2
0
mirror of https://gitlab.com/apparmor/apparmor synced 2025-08-29 05:17:59 +00:00

4 Commits

Author SHA1 Message Date
Tyler Hicks
cbaa772320 utils: Handle the safe/unsafe change_profile exec modes
https://launchpad.net/bugs/1584069

This patch adds support for the safe and unsafe exec modes for
change_profile rules. The logic is pretty simple at this point because
the kernel's default for exec modes changed in newer versions.
Therefore, this patch simply retains any specified exec mode in parsed
rules. If an exec mode is not specified in a rule, there is no attempt
to force the usage of "safe" because older kernels do not support it.

Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
Acked-by: Seth Arnold <seth.arnold@canonical.com>
Acked-by: Christian Boltz <apparmor@cboltz.de>
2016-07-20 17:24:11 -05:00
Christian Boltz
dcf3b91a8d Change abstract methods in BaseRule to use NotImplementedError
As Kshitij mentioned, abstract methods should use NotImplementedError
instead of AppArmorBug.

While changing this, I noticed that __repr__() needs to be robust against
NotImplementedError because get_raw() is not available in BaseRule.
Therefore the patch changes __repr__() to catch NotImplementedError.

Of course the change to NotImplementedError also needs several
adjustments in the tests.


Acked-by: Kshitij Gupta <kgupta8592@gmail.com>
(long before branching off 2.10, therefore I'll also commit to 2.10)
2015-11-24 00:16:35 +01:00
Christian Boltz
48159853b5 Add logprof_header_localvars() to change_profileRule
The function will return the 'Exec Condition' and the 'Target Profile'
as nice list to use in aa-logprof (once we have support for
change_profile in logparser.py) and aa-mergeprof.

Also add some tests to ensure the correct result.


Acked-by: Steve Beattie <steve@nxnw.org>
2015-06-06 14:19:09 +02:00
Christian Boltz
70f9334cd9 Add tests for ChangeProfileRule and ChangeProfileRuleset
As usual, those classes have 100% test coverage.


Acked-by: Steve Beattie <steve@nxnw.org>
2015-05-28 22:23:32 +02:00