diff --git a/utils/aa-mergeprof b/utils/aa-mergeprof index 5745a9f04..1ca49b1bb 100755 --- a/utils/aa-mergeprof +++ b/utils/aa-mergeprof @@ -1,7 +1,7 @@ #! /usr/bin/python3 # ---------------------------------------------------------------------- # Copyright (C) 2013 Kshitij Gupta -# Copyright (C) 2014-2018 Christian Boltz +# Copyright (C) 2014-2024 Christian Boltz # # This program is free software; you can redistribute it and/or # modify it under the terms of version 2 of the GNU General Public @@ -113,7 +113,7 @@ class Merge(object): def ask_merge_questions(self): other = self.base - log_dict = {'merge': apparmor.aa.split_to_merged(other.aa)} + log_dict = {'merge': other.active_profiles.get_all_profiles()} apparmor.aa.loadincludes() diff --git a/utils/apparmor/cleanprofile.py b/utils/apparmor/cleanprofile.py index c35acb0e1..7c43db8d2 100644 --- a/utils/apparmor/cleanprofile.py +++ b/utils/apparmor/cleanprofile.py @@ -1,6 +1,6 @@ # ---------------------------------------------------------------------- # Copyright (C) 2013 Kshitij Gupta -# Copyright (C) 2014-2015 Christian Boltz +# Copyright (C) 2014-2024 Christian Boltz # # This program is free software; you can redistribute it and/or # modify it under the terms of version 2 of the GNU General Public @@ -18,7 +18,6 @@ import apparmor.aa as apparmor class Prof: def __init__(self, filename): apparmor.init_aa() - self.aa = apparmor.aa self.active_profiles = apparmor.active_profiles self.include = apparmor.include self.filename = filename @@ -36,7 +35,7 @@ class CleanProf: deleted += self.other.active_profiles.delete_preamble_duplicates(self.other.filename) - for profile in self.profile.aa.keys(): + for profile in self.profile.active_profiles.get_all_profiles(): deleted += self.remove_duplicate_rules(profile) return deleted @@ -50,22 +49,22 @@ class CleanProf: deleted += self.profile.active_profiles.delete_preamble_duplicates(self.profile.filename) # Process every hat in the profile individually - for hat in sorted(self.profile.aa[program].keys()): - includes = self.profile.aa[program][hat]['inc_ie'].get_all_full_paths(apparmor.profile_dir) + for full_profile in sorted(self.profile.active_profiles.get_profile_and_childs(program)): + includes = self.profile.active_profiles[full_profile]['inc_ie'].get_all_full_paths(apparmor.profile_dir) # Clean up superfluous rules from includes in the other profile for inc in includes: if not self.profile.include.get(inc, {}).get(inc, False): apparmor.load_include(inc) - if self.other.aa[program].get(hat): # carefully avoid to accidentally initialize self.other.aa[program][hat] - deleted += apparmor.delete_all_duplicates(self.other.aa[program][hat], inc, apparmor.ruletypes) + if self.other.active_profiles.profile_exists(full_profile): + deleted += apparmor.delete_all_duplicates(self.other.active_profiles[full_profile], inc, apparmor.ruletypes) # Clean duplicate rules in other profile for ruletype in apparmor.ruletypes: if not self.same_file: - if self.other.aa[program].get(hat): # carefully avoid to accidentally initialize self.other.aa[program][hat] - deleted += self.other.aa[program][hat][ruletype].delete_duplicates(self.profile.aa[program][hat][ruletype]) + if self.other.active_profiles.profile_exists(full_profile): + deleted += self.other.active_profiles[full_profile][ruletype].delete_duplicates(self.profile.active_profiles[full_profile][ruletype]) else: - deleted += self.other.aa[program][hat][ruletype].delete_duplicates(None) + deleted += self.other.active_profiles[full_profile][ruletype].delete_duplicates(None) return deleted