mir/apparmor
2
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor synced 2025-08-28 12:58:07 +00:00
Code Issues Releases Wiki Activity

Add is_attachment parameter to write_profile

Browse Source 
The minitools call write_profile(), write_profile_feedback_ui() and
serialize_profile() with the _attachment_ as parameter.

However, aa-logprof etc. call them with the _profile name_ as parameter.

This patch adds an is_attachment parameter to write_profile() and
write_profile_feedback_ui(). It also passes it through to
serialize_profile() via the options parameter.

If is_attachment is True, the parameter will be handled as attachment,
otherwise it is expected to be a profile name.

tools.py gets changed to set is_attachment to True when calling the
functions listed above to make clear that the parameter is an attachment.

Note: This patch only adds the is_attachment parameter/option, but
doesn't change any behaviour. That will happen in the next patch.

(cherry picked from commit bc783372b879b8f090044b3793a9ca49cc30cd87)
This commit is contained in:
Christian Boltz 2018-10-22 22:35:10 +02:00
parent f4d7f8ae57
commit f8b95d036d
No known key found for this signature in database
GPG Key ID: C6A682EA63C82F1C
2 changed files with 7 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
utils/apparmor/aa.py
View File

@ -2912,11 +2912,11 @@ def serialize_parse_profile_start(line, file, lineno, profile, hat, prof_data_pr
return (profile, hat, attachment, flags, in_contained_hat, correct) return (profile, hat, attachment, flags, in_contained_hat, correct)
def write_profile_ui_feedback(profile): def write_profile_ui_feedback(profile, is_attachment=False):
aaui.UI_Info(_('Writing updated profile for %s.') % profile) aaui.UI_Info(_('Writing updated profile for %s.') % profile)
write_profile(profile) write_profile(profile, is_attachment)
def write_profile(profile): def write_profile(profile, is_attachment=False):
prof_filename = None prof_filename = None
if aa[profile][profile].get('filename', False): if aa[profile][profile].get('filename', False):
prof_filename = aa[profile][profile]['filename'] prof_filename = aa[profile][profile]['filename']
@ -2931,8 +2931,7 @@ def write_profile(profile):
#os.chmod(newprof.name, permission_600) #os.chmod(newprof.name, permission_600)
pass pass
serialize_options = {} serialize_options = {'METADATA': True, 'is_attachment': is_attachment}
serialize_options['METADATA'] = True
profile_string = serialize_profile(aa[profile], profile, serialize_options) profile_string = serialize_profile(aa[profile], profile, serialize_options)
newprof.write(profile_string) newprof.write(profile_string)

6
utils/apparmor/tools.py
View File

@ -220,14 +220,14 @@ class aa_tools:
while ans != 'CMD_SAVE_CHANGES': while ans != 'CMD_SAVE_CHANGES':
ans, arg = q.promptUser() ans, arg = q.promptUser()
if ans == 'CMD_SAVE_CHANGES': if ans == 'CMD_SAVE_CHANGES':
apparmor.write_profile_ui_feedback(program) apparmor.write_profile_ui_feedback(program, True)
self.reload_profile(filename) self.reload_profile(filename)
elif ans == 'CMD_VIEW_CHANGES': elif ans == 'CMD_VIEW_CHANGES':
#oldprofile = apparmor.serialize_profile(apparmor.original_aa[program], program, '') #oldprofile = apparmor.serialize_profile(apparmor.original_aa[program], program, '')
newprofile = apparmor.serialize_profile(apparmor.aa[program], program, '') newprofile = apparmor.serialize_profile(apparmor.aa[program], program, {'is_attachment': True})
aaui.UI_Changes(filename, newprofile, comments=True) aaui.UI_Changes(filename, newprofile, comments=True)
else: else:
apparmor.write_profile_ui_feedback(program) apparmor.write_profile_ui_feedback(program, True)
self.reload_profile(filename) self.reload_profile(filename)
else: else:
raise apparmor.AppArmorException(_('The profile for %s does not exists. Nothing to clean.') % program) raise apparmor.AppArmorException(_('The profile for %s does not exists. Nothing to clean.') % program)