mirror of
https://gitlab.com/apparmor/apparmor
synced 2025-08-22 01:57:43 +00:00
Indent line continuations per PEP 8.
This commit is contained in:
Mark Grassi
parent
aff9bb8f81
commit
e4f88cc3a8
@ -137,11 +137,13 @@ class AAParserCachingCommon(testlib.AATestTemplate):
|
||||
with open(features_path) as f:
|
||||
features = f.read()
|
||||
if expected:
|
||||
self.assertEqual(expected_output, features,
|
||||
"features contents differ, expected:\n%s\nresult:\n%s" % (expected_output, features))
|
||||
self.assertEqual(
|
||||
expected_output, features,
|
||||
"features contents differ, expected:\n%s\nresult:\n%s" % (expected_output, features))
|
||||
else:
|
||||
self.assertNotEqual(expected_output, features,
|
||||
"features contents equal, expected:\n%s\nresult:\n%s" % (expected_output, features))
|
||||
self.assertNotEqual(
|
||||
expected_output, features,
|
||||
"features contents equal, expected:\n%s\nresult:\n%s" % (expected_output, features))
|
||||
|
||||
|
||||
class AAParserBasicCachingTests(AAParserCachingCommon):
|
||||
|
||||
@ -100,8 +100,7 @@ if __name__ == "__main__":
|
||||
|
||||
apparmor.easyprof.print_files(files)
|
||||
sys.exit(0)
|
||||
elif binary is None and not options.profile_name and \
|
||||
not options.manifest:
|
||||
elif binary is None and not options.profile_name and not options.manifest:
|
||||
error("Must specify binary and/or profile name\n%s" % m)
|
||||
|
||||
params = apparmor.easyprof.gen_policy_params(binary, options)
|
||||
|
||||
@ -282,9 +282,9 @@ class AppArmorEasyProfile:
|
||||
if opt.templates_dir and os.path.isdir(opt.templates_dir):
|
||||
self.dirs['templates'] = os.path.abspath(opt.templates_dir)
|
||||
elif not opt.templates_dir and \
|
||||
opt.template and \
|
||||
os.path.isfile(opt.template) and \
|
||||
valid_path(opt.template):
|
||||
opt.template and \
|
||||
os.path.isfile(opt.template) and \
|
||||
valid_path(opt.template):
|
||||
# If we specified the template and it is an absolute path, just set
|
||||
# the templates directory to the parent of the template so we don't
|
||||
# have to require --template-dir with absolute paths.
|
||||
@ -521,18 +521,20 @@ class AppArmorEasyProfile:
|
||||
return rule
|
||||
|
||||
|
||||
def gen_policy(self, name,
|
||||
binary=None,
|
||||
profile_name=None,
|
||||
template_var=[],
|
||||
abstractions=None,
|
||||
policy_groups=None,
|
||||
read_path=[],
|
||||
write_path=[],
|
||||
author=None,
|
||||
comment=None,
|
||||
copyright=None,
|
||||
no_verify=False):
|
||||
def gen_policy(
|
||||
self,
|
||||
name,
|
||||
binary=None,
|
||||
profile_name=None,
|
||||
template_var=[],
|
||||
abstractions=None,
|
||||
policy_groups=None,
|
||||
read_path=[],
|
||||
write_path=[],
|
||||
author=None,
|
||||
comment=None,
|
||||
copyright=None,
|
||||
no_verify=False):
|
||||
def find_prefix(t, s):
|
||||
'''Calculate whitespace prefix based on occurrence of s in t'''
|
||||
pat = re.compile(r'^ *%s' % s)
|
||||
|
||||
@ -80,12 +80,14 @@ class BaseRule:
|
||||
return None, True
|
||||
elif type(rulepart) is str:
|
||||
if len(rulepart.strip()) == 0:
