mir/apparmor
2
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor synced 2025-08-30 13:58:22 +00:00
Code Issues Releases Wiki Activity

Let 'make check' work without logprof.conf

Browse Source 
This patch checks if the cfg object is empty (happens if logprof.conf
doesn't exist). If so, it adds some empty sections to prevent various
failures in code that expects those sections to exist.

Another source of failures was using cfg['section']['setting']. The
patch changes various places to cfg['section'].get('setting') to prevent
those failures. (Those places all have a 'or ...' fallback.)

Finally, find_first_file() in config.py crashed if file_list was Null.
This is fixed by adding an "if file_list:" check before trying to
split() it.

With all those changes applied, 'make check' will work even if
/etc/apparmor/logprof.conf doesn't exist.


The patch also fixes the default value for inactive_profiledir
(I missed aa.py when I changed it to /usr/share/apparmor/extra-profiles/)


References: https://bugs.launchpad.net/apparmor/+bug/1393979


Acked-by: John Johansen <john.johansen@canonical.com>
This commit is contained in:
Christian Boltz
2015-10-20 23:21:51 +02:00
parent bdd8884ab4
commit 274a98d8aa
2 changed files with 14 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
utils/apparmor/aa.py
View File

@@ -359,7 +359,7 @@ def get_reqs(file):
pattern2 = re.compile('^\s*(\/\S+)') pattern2 = re.compile('^\s*(\/\S+)')
reqs = [] reqs = []
ldd = conf.find_first_file(cfg['settings']['ldd']) or '/usr/bin/ldd' ldd = conf.find_first_file(cfg['settings'].get('ldd')) or '/usr/bin/ldd'
if not os.path.isfile(ldd) or not os.access(ldd, os.EX_OK): if not os.path.isfile(ldd) or not os.access(ldd, os.EX_OK):
raise AppArmorException('Can\'t find ldd') raise AppArmorException('Can\'t find ldd')
@@ -4380,18 +4380,21 @@ def logger_path():
conf = apparmor.config.Config('ini', CONFDIR) conf = apparmor.config.Config('ini', CONFDIR)
cfg = conf.read_config('logprof.conf') cfg = conf.read_config('logprof.conf')
#print(cfg['settings']) # prevent various failures if logprof.conf doesn't exist
#if 'default_owner_prompt' in cfg['settings']: if not cfg.sections():
cfg.add_section('settings')
cfg.add_section('required_hats')
if cfg['settings'].get('default_owner_prompt', False): if cfg['settings'].get('default_owner_prompt', False):
cfg['settings']['default_owner_prompt'] = '' cfg['settings']['default_owner_prompt'] = ''
profile_dir = conf.find_first_dir(cfg['settings']['profiledir']) or '/etc/apparmor.d' profile_dir = conf.find_first_dir(cfg['settings'].get('profiledir')) or '/etc/apparmor.d'
if not os.path.isdir(profile_dir): if not os.path.isdir(profile_dir):
raise AppArmorException('Can\'t find AppArmor profiles') raise AppArmorException('Can\'t find AppArmor profiles')
extra_profile_dir = conf.find_first_dir(cfg['settings']['inactive_profiledir']) or '/etc/apparmor/profiles/extras/' extra_profile_dir = conf.find_first_dir(cfg['settings'].get('inactive_profiledir')) or '/usr/share/apparmor/extra-profiles/'
parser = conf.find_first_file(cfg['settings']['parser']) or '/sbin/apparmor_parser' parser = conf.find_first_file(cfg['settings'].get('parser')) or '/sbin/apparmor_parser'
if not os.path.isfile(parser) or not os.access(parser, os.EX_OK): if not os.path.isfile(parser) or not os.access(parser, os.EX_OK):
raise AppArmorException('Can\'t find apparmor_parser') raise AppArmorException('Can\'t find apparmor_parser')

9
utils/apparmor/config.py
View File

@@ -114,10 +114,11 @@ class Config(object):
def find_first_file(self, file_list): def find_first_file(self, file_list):
"""Returns name of first matching file None otherwise""" """Returns name of first matching file None otherwise"""
filename = None filename = None
for f in file_list.split(): if file_list:
if os.path.isfile(f): for f in file_list.split():
filename = f if os.path.isfile(f):
break filename = f
break
return filename return filename
def find_first_dir(self, dir_list): def find_first_dir(self, dir_list):