mirrors/apparmor.d
1
0
Fork 0
mirror of https://github.com/roddhjav/apparmor.d.git synced 2025-01-29 22:35:15 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

feat(aa-log): improve log to rule conversion.

Browse source
This commit is contained in:
Alexandre Pujol 2023-11-19 10:59:46 +00:00
parent 58b577385e
commit 3197f52a97
Failed to generate hash of commit
2 changed files with 16 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

25
pkg/aa/profile.go
View file

@ -87,15 +87,16 @@ func (p *AppArmorProfile) AddRule(log map[string]string) {
case "net": case "net":
p.Rules = append(p.Rules, NetworkFromLog(log)) p.Rules = append(p.Rules, NetworkFromLog(log))
case "mount": case "mount":
p.Rules = append(p.Rules, MountFromLog(log)) switch log["operation"] {
case "remount": case "mount":
p.Rules = append(p.Rules, RemountFromLog(log)) p.Rules = append(p.Rules, MountFromLog(log))
case "umount": case "umount":
p.Rules = append(p.Rules, UmountFromLog(log)) p.Rules = append(p.Rules, UmountFromLog(log))
case "pivot_root": case "remount":
p.Rules = append(p.Rules, PivotRootFromLog(log)) p.Rules = append(p.Rules, RemountFromLog(log))
case "change_profile": case "pivotroot":
p.Rules = append(p.Rules, RemountFromLog(log)) p.Rules = append(p.Rules, PivotRootFromLog(log))
}
case "mqueue": case "mqueue":
p.Rules = append(p.Rules, MqueueFromLog(log)) p.Rules = append(p.Rules, MqueueFromLog(log))
case "signal": case "signal":
@ -107,7 +108,11 @@ func (p *AppArmorProfile) AddRule(log map[string]string) {
case "unix": case "unix":
p.Rules = append(p.Rules, UnixFromLog(log)) p.Rules = append(p.Rules, UnixFromLog(log))
case "file": case "file":
p.Rules = append(p.Rules, FileFromLog(log)) if log["operation"] == "change_onexec" {
p.Rules = append(p.Rules, ChangeProfileFromLog(log))
} else {
p.Rules = append(p.Rules, FileFromLog(log))
}
default: default:
if strings.Contains(log["operation"], "dbus") { if strings.Contains(log["operation"], "dbus") {
p.Rules = append(p.Rules, DbusFromLog(log)) p.Rules = append(p.Rules, DbusFromLog(log))

1
pkg/aa/template.go
View file

@ -33,6 +33,7 @@ var (
// TODO: Should be a map of slice, not exhaustive yet // TODO: Should be a map of slice, not exhaustive yet
maskToAccess = map[string]string{ maskToAccess = map[string]string{
"a": "w", "a": "w",
"ac": "w",
"c": "w", "c": "w",
"d": "w", "d": "w",
"k": "k", "k": "k",