|
||||
raise AppArmorBug('Passed empty %(partname)s to %(classname)s: %(rulepart)s' %
|
||||
{'partname': partname, 'classname': self.__class__.__name__, 'rulepart': str(rulepart)})
|
||||
raise AppArmorBug(
|
||||
'Passed empty %(partname)s to %(classname)s: %(rulepart)s'
|
||||
% {'partname': partname, 'classname': self.__class__.__name__, 'rulepart': str(rulepart)})
|
||||
return AARE(rulepart, is_path=is_path, log_event=log_event), False
|
||||
else:
|
||||
raise AppArmorBug('Passed unknown %(partname)s to %(classname)s: %(rulepart)s'
|
||||
% {'partname': partname, 'classname': self.__class__.__name__, 'rulepart': str(rulepart)})
|
||||
raise AppArmorBug(
|
||||
'Passed unknown %(partname)s to %(classname)s: %(rulepart)s'
|
||||
% {'partname': partname, 'classname': self.__class__.__name__, 'rulepart': str(rulepart)})
|
||||
|
||||
def __repr__(self):
|
||||
classname = self.__class__.__name__
|
||||
@ -506,14 +508,16 @@ def check_and_split_list(lst, allowed_keywords, all_obj, classname, keyword_name
|
||||
elif type(lst) in (list, tuple, set) and (len(lst) > 0 or allow_empty_list):
|
||||
result_list = set(lst)
|
||||
else:
|
||||
raise AppArmorBug('Passed unknown %(type)s object to %(classname)s: %(unknown_object)s' %
|
||||
{'type': type(lst), 'classname': classname, 'unknown_object': str(lst)})
|
||||
raise AppArmorBug(
|
||||
'Passed unknown %(type)s object to %(classname)s: %(unknown_object)s' %
|
||||
{'type': type(lst), 'classname': classname, 'unknown_object': str(lst)})
|
||||
|
||||
unknown_items = set()
|
||||
for item in result_list:
|
||||
if not item.strip():
|
||||
raise AppArmorBug('Passed empty %(keyword_name)s to %(classname)s' %
|
||||
{'keyword_name': keyword_name, 'classname': classname})
|
||||
raise AppArmorBug(
|
||||
'Passed empty %(keyword_name)s to %(classname)s' %
|
||||
{'keyword_name': keyword_name, 'classname': classname})
|
||||
if item not in allowed_keywords:
|
||||
unknown_items.add(item)
|
||||
|
||||
|
||||
@ -72,8 +72,8 @@ class AliasRule(BaseRule):
|
||||
orig_path = strip_quotes(matches.group('orig_path').strip())
|
||||
target = strip_quotes(matches.group('target').strip())
|
||||
|
||||
return AliasRule(orig_path, target,
|
||||
audit=False, deny=False, allow_keyword=False, comment=comment)
|
||||
return AliasRule(
|
||||
orig_path, target, audit=False, deny=False, allow_keyword=False, comment=comment)
|
||||
|
||||
def get_clean(self, depth=0):
|
||||
'''return rule (in clean/default formatting)'''
|
||||
|
||||
@ -190,7 +190,7 @@ class DbusRule(BaseRule):
|
||||
peerlabel = DbusRule.ALL
|
||||
|
||||
return DbusRule(access, bus, path, name, interface, member, peername, peerlabel,
|
||||
audit=audit, deny=deny, allow_keyword=allow_keyword, comment=comment)
|
||||
audit=audit, deny=deny, allow_keyword=allow_keyword, comment=comment)
|
||||
|
||||
def get_clean(self, depth=0):
|
||||
'''return rule (in clean/default formatting)'''
|
||||
|
||||
@ -188,7 +188,7 @@ class FileRule(BaseRule):
|
||||
file_keyword = bool(matches.group('file_keyword'))
|
||||
|
||||
