBase: RuleBase{Comment: " comment in variable"},
Name: "lib_dirs", Define: true,
Base: Base{Comment: " comment in variable"},
Name: "lib_dirs", Define: true,
Values: []string{"@{lib}/@{name}", "/opt/@{name}"},
},
},
@ -862,14 +862,14 @@ var (
@{lib_dirs} = @{lib}/@{name} /opt/@{name} # comment in variable`,
apparmor: &AppArmorProfileFile{
Preamble: Rules{
&Comment{RuleBase: RuleBase{IsLineRule: true, Comment: " IsLineRule comment"}},
&Comment{Base: Base{IsLineRule: true, Comment: " IsLineRule comment"}},
&Include{
RuleBase: RuleBase{Comment: " comment included"},
Path: "tunables/global", IsMagic: true,
Base: Base{Comment: " comment included"},
Path: "tunables/global", IsMagic: true,
},
&Variable{
RuleBase: RuleBase{Comment: " comment in variable"},
Name: "lib_dirs", Define: true,
Base: Base{Comment: " comment in variable"},
Name: "lib_dirs", Define: true,
Values: []string{"@{lib}/@{name}", "/opt/@{name}"},
},
},
@ -893,9 +893,9 @@ var (
`,
apparmor: &AppArmorProfileFile{
Preamble: Rules{
&Comment{RuleBase: RuleBase{IsLineRule: true, Comment: " Simple test"}},
&Comment{Base: Base{IsLineRule: true, Comment: " Simple test"}},
&Include{IsMagic: true, Path: "tunables/global"},
&Comment{RuleBase: RuleBase{IsLineRule: true, Comment: " { commented block }"}},
&Comment{Base: Base{IsLineRule: true, Comment: " { commented block }"}},
&Variable{Name: "name", Values: []string{"{D,d}ummy"}, Define: true},
&Variable{Name: "exec_path", Values: []string{"@{bin}/@{name}"}, Define: true},
&Variable{Name: "exec_path", Values: []string{"@{lib}/@{name}"}},
@ -922,7 +922,7 @@ var (
raw: util.MustReadFile(testData.Join("string.aa")),
apparmor: &AppArmorProfileFile{
Preamble: Rules{
&Comment{RuleBase: RuleBase{Comment: " Simple test profile for the AppArmorProfileFile.String() method", IsLineRule: true}},
&Comment{Base: Base{Comment: " Simple test profile for the AppArmorProfileFile.String() method", IsLineRule: true}},
&Include{IsMagic: true, Path: "tunables/global"},
&Variable{
Name: "exec_path", Define: true,
@ -961,7 +961,7 @@ var (
},
{
&Mount{
RuleBase: RuleBase{IsLineRule: false, Comment: " failed perms check"},
Base: Base{IsLineRule: false, Comment: " failed perms check"},
MountConditions: MountConditions{
FsType: "fuse.portal",
Options: []string{"rw", "rbind"},
@ -1020,15 +1020,15 @@ var (
raw: util.MustReadFile(testData.Join("full.aa")),
apparmor: &AppArmorProfileFile{
Preamble: Rules{
&Comment{RuleBase: RuleBase{IsLineRule: true, Comment: " Simple test profile with all rules used"}},
&Comment{Base: Base{IsLineRule: true, Comment: " Simple test profile with all rules used"}},
&Include{
RuleBase: RuleBase{Comment: " a comment", Optional: true},
IsMagic: true, Path: "tunables/global",
Base: Base{Comment: " a comment", Optional: true},
IsMagic: true, Path: "tunables/global",
},
&Include{IfExists: true, Path: "/etc/apparmor.d/global/dummy space"},
&Variable{Name: "name", Values: []string{"torbrowser", "\"tor browser\""}, Define: true},
&Variable{
RuleBase: RuleBase{Comment: " another comment"}, Define: true,
Base: Base{Comment: " another comment"}, Define: true,
Name: "lib_dirs", Values: []string{"@{lib}/@{name}", "/opt/@{name}"},
},
&Variable{Name: "config_dirs", Values: []string{"@{HOME}/.mozilla/"}, Define: true},
@ -1152,7 +1152,7 @@ var (
},
},
{
&Comment{RuleBase: RuleBase{IsLineRule: true, Comment: " A comment! before a paragraph of rules"}},
&Comment{Base: Base{IsLineRule: true, Comment: " A comment! before a paragraph of rules"}},
&File{
Path: "\"/opt/Mullvad VPN/resources/*.so*\"",
Access: []string{"m", "r"},

