mirror of
https://gitlab.com/apparmor/apparmor.git
synced 2025-03-04 08:24:42 +01:00
4918107a6f
Instead of always showing a backtrace,
- for AppArmorException (used for profile syntax errors etc.), print only
the exceptions value because a backtrace is superfluous and would
confuse users.
- for other (unexpected) exceptions, print backtrace and save detailed
information in a file in /tmp/ (including variable content etc.) to
make debugging easier.
This is done by adding the apparmor.fail module which contains a custom
exception handler (using cgitb, except for AppArmorException).
Also change all python aa-* tools to use the new exception handler.
Note: aa-audit did show backtraces only if the --trace option was given.
This is superfluous with the improved exception handling, therefore this
patch removes the --trace option. (The other aa-* tools never had this
option.)
If you want to test the behaviour of the new exception handler, you can
use this script:
#!/usr/bin/python
from apparmor.common import AppArmorException, AppArmorBug
from apparmor.fail import enable_aa_exception_handler
enable_aa_exception_handler()
# choose one ;-)
raise AppArmorException('Harmless example failure')
#raise AppArmorBug('b\xe4d bug!')
#raise Exception('something is broken!')
Acked-by: Seth Arnold <seth.arnold@canonical.com>
40 lines
1.1 KiB
Python
Executable file
40 lines
1.1 KiB
Python
Executable file
#! /usr/bin/env python
|
|
# ------------------------------------------------------------------
|
|
#
|
|
# Copyright (C) 2012 Canonical Ltd.
|
|
#
|
|
# This program is free software; you can redistribute it and/or
|
|
# modify it under the terms of version 2 of the GNU General Public
|
|
# License published by the Free Software Foundation.
|
|
#
|
|
# ------------------------------------------------------------------
|
|
|
|
import apparmor.sandbox
|
|
from apparmor.common import error
|
|
import optparse
|
|
import sys
|
|
|
|
# setup exception handling
|
|
from apparmor.fail import enable_aa_exception_handler
|
|
enable_aa_exception_handler()
|
|
|
|
if __name__ == "__main__":
|
|
argv = sys.argv
|
|
parser = optparse.OptionParser()
|
|
apparmor.easyprof.add_parser_policy_args(parser)
|
|
(opt, args) = apparmor.sandbox.parse_args(sys.argv, parser)
|
|
|
|
if len(args) < 1:
|
|
error("Must specify binary")
|
|
|
|
binary = args[0]
|
|
if not apparmor.sandbox.check_requirements(binary):
|
|
sys.exit(1)
|
|
|
|
if opt.withx:
|
|
rc, report = apparmor.sandbox.run_xsandbox(args, opt)
|
|
else:
|
|
rc, report = apparmor.sandbox.run_sandbox(args, opt)
|
|
|
|
apparmor.common.msg(report)
|
|
sys.exit(rc)
|