return FileRule(path, perms, exec_perms, target, owner, file_keyword, leading_perms,
|
||||
audit=audit, deny=deny, allow_keyword=allow_keyword, comment=comment)
|
||||
audit=audit, deny=deny, allow_keyword=allow_keyword, comment=comment)
|
||||
|
||||
def get_clean(self, depth=0):
|
||||
'''return rule (in clean/default formatting)'''
|
||||
|
||||
@ -69,8 +69,7 @@ class IncludeRule(BaseRule):
|
||||
# TODO: move re_match_include_parse() from regex.py to this class after converting all code to use IncludeRule
|
||||
path, ifexists, ismagic = re_match_include_parse(raw_rule, cls.rule_name)
|
||||
|
||||
return cls(path, ifexists, ismagic,
|
||||
audit=False, deny=False, allow_keyword=False, comment=comment)
|
||||
return cls(path, ifexists, ismagic, audit=False, deny=False, allow_keyword=False, comment=comment)
|
||||
|
||||
def get_clean(self, depth=0):
|
||||
'''return rule (in clean/default formatting)'''
|
||||
|
||||
@ -56,7 +56,7 @@ class PtraceRule(BaseRule):
|
||||
comment='', log_event=None):
|
||||
|
||||
super().__init__(audit=audit, deny=deny, allow_keyword=allow_keyword,
|
||||
comment=comment, log_event=log_event)
|
||||
comment=comment, log_event=log_event)
|
||||
|
||||
self.access, self.all_access, unknown_items = check_and_split_list(access, access_keywords, PtraceRule.ALL, 'PtraceRule', 'access')
|
||||
if unknown_items:
|
||||
@ -104,8 +104,8 @@ class PtraceRule(BaseRule):
|
||||
access = PtraceRule.ALL
|
||||
peer = PtraceRule.ALL
|
||||
|
||||
return PtraceRule(access, peer,
|
||||
audit=audit, deny=deny, allow_keyword=allow_keyword, comment=comment)
|
||||
return PtraceRule(
|
||||
access, peer, audit=audit, deny=deny, allow_keyword=allow_keyword, comment=comment)
|
||||
|
||||
def get_clean(self, depth=0):
|
||||
'''return rule (in clean/default formatting)'''
|
||||
|
||||
@ -131,8 +131,7 @@ class RlimitRule(BaseRule):
|
||||
else:
|
||||
raise AppArmorException(_("Invalid rlimit rule '%s' - value missing") % raw_rule) # pragma: no cover - would need breaking the regex
|
||||
|
||||
return RlimitRule(rlimit, value,
|
||||
comment=comment)
|
||||
return RlimitRule(rlimit, value, comment=comment)
|
||||
|
||||
def get_clean(self, depth=0):
|
||||
'''return rule (in clean/default formatting)'''
|
||||
|
||||
@ -143,7 +143,7 @@ class SignalRule(BaseRule):
|
||||
peer = SignalRule.ALL
|
||||
|
||||
return SignalRule(access, signal, peer,
|
||||
audit=audit, deny=deny, allow_keyword=allow_keyword, comment=comment)
|
||||
audit=audit, deny=deny, allow_keyword=allow_keyword, comment=comment)
|
||||
|
||||
def get_clean(self, depth=0):
|
||||
'''return rule (in clean/default formatting)'''
|
||||
|
||||
@ -101,8 +101,7 @@ def parse_args(args=None, parser=None):
|
||||
|
||||
def gen_policy_name(binary):
|
||||
'''Generate a temporary policy based on the binary name'''
|
||||
return "sandbox-%s%s" % (pwd.getpwuid(os.geteuid())[0],
|
||||
re.sub(r'/', '_', binary))
|
||||
return "sandbox-%s%s" % (pwd.getpwuid(os.geteuid())[0], re.sub(r'/', '_', binary))
|
||||
|
||||
def set_environ(env):
|
||||
keys = env.keys()
|
