On Fri, Mar 06, 2015 at 03:48:48PM -0600, Tyler Hicks wrote: > This patch adds equivalents of the parser's PDEBUG() and PERROR() > functions to libapparmor. > > It does not add gettext(3) support to libapparmor since these are > messages that only developers will see (debug builds with > LIBAPPARMOR_DEBUG=1) or messages that go to the syslog. > > PDEBUG() does nothing unless libapparmor is built with --enable-debug. > It prints to stderr if libapparmor is built with --enable-debug and the > LIBAPPARMOR_DEBUG environment variable is set. > > PERROR() uses syslog(LOG_ERR, ...) by default. The message is sent to > the syslog and to stderr if libapparmor is built with --enable-debug and > the LIBAPPARMOR_DEBUG environment variable is set. > > Signed-off-by: Tyler Hicks <[email protected]>
FYI, ubuntu 12.04 LTS (precise) builds are failing because the glibc version does not support secure_getenv(3). > diff --git a/libraries/libapparmor/configure.ac > b/libraries/libapparmor/configure.ac > index 4da65c1..fe6971c 100644 > --- a/libraries/libapparmor/configure.ac > +++ b/libraries/libapparmor/configure.ac > @@ -14,6 +14,14 @@ PKG_PROG_PKG_CONFIG > > AC_PATH_PROG([SWIG], [swig]) > > +AC_MSG_CHECKING([whether the libapparmor debug output should be enabled]) > +AC_ARG_ENABLE([debug_output], > +[AS_HELP_STRING([--enable-debug-output], [generate the libapparmor debug > output [[default=no]]])], > +[AC_MSG_RESULT([$enableval])], > +[enable_debug_output=no] > +[AC_MSG_RESULT([$enable_debug_output])]) > +AS_IF([test "$enable_debug_output" = "yes"], > [AC_DEFINE([ENABLE_DEBUG_OUTPUT], [1], [debug output])]) > + > AC_MSG_CHECKING([whether the libapparmor man pages should be generated]) > AC_ARG_ENABLE(man_pages, > [AS_HELP_STRING([--enable-man-pages], [generate the libapparmor man pages > [[default=yes]]])], > @@ -71,7 +79,7 @@ AM_CONDITIONAL(HAVE_PERL, test x$with_perl = xyes) > AM_CONDITIONAL(HAVE_RUBY, test x$with_ruby = xyes) > > AC_HEADER_STDC > -AC_CHECK_HEADERS(unistd.h stdint.h) > +AC_CHECK_HEADERS(unistd.h stdint.h syslog.h) > > AC_CHECK_FUNCS(asprintf) > > diff --git a/libraries/libapparmor/src/private.c > b/libraries/libapparmor/src/private.c > index f6f40b5..eb3c0f8 100644 > --- a/libraries/libapparmor/src/private.c > +++ b/libraries/libapparmor/src/private.c > @@ -14,7 +14,12 @@ > * along with this program. If not, see <http://www.gnu.org/licenses/>. > */ > > +#include <stdarg.h> > +#include <stdbool.h> > +#include <stdio.h> > +#include <stdlib.h> > #include <string.h> > +#include <syslog.h> > > struct ignored_suffix_t { > const char * text; > @@ -41,6 +46,35 @@ static struct ignored_suffix_t ignored_suffixes[] = { > { NULL, 0, 0 } > }; > > +#define DEBUG_ENV_VAR "LIBAPPARMOR_DEBUG" > + > +void print_error(bool honor_env_var, const char *ident, const char *fmt, ...) > +{ > + va_list args; > + int openlog_options = 0; > + > + if (honor_env_var && secure_getenv(DEBUG_ENV_VAR)) > + openlog_options |= LOG_PERROR; > + > + openlog(ident, openlog_options, LOG_ERR); > + va_start(args, fmt); > + vsyslog(LOG_ERR, fmt, args); > + va_end(args); > + closelog(); > +} > + > +void print_debug(const char *fmt, ...) > +{ > + va_list args; > + > + if (!secure_getenv(DEBUG_ENV_VAR)) > + return; > + > + va_start(args, fmt); > + vfprintf(stderr, fmt, args); > + va_end(args); > +} > + > int _aa_is_blacklisted(const char *name, const char *path) > { > int name_len; > diff --git a/libraries/libapparmor/src/private.h > b/libraries/libapparmor/src/private.h > new file mode 100644 > index 0000000..a3c582d > --- /dev/null > +++ b/libraries/libapparmor/src/private.h > @@ -0,0 +1,37 @@ > +/* > + * Copyright 2014 Canonical Ltd. > + * > + * The libapparmor library is licensed under the terms of the GNU > + * Lesser General Public License, version 2.1. Please see the file > + * COPYING.LGPL. > + * > + * This library is distributed in the hope that it will be useful, > + * but WITHOUT ANY WARRANTY; without even the implied warranty of > + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the > + * GNU Lesser General Public License for more details. > + * > + * You should have received a copy of the GNU Lesser General Public License > + * along with this program. If not, see <http://www.gnu.org/licenses/>. > + */ > + > +#ifndef _AA_PRIVATE_H > +#define _AA_PRIVATE_H 1 > + > +#include <stdbool.h> > + > +#if ENABLE_DEBUG_OUTPUT > + > +#define PERROR(fmt, args...) print_error(true, "libapparmor", fmt, ## args) > +#define PDEBUG(fmt, args...) print_debug("libapparmor: " fmt, ## args) > + > +#else /* ENABLE_DEBUG_OUTPUT */ > + > +#define PERROR(fmt, args...) print_error(false, "libapparmor", fmt, ## args) > +#define PDEBUG(fmt, args...) /* do nothing */ > + > +#endif /* ENABLE_DEBUG_OUTPUT */ > + > +void print_error(bool honor_env_var, const char *ident, const char *fmt, > ...); > +void print_debug(const char *fmt, ...); > + > +#endif /* _AA_PRIVATE_H */ > -- > 2.1.4 > > > -- > AppArmor mailing list > [email protected] > Modify settings or unsubscribe at: > https://lists.ubuntu.com/mailman/listinfo/apparmor -- Steve Beattie <[email protected]> http://NxNW.org/~steve/
signature.asc
Description: Digital signature
-- AppArmor mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
