mirrors/apparmor.d
1
0
Fork 0
mirror of https://github.com/roddhjav/apparmor.d.git synced 2025-02-21 09:25:35 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

build(dbus): improve generated dbus rules.

Browse source
This commit is contained in:
Alexandre Pujol 2024-02-14 23:22:01 +00:00
parent ea97ff6a5f
commit e28e452ba4
Failed to generate hash of commit
1 changed files with 11 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
pkg/prebuild/directives.go
View file

@ -70,12 +70,11 @@ func DirectiveDbus(file *paths.Path, profile string) string {
func sanitizeDbusRule(file *paths.Path, action string, rules map[string]string) map[string]string { func sanitizeDbusRule(file *paths.Path, action string, rules map[string]string) map[string]string {
// Sanity check // Sanity check
if _, present := rules["name"]; !present { if _, present := rules["name"]; !present {
panic(fmt.Sprintf("Missing name for 'dbus: own' in %s", file)) panic(fmt.Sprintf("Missing name for 'dbus: %s' in %s", action, file))
} }
if _, present := rules["bus"]; !present { if _, present := rules["bus"]; !present {
panic(fmt.Sprintf("Missing bus for '%s' in %s", rules["name"], file)) panic(fmt.Sprintf("Missing bus for '%s' in %s", rules["name"], file))
} }
if _, present := rules["label"]; !present && action == "talk" { if _, present := rules["label"]; !present && action == "talk" {
panic(fmt.Sprintf("Missing label for '%s' in %s", rules["name"], file)) panic(fmt.Sprintf("Missing label for '%s' in %s", rules["name"], file))
} }
@ -115,6 +114,14 @@ func dbusOwn(rules map[string]string) *aa.AppArmorProfile {
Name: `"{:1.@{int},org.freedesktop.DBus}"`, Name: `"{:1.@{int},org.freedesktop.DBus}"`,
}) })
} }
p.Rules = append(p.Rules, &aa.Dbus{
Access: "receive",
Bus: rules["bus"],
Path: rules["path"],
Interface: "org.freedesktop.DBus.Introspectable",
Member: "Introspect",
Name: `":1.@{int}"`,
})
return p return p
} }
@ -125,9 +132,9 @@ func dbusTalk(rules map[string]string) *aa.AppArmorProfile {
p.Rules = append(p.Rules, &aa.Dbus{ p.Rules = append(p.Rules, &aa.Dbus{
Access: "send", Access: "send",
Bus: rules["bus"], Bus: rules["bus"],
Name: `"{:1.@{int},` + rules["name"] + `}"`,
Path: rules["path"], Path: rules["path"],
Interface: iface, Interface: iface,
Name: `"{:1.@{int},` + rules["name"] + `}"`,
Label: rules["label"], Label: rules["label"],
}) })
} }
@ -135,9 +142,9 @@ func dbusTalk(rules map[string]string) *aa.AppArmorProfile {
p.Rules = append(p.Rules, &aa.Dbus{ p.Rules = append(p.Rules, &aa.Dbus{
Access: "receive", Access: "receive",
Bus: rules["bus"], Bus: rules["bus"],
Name: `"{:1.@{int},` + rules["name"] + `}"`,
Path: rules["path"], Path: rules["path"],
Interface: iface, Interface: iface,
Name: `"{:1.@{int},` + rules["name"] + `}"`,
Label: rules["label"], Label: rules["label"],
}) })
} }