View file

@ -9,7 +9,7 @@ import "fmt"
const PIVOTROOT Kind = "pivot_root"
type PivotRoot struct {
RuleBase
Base
Qualifier
OldRoot string
NewRoot string
@ -32,7 +32,7 @@ func newPivotRoot(q Qualifier, rule rule) (Rule, error) {
}
}
return &PivotRoot{
RuleBase: newBase(rule),
Base: newBase(rule),
Qualifier: q,
OldRoot: rule.GetValuesAsString("oldroot"),
NewRoot: newroot,
@ -42,7 +42,7 @@ func newPivotRoot(q Qualifier, rule rule) (Rule, error) {
func newPivotRootFromLog(log map[string]string) Rule {
return &PivotRoot{
RuleBase: newBaseFromLog(log),
Base: newBaseFromLog(log),
Qualifier: newQualifierFromLog(log),
OldRoot: log["srcname"],
NewRoot: log["name"],

View file

@ -20,13 +20,13 @@ const (
)
type Comment struct {
RuleBase
Base
}
func newComment(rule rule) (Rule, error) {
base := newBase(rule)
base.IsLineRule = true
return &Comment{RuleBase: base}, nil
return &Comment{Base: base}, nil
}
func (r *Comment) Validate() error {
@ -50,7 +50,7 @@ func (r *Comment) Kind() Kind {
}
type Abi struct {
RuleBase
Base
Path string
IsMagic bool
}
@ -71,9 +71,9 @@ func newAbi(q Qualifier, rule rule) (Rule, error) {
return nil, fmt.Errorf("invalid path %s in rule: %s", path, rule)
}
return &Abi{
RuleBase: newBase(rule),
Path: strings.Trim(path, "\"<>"),
IsMagic: magic,
Base: newBase(rule),
Path: strings.Trim(path, "\"<>"),
IsMagic: magic,
}, nil
}
@ -102,7 +102,7 @@ func (r *Abi) Kind() Kind {
}
type Alias struct {
RuleBase
Base
Path string
RewrittenPath string
}
@ -115,7 +115,7 @@ func newAlias(q Qualifier, rule rule) (Rule, error) {
return nil, fmt.Errorf("invalid alias format, missing %s in: %s", tokARROW, rule)
}
return &Alias{
RuleBase: newBase(rule),
Base: newBase(rule),
Path: rule.Get(0),
RewrittenPath: rule.Get(2),
}, nil
@ -146,7 +146,7 @@ func (r *Alias) Kind() Kind {
}
type Include struct {
RuleBase
Base
IfExists bool
Path string
IsMagic bool
@ -177,7 +177,7 @@ func newInclude(rule rule) (Rule, error) {
return nil, fmt.Errorf("invalid path format: %v", path)
}
return &Include{
RuleBase: newBase(rule),
Base: newBase(rule),
IfExists: ifexists,
Path: strings.Trim(path, "\"<>"),
IsMagic: magic,
@ -219,7 +219,7 @@ func (r *Include) Kind() Kind {
}
type Variable struct {
RuleBase
Base
Name string
Values []string
Define bool
@ -245,10 +245,10 @@ func newVariable(rule rule) (Rule, error) {
return nil, fmt.Errorf("invalid operator in variable: %v", rule)
}
return &Variable{
RuleBase: newBase(rule),
Name: name,
Values: values,
Define: define,
Base: newBase(rule),
Name: name,
Values: values,
Define: define,
}, nil
}
@ -261,8 +261,8 @@ func (r *Variable) Merge(other Rule) bool {
if r.Name == o.Name && r.Define == o.Define {
r.Values = merge(r.Kind(), "access", r.Values, o.Values)
b := &r.RuleBase
return b.merge(o.RuleBase)
b := &r.Base
return b.merge(o.Base)
}
return false
}

