mirrors/apparmor.d
1
0
Fork 0
mirror of https://github.com/roddhjav/apparmor.d.git synced 2024-11-14 23:43:56 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

build: ensure @{exec_path} is present in profile att.

Browse Source
This commit is contained in:
Alexandre Pujol 2024-07-15 23:04:35 +01:00
parent 8ef9a18242
commit 9b2470462f
No known key found for this signature in database
GPG Key ID: C5469996F0DF68EC
1 changed files with 11 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
pkg/prebuild/builder/userspace.go
View File

@ -5,6 +5,7 @@
package builder
import (
"fmt"
"regexp"
"strings"
@ -12,8 +13,10 @@ import (
"github.com/roddhjav/apparmor.d/pkg/prebuild/cfg"
)
const tokATTACHMENT = "@{exec_path}"
var (
regAttachments = regexp.MustCompile(`(profile .* @{exec_path})`)
regAttachments = regexp.MustCompile(`(profile .* ` + tokATTACHMENT + `)`)
)
type Userspace struct {
@ -41,13 +44,18 @@ func (b Userspace) Apply(opt *Option, profile string) (string, error) {
if _, err := f.Parse(profile); err != nil {
return "", err
}
if len(f.GetDefaultProfile().Attachments) > 0 &&
f.GetDefaultProfile().Attachments[0] != tokATTACHMENT {
return "", fmt.Errorf("missing '%s' attachment", tokATTACHMENT)
}
if err := f.Resolve(); err != nil {
return "", err
}
att := f.GetDefaultProfile().GetAttachments()
matches := regAttachments.FindAllString(profile, -1)
if len(matches) > 0 {
strheader := strings.Replace(matches[0], "@{exec_path}", att, -1)
att := f.GetDefaultProfile().GetAttachments()
strheader := strings.Replace(matches[0], tokATTACHMENT, att, -1)
return regAttachments.ReplaceAllLiteralString(profile, strheader), nil
}
return profile, nil