mirrors/apparmor
1
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor.git synced 2025-03-04 00:14:44 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge aa-logprof/aa-genprof: allow ignoring executions

Browse source 
fixes https://gitlab.com/apparmor/apparmor/-/issues/302

Closes #302
MR: https://gitlab.com/apparmor/apparmor/-/merge_requests/1543
Approved-by: John Johansen <john@jjmx.net>
Merged-by: John Johansen <john@jjmx.net>
This commit is contained in:
John Johansen 2025-02-19 18:48:50 +00:00
commit 71282550bb
2 changed files with 5 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
utils/apparmor/aa.py
View file

@ -641,7 +641,7 @@ def build_x_functions(default, options, exec_toggle):
if fallback_toggle:
ret_list.append('CMD_EXEC_IX_ON')
ret_list.extend(('CMD_DENY', 'CMD_ABORT', 'CMD_FINISHED'))
ret_list.extend(('CMD_DENY', 'CMD_ABORT', 'CMD_IGNORE_ENTRY', 'CMD_FINISHED'))
return ret_list
@ -808,7 +808,7 @@ def ask_exec(hashlog, default_ans=''):
# ask user about the exec mode to use
ans = ''
while ans not in ('CMD_ix', 'CMD_px', 'CMD_cx', 'CMD_nx', 'CMD_pix', 'CMD_cix', 'CMD_nix', 'CMD_ux', 'CMD_DENY'): # add '(I)gnore'? (hotkey conflict with '(i)x'!)
while ans not in ('CMD_ix', 'CMD_px', 'CMD_cx', 'CMD_nx', 'CMD_pix', 'CMD_cix', 'CMD_nix', 'CMD_ux', 'CMD_DENY', 'CMD_IGNORE_ENTRY'):
if default_ans:
ans = default_ans
else:
@ -891,6 +891,8 @@ def ask_exec(hashlog, default_ans=''):
else:
ans = 'INVALID'
if ans == 'CMD_IGNORE_ENTRY':
continue
if exec_mode and 'i' in exec_mode:
# For inherit we need mr
file_perm = 'mr'

2
utils/apparmor/ui.py
View file

@ -330,7 +330,7 @@ CMDS = {'CMD_ALLOW': _('(A)llow'),
'CMD_DENY': _('(D)eny'),
'CMD_ABORT': _('Abo(r)t'),
'CMD_FINISHED': _('(F)inish'),
'CMD_ix': _('(I)nherit'),
'CMD_ix': _('In(h)erit'),
'CMD_px': _('(P)rofile'),
'CMD_px_safe': _('(P)rofile Clean Exec'),
'CMD_cx': _('(C)hild'),