mir/apparmor
2
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor synced 2025-08-22 10:07:12 +00:00
Code Issues Releases Wiki Activity

add support for writing quoted mount source and mountpoints

Browse Source 
Add quotes if a mount source or mountpoint includes whitespace.
Also explicitely handle empty mount source (known from
1f33fc9b29c174698fdf0116a4a9f50680ec4fdb)

As usual, some tests can't hurt ;-)
This commit is contained in:
Christian Boltz 2025-03-11 21:02:52 +01:00
parent 2afdf1b214
commit d06260859b
No known key found for this signature in database
GPG Key ID: C6A682EA63C82F1C
2 changed files with 9 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
utils/apparmor/rule/mount.py
View File

@ -17,7 +17,7 @@ from apparmor.common import AppArmorBug, AppArmorException
from apparmor.regex import RE_PROFILE_MOUNT, strip_parenthesis, strip_quotes from apparmor.regex import RE_PROFILE_MOUNT, strip_parenthesis, strip_quotes
from apparmor.rule import AARE from apparmor.rule import AARE
from apparmor.rule import BaseRule, BaseRuleset, parse_modifiers, logprof_value_or_all, check_and_split_list from apparmor.rule import BaseRule, BaseRuleset, parse_modifiers, logprof_value_or_all, check_and_split_list, quote_if_needed
from apparmor.translations import init_translation from apparmor.translations import init_translation
@ -201,10 +201,13 @@ class MountRule(BaseRule):
if self.operation == 'mount': if self.operation == 'mount':
if not self.all_source: if not self.all_source:
source = ' ' + str(self.source.regex) if self.source.regex == '':
source = ' ""'
else:
source = ' ' + quote_if_needed(str(self.source.regex))
if not self.all_dest: if not self.all_dest:
dest = ' -> ' + str(self.dest.regex) dest = ' -> ' + quote_if_needed(str(self.dest.regex))
else: else:
if not self.all_dest: if not self.all_dest:

3
utils/test/test-mount.py
View File

@ -207,6 +207,9 @@ class MountTestClean(AATest):
(' mount fstype in ( sysfs , procfs ) , ', 'mount fstype in (procfs, sysfs),'), (' mount fstype in ( sysfs , procfs ) , ', 'mount fstype in (procfs, sysfs),'),
(' mount options in ( rw ) , ', 'mount options in (rw),'), (' mount options in ( rw ) , ', 'mount options in (rw),'),
(' mount options in ( rw , noatime ) , ', 'mount options in (noatime, rw),'), (' mount options in ( rw , noatime ) , ', 'mount options in (noatime, rw),'),
(' mount none -> /foo , ', 'mount none -> /foo,'),
(' mount "" -> /foo , ', 'mount "" -> /foo,'),
(' mount "/f /b" -> "/foo bar" , ', 'mount "/f /b" -> "/foo bar",'),
(' umount , ', 'umount,'), (' umount , ', 'umount,'),
(' umount /foo , ', 'umount /foo,'), (' umount /foo , ', 'umount /foo,'),
(' remount , ', 'remount,'), (' remount , ', 'remount,'),