mirrors/apparmor
1
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor.git synced 2025-03-04 16:35:02 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
apparmor/utils
History
Christian Boltz aaa244c5ec [14/38] Use FileRule and FileRuleset 
Change aa.py to use FileRule and FileRuleset for parsing and saving
profiles.

In detail, this means:
- add 'file' to the list of rule classes to enable it at various places
- store file rules in aa[profile][hat]['file'] (not 'path' as before)
  to be consistent with the FileRule name
- drop the no longer needed delete_path_duplicates() - this is now
  handled by FileRuleset like in all other rule classes.
  (same change in cleanprofile.py)
- replace usage of RE_PROFILE_BARE_FILE_ENTRY and RE_PROFILE_PATH_ENTRY
  with FileRule.match()
- drop write_path_rules() and write_paths() and replace them with the
  new write_file() function.
- adjust several code sections to use write_file() and 'file' instead of
  'path'

FileRule doesn't drop optional keywords ('allow' and 'file'), therefore
adjust cleanprof_test.out to the changed behaviour. (If someone insists
on dropping optional keywords in aa-cleanprof, that's something for a
future patch.)

Also adjust the list of known failures in test-parser-simple-tests.py -
switching to FileRule avoids several test failures (and introduces a few
new ones ;-)




IMPORTANT:

This patch introduces a "brain split" which means
- parsing and writing the profile and aa-cleanprof use the new location
  (aa[profile][hat]['file'])
- aa-logprof and aa-genprof still save data to the old location
  (aa[profile][hat]['allow']['path']) and probably ask superfluous
  questions because there are no rules existing in the old location

TL;DR: don't try aa-logprof or aa-genprof with only this patch applied.

I know this isn't ideal, but still better than an even bigger and
totally unreadable patch ;-)



Acked-by: Steve Beattie <steve@nxnw.org>
2016-10-01 19:54:48 +02:00
..
apparmor [14/38] Use FileRule and FileRuleset 2016-10-01 19:54:48 +02:00
easyprof Add aa-easyprof and easyprof.py and related pieces from the Ubuntu 2014-02-13 17:53:40 -08:00
po translations: fix up msgfmt warnings 2016-05-24 13:08:06 -07:00
test [14/38] Use FileRule and FileRuleset 2016-10-01 19:54:48 +02:00
vim Update change_profile highlighting in apparmor.vim 2016-05-27 20:05:21 +02:00
aa-audit Improve exception handling 2015-07-06 22:02:34 +02:00
aa-audit.pod Merge in Kshitij Gupta <kgupta8592@gmail.com>'s rewrite of the 2014-02-12 15:54:00 -08:00
aa-autodep Add --no-reload option to aa-autodep 2015-07-14 01:45:42 +02:00
aa-autodep.pod Merge in Kshitij Gupta <kgupta8592@gmail.com>'s rewrite of the 2014-02-12 15:54:00 -08:00
aa-cleanprof Improve exception handling 2015-07-06 22:02:34 +02:00
aa-cleanprof.pod manpages: incorporate podchecker; fix errors and (most) warnings 2014-09-15 11:30:47 -07:00
aa-complain Improve exception handling 2015-07-06 22:02:34 +02:00
aa-complain.pod Add a note about still enforcing deny rules to aa-complain manpage 2016-06-05 23:43:29 +02:00
aa-decode speed up aa-decode by using a bash regex matching instead of calling egrep for each line. 2013-01-01 20:15:04 +01:00
aa-decode.pod manpages: incorporate podchecker; fix errors and (most) warnings 2014-09-15 11:30:47 -07:00
aa-disable Improve exception handling 2015-07-06 22:02:34 +02:00
aa-disable.pod utils: remove aa-enforce '--remove' option 2014-03-03 14:59:47 -08:00
aa-easyprof utils: Use apparmor.fail for AppArmorException handling in aa-easyprof 2015-12-16 16:12:43 -06:00
aa-easyprof.pod utils/aa-easyprof.pod: corrections for --show-templates and 2015-03-27 16:33:35 -05:00
aa-enforce Improve exception handling 2015-07-06 22:02:34 +02:00
aa-enforce.pod manpages: incorporate podchecker; fix errors and (most) warnings 2014-09-15 11:30:47 -07:00
aa-genprof Get rid of global variable 'logger' 2015-10-20 22:03:58 +02:00
aa-genprof.pod manpages: incorporate podchecker; fix errors and (most) warnings 2014-09-15 11:30:47 -07:00
aa-logprof Improve exception handling 2015-07-06 22:02:34 +02:00
aa-logprof.pod utils/aa-logprof.pod: fix typo in manpage 2015-08-25 14:53:55 -07:00
aa-mergeprof Re-order imports in aa-mergeprof and rule/capability.py 2016-06-10 01:18:32 +05:30
aa-mergeprof.pod update the aa-mergeprof manpage to match the new commandline syntax 2014-10-16 20:26:45 +02:00
aa-notify aa-notify: also display notifications for complain mode events 2015-04-29 01:03:17 +02:00
aa-notify.pod add missing --display to aa-notify.pod 2014-09-08 20:40:33 +02:00
aa-sandbox Improve exception handling 2015-07-06 22:02:34 +02:00
aa-sandbox.pod manpages: incorporate podchecker; fix errors and (most) warnings 2014-09-15 11:30:47 -07:00
aa-status Add a JSON output option to aa-status 2016-03-24 10:59:45 -04:00
aa-status.pod Add a JSON output option to aa-status 2016-03-24 10:59:45 -04:00
aa-unconfined Improve exception handling 2015-07-06 22:02:34 +02:00
aa-unconfined.pod Merge in Kshitij Gupta <kgupta8592@gmail.com>'s rewrite of the 2014-02-12 15:54:00 -08:00
check_po.pl utitlity to look for problems in the po files. 2007-08-15 19:24:49 +00:00
logprof.conf Also add python 3.5 to logprof.conf 2015-11-19 20:22:40 +01:00
logprof.conf.pod manpages: incorporate podchecker; fix errors and (most) warnings 2014-09-15 11:30:47 -07:00
Makefile binutils: Replace Perl aa-exec with C aa-exec 2015-12-17 19:19:23 -06:00
notify.conf Here is a patch to standardize on all utils using the "aa-" prefix instead 2010-11-03 17:03:52 -07:00
python-tools-setup.py utils: fix python install for rule/ subdirectory 2015-01-13 13:03:11 -08:00
README.md Merge in Kshitij Gupta <kgupta8592@gmail.com>'s rewrite of the 2014-02-12 15:54:00 -08:00
severity.db Update perl abstraction, logprof.conf, severity.db and tests for Debian/Ubuntu 2014-08-20 19:14:24 -05:00

README.md

Known Bugs: Will allow multiple letters in the () due to translation/unicode issues with regexing the key. User input will probably bug out in a different locale.