From 1d5f90efcd6aa9d58330d45e492e9d64b1242d0b Mon Sep 17 00:00:00 2001 From: Christian Boltz Date: Thu, 12 Oct 2023 13:04:29 +0200 Subject: [PATCH] Rename profile variable to prof_filename ... if it contains the profile filename. This avoids confusion with the "real" 'profile' variable that contains a profile name. --- utils/apparmor/tools.py | 36 ++++++++++++++++++------------------ 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/utils/apparmor/tools.py b/utils/apparmor/tools.py index ce120ad6a..b23e76076 100644 --- a/utils/apparmor/tools.py +++ b/utils/apparmor/tools.py @@ -131,41 +131,41 @@ class aa_tools: sys.exit(1) def cmd_disable(self): - for (program, profile, output_name) in self.get_next_for_modechange(): + for (program, prof_filename, output_name) in self.get_next_for_modechange(): aaui.UI_Info(_('Disabling %s.') % output_name) - apparmor.create_symlink('disable', profile) + apparmor.create_symlink('disable', prof_filename) - self.unload_profile(profile) + self.unload_profile(prof_filename) def cmd_enforce(self): - for (program, profile, output_name) in self.get_next_for_modechange(): - apparmor.set_enforce(profile, program) + for (program, prof_filename, output_name) in self.get_next_for_modechange(): + apparmor.set_enforce(prof_filename, program) - self.reload_profile(profile) + self.reload_profile(prof_filename) def cmd_complain(self): - for (program, profile, output_name) in self.get_next_for_modechange(): - apparmor.set_complain(profile, program) + for (program, prof_filename, output_name) in self.get_next_for_modechange(): + apparmor.set_complain(prof_filename, program) - self.reload_profile(profile) + self.reload_profile(prof_filename) def cmd_audit(self): - for (program, profile, output_name) in self.get_next_for_modechange(): + for (program, prof_filename, output_name) in self.get_next_for_modechange(): # keep this to allow toggling 'audit' flags if not self.remove: aaui.UI_Info(_('Setting %s to audit mode.') % output_name) else: aaui.UI_Info(_('Removing audit mode from %s.') % output_name) - apparmor.change_profile_flags(profile, program, 'audit', not self.remove) + apparmor.change_profile_flags(prof_filename, program, 'audit', not self.remove) - disable_link = '%s/disable/%s' % (apparmor.profile_dir, os.path.basename(profile)) + disable_link = '%s/disable/%s' % (apparmor.profile_dir, os.path.basename(prof_filename)) if os.path.exists(disable_link): - aaui.UI_Info(_('\nWarning: the profile %s is disabled. Use aa-enforce or aa-complain to enable it.') % os.path.basename(profile)) + aaui.UI_Info(_('\nWarning: the profile %s is disabled. Use aa-enforce or aa-complain to enable it.') % os.path.basename(prof_filename)) - self.reload_profile(profile) + self.reload_profile(prof_filename) def cmd_autodep(self): apparmor.loadincludes() @@ -219,18 +219,18 @@ class aa_tools: else: raise AppArmorException(_('The profile for %s does not exists. Nothing to clean.') % program) - def unload_profile(self, profile): + def unload_profile(self, prof_filename): if not self.do_reload: return # FIXME: should ensure profile is loaded before unloading - cmd_info = cmd([apparmor.parser, '-I%s' % apparmor.profile_dir, '--base', apparmor.profile_dir, '-R', profile]) + cmd_info = cmd([apparmor.parser, '-I%s' % apparmor.profile_dir, '--base', apparmor.profile_dir, '-R', prof_filename]) if cmd_info[0] != 0: raise AppArmorException(cmd_info[1]) - def reload_profile(self, profile): + def reload_profile(self, prof_filename): if not self.do_reload: return - apparmor.reload_profile(profile, raise_exc=True) + apparmor.reload_profile(prof_filename, raise_exc=True)