mir/apparmor
2
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor synced 2025-09-03 07:45:50 +00:00
Code Issues Releases Wiki Activity

ProfileList: merge get_clean_first() into get_clean()

Browse Source 
Now that ProfileList handles the whole preamble, there's no need to keep
two half functions.
This commit is contained in:
Christian Boltz
2020-05-22 00:57:20 +02:00
parent fe3c0b0ef8
commit 9d2a10dec7
3 changed files with 8 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
utils/apparmor/aa.py
View File

@@ -2190,8 +2190,6 @@ def serialize_profile(profile_data, name, options):
else: else:
prof_filename = get_profile_filename_from_profile_name(name, True) prof_filename = get_profile_filename_from_profile_name(name, True)
data += active_profiles.get_clean_first(prof_filename, 0)
data += active_profiles.get_clean(prof_filename, 0) data += active_profiles.get_clean(prof_filename, 0)
#Here should be all the profiles from the files added write after global/common stuff #Here should be all the profiles from the files added write after global/common stuff

17
utils/apparmor/profile_list.py
View File

@@ -156,24 +156,11 @@ class ProfileList:
if not self.files.get(filename): if not self.files.get(filename):
raise AppArmorBug('%s not listed in ProfileList files' % filename) raise AppArmorBug('%s not listed in ProfileList files' % filename)
data = []
# commented out for now because abi rules need to be written first - for now, use get_clean_first() instead
# data += self.files[filename]['abi'].get_clean_unsorted(depth)
# data += write_alias(self.files[filename])
data += self.files[filename]['inc_ie'].get_clean_unsorted(depth)
data += self.files[filename]['variable'].get_clean_unsorted(depth)
return data
def get_clean_first(self, filename, depth=0):
''' Get preamble rules for the given profile filename (in clean formatting) that need to be at the beginning.
This is a temporary function, and will be dropped / merged with get_clean() when the whole preamble is moved to ProfileList
'''
if not self.files.get(filename):
raise AppArmorBug('%s not listed in ProfileList files' % filename)
data = [] data = []
data += self.files[filename]['abi'].get_clean_unsorted(depth) data += self.files[filename]['abi'].get_clean_unsorted(depth)
data += write_alias(self.files[filename]) data += write_alias(self.files[filename])
data += self.files[filename]['inc_ie'].get_clean_unsorted(depth)
data += self.files[filename]['variable'].get_clean_unsorted(depth)
return data return data
def filename_from_profile_name(self, name): def filename_from_profile_name(self, name):

