Based on what was done in the parser, replicate the logic
so it can be used in the python tools.
Signed-off-by: Georgia Garcia <georgia.garcia@canonical.com>
This MR closes#286.
Strings with only invalid escape sequences were prefixed with an `r`. Strings containing both valid and invalid escape sequences were handled on a case-by-case basis, as simply changing to a raw string breaks valid escape sequences.
Closes#286
MR: https://gitlab.com/apparmor/apparmor/-/merge_requests/951
Approved-by: Christian Boltz <apparmor@cboltz.de>
Merged-by: Christian Boltz <apparmor@cboltz.de>
This closes#277 by introducing the following changes:
1. `BaseRule` was made a "proper" abstract base class in that it now enforces that subclasses implement all abstract methods.
2. As a consequence of this change, `BaseRule` can no longer be directly instantiated; tests were changed accordingly.
3. These test changes led to test failures, the reason being that many rule methods hardcoded class names, breaking inheritance. I made a commit to address this.
4. Once tests were passing, code coverage regressed due to the fact that there was now effectively-unreachable code in abstract instance methods. This code, which was only raising `NotImplementedError`s, was removed. I say "effectively-unreachable" here because it could be reached by calling `super()` via a subclass.
5. There are three "bonus" commits as well; one bug fix, one typo fix, and one cleanup.
Closes#277
MR: https://gitlab.com/apparmor/apparmor/-/merge_requests/930
Approved-by: Christian Boltz <apparmor@cboltz.de>
Merged-by: Christian Boltz <apparmor@cboltz.de>
As discussed in !920, this MR renames BaseRule's `parse()` and `_parse()` methods to `create_instance()` and `_create_instance()`, respectively. It then removes the `selection_to_rule_obj` function from `apparmor.aa`, which is now an unnecessary alias for the renamed public method.
MR: https://gitlab.com/apparmor/apparmor/-/merge_requests/923
Approved-by: Christian Boltz <apparmor@cboltz.de>
Merged-by: Christian Boltz <apparmor@cboltz.de>
If audit.log contains entries for a profile that doesn't exist (for
example when working with a log file from another system), skip these
log entries instead of crashing.
Reproducer (crashes without this patch):
aa-logprof -f <(echo 'type=AVC msg=audit(1661739121.578:77893): apparmor="DENIED" operation="open" profile="no_such_profile" name="/run/" pid=33099 comm="no" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0')
