From 1335b80ff458264db7eacc203e4484536ece1cc0 Mon Sep 17 00:00:00 2001 From: John Johansen Date: Wed, 21 Oct 2020 03:16:46 -0700 Subject: [PATCH] utils: fix make -C profiles check-logprof fails On arch make -C profiles check-logprof fails with *** Checking profiles from ./apparmor.d against logprof ERROR: Can't find AppArmor profiles in /etc/apparmor.d make: *** [Makefile:113: check-logprof] Error 1 make: Leaving directory '/build/apparmor/src/apparmor-2.13.3/profiles' because /etc/apparmor.d/ is not available in the build environment and aa-logprofs --dir argument, is not being passed to init_aa() but used to update profiles_dir after the fact. Fix this by passing profiledir as an argument to init_aa() Fixes: https://gitlab.com/apparmor/apparmor/-/issues/36 MR: https://gitlab.com/apparmor/apparmor/-/merge_requests/663 Signed-off-by: John Johansen Acked-by: Christian Boltz (backported from commit 15dc06248c62ccceec00f70296a6c17f7c5096a1) --- utils/aa-genprof | 8 +------- utils/aa-logprof | 10 ++-------- utils/aa-mergeprof | 9 +-------- utils/apparmor/aa.py | 8 ++++++-- utils/apparmor/tools.py | 8 +------- 5 files changed, 11 insertions(+), 32 deletions(-) diff --git a/utils/aa-genprof b/utils/aa-genprof index 834c2d4c3..f73879d9c 100755 --- a/utils/aa-genprof +++ b/utils/aa-genprof @@ -72,20 +72,14 @@ if args.json: aaui.set_json_mode() profiling = args.program -profiledir = args.dir -apparmor.init_aa() +apparmor.init_aa(profiledir=args.dir) apparmor.set_logfile(args.file) aa_mountpoint = apparmor.check_for_apparmor() if not aa_mountpoint: raise apparmor.AppArmorException(_('It seems AppArmor was not started. Please enable AppArmor and try again.')) -if profiledir: - apparmor.profile_dir = apparmor.get_full_path(profiledir) - if not os.path.isdir(apparmor.profile_dir): - raise apparmor.AppArmorException(_("%s is not a directory.") %profiledir) - program = None #if os.path.exists(apparmor.which(profiling.strip())): if os.path.exists(profiling): diff --git a/utils/aa-logprof b/utils/aa-logprof index 0ff376524..53b2c3b6d 100755 --- a/utils/aa-logprof +++ b/utils/aa-logprof @@ -13,7 +13,6 @@ # # ---------------------------------------------------------------------- import argparse -import os import apparmor.aa as apparmor import apparmor.ui as aaui @@ -36,21 +35,16 @@ args = parser.parse_args() if args.json: aaui.set_json_mode() -profiledir = args.dir logmark = args.mark or '' -apparmor.init_aa() +apparmor.init_aa(profiledir=args.dir) + apparmor.set_logfile(args.file) aa_mountpoint = apparmor.check_for_apparmor() if not aa_mountpoint: raise apparmor.AppArmorException(_('It seems AppArmor was not started. Please enable AppArmor and try again.')) -if profiledir: - apparmor.profile_dir = apparmor.get_full_path(profiledir) - if not os.path.isdir(apparmor.profile_dir): - raise apparmor.AppArmorException("%s is not a directory."%profiledir) - apparmor.loadincludes() apparmor.do_logprof_pass(logmark) diff --git a/utils/aa-mergeprof b/utils/aa-mergeprof index f07b32149..dfcad091d 100755 --- a/utils/aa-mergeprof +++ b/utils/aa-mergeprof @@ -14,7 +14,6 @@ # # ---------------------------------------------------------------------- import argparse -import os import apparmor.aa import apparmor.aamode @@ -23,7 +22,6 @@ import apparmor.severity import apparmor.cleanprofile as cleanprofile import apparmor.ui as aaui -from apparmor.common import AppArmorException from apparmor.regex import re_match_include @@ -43,15 +41,10 @@ args = parser.parse_args() args.other = None -apparmor.aa.init_aa() +apparmor.aa.init_aa(profiledir=args.dir) profiles = args.files -profiledir = args.dir -if profiledir: - apparmor.aa.profile_dir = apparmor.aa.get_full_path(profiledir) - if not os.path.isdir(apparmor.aa.profile_dir): - raise AppArmorException(_("%s is not a directory.") %profiledir) def reset_aa(): apparmor.aa.aa = apparmor.aa.hasher() diff --git a/utils/apparmor/aa.py b/utils/apparmor/aa.py index 5423497ee..a76072ff8 100644 --- a/utils/apparmor/aa.py +++ b/utils/apparmor/aa.py @@ -3233,7 +3233,7 @@ def logger_path(): ######Initialisations###### -def init_aa(confdir="/etc/apparmor"): +def init_aa(confdir="/etc/apparmor", profiledir=None): global CONFDIR global conf global cfg @@ -3256,7 +3256,11 @@ def init_aa(confdir="/etc/apparmor"): if cfg['settings'].get('default_owner_prompt', False): cfg['settings']['default_owner_prompt'] = '' - profile_dir = conf.find_first_dir(cfg['settings'].get('profiledir')) or '/etc/apparmor.d' + if profiledir: + profile_dir = profiledir + else: + profile_dir = conf.find_first_dir(cfg['settings'].get('profiledir')) or '/etc/apparmor.d' + profile_dir = os.path.abspath(profile_dir) if not os.path.isdir(profile_dir): raise AppArmorException('Can\'t find AppArmor profiles in %s' % (profile_dir)) diff --git a/utils/apparmor/tools.py b/utils/apparmor/tools.py index 826aee8c0..2d07c3ecb 100644 --- a/utils/apparmor/tools.py +++ b/utils/apparmor/tools.py @@ -25,10 +25,9 @@ _ = init_translation() class aa_tools: def __init__(self, tool_name, args): - apparmor.init_aa() + apparmor.init_aa(profiledir=args.dir) self.name = tool_name - self.profiledir = args.dir self.profiling = args.program self.check_profile_dir() self.silent = None @@ -43,11 +42,6 @@ class aa_tools: self.silent = args.silent def check_profile_dir(self): - if self.profiledir: - apparmor.profile_dir = apparmor.get_full_path(self.profiledir) - if not os.path.isdir(apparmor.profile_dir): - raise apparmor.AppArmorException("%s is not a directory." % self.profiledir) - if not user_perm(apparmor.profile_dir): raise apparmor.AppArmorException("Cannot write to profile directory: %s" % (apparmor.profile_dir))