mirrors/apparmor
1
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor.git synced 2025-03-04 08:24:42 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

fix audit toggle for capability (when asking in logprof)

Browse source 
When aa-logprof asks for adding capability rules, it also offers the
Audi(t) option. Unfortunately, this option does nothing ;-)

This patch fixes ask_the_question() so that it really ;-) allows to
switch the audit flag on and off. It also initializes the "audit"
variable to make sure the next capability doesn't inherit the audit flag
used for the previous capability.


Acked-by: Steve Beattie <steve@nxnw.org>
This commit is contained in:
Christian Boltz 2014-11-15 01:38:29 +01:00
parent be287de823
commit 23da51b079
1 changed files with 9 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
utils/apparmor/aa.py
View file

@ -1571,6 +1571,7 @@ def ask_the_questions():
q.headers += [_('Severity'), severity]
audit_toggle = 0
audit = ''
q.functions = ['CMD_ALLOW', 'CMD_DENY', 'CMD_IGNORE_ENTRY', 'CMD_AUDIT_NEW',
'CMD_ABORT', 'CMD_FINISHED']
@ -1596,16 +1597,17 @@ def ask_the_questions():
done = True
break
if ans == 'CMD_AUDIT':
if ans.startswith('CMD_AUDIT'):
audit_toggle = not audit_toggle
audit = ''
if audit_toggle:
q.functions = ['CMD_ALLOW', 'CMD_DENY', 'CMD_IGNORE_ENTRY', 'CMD_AUDIT_OFF',
'CMD_ABORT', 'CMD_FINISHED']
audit = 'audit'
audit = 'audit '
audit_cmd = 'CMD_AUDIT_OFF'
else:
q.functions = ['CMD_ALLOW', 'CMD_DENY', 'CMD_IGNORE_ENTRY', 'CMD_AUDIT_NEW',
'CMD_ABORT', 'CMD_FINISHED', ]
audit = ''
audit_cmd = 'CMD_AUDIT_NEW'
q.functions = ['CMD_ALLOW', 'CMD_DENY', 'CMD_IGNORE_ENTRY', audit_cmd,
'CMD_ABORT', 'CMD_FINISHED', ]
q.headers = [_('Profile'), combine_name(profile, hat),
_('Capability'), audit + capability,