Add is_attachment parameter to write_profile

The minitools call write_profile(), write_profile_feedback_ui() and serialize_profile() with the _attachment_ as parameter. However, aa-logprof etc. call them with the _profile name_ as parameter. This patch adds an is_attachment parameter to write_profile() and write_profile_feedback_ui(). It also passes it through to serialize_profile() via the options parameter. If is_attachment is True, the parameter will be handled as attachment, otherwise it is expected to be a profile name. tools.py gets changed to set is_attachment to True when calling the functions listed above to make clear that the parameter is an attachment. Note: This patch only adds the is_attachment parameter/option, but doesn't change any behaviour. That will happen in the next patch. (cherry picked from commit bc783372b879b8f090044b3793a9ca49cc30cd87)
2025-08-22 10:07:12 +00:00 · 2018-10-22 22:35:10 +02:00 · 2018-10-22 22:35:10 +02:00 · f8b95d036d
commit f8b95d036d
parent f4d7f8ae57
2 changed files with 7 additions and 8 deletions
--- a/utils/apparmor/aa.py
+++ b/utils/apparmor/aa.py
@ -2912,11 +2912,11 @@ def serialize_parse_profile_start(line, file, lineno, profile, hat, prof_data_pr

    return (profile, hat, attachment, flags, in_contained_hat, correct)

-def write_profile_ui_feedback(profile):
+def write_profile_ui_feedback(profile, is_attachment=False):
    aaui.UI_Info(_('Writing updated profile for %s.') % profile)
-    write_profile(profile)
+    write_profile(profile, is_attachment)

-def write_profile(profile):
+def write_profile(profile, is_attachment=False):
    prof_filename = None
    if aa[profile][profile].get('filename', False):
        prof_filename = aa[profile][profile]['filename']
@ -2931,8 +2931,7 @@ def write_profile(profile):
        #os.chmod(newprof.name, permission_600)
        pass

-    serialize_options = {}
-    serialize_options['METADATA'] = True
+    serialize_options = {'METADATA': True, 'is_attachment': is_attachment}

    profile_string = serialize_profile(aa[profile], profile, serialize_options)
    newprof.write(profile_string)
--- a/utils/apparmor/tools.py
+++ b/utils/apparmor/tools.py
@ -220,14 +220,14 @@ class aa_tools:
                while ans != 'CMD_SAVE_CHANGES':
                    ans, arg = q.promptUser()
                    if ans == 'CMD_SAVE_CHANGES':
-                        apparmor.write_profile_ui_feedback(program)
+                        apparmor.write_profile_ui_feedback(program, True)
                        self.reload_profile(filename)
                    elif ans == 'CMD_VIEW_CHANGES':
                        #oldprofile = apparmor.serialize_profile(apparmor.original_aa[program], program, '')
-                        newprofile = apparmor.serialize_profile(apparmor.aa[program], program, '')
+                        newprofile = apparmor.serialize_profile(apparmor.aa[program], program, {'is_attachment': True})
                        aaui.UI_Changes(filename, newprofile, comments=True)
            else:
-                apparmor.write_profile_ui_feedback(program)
+                apparmor.write_profile_ui_feedback(program, True)
                self.reload_profile(filename)
        else:
            raise apparmor.AppArmorException(_('The profile for %s does not exists. Nothing to clean.') % program)