||||
@ -169,10 +168,7 @@ def run_sandbox(command, opt):
|
||||
return rc, report
|
||||
|
||||
class SandboxXserver():
|
||||
def __init__(self, title, geometry=None,
|
||||
driver=None,
|
||||
xauth=None,
|
||||
clipboard=False):
|
||||
def __init__(self, title, geometry=None, driver=None, xauth=None, clipboard=False):
|
||||
self.geometry = geometry
|
||||
self.title = title
|
||||
self.pids = []
|
||||
@ -673,17 +669,14 @@ def run_xsandbox(command, opt):
|
||||
|
||||
# first, start X
|
||||
if opt.xserver.lower() == "xephyr":
|
||||
x = SandboxXephyr(command[0], geometry=opt.xephyr_geometry,
|
||||
xauth=opt.xauthority)
|
||||
x = SandboxXephyr(command[0], geometry=opt.xephyr_geometry, xauth=opt.xauthority)
|
||||
elif opt.xserver.lower() == "xpra3d":
|
||||
x = SandboxXpra(command[0], geometry=None,
|
||||
driver="xdummy",
|
||||
xauth=opt.xauthority,
|
||||
clipboard=opt.with_clipboard)
|
||||
x = SandboxXpra(
|
||||
command[0], geometry=None, driver="xdummy", xauth=opt.xauthority,
|
||||
clipboard=opt.with_clipboard)
|
||||
else:
|
||||
x = SandboxXpra(command[0], geometry=None,
|
||||
xauth=opt.xauthority,
|
||||
clipboard=opt.with_clipboard)
|
||||
x = SandboxXpra(
|
||||
command[0], geometry=None, xauth=opt.xauthority, clipboard=opt.with_clipboard)
|
||||
|
||||
x.verify_host_setup()
|
||||
|
||||
|
||||
@ -144,8 +144,7 @@ class ChangeProfileFromInit(ChangeProfileTest):
|
||||
(ChangeProfileRule('unsafe', '/foo', '/bar') , exp(False, False, False, '' , 'unsafe', '/foo', False, '/bar' , False)),
|
||||
(ChangeProfileRule(None , '/foo', ChangeProfileRule.ALL) , exp(False, False, False, '' , None , '/foo', False, None , True )),
|
||||
(ChangeProfileRule(None , ChangeProfileRule.ALL, '/bar') , exp(False, False, False, '' , None , None , True , '/bar' , False)),
|
||||
(ChangeProfileRule(None , ChangeProfileRule.ALL,
|
||||
ChangeProfileRule.ALL) , exp(False, False, False, '' , None, None , True , None , True )),
|
||||
(ChangeProfileRule(None , ChangeProfileRule.ALL, ChangeProfileRule.ALL), exp(False, False, False, '' , None, None , True , None , True )),
|
||||
)
|
||||
|
||||
def _run_test(self, obj, expected):
|
||||
|
||||
@ -269,8 +269,7 @@ class AARegexSignal(AARegexTest):
|
||||
(' signal (send, receive),', (None, None, 'signal (send, receive),', '(send, receive)', None)),
|
||||
(' audit signal (receive),', ('audit', None, 'signal (receive),', '(receive)', None)),
|
||||
(' signal (send, receive) set=(usr1 usr2),', (None, None, 'signal (send, receive) set=(usr1 usr2),', '(send, receive) set=(usr1 usr2)', None)),
|
||||
(' signal send set=(hup, quit) peer=/usr/sbin/daemon,', (None, None, 'signal send set=(hup, quit) peer=/usr/sbin/daemon,',
|
||||
'send set=(hup, quit) peer=/usr/sbin/daemon', None)),
|
||||
(' signal send set=(hup, quit) peer=/usr/sbin/daemon,', (None, None, 'signal send set=(hup, quit) peer=/usr/sbin/daemon,', 'send set=(hup, quit) peer=/usr/sbin/daemon', None)),
|
||||
|
||||
(' signalling,', False),
|
||||
(' audit signalling,', False),
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user