[38/38] Drop old path regexes

FileRule uses RE_PROFILE_FILE_ENTRY, which also means
RE_PROFILE_PATH_ENTRY, RE_PROFILE_BARE_FILE_ENTRY and RE_OWNER are now
unused.

This patch drops these regexes and their tests in test-regex_matches.py.


Acked-by: Steve Beattie <steve@nxnw.org>

utils/apparmor/regex.py

@@ -22,7 +22,6 @@ _ = init_translation()
 
 ## Profile parsing Regex
 RE_AUDIT_DENY           = '^\s*(?P<audit>audit\s+)?(?P<allow>allow\s+|deny\s+)?'  # line start, optionally: leading whitespace, <audit> and <allow>/deny
-RE_OWNER                = '(?P<owner>owner\s+)?'  # optionally: <owner>
 RE_EOL                  = '\s*(?P<comment>#.*?)?\s*$'  # optional whitespace, optional <comment>, optional whitespace, end of the line
 RE_COMMA_EOL            = '\s*,' + RE_EOL # optional whitespace, comma + RE_EOL
 
@@ -42,8 +41,6 @@ RE_PROFILE_VARIABLE     = re.compile('^\s*(@\{?\w+\}?)\s*(\+?=)\s*(@*.+?)\s*,?'
 RE_PROFILE_CONDITIONAL  = re.compile('^\s*if\s+(not\s+)?(\$\{?\w*\}?)\s*\{' + RE_EOL)
 RE_PROFILE_CONDITIONAL_VARIABLE = re.compile('^\s*if\s+(not\s+)?defined\s+(@\{?\w+\}?)\s*\{\s*(#.*)?$')
 RE_PROFILE_CONDITIONAL_BOOLEAN = re.compile('^\s*if\s+(not\s+)?defined\s+(\$\{?\w+\}?)\s*\{\s*(#.*)?$')
-RE_PROFILE_BARE_FILE_ENTRY = re.compile(RE_AUDIT_DENY + RE_OWNER + 'file' + RE_COMMA_EOL)
-RE_PROFILE_PATH_ENTRY   = re.compile(RE_AUDIT_DENY + RE_OWNER + '(file\s+)?([\"@/].*?)\s+(\S+)(\s+->\s*(.*?))?' + RE_COMMA_EOL)
 RE_PROFILE_NETWORK      = re.compile(RE_AUDIT_DENY + 'network(?P<details>\s+.*)?' + RE_COMMA_EOL)
 RE_PROFILE_CHANGE_HAT   = re.compile('^\s*\^(\"??.+?\"??)' + RE_COMMA_EOL)
 RE_PROFILE_HAT_DEF      = re.compile('^(?P<leadingspace>\s*)(?P<hat_keyword>\^|hat\s+)(?P<hat>\"??.+?\"??)\s+((flags=)?\((?P<flags>.+)\)\s+)*\{' + RE_EOL)
@@ -88,7 +85,6 @@ RE_PROFILE_CHANGE_PROFILE = re.compile(
 # Therefore parsing code should match against file rules only after trying to match all other rule types.
 RE_PATH_PERMS = '(?P<%s>[mrwalkPUCpucix]+)'
 
-# XXX drop RE_PROFILE_PATH_ENTRY, RE_PROFILE_BARE_FILE_ENTRY and RE_OWNER after switching to this regex
 RE_PROFILE_FILE_ENTRY = re.compile(
     RE_AUDIT_DENY +
     '(?P<owner>owner\s+)?' +  # optionally: <owner>

utils/test/test-regex_matches.py

@@ -15,7 +15,6 @@ from common_test import AATest, setup_all_loops
 from apparmor.common import AppArmorBug, AppArmorException
 
 from apparmor.regex import ( strip_parenthesis, strip_quotes, parse_profile_start_line, re_match_include,
-     RE_PROFILE_BARE_FILE_ENTRY, RE_PROFILE_PATH_ENTRY,
      RE_PROFILE_START, RE_PROFILE_DBUS, RE_PROFILE_CAP, RE_PROFILE_PTRACE, RE_PROFILE_SIGNAL )
 
 
@@ -216,44 +215,6 @@ class AARegexCapability(AARegexTest):
         ('   capabilitynet_raw,', False)
     ]
 
-
-class AARegexPath(AARegexTest):
-    '''Tests for RE_PROFILE_PATH_ENTRY'''
-
-    def AASetup(self):
-        self.regex = RE_PROFILE_PATH_ENTRY
-
-    tests = [
-        ('   /tmp/foo r,',
-         (None, None, None, None, '/tmp/foo', 'r', None, None, None)),
-        ('   audit /tmp/foo rw,',
-         ('audit', None, None, None, '/tmp/foo', 'rw', None, None, None)),
-        ('   audit deny /tmp/foo rw,',
-         ('audit', 'deny', None, None, '/tmp/foo', 'rw', None, None, None)),
-        ('   file /tmp/foo rw,',
-         (None, None, None, 'file', '/tmp/foo', 'rw', None, None, None)),
-        ('   file,', False),
-    ]
-
-
-class AARegexBareFile(AARegexTest):
-    '''Tests for RE_PROFILE_BARE_FILE_ENTRY'''
-
-    def AASetup(self):
-        self.regex = RE_PROFILE_BARE_FILE_ENTRY
-
-    tests = [
-        ('   file,', (None, None, None, None)),
-        ('   dbus,', False),
-        ('   file /tmp/foo rw,', False),
-        ('   file /tmp/foo,', False),
-        ('   file r,', False),
-        ('  owner file  , ', (None, None, 'owner', None)),
-        ('  audit owner file  , ', ('audit', None, 'owner', None)),
-        ('  deny file  , ', (None, 'deny', None, None)),
-    ]
-
-
 class AARegexDbus(AARegexTest):
     '''Tests for RE_PROFILE_DBUS'''