On Wed, Oct 08, 2014 at 03:32:06AM -0700, John Johansen wrote: > On 10/07/2014 03:38 PM, Steve Beattie wrote: > > On Tue, Oct 07, 2014 at 04:00:34AM -0700, John Johansen wrote: > >> Currently the apparmor parser warns about rules that are not enforced or > >> downgraded. This is a problem for distros that are not carrying the out of > >> tree kernel patches, as most profile loads result in warnings. > >> > >> Change the behavior to not output a message unless a warn flag is passed. > >> This patch adds 2 different warn flags > >> --warn rule-downgraded # warn if a rule is downgraded > >> --warn rule-not-enforced # warn if a rule is not enforced at all > >> > >> If the warnings are desired by default the flags can be set in the > >> parser.conf file. > > > > Code mostly looks good; a couple of issues: > > > > 1) needs man page update. > > 2) the --help=warn is useful, but --warn needs to be part of the main > > usage statement: > > > > v2. > - update man page > - add --warn to usage statement > - make --quiet clear warn flags > > Currently the apparmor parser warns about rules that are not enforced or > downgraded. This is a problem for distros that are not carrying the out of > tree kernel patches, as most profile loads result in warnings. > > Change the behavior to not output a message unless a warn flag is passed. > This patch adds 2 different warn flags > --warn rule-downgraded # warn if a rule is downgraded > --warn rule-not-enforced # warn if a rule is not enforced at all > > If the warnings are desired by default the flags can be set in the > parser.conf file. > > Signed-off-by: John Johansen <[email protected]>
Acked-by: Steve Beattie <[email protected]> Thanks! -- Steve Beattie <[email protected]> http://NxNW.org/~steve/
signature.asc
Description: Digital signature
-- AppArmor mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
