From 274a98d8aaaff14d68525dba932efed5536ddd36 Mon Sep 17 00:00:00 2001 From: Christian Boltz Date: Tue, 20 Oct 2015 23:21:51 +0200 Subject: [PATCH] Let 'make check' work without logprof.conf This patch checks if the cfg object is empty (happens if logprof.conf doesn't exist). If so, it adds some empty sections to prevent various failures in code that expects those sections to exist. Another source of failures was using cfg['section']['setting']. The patch changes various places to cfg['section'].get('setting') to prevent those failures. (Those places all have a 'or ...' fallback.) Finally, find_first_file() in config.py crashed if file_list was Null. This is fixed by adding an "if file_list:" check before trying to split() it. With all those changes applied, 'make check' will work even if /etc/apparmor/logprof.conf doesn't exist. The patch also fixes the default value for inactive_profiledir (I missed aa.py when I changed it to /usr/share/apparmor/extra-profiles/) References: https://bugs.launchpad.net/apparmor/+bug/1393979 Acked-by: John Johansen --- utils/apparmor/aa.py | 15 +++++++++------ utils/apparmor/config.py | 9 +++++---- 2 files changed, 14 insertions(+), 10 deletions(-) diff --git a/utils/apparmor/aa.py b/utils/apparmor/aa.py index 73efe0158..bccff1f0d 100644 --- a/utils/apparmor/aa.py +++ b/utils/apparmor/aa.py @@ -359,7 +359,7 @@ def get_reqs(file): pattern2 = re.compile('^\s*(\/\S+)') reqs = [] - ldd = conf.find_first_file(cfg['settings']['ldd']) or '/usr/bin/ldd' + ldd = conf.find_first_file(cfg['settings'].get('ldd')) or '/usr/bin/ldd' if not os.path.isfile(ldd) or not os.access(ldd, os.EX_OK): raise AppArmorException('Can\'t find ldd') @@ -4380,18 +4380,21 @@ def logger_path(): conf = apparmor.config.Config('ini', CONFDIR) cfg = conf.read_config('logprof.conf') -#print(cfg['settings']) -#if 'default_owner_prompt' in cfg['settings']: +# prevent various failures if logprof.conf doesn't exist +if not cfg.sections(): + cfg.add_section('settings') + cfg.add_section('required_hats') + if cfg['settings'].get('default_owner_prompt', False): cfg['settings']['default_owner_prompt'] = '' -profile_dir = conf.find_first_dir(cfg['settings']['profiledir']) or '/etc/apparmor.d' +profile_dir = conf.find_first_dir(cfg['settings'].get('profiledir')) or '/etc/apparmor.d' if not os.path.isdir(profile_dir): raise AppArmorException('Can\'t find AppArmor profiles') -extra_profile_dir = conf.find_first_dir(cfg['settings']['inactive_profiledir']) or '/etc/apparmor/profiles/extras/' +extra_profile_dir = conf.find_first_dir(cfg['settings'].get('inactive_profiledir')) or '/usr/share/apparmor/extra-profiles/' -parser = conf.find_first_file(cfg['settings']['parser']) or '/sbin/apparmor_parser' +parser = conf.find_first_file(cfg['settings'].get('parser')) or '/sbin/apparmor_parser' if not os.path.isfile(parser) or not os.access(parser, os.EX_OK): raise AppArmorException('Can\'t find apparmor_parser') diff --git a/utils/apparmor/config.py b/utils/apparmor/config.py index 5e613bc97..64334c9b7 100644 --- a/utils/apparmor/config.py +++ b/utils/apparmor/config.py @@ -114,10 +114,11 @@ class Config(object): def find_first_file(self, file_list): """Returns name of first matching file None otherwise""" filename = None - for f in file_list.split(): - if os.path.isfile(f): - filename = f - break + if file_list: + for f in file_list.split(): + if os.path.isfile(f): + filename = f + break return filename def find_first_dir(self, dir_list):