mir/apparmor
2
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor synced 2025-09-01 14:55:10 +00:00
Code Issues Releases Wiki Activity

utils/aa-unconfined: allow specifying ss/netstat binary locations

Browse Source 
This patch allows a user to specify a specific location for ss or
netstat in the invocations of get_pids_ss() or get_pids_netstat().

Signed-off-by: Steve Beattie <steve@nxnw.org>
Acked-by: Christian Boltz <apparmor@cboltz.de>
This commit is contained in:
Steve Beattie
2016-12-30 12:20:01 -08:00
parent e4f22f5e27
commit b72cd7914a
1 changed files with 4 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
utils/aa-unconfined
View File

@@ -50,7 +50,7 @@ def get_all_pids():
return set(filter(lambda x: re.search(r"^\d+$", x), aa.get_subdirectories("/proc"))) return set(filter(lambda x: re.search(r"^\d+$", x), aa.get_subdirectories("/proc")))
def get_pids_ss(): def get_pids_ss(ss='ss'):
'''Get a set of pids listening on network sockets via ss(8)''' '''Get a set of pids listening on network sockets via ss(8)'''
regex_lines = re.compile(r"^(tcp|udp|raw|p_dgr)\s.+\s+users:(?P<users>\(\(.*\)\))$") regex_lines = re.compile(r"^(tcp|udp|raw|p_dgr)\s.+\s+users:(?P<users>\(\(.*\)\))$")
regex_users_pids = re.compile(r'(\("[^"]+",(pid=)?(\d+),[^)]+\))') regex_users_pids = re.compile(r'(\("[^"]+",(pid=)?(\d+),[^)]+\))')
@@ -60,7 +60,7 @@ def get_pids_ss():
my_env['LANG'] = 'C' my_env['LANG'] = 'C'
my_env['PATH'] = '/bin:/usr/bin:/sbin:/usr/sbin' my_env['PATH'] = '/bin:/usr/bin:/sbin:/usr/sbin'
for family in ['inet', 'inet6', 'link']: for family in ['inet', 'inet6', 'link']:
cmd = ['ss', '-nlp', '--family', family] cmd = [ss, '-nlp', '--family', family]
if sys.version_info < (3, 0): if sys.version_info < (3, 0):
output = subprocess.check_output(cmd, shell=False, env=my_env).split("\n") output = subprocess.check_output(cmd, shell=False, env=my_env).split("\n")
else: else:
@@ -76,11 +76,11 @@ def get_pids_ss():
return pids return pids
def get_pids_netstat(): def get_pids_netstat(netstat='netstat'):
'''Get a set of pids listening on network sockets via netstat(8)''' '''Get a set of pids listening on network sockets via netstat(8)'''
regex_tcp_udp = re.compile(r"^(tcp|udp|raw)6?\s+\d+\s+\d+\s+\S+\:(\d+)\s+\S+\:(\*|\d+)\s+(LISTEN|\d+|\s+)\s+(?P<pid>\d+)\/(\S+)") regex_tcp_udp = re.compile(r"^(tcp|udp|raw)6?\s+\d+\s+\d+\s+\S+\:(\d+)\s+\S+\:(\*|\d+)\s+(LISTEN|\d+|\s+)\s+(?P<pid>\d+)\/(\S+)")
cmd = ['netstat', '-nlp', '--protocol', 'inet,inet6'] cmd = [netstat, '-nlp', '--protocol', 'inet,inet6']
my_env = os.environ.copy() my_env = os.environ.copy()
my_env['LANG'] = 'C' my_env['LANG'] = 'C'
my_env['PATH'] = '/bin:/usr/bin:/sbin:/usr/sbin' my_env['PATH'] = '/bin:/usr/bin:/sbin:/usr/sbin'