14
utils/test/test-profile-list.py
View File

@@ -172,16 +172,14 @@ class TestAdd_abi(AATest):
def testAdd_abi_1(self): def testAdd_abi_1(self):
self.pl.add_abi('/etc/apparmor.d/bin.foo', AbiRule('abi/4.19', False, True)) self.pl.add_abi('/etc/apparmor.d/bin.foo', AbiRule('abi/4.19', False, True))
self.assertEqual(list(self.pl.files.keys()), ['/etc/apparmor.d/bin.foo']) self.assertEqual(list(self.pl.files.keys()), ['/etc/apparmor.d/bin.foo'])
# self.assertEqual(self.pl.get_clean('/etc/apparmor.d/bin.foo'), ['abi <abi/4.19>,', '']) self.assertEqual(self.pl.get_clean('/etc/apparmor.d/bin.foo'), ['abi <abi/4.19>,', ''])
self.assertEqual(self.pl.get_clean_first('/etc/apparmor.d/bin.foo'), ['abi <abi/4.19>,', '']) # TODO switch to get_clean() once merged
self.assertEqual(self.pl.get_raw('/etc/apparmor.d/bin.foo'), ['abi <abi/4.19>,', '']) self.assertEqual(self.pl.get_raw('/etc/apparmor.d/bin.foo'), ['abi <abi/4.19>,', ''])
def testAdd_abi_2(self): def testAdd_abi_2(self):
self.pl.add_abi('/etc/apparmor.d/bin.foo', AbiRule('abi/4.19', False, True)) self.pl.add_abi('/etc/apparmor.d/bin.foo', AbiRule('abi/4.19', False, True))
self.pl.add_abi('/etc/apparmor.d/bin.foo', AbiRule('foo', False, False)) self.pl.add_abi('/etc/apparmor.d/bin.foo', AbiRule('foo', False, False))
self.assertEqual(list(self.pl.files.keys()), ['/etc/apparmor.d/bin.foo']) self.assertEqual(list(self.pl.files.keys()), ['/etc/apparmor.d/bin.foo'])
# self.assertEqual(self.pl.get_clean('/etc/apparmor.d/bin.foo'), ['abi <abi/4.19>,', 'abi "foo",', '']) self.assertEqual(self.pl.get_clean('/etc/apparmor.d/bin.foo'), ['abi <abi/4.19>,', 'abi "foo",', ''])
self.assertEqual(self.pl.get_clean_first('/etc/apparmor.d/bin.foo'), ['abi <abi/4.19>,', 'abi "foo",', '']) # TODO switch to get_clean() once merged
self.assertEqual(self.pl.get_raw('/etc/apparmor.d/bin.foo'), ['abi <abi/4.19>,', 'abi "foo",', '']) self.assertEqual(self.pl.get_raw('/etc/apparmor.d/bin.foo'), ['abi <abi/4.19>,', 'abi "foo",', ''])
def testAdd_abi_error_1(self): def testAdd_abi_error_1(self):
@@ -195,7 +193,7 @@ class TestAdd_abi(AATest):
self.assertEqual(list(self.pl.files.keys()), ['/etc/apparmor.d/bin.foo']) self.assertEqual(list(self.pl.files.keys()), ['/etc/apparmor.d/bin.foo'])
deleted = self.pl.delete_preamble_duplicates('/etc/apparmor.d/bin.foo') deleted = self.pl.delete_preamble_duplicates('/etc/apparmor.d/bin.foo')
self.assertEqual(deleted, 1) self.assertEqual(deleted, 1)
self.assertEqual(self.pl.get_clean_first('/etc/apparmor.d/bin.foo'), ['abi <abi/4.19>,', '']) # TODO switch to get_clean() once merged self.assertEqual(self.pl.get_clean('/etc/apparmor.d/bin.foo'), ['abi <abi/4.19>,', ''])
self.assertEqual(self.pl.get_raw('/etc/apparmor.d/bin.foo'), ['abi <abi/4.19>,', '']) self.assertEqual(self.pl.get_raw('/etc/apparmor.d/bin.foo'), ['abi <abi/4.19>,', ''])
class TestAdd_alias(AATest): class TestAdd_alias(AATest):
@@ -205,14 +203,14 @@ class TestAdd_alias(AATest):
def testAdd_alias_1(self): def testAdd_alias_1(self):
self.pl.add_alias('/etc/apparmor.d/bin.foo', '/foo', '/bar') self.pl.add_alias('/etc/apparmor.d/bin.foo', '/foo', '/bar')
self.assertEqual(list(self.pl.files.keys()), ['/etc/apparmor.d/bin.foo']) self.assertEqual(list(self.pl.files.keys()), ['/etc/apparmor.d/bin.foo'])
self.assertEqual(self.pl.get_clean_first('/etc/apparmor.d/bin.foo'), ['alias /foo -> /bar,', '']) # TODO switch to get_clean() once merged self.assertEqual(self.pl.get_clean('/etc/apparmor.d/bin.foo'), ['alias /foo -> /bar,', ''])
self.assertEqual(self.pl.get_raw('/etc/apparmor.d/bin.foo'), ['alias /foo -> /bar,', '']) self.assertEqual(self.pl.get_raw('/etc/apparmor.d/bin.foo'), ['alias /foo -> /bar,', ''])
def testAdd_alias_2(self): def testAdd_alias_2(self):
self.pl.add_alias('/etc/apparmor.d/bin.foo', '/foo', '/bar') self.pl.add_alias('/etc/apparmor.d/bin.foo', '/foo', '/bar')
self.pl.add_alias('/etc/apparmor.d/bin.foo', '/xyz', '/zyx') self.pl.add_alias('/etc/apparmor.d/bin.foo', '/xyz', '/zyx')
self.assertEqual(list(self.pl.files.keys()), ['/etc/apparmor.d/bin.foo']) self.assertEqual(list(self.pl.files.keys()), ['/etc/apparmor.d/bin.foo'])
self.assertEqual(self.pl.get_clean_first('/etc/apparmor.d/bin.foo'), ['alias /foo -> /bar,', 'alias /xyz -> /zyx,', '']) # TODO switch to get_clean() once merged self.assertEqual(self.pl.get_clean('/etc/apparmor.d/bin.foo'), ['alias /foo -> /bar,', 'alias /xyz -> /zyx,', ''])
self.assertEqual(self.pl.get_raw('/etc/apparmor.d/bin.foo'), ['alias /foo -> /bar,', 'alias /xyz -> /zyx,', '']) self.assertEqual(self.pl.get_raw('/etc/apparmor.d/bin.foo'), ['alias /foo -> /bar,', 'alias /xyz -> /zyx,', ''])
def testAdd_alias_dupe(self): def testAdd_alias_dupe(self):
@@ -222,7 +220,7 @@ class TestAdd_alias(AATest):
# self.pl.add_alias('/etc/apparmor.d/bin.foo', '/foo', '/redefine') # attempt to redefine alias # self.pl.add_alias('/etc/apparmor.d/bin.foo', '/foo', '/redefine') # attempt to redefine alias
self.pl.add_alias('/etc/apparmor.d/bin.foo', '/foo', '/redefine') # redefine alias self.pl.add_alias('/etc/apparmor.d/bin.foo', '/foo', '/redefine') # redefine alias
self.assertEqual(list(self.pl.files.keys()), ['/etc/apparmor.d/bin.foo']) self.assertEqual(list(self.pl.files.keys()), ['/etc/apparmor.d/bin.foo'])
self.assertEqual(self.pl.get_clean_first('/etc/apparmor.d/bin.foo'), ['alias /foo -> /redefine,', '']) # TODO switch to get_clean() once merged self.assertEqual(self.pl.get_clean('/etc/apparmor.d/bin.foo'), ['alias /foo -> /redefine,', ''])
self.assertEqual(self.pl.get_raw('/etc/apparmor.d/bin.foo'), ['alias /foo -> /redefine,', '']) self.assertEqual(self.pl.get_raw('/etc/apparmor.d/bin.foo'), ['alias /foo -> /redefine,', ''])
def testAdd_alias_error_1(self): def testAdd_alias_error_1(self):