View file

@ -30,7 +30,7 @@ func init() {
// Profile represents a single AppArmor profile.
type Profile struct {
RuleBase
Base
Header
Rules Rules
}

View file

@ -19,7 +19,7 @@ func init() {
}
type Ptrace struct {
RuleBase
Base
Qualifier
Access []string
Peer string
@ -31,7 +31,7 @@ func newPtrace(q Qualifier, rule rule) (Rule, error) {
return nil, err
}
return &Ptrace{
RuleBase: newBase(rule),
Base: newBase(rule),
Qualifier: q,
Access: accesses,
Peer: rule.GetValuesAsString("peer"),
@ -40,7 +40,7 @@ func newPtrace(q Qualifier, rule rule) (Rule, error) {
func newPtraceFromLog(log map[string]string) Rule {
return &Ptrace{
RuleBase: newBaseFromLog(log),
Base: newBaseFromLog(log),
Qualifier: newQualifierFromLog(log),
Access: Must(toAccess(PTRACE, log["requested_mask"])),
Peer: log["peer"],
@ -62,8 +62,8 @@ func (r *Ptrace) Merge(other Rule) bool {
}
if r.Peer == o.Peer {
r.Access = merge(r.Kind(), "access", r.Access, o.Access)
b := &r.RuleBase
return b.merge(o.RuleBase)
b := &r.Base
return b.merge(o.Base)
}
return false
}

View file

@ -31,7 +31,7 @@ func TestAppArmorProfileFile_resolveInclude(t *testing.T) {
Preamble: Rules{
&Alias{Path: "/usr/", RewrittenPath: "/User/"},
&Alias{Path: "/lib/", RewrittenPath: "/Libraries/"},
&Comment{RuleBase: RuleBase{IsLineRule: true, Comment: " variable declarations for inclusion"}},
&Comment{Base: Base{IsLineRule: true, Comment: " variable declarations for inclusion"}},
&Variable{
Name: "FOO", Define: true,
Values: []string{

View file

@ -21,7 +21,7 @@ func init() {
}
type Rlimit struct {
RuleBase
Base
Key string
Op string
Value string
@ -35,19 +35,19 @@ func newRlimit(q Qualifier, rule rule) (Rule, error) {
return nil, fmt.Errorf("invalid rlimit format: %s", rule)
}
return &Rlimit{
RuleBase: newBase(rule),
Key: rule.Get(1),
Op: rule.Get(2),
Value: rule.Get(3),
Base: newBase(rule),
Key: rule.Get(1),
Op: rule.Get(2),
Value: rule.Get(3),
}, nil
}
func newRlimitFromLog(log map[string]string) Rule {
return &Rlimit{
RuleBase: newBaseFromLog(log),
Key: log["key"],
Op: log["op"],
Value: log["value"],
Base: newBaseFromLog(log),
Key: log["key"],
Op: log["op"],
Value: log["value"],
}
}

