mirror of
https://gitlab.com/apparmor/apparmor
synced 2025-08-30 22:05:27 +00:00
utils: fix make -C profiles check-logprof fails
On arch
make -C profiles check-logprof
fails with
*** Checking profiles from ./apparmor.d against logprof
ERROR: Can't find AppArmor profiles in /etc/apparmor.d
make: *** [Makefile:113: check-logprof] Error 1
make: Leaving directory '/build/apparmor/src/apparmor-2.13.3/profiles'
because /etc/apparmor.d/ is not available in the build environment
and aa-logprofs --dir argument, is not being passed to init_aa()
but used to update profiles_dir after the fact.
Fix this by passing profiledir as an argument to init_aa()
Fixes: https://gitlab.com/apparmor/apparmor/-/issues/36
MR: https://gitlab.com/apparmor/apparmor/-/merge_requests/663
Signed-off-by: John Johansen <john.johansen@canonical.com>
Acked-by: Christian Boltz <apparmor@cboltz.de>
(backported from commit 15dc06248c)
This commit is contained in:
John Johansen
@@ -72,20 +72,14 @@ if args.json:
|
|||||||
aaui.set_json_mode()
|
aaui.set_json_mode()
|
||||||
|
|
||||||
profiling = args.program
|
profiling = args.program
|
||||||
profiledir = args.dir
|
|
||||||
|
|
||||||
apparmor.init_aa()
|
apparmor.init_aa(profiledir=args.dir)
|
||||||
apparmor.set_logfile(args.file)
|
apparmor.set_logfile(args.file)
|
||||||
|
|
||||||
aa_mountpoint = apparmor.check_for_apparmor()
|
aa_mountpoint = apparmor.check_for_apparmor()
|
||||||
if not aa_mountpoint:
|
if not aa_mountpoint:
|
||||||
raise apparmor.AppArmorException(_('It seems AppArmor was not started. Please enable AppArmor and try again.'))
|
raise apparmor.AppArmorException(_('It seems AppArmor was not started. Please enable AppArmor and try again.'))
|
||||||
|
|
||||||
if profiledir:
|
|
||||||
apparmor.profile_dir = apparmor.get_full_path(profiledir)
|
|
||||||
if not os.path.isdir(apparmor.profile_dir):
|
|
||||||
raise apparmor.AppArmorException(_("%s is not a directory.") %profiledir)
|
|
||||||
|
|
||||||
program = None
|
program = None
|
||||||
#if os.path.exists(apparmor.which(profiling.strip())):
|
#if os.path.exists(apparmor.which(profiling.strip())):
|
||||||
if os.path.exists(profiling):
|
if os.path.exists(profiling):
|
||||||
|
|||||||
@@ -13,7 +13,6 @@
|
|||||||
#
|
#
|
||||||
# ----------------------------------------------------------------------
|
# ----------------------------------------------------------------------
|
||||||
import argparse
|
import argparse
|
||||||
import os
|
|
||||||
|
|
||||||
import apparmor.aa as apparmor
|
import apparmor.aa as apparmor
|
||||||
import apparmor.ui as aaui
|
import apparmor.ui as aaui
|
||||||
@@ -36,21 +35,16 @@ args = parser.parse_args()
|
|||||||
if args.json:
|
if args.json:
|
||||||
aaui.set_json_mode()
|
aaui.set_json_mode()
|
||||||
|
|
||||||
profiledir = args.dir
|
|
||||||
logmark = args.mark or ''
|
logmark = args.mark or ''
|
||||||
|
|
||||||
apparmor.init_aa()
|
apparmor.init_aa(profiledir=args.dir)
|
||||||
|
|
||||||
apparmor.set_logfile(args.file)
|
apparmor.set_logfile(args.file)
|
||||||
|
|
||||||
aa_mountpoint = apparmor.check_for_apparmor()
|
aa_mountpoint = apparmor.check_for_apparmor()
|
||||||
if not aa_mountpoint:
|
if not aa_mountpoint:
|
||||||
raise apparmor.AppArmorException(_('It seems AppArmor was not started. Please enable AppArmor and try again.'))
|
raise apparmor.AppArmorException(_('It seems AppArmor was not started. Please enable AppArmor and try again.'))
