mirror of
https://gitlab.com/apparmor/apparmor
synced 2025-09-02 07:15:18 +00:00
create_new_profile(): use and return merged profile names
... and adjust all callers and the tests. For bonus points ;-) this also removes a hasher usage, and extends the test to check that only the expected profile gets created.
This commit is contained in:
Christian Boltz
@@ -446,7 +446,7 @@ def get_interpreter_and_abstraction(exec_target):
|
|||||||
return interpreter_path, abstraction
|
return interpreter_path, abstraction
|
||||||
|
|
||||||
def create_new_profile(localfile, is_stub=False):
|
def create_new_profile(localfile, is_stub=False):
|
||||||
local_profile = hasher()
|
local_profile = {}
|
||||||
local_profile[localfile] = ProfileStorage('NEW', localfile, 'create_new_profile()')
|
local_profile[localfile] = ProfileStorage('NEW', localfile, 'create_new_profile()')
|
||||||
local_profile[localfile]['flags'] = 'complain'
|
local_profile[localfile]['flags'] = 'complain'
|
||||||
|
|
||||||
@@ -477,16 +477,17 @@ def create_new_profile(localfile, is_stub=False):
|
|||||||
for hatglob in cfg['required_hats'].keys():
|
for hatglob in cfg['required_hats'].keys():
|
||||||
if re.search(hatglob, localfile):
|
if re.search(hatglob, localfile):
|
||||||
for hat in sorted(cfg['required_hats'][hatglob].split()):
|
for hat in sorted(cfg['required_hats'][hatglob].split()):
|
||||||
if not local_profile.get(hat, False):
|
full_hat = combine_profname([localfile, hat])
|
||||||
local_profile[hat] = ProfileStorage('NEW', hat, 'create_new_profile() required_hats')
|
if not local_profile.get(full_hat, False):
|
||||||
local_profile[hat]['flags'] = 'complain'
|
local_profile[full_hat] = ProfileStorage('NEW', hat, 'create_new_profile() required_hats')
|
||||||
|
local_profile[full_hat]['flags'] = 'complain'
|
||||||
|
|
||||||
if not is_stub:
|
if not is_stub:
|
||||||
created.append(localfile)
|
created.append(localfile)
|
||||||
changed[localfile] = True
|
changed[localfile] = True
|
||||||
|
|
||||||
debug_logger.debug("Profile for %s:\n\t%s" % (localfile, local_profile.__str__()))
|
debug_logger.debug("Profile for %s:\n\t%s" % (localfile, local_profile.__str__()))
|
||||||
return {localfile: local_profile}
|
return local_profile
|
||||||
|
|
||||||
def delete_profile(local_prof):
|
def delete_profile(local_prof):
|
||||||
"""Deletes the specified file from the disk and remove it from our list"""
|
"""Deletes the specified file from the disk and remove it from our list"""
|
||||||
@@ -579,7 +580,7 @@ def autodep(bin_name, pname=''):
|
|||||||
profile_data = get_profile(pname)
|
profile_data = get_profile(pname)
|
||||||
# Create a new profile if no existing profile
|
# Create a new profile if no existing profile
|
||||||
if not profile_data:
|
if not profile_data:
|
||||||
profile_data = create_new_profile(pname)
|
profile_data = merged_to_split(create_new_profile(pname))
|
||||||
file = get_profile_filename_from_profile_name(pname, True)
|
file = get_profile_filename_from_profile_name(pname, True)
|
||||||
profile_data[pname][pname]['filename'] = file # change filename from extra_profile_dir to /etc/apparmor.d/
|
profile_data[pname][pname]['filename'] = file # change filename from extra_profile_dir to /etc/apparmor.d/
|
||||||
|
|
||||||
@@ -1025,7 +1026,7 @@ def ask_exec(hashlog):
|
|||||||
ynans = aaui.UI_YesNo(_('A profile for %s does not exist.\nDo you want to create one?') % exec_target, 'n')
|
ynans = aaui.UI_YesNo(_('A profile for %s does not exist.\nDo you want to create one?') % exec_target, 'n')
|
||||||
if ynans == 'y':
|
if ynans == 'y':
|
||||||
if not aa[profile].get(exec_target, False):
|
if not aa[profile].get(exec_target, False):
|
||||||
stub_profile = create_new_profile(exec_target, True)
|
stub_profile = merged_to_split(create_new_profile(exec_target, True))
|
||||||
aa[profile][exec_target] = stub_profile[exec_target][exec_target]
|
aa[profile][exec_target] = stub_profile[exec_target][exec_target]
|
||||||
|
|
||||||
aa[profile][exec_target]['profile'] = True
|
aa[profile][exec_target]['profile'] = True
|
||||||
|
|||||||
@@ -143,16 +143,18 @@ class AaTest_create_new_profile(AATest):
|
|||||||
program = self.writeTmpfile('script', params)
|
program = self.writeTmpfile('script', params)
|
||||||
profile = create_new_profile(program)
|
profile = create_new_profile(program)
|
||||||
|
|
||||||
|
self.assertEqual(list(profile.keys()), [program])
|
||||||
|
|
||||||
if exp_interpreter_path:
|
if exp_interpreter_path:
|
||||||
self.assertEqual(set(profile[program][program]['file'].get_clean()), {'%s ix,' % exp_interpreter_path, '%s r,' % program, '',
|
self.assertEqual(set(profile[program]['file'].get_clean()), {'%s ix,' % exp_interpreter_path, '%s r,' % program, '',
|
||||||
'/AATest/lib64/libtinfo.so.* mr,', '/AATest/lib64/libc.so.* mr,', '/AATest/lib64/libdl.so.* mr,', '/AATest/lib64/libreadline.so.* mr,', '/AATest/lib64/ld-linux-x86-64.so.* mr,' })
|
'/AATest/lib64/libtinfo.so.* mr,', '/AATest/lib64/libc.so.* mr,', '/AATest/lib64/libdl.so.* mr,', '/AATest/lib64/libreadline.so.* mr,', '/AATest/lib64/ld-linux-x86-64.so.* mr,' })
|
||||||
else:
|
else:
|
||||||
self.assertEqual(set(profile[program][program]['file'].get_clean()), {'%s mr,' % program, ''})
|
self.assertEqual(set(profile[program]['file'].get_clean()), {'%s mr,' % program, ''})
|
||||||
|
|
||||||
if exp_abstraction:
|
if exp_abstraction:
|
||||||
self.assertEqual(profile[program][program]['inc_ie'].get_clean(), ['include <abstractions/base>', 'include <%s>' % exp_abstraction, ''])
|
self.assertEqual(profile[program]['inc_ie'].get_clean(), ['include <abstractions/base>', 'include <%s>' % exp_abstraction, ''])
|
||||||
else:
|
else:
|
||||||
self.assertEqual(profile[program][program]['inc_ie'].get_clean(), ['include <abstractions/base>', ''])
|
self.assertEqual(profile[program]['inc_ie'].get_clean(), ['include <abstractions/base>', ''])
|
||||||
|
|
||||||
class AaTest_get_interpreter_and_abstraction(AATest):
|
class AaTest_get_interpreter_and_abstraction(AATest):
|
||||||
tests = [
|
tests = [
|
||||||
|
|||||||
Reference in New Issue
Block a user