View file

@ -32,7 +32,7 @@ func init() {
}
type Signal struct {
RuleBase
Base
Qualifier
Access []string
Set []string
@ -49,7 +49,7 @@ func newSignal(q Qualifier, rule rule) (Rule, error) {
return nil, err
}
return &Signal{
RuleBase: newBase(rule),
Base: newBase(rule),
Qualifier: q,
Access: accesses,
Set: set,
@ -59,7 +59,7 @@ func newSignal(q Qualifier, rule rule) (Rule, error) {
func newSignalFromLog(log map[string]string) Rule {
return &Signal{
RuleBase: newBaseFromLog(log),
Base: newBaseFromLog(log),
Qualifier: newQualifierFromLog(log),
Access: Must(toAccess(SIGNAL, log["requested_mask"])),
Set: []string{log["signal"]},
@ -86,12 +86,12 @@ func (r *Signal) Merge(other Rule) bool {
switch {
case r.Peer == o.Peer && compare(r.Set, o.Set) == 0:
r.Access = merge(r.Kind(), "access", r.Access, o.Access)
b := &r.RuleBase
return b.merge(o.RuleBase)
b := &r.Base
return b.merge(o.Base)
case r.Peer == o.Peer && compare(r.Access, o.Access) == 0:
r.Set = merge(r.Kind(), "set", r.Set, o.Set)
b := &r.RuleBase
return b.merge(o.RuleBase)
b := &r.Base
return b.merge(o.Base)
}
return false
}

View file

@ -21,7 +21,7 @@ func init() {
}
type Unix struct {
RuleBase
Base
Qualifier
Access []string
Type string
@ -40,7 +40,7 @@ func newUnix(q Qualifier, rule rule) (Rule, error) {
return nil, err
}
return &Unix{
RuleBase: newBase(rule),
Base: newBase(rule),
Qualifier: q,
Access: accesses,
Type: rule.GetValuesAsString("type"),
@ -56,7 +56,7 @@ func newUnix(q Qualifier, rule rule) (Rule, error) {
func newUnixFromLog(log map[string]string) Rule {
return &Unix{
RuleBase: newBaseFromLog(log),
Base: newBaseFromLog(log),
Qualifier: newQualifierFromLog(log),
Access: Must(toAccess(UNIX, log["requested_mask"])),
Type: log["sock_type"],
@ -119,8 +119,8 @@ func (r *Unix) Merge(other Rule) bool {
r.Label == o.Label && r.Attr == o.Attr && r.Opt == o.Opt &&
r.PeerLabel == o.PeerLabel && r.PeerAddr == o.PeerAddr {
r.Access = merge(r.Kind(), "access", r.Access, o.Access)
b := &r.RuleBase
return b.merge(o.RuleBase)
b := &r.Base
return b.merge(o.Base)
}
return false
}

View file

@ -9,7 +9,7 @@ import "fmt"
const USERNS Kind = "userns"
type Userns struct {
RuleBase
Base
Qualifier
Create bool
}
@ -28,7 +28,7 @@ func newUserns(q Qualifier, rule rule) (Rule, error) {
return nil, fmt.Errorf("invalid userns format: %s", rule)
}
return &Userns{
RuleBase: newBase(rule),
Base: newBase(rule),
Qualifier: q,
Create: create,
}, nil
@ -36,7 +36,7 @@ func newUserns(q Qualifier, rule rule) (Rule, error) {
func newUsernsFromLog(log map[string]string) Rule {
return &Userns{
RuleBase: newBaseFromLog(log),
Base: newBaseFromLog(log),
Qualifier: newQualifierFromLog(log),
Create: true,
}
@ -56,8 +56,8 @@ func (r *Userns) Compare(other Rule) int {
func (r *Userns) Merge(other Rule) bool {
o, _ := other.(*Userns)
b := &r.RuleBase
return b.merge(o.RuleBase)
b := &r.Base
return b.merge(o.Base)
}
func (r *Userns) String() string {

View file

@ -303,13 +303,13 @@ func TestAppArmorLogs_ParseToProfiles(t *testing.T) {
Header: aa.Header{Name: "kmod"},
Rules: aa.Rules{
&aa.Unix{
RuleBase: aa.RuleBase{FileInherit: true},
Base: aa.Base{FileInherit: true},
Access: []string{"send", "receive"},
Type: "stream",
Protocol: "0",
},
&aa.Unix{
RuleBase: aa.RuleBase{FileInherit: true},
Base: aa.Base{FileInherit: true},
Access: []string{"send", "receive"},
Type: "stream",
Protocol: "0",