Merge add support for writing quoted mount source and mountpoints

Add quotes if a mount source or mountpoint includes whitespace. Also explicitely handle empty mount source (known from 1f33fc9b29) As usual, some tests can't hurt ;-) I propose this fix for 4.0..master MR: https://gitlab.com/apparmor/apparmor/-/merge_requests/1573 Approved-by: John Johansen <john@jjmx.net> Merged-by: John Johansen <john@jjmx.net> (cherry picked from commit 2fb0fa9964) d0626085 add support for writing quoted mount source and mountpoints Co-authored-by: John Johansen <john@jjmx.net>
2025-08-30 22:05:27 +00:00 · 2025-03-18 21:29:37 +00:00
parent 27b79a43cc
commit dbc2a64d00
2 changed files with 9 additions and 3 deletions
--- a/utils/apparmor/rule/mount.py
+++ b/utils/apparmor/rule/mount.py
@@ -17,7 +17,7 @@ from apparmor.common import AppArmorBug, AppArmorException

 from apparmor.regex import RE_PROFILE_MOUNT, strip_parenthesis, strip_quotes
 from apparmor.rule import AARE
-from apparmor.rule import BaseRule, BaseRuleset, parse_modifiers, logprof_value_or_all, check_and_split_list
+from apparmor.rule import BaseRule, BaseRuleset, parse_modifiers, logprof_value_or_all, check_and_split_list, quote_if_needed

 from apparmor.translations import init_translation

@@ -201,10 +201,13 @@ class MountRule(BaseRule):

        if self.operation == 'mount':
            if not self.all_source:
-                source = ' ' + str(self.source.regex)
+                if self.source.regex == '':
+                    source = ' ""'
+                else:
+                    source = ' ' + quote_if_needed(str(self.source.regex))

            if not self.all_dest:
-                dest = ' -> ' + str(self.dest.regex)
+                dest = ' -> ' + quote_if_needed(str(self.dest.regex))

        else:
            if not self.all_dest:
--- a/utils/test/test-mount.py
+++ b/utils/test/test-mount.py
@@ -203,6 +203,9 @@ class MountTestClean(AATest):
        ('     mount                                fstype  in (  sysfs  ,  procfs  )           ,           ', 'mount fstype in (procfs, sysfs),'),
        ('     mount  options  in (  rw  )                                                      ,           ', 'mount options in (rw),'),
        ('     mount  options  in (  rw , noatime  )                                            ,           ', 'mount options in (noatime, rw),'),
+        ('     mount     none -> /foo                                                           ,           ', 'mount none -> /foo,'),
+        ('     mount     ""   -> /foo                                                           ,           ', 'mount "" -> /foo,'),
+        ('     mount  "/f /b" -> "/foo bar"                                                     ,           ', 'mount "/f /b" -> "/foo bar",'),
        ('     umount                                                                           ,           ', 'umount,'),
        ('     umount                                                            /foo           ,           ', 'umount /foo,'),
        ('     remount                                                                          ,           ', 'remount,'),