diff --git a/parser/parser_interface.c b/parser/parser_interface.c index 8ad3e840e..c98a1fa29 100644 --- a/parser/parser_interface.c +++ b/parser/parser_interface.c @@ -420,7 +420,7 @@ void sd_serialize_profile(std::ostringstream &buf, Profile *profile, sd_write_struct(buf, "flags"); /* used to be flags.debug, but that's no longer supported */ - sd_write_uint32(buf, profile->flags.hat); + sd_write_uint32(buf, profile->flags.flags); sd_write_uint32(buf, profile_mode_packed(profile->flags.mode)); sd_write_uint32(buf, profile->flags.audit); sd_write_structend(buf); diff --git a/parser/parser_policy.c b/parser/parser_policy.c index f18d0a13c..2f66ab26f 100644 --- a/parser/parser_policy.c +++ b/parser/parser_policy.c @@ -243,7 +243,7 @@ void post_process_rule_entries(Profile *prof) static int profile_add_hat_rules(Profile *prof) { /* don't add hat rules if not hat or profile doesn't have hats */ - if (!prof->flags.hat && prof->hat_table.empty()) + if (!(prof->flags.flags & FLAG_HAT) && prof->hat_table.empty()) return 0; if (!add_proc_access(prof, CHANGEHAT_PATH)) diff --git a/parser/parser_yacc.y b/parser/parser_yacc.y index 3f516ce5c..38913bde5 100644 --- a/parser/parser_yacc.y +++ b/parser/parser_yacc.y @@ -421,7 +421,7 @@ profile: opt_profile_flag profile_base yyerror(_("Profile names must begin with a '/', namespace or keyword 'profile' or 'hat'.")); if ($1 == 2) - prof->flags.hat = 1; + prof->flags.flags |= FLAG_HAT; $$ = prof; }; @@ -448,7 +448,7 @@ hat: hat_start profile_base if ($2->xattrs.list) yyerror("hat profiles can't use xattrs matches"); - prof->flags.hat = 1; + prof->flags.flags |= FLAG_HAT; $$ = prof; }; diff --git a/parser/profile.h b/parser/profile.h index f54467c07..5606baa46 100644 --- a/parser/profile.h +++ b/parser/profile.h @@ -110,9 +110,13 @@ static inline enum profile_mode str_to_mode(const char *str) return MODE_UNSPECIFIED; }; +#define FLAG_HAT 1 +#define FLAG_DEBUG1 2 +#define FLAG_DEBUG2 4 + class flagvals { public: - int hat; + int flags; enum profile_mode mode; int audit; int path; @@ -124,7 +128,7 @@ public: if (audit) os << ", Audit"; - if (hat) + if (flags & FLAG_HAT) os << ", Hat"; os << "\n";