|
||||||
|
|
||||||
if profiledir:
|
|
||||||
apparmor.profile_dir = apparmor.get_full_path(profiledir)
|
|
||||||
if not os.path.isdir(apparmor.profile_dir):
|
|
||||||
raise apparmor.AppArmorException("%s is not a directory."%profiledir)
|
|
||||||
|
|
||||||
apparmor.loadincludes()
|
apparmor.loadincludes()
|
||||||
|
|
||||||
apparmor.do_logprof_pass(logmark)
|
apparmor.do_logprof_pass(logmark)
|
||||||
|
|||||||
@@ -14,7 +14,6 @@
|
|||||||
#
|
#
|
||||||
# ----------------------------------------------------------------------
|
# ----------------------------------------------------------------------
|
||||||
import argparse
|
import argparse
|
||||||
import os
|
|
||||||
|
|
||||||
import apparmor.aa
|
import apparmor.aa
|
||||||
import apparmor.aamode
|
import apparmor.aamode
|
||||||
@@ -23,7 +22,6 @@ import apparmor.severity
|
|||||||
import apparmor.cleanprofile as cleanprofile
|
import apparmor.cleanprofile as cleanprofile
|
||||||
import apparmor.ui as aaui
|
import apparmor.ui as aaui
|
||||||
|
|
||||||
from apparmor.common import AppArmorException
|
|
||||||
from apparmor.regex import re_match_include
|
from apparmor.regex import re_match_include
|
||||||
|
|
||||||
|
|
||||||
@@ -43,15 +41,10 @@ args = parser.parse_args()
|
|||||||
|
|
||||||
args.other = None
|
args.other = None
|
||||||
|
|
||||||
apparmor.aa.init_aa()
|
apparmor.aa.init_aa(profiledir=args.dir)
|
||||||
|
|
||||||
profiles = args.files
|
profiles = args.files
|
||||||
|
|
||||||
profiledir = args.dir
|
|
||||||
if profiledir:
|
|
||||||
apparmor.aa.profile_dir = apparmor.aa.get_full_path(profiledir)
|
|
||||||
if not os.path.isdir(apparmor.aa.profile_dir):
|
|
||||||
raise AppArmorException(_("%s is not a directory.") %profiledir)
|
|
||||||
|
|
||||||
def reset_aa():
|
def reset_aa():
|
||||||
apparmor.aa.aa = apparmor.aa.hasher()
|
apparmor.aa.aa = apparmor.aa.hasher()
|
||||||
|
|||||||
@@ -3233,7 +3233,7 @@ def logger_path():
|
|||||||
|
|
||||||
######Initialisations######
|
######Initialisations######
|
||||||
|
|
||||||
def init_aa(confdir="/etc/apparmor"):
|
def init_aa(confdir="/etc/apparmor", profiledir=None):
|
||||||
global CONFDIR
|
global CONFDIR
|
||||||
global conf
|
global conf
|
||||||
global cfg
|
global cfg
|
||||||
@@ -3256,7 +3256,11 @@ def init_aa(confdir="/etc/apparmor"):
|
|||||||
if cfg['settings'].get('default_owner_prompt', False):
|
if cfg['settings'].get('default_owner_prompt', False):
|
||||||
cfg['settings']['default_owner_prompt'] = ''
|
cfg['settings']['default_owner_prompt'] = ''
|
||||||
|
|
||||||
profile_dir = conf.find_first_dir(cfg['settings'].get('profiledir')) or '/etc/apparmor.d'
|
if profiledir:
|
||||||
|
profile_dir = profiledir
|
||||||
|
else:
|
||||||
|
profile_dir = conf.find_first_dir(cfg['settings'].get('profiledir')) or '/etc/apparmor.d'
|
||||||
|
profile_dir = os.path.abspath(profile_dir)
|
||||||
if not os.path.isdir(profile_dir):
|
if not os.path.isdir(profile_dir):
|
||||||
raise AppArmorException('Can\'t find AppArmor profiles in %s' % (profile_dir))
|
raise AppArmorException('Can\'t find AppArmor profiles in %s' % (profile_dir))
|
||||||
|
|
||||||
|
|||||||
@@ -25,10 +25,9 @@ _ = init_translation()
|
|||||||
|
|
||||||
class aa_tools:
|
class aa_tools:
|
||||||
def __init__(self, tool_name, args):
|
def __init__(self, tool_name, args):
|
||||||
apparmor.init_aa()
|
apparmor.init_aa(profiledir=args.dir)
|
||||||
|
|
||||||
self.name = tool_name
|
self.name = tool_name
|
||||||
self.profiledir = args.dir
|
|
||||||
self.profiling = args.program
|
self.profiling = args.program
|
||||||
self.check_profile_dir()
|
self.check_profile_dir()
|
||||||
self.silent = None
|
self.silent = None
|
||||||
@@ -43,11 +42,6 @@ class aa_tools:
|
|||||||
self.silent = args.silent
|
self.silent = args.silent
|
||||||
|
|
||||||
def check_profile_dir(self):
|
def check_profile_dir(self):
|
||||||
if self.profiledir:
|
|
||||||
apparmor.profile_dir = apparmor.get_full_path(self.profiledir)
|
|
||||||
if not os.path.isdir(apparmor.profile_dir):
|
|
||||||
raise apparmor.AppArmorException("%s is not a directory." % self.profiledir)
|
|
||||||
|
|
||||||
if not user_perm(apparmor.profile_dir):
|
if not user_perm(apparmor.profile_dir):
|
||||||
raise apparmor.AppArmorException("Cannot write to profile directory: %s" % (apparmor.profile_dir))
|
raise apparmor.AppArmorException("Cannot write to profile directory: %s" % (apparmor.profile_dir))
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user