From bc216176a3d49dbf71d07de1b6263faaf0fe4336 Mon Sep 17 00:00:00 2001
From: Alexandre Pujol <alexandre@pujol.io>
Date: Thu, 30 May 2024 12:28:12 +0100
Subject: [PATCH] fix: go linter issue & not defined variables.

---
 apparmor.d/groups/_full/default-sudo    |  2 +-
 apparmor.d/groups/_full/systemd-service |  2 +-
 apparmor.d/profiles-a-f/aa-status       |  2 +-
 pkg/aa/data_test.go                     |  4 +---
 pkg/aa/rules.go                         | 14 ++++----------
 pkg/logs/logs_test.go                   |  4 ++--
 pkg/prebuild/directive/exec.go          |  5 ++++-
 7 files changed, 14 insertions(+), 19 deletions(-)

diff --git a/apparmor.d/groups/_full/default-sudo b/apparmor.d/groups/_full/default-sudo
index f5289fae..45391b5c 100644
--- a/apparmor.d/groups/_full/default-sudo
+++ b/apparmor.d/groups/_full/default-sudo
@@ -6,7 +6,7 @@ abi <abi/3.0>,
 
 include <tunables/global>
 
-profile default-sudo @{exec_path} {
+profile default-sudo {
   include <abstractions/base>
   include <abstractions/app/sudo>
 
diff --git a/apparmor.d/groups/_full/systemd-service b/apparmor.d/groups/_full/systemd-service
index f475039e..6a6357ce 100644
--- a/apparmor.d/groups/_full/systemd-service
+++ b/apparmor.d/groups/_full/systemd-service
@@ -12,7 +12,7 @@ abi <abi/3.0>,
 
 include <tunables/global>
 
-profile systemd-service @{exec_path} flags=(attach_disconnected) {
+profile systemd-service flags=(attach_disconnected) {
   include <abstractions/base>
   include <abstractions/consoles>
   include <abstractions/nameservice-strict>
diff --git a/apparmor.d/profiles-a-f/aa-status b/apparmor.d/profiles-a-f/aa-status
index 19886bd2..7b94ce35 100644
--- a/apparmor.d/profiles-a-f/aa-status
+++ b/apparmor.d/profiles-a-f/aa-status
@@ -14,7 +14,7 @@ profile aa-status @{exec_path} {
   capability dac_read_search,
   capability sys_ptrace,
 
-  ptrace (read),
+  ptrace read,
 
   @{exec_path} mr,
 
diff --git a/pkg/aa/data_test.go b/pkg/aa/data_test.go
index 629010f2..b4e24786 100644
--- a/pkg/aa/data_test.go
+++ b/pkg/aa/data_test.go
@@ -20,7 +20,6 @@ var (
 	// Include
 	include1      = &Include{IsMagic: true, Path: "abstraction/base"}
 	include2      = &Include{IsMagic: false, Path: "abstraction/base"}
-	include3      = &Include{IfExists: true, IsMagic: true, Path: "abstraction/base"}
 	includeLocal1 = &Include{IfExists: true, IsMagic: true, Path: "local/foo"}
 
 	// Variable
@@ -326,8 +325,7 @@ var (
 	}
 
 	// Link
-	link3LogStr = `apparmor="ALLOWED" operation="link" class="file" profile="dolphin" name="@{user_config_dirs}/kiorc"  comm="dolphin" requested_mask="l" denied_mask="l" fsuid=1000 ouid=1000 target="@{user_config_dirs}/#3954"`
-	link1Log    = map[string]string{
+	link1Log = map[string]string{
 		"apparmor":       "ALLOWED",
 		"operation":      "link",
 		"class":          "file",
diff --git a/pkg/aa/rules.go b/pkg/aa/rules.go
index 8f432635..5d37ef32 100644
--- a/pkg/aa/rules.go
+++ b/pkg/aa/rules.go
@@ -10,12 +10,6 @@ import (
 	"strings"
 )
 
-const (
-	tokALLOW = "allow"
-	tokAUDIT = "audit"
-	tokDENY  = "deny"
-)
-
 type requirement map[string][]string
 
 type constraint uint
@@ -126,9 +120,9 @@ func (r Rules) Filter(filter Kind) Rules {
 func (r Rules) GetVariables() []*Variable {
 	res := make([]*Variable, 0)
 	for _, rule := range r {
-		switch rule.(type) {
+		switch rule := rule.(type) {
 		case *Variable:
-			res = append(res, rule.(*Variable))
+			res = append(res, rule)
 		}
 	}
 	return res
@@ -137,9 +131,9 @@ func (r Rules) GetVariables() []*Variable {
 func (r Rules) GetIncludes() []*Include {
 	res := make([]*Include, 0)
 	for _, rule := range r {
-		switch rule.(type) {
+		switch rule := rule.(type) {
 		case *Include:
-			res = append(res, rule.(*Include))
+			res = append(res, rule)
 		}
 	}
 	return res
diff --git a/pkg/logs/logs_test.go b/pkg/logs/logs_test.go
index eb92f4ed..44dc565f 100644
--- a/pkg/logs/logs_test.go
+++ b/pkg/logs/logs_test.go
@@ -303,13 +303,13 @@ func TestAppArmorLogs_ParseToProfiles(t *testing.T) {
 					Rules: aa.Rules{
 						&aa.Unix{
 							RuleBase: aa.RuleBase{FileInherit: true},
-							Access:   []string{"receive", "send"},
+							Access:   []string{"send", "receive"},
 							Type:     "stream",
 							Protocol: "0",
 						},
 						&aa.Unix{
 							RuleBase: aa.RuleBase{FileInherit: true},
-							Access:   []string{"receive", "send"},
+							Access:   []string{"send", "receive"},
 							Type:     "stream",
 							Protocol: "0",
 						},
diff --git a/pkg/prebuild/directive/exec.go b/pkg/prebuild/directive/exec.go
index 0a8caf2b..214c51b2 100644
--- a/pkg/prebuild/directive/exec.go
+++ b/pkg/prebuild/directive/exec.go
@@ -42,7 +42,10 @@ func (d Exec) Apply(opt *Option, profileRaw string) (string, error) {
 	for name := range opt.ArgMap {
 		profiletoTransition := util.MustReadFile(cfg.RootApparmord.Join(name))
 		dstProfile := aa.DefaultTunables()
-		dstProfile.Parse(profiletoTransition)
+		err := dstProfile.Parse(profiletoTransition)
+		if err != nil {
+			return "", err
+		}
 		for _, variable := range dstProfile.Preamble.GetVariables() {
 			if variable.Name == "exec_path" {
 				for _, v := range variable.Values {