[8/9] Add support for handling dbus rules everywhere

"Everywhere" means aa-mergeprof and aa-cleanprof. In theory also
aa-logprof, but that needs some code that parses dbus log events ;-)

Also add some dbus rules to the aa-cleanprof test profiles to ensure
superfluous dbus rules get deleted.


Acked-by: Seth Arnold <seth.arnold@canonical.com>

utils/apparmor/aa.py

@@ -62,7 +62,7 @@ from apparmor.rule.rlimit     import RlimitRuleset,    RlimitRule
 from apparmor.rule.signal     import SignalRuleset,    SignalRule
 from apparmor.rule import parse_modifiers, quote_if_needed
 
-ruletypes = ['capability', 'change_profile', 'network', 'ptrace', 'rlimit', 'signal']
+ruletypes = ['capability', 'change_profile', 'dbus', 'network', 'ptrace', 'rlimit', 'signal']
 
 from apparmor.yasti import SendDataToYast, GetDataFromYast, shutdown_yast
 

utils/test/cleanprof_test.in

@@ -22,6 +22,9 @@
     ptrace tracedby,
     unix (receive) type=dgram,
 
+    dbus send bus=session,
+    dbus send bus=session peer=(label=foo),
+
     set rlimit nofile <= 256,
     set rlimit nofile <= 64,
 

utils/test/cleanprof_test.out

@@ -12,6 +12,8 @@
 
   network stream,
 
+  dbus send bus=session,
+
   signal set=(abrt alrm bus chld fpe hup ill int kill pipe quit segv stkflt term trap usr1 usr2),
 
   ptrace tracedby,