mirror of
https://gitlab.com/apparmor/apparmor
synced 2025-08-30 22:05:27 +00:00
Add sketchy profile conversion script.
This commit is contained in:
Andreas Gruenbacher
108
utils/convert-profile.pl
Executable file
108
utils/convert-profile.pl
Executable file
@@ -0,0 +1,108 @@
|
|||||||
|
#! /usr/bin/perl -w
|
||||||
|
|
||||||
|
# Very simple script to try converting AppArmor profiles to the new
|
||||||
|
# profile syntax as of April 2007.
|
||||||
|
#
|
||||||
|
# Copyright (C) 2007 Andreas Gruenbacher <agruen@suse.de>
|
||||||
|
#
|
||||||
|
# This program is free software; you can redistribute it and/or
|
||||||
|
# modify it under the terms of version 2 of the GNU General Public
|
||||||
|
# License published by the Free Software Foundation.
|
||||||
|
#
|
||||||
|
# This program is distributed in the hope that it will be useful,
|
||||||
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
# GNU General Public License for more details.
|
||||||
|
|
||||||
|
use FileHandle;
|
||||||
|
use strict;
|
||||||
|
|
||||||
|
sub match($) {
|
||||||
|
my ($str) = @_;
|
||||||
|
|
||||||
|
return ($str =~ /^(\s*)(\/\S*)(\s.*,)$/);
|
||||||
|
}
|
||||||
|
|
||||||
|
sub alterations($) {
|
||||||
|
my ($str) = @_;
|
||||||
|
|
||||||
|
if ($str =~ /^([^{]*){([^}]*,[^}]*)}(.*)$/) {
|
||||||
|
my @strs = map { "$1$_$3" } split(/,/, $2);
|
||||||
|
return map { alterations($_) } @strs;
|
||||||
|
} else {
|
||||||
|
return ($str);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
my %known_dirs;
|
||||||
|
|
||||||
|
sub remember_pathname($) {
|
||||||
|
my ($str) = @_;
|
||||||
|
my $pathname;
|
||||||
|
|
||||||
|
for (split /(\/)/, $str) {
|
||||||
|
if ($_ eq '/' && $pathname ne '') {
|
||||||
|
#print "<<>> $pathname\n";
|
||||||
|
$known_dirs{$pathname} = 1;
|
||||||
|
}
|
||||||
|
$pathname .= $_;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
sub add_slash($$) {
|
||||||
|
my ($str, $perms) = @_;
|
||||||
|
|
||||||
|
return exists $known_dirs{$str} || $str =~ /\*\*$/ ||
|
||||||
|
-d $str;
|
||||||
|
}
|
||||||
|
|
||||||
|
sub never_add_slash($$) {
|
||||||
|
my ($str, $perms) = @_;
|
||||||
|
|
||||||
|
return $perms =~ /[lmx]/ || $str =~ /\.(so|cf|db|conf|config|log|pid|so\*)$/ ||
|
||||||
|
$str =~ /\*\*|\/$/ || (-e $str && ! -d $str);
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
foreach my $filename (@ARGV) {
|
||||||
|
my $fh = new FileHandle("< $filename");
|
||||||
|
|
||||||
|
while (<$fh>) {
|
||||||
|
if (my @fields = match($_)) {
|
||||||
|
for my $x (alterations($fields[1])) {
|
||||||
|
remember_pathname($x);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if (@ARGV == 0) {
|
||||||
|
print "Usage: $0 profile ...\n";
|
||||||
|
print "Tries to convert the profile to the new profile syntax, and\n" .
|
||||||
|
"prints the result to standard output. The result may need" .
|
||||||
|
"further review.\n";
|
||||||
|
exit 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
foreach my $filename (@ARGV) {
|
||||||
|
my $fh = new FileHandle("< $filename");
|
||||||
|
|
||||||
|
while (<$fh>) {
|
||||||
|
if (my @fields = match($_)) {
|
||||||
|
for my $x (alterations($fields[1])) {
|
||||||
|
if (never_add_slash($x, $fields[2])) {
|
||||||
|
print $_;
|
||||||
|
} elsif (add_slash($x, $fields[2])) {
|
||||||
|
print "$fields[0]$x/$fields[2] # (dir)\n";
|
||||||
|
} else {
|
||||||
|
print "$fields[0]$x/$fields[2] # (maybe-dir)\n";
|
||||||
|
print $_;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
print $_;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
# vim: smartindent softtabstop=4 shiftwidth=4
|
||||||
Reference in New Issue
Block a user