Use PivotRootRule and PivotRootRuleset

... for handling pivot_root rules. This replaces the old code that just stores the full rule as text. We also get rid of the old ['allow'] and ['deny'] items in ProfileStorage, the handling of old write functions, and the last usage of _Raw_Rule (and therefore _Raw_Rule itsself). Also delete the old test-pivot_root_parse.py which relied on the ancient code, and even used a wrong syntax in its test rules.
2025-09-04 08:15:21 +00:00 · 2024-05-10 22:11:28 +02:00
parent c48f7b625a
commit a15a33474d
7 changed files with 8 additions and 139 deletions
--- a/utils/test/test-regex_matches.py
+++ b/utils/test/test-regex_matches.py
@@ -16,6 +16,7 @@ from apparmor.common import AppArmorBug, AppArmorException
 from apparmor.regex import (
    RE_PROFILE_CAP, RE_PROFILE_DBUS, RE_PROFILE_MOUNT, RE_PROFILE_PTRACE, RE_PROFILE_SIGNAL,
    RE_PROFILE_START, parse_profile_start_line, re_match_include, RE_PROFILE_UNIX,
+    RE_PROFILE_PIVOT_ROOT,
    re_match_include_parse, strip_parenthesis, strip_quotes)
 from common_test import AATest, setup_aa, setup_all_loops

@@ -313,7 +314,7 @@ class AARegexPivotRoot(AARegexTest):
    """Tests for RE_PROFILE_PIVOT_ROOT"""

    def AASetup(self):
-        self.regex = aa.RE_PROFILE_PIVOT_ROOT
+        self.regex = RE_PROFILE_PIVOT_ROOT

    tests = (
        ('   pivot_root,',                                      (None,    None, 'pivot_root,',                                None,                                 None)),