This patch removes the '--remove' option on aa-enforce as well as from the man page. It also removes the test entry that contains it, but I don't think this is entirely correct because I think the second half of the test is dependent on the (now deleted) first half of the test.
(It also removes a missed reference to --revert in the aa-disable man page.) Signed-off-by: Steve Beattie <[email protected]> --- utils/aa-disable.pod | 2 -- utils/aa-enforce | 7 ++++--- utils/aa-enforce.pod | 7 ------- utils/test/minitools_test.py | 5 ----- 4 files changed, 4 insertions(+), 17 deletions(-) Index: b/utils/aa-disable.pod =================================================================== --- a/utils/aa-disable.pod +++ b/utils/aa-disable.pod @@ -43,8 +43,6 @@ profile from being loaded on AppArmor st The I<aa-enforce> and I<aa-complain> utilities may be used to to change this behavior. -The I<--revert> option can be used to enable the profile. - =head1 BUGS If you find any bugs, please report them at Index: b/utils/aa-enforce =================================================================== --- a/utils/aa-enforce +++ b/utils/aa-enforce @@ -22,11 +22,12 @@ _ = init_translation() parser = argparse.ArgumentParser(description=_('Switch the given program to enforce mode')) parser.add_argument('-d', '--dir', type=str, help=_('path to profiles')) -parser.add_argument('-r', '--remove', action='store_true', help=_('switch to complain mode')) parser.add_argument('program', type=str, nargs='+', help=_('name of program')) args = parser.parse_args() -# Flipping the remove flag since complain = !enforce -args.remove = not args.remove +# Set the remove flag since complain = !enforce +# XXX remove this entirely once conversion to individual cmd methods +# on the Tool class are implemented +args.remove = True enforce = apparmor.tools.aa_tools('complain', args) Index: b/utils/aa-enforce.pod =================================================================== --- a/utils/aa-enforce.pod +++ b/utils/aa-enforce.pod @@ -36,10 +36,6 @@ B<-d --dir / path/to/profiles> Specifies where to look for the AppArmor security profile set. Defaults to /etc/apparmor.d. -B<-r --remove> - - Removes the enforce mode for the profile. - =head1 DESCRIPTION B<aa-enforce> is used to set one or more profiles to I<enforce> mode. @@ -49,9 +45,6 @@ unloads and disables a profile. The default mode for a security policy is enforce and the I<aa-complain> utility must be run to change this behavior. -The I<--remove> option can be used to remove the enforce mode for the profile, -setting it to complain mode. - =head1 BUGS If you find any bugs, please report them at Index: b/utils/test/minitools_test.py =================================================================== --- a/utils/test/minitools_test.py +++ b/utils/test/minitools_test.py @@ -77,11 +77,6 @@ class Test(unittest.TestCase): def test_enforce(self): #Set ntpd profile to complain mode and check if it was correctly set - subprocess.check_output('%s ./../aa-enforce -d ./profiles -r %s'%(python_interpreter, test_path), shell=True) - - self.assertEqual(os.path.islink('./profiles/force-complain/%s'%os.path.basename(local_profilename)), True, 'Failed to create a symlink for %s in force-complain'%local_profilename) - self.assertEqual(apparmor.get_profile_flags(local_profilename, test_path), 'complain', 'Complain flag could not be set in profile %s'%local_profilename) - #Set ntpd profile to enforce mode and check if it was correctly set subprocess.check_output('%s ./../aa-enforce -d ./profiles %s'%(python_interpreter, test_path), shell=True) -- Steve Beattie <[email protected]> http://NxNW.org/~steve/
signature.asc
Description: Digital signature
-- AppArmor mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
