On 10/22/2015 04:38 PM, Christian Boltz wrote:
> Hello,
>
> as a preparation for the SignalRule class, add a <details> match group
> to RE_PROFILE_SIGNAL.
>
> Also adjust test-regex_matches.py for the added group.
>
> Note: RE_PROFILE_SIGNAL is only used in aa.py, and only matches[0..2]
> are used. 0 and 1 are audit and allow/deny and 2 is and stays the whole
> rule (except audit and allow/deny). Therefore no aa.py changes are
> needed.
>
>
Acked-by: John Johansen <[email protected]>
> [ 03-add-match-group-to-RE_PROFILE_SIGNAL.diff ]
>
> --- utils/apparmor/regex.py 2015-08-02 23:42:51.717709541 +0200
> +++ utils/apparmor/regex.py 2015-10-22 18:15:32.725675400 +0200
> @@ -48,7 +48,7 @@
> RE_PROFILE_HAT_DEF =
> re.compile('^(?P<leadingspace>\s*)(?P<hat_keyword>\^|hat\s+)(?P<hat>\"??.+?\"??)\s+((flags=)?\((?P<flags>.+)\)\s+)*\{'
> + RE_EOL)
> RE_PROFILE_DBUS = re.compile(RE_AUDIT_DENY +
> '(dbus\s*,|dbus\s+[^#]*\s*,)' + RE_EOL)
> RE_PROFILE_MOUNT = re.compile(RE_AUDIT_DENY +
> '((mount|remount|umount|unmount)(\s+[^#]*)?\s*,)' + RE_EOL)
> -RE_PROFILE_SIGNAL = re.compile(RE_AUDIT_DENY +
> '(signal\s*,|signal\s+[^#]*\s*,)' + RE_EOL)
> +RE_PROFILE_SIGNAL = re.compile(RE_AUDIT_DENY +
> '(signal\s*,|signal(?P<details>\s+[^#]*)\s*,)' + RE_EOL)
> RE_PROFILE_PTRACE = re.compile(RE_AUDIT_DENY +
> '(ptrace\s*,|ptrace\s+[^#]*\s*,)' + RE_EOL)
> RE_PROFILE_PIVOT_ROOT = re.compile(RE_AUDIT_DENY +
> '(pivot_root\s*,|pivot_root\s+[^#]*\s*,)' + RE_EOL)
> RE_PROFILE_UNIX = re.compile(RE_AUDIT_DENY +
> '(unix\s*,|unix\s+[^#]*\s*,)' + RE_EOL)
> --- utils/test/test-regex_matches.py 2015-10-23 01:35:00.332075802 +0200
> +++ utils/test/test-regex_matches.py 2015-10-23 01:34:43.484064929 +0200
> @@ -299,18 +299,14 @@
> self.regex = aa.RE_PROFILE_SIGNAL
>
> tests = [
> - (' signal,', (None, None, 'signal,', None)),
> - (' audit signal,', ('audit', None, 'signal,', None)),
> - (' signal receive,', (None, None, 'signal receive,', None)),
> - (' signal (send, receive),',
> - (None, None, 'signal (send, receive),', None)),
> - (' audit signal (receive),',
> - ('audit', None, 'signal (receive),', None)),
> - (' signal (send, receive) set=(usr1 usr2),',
> - (None, None, 'signal (send, receive) set=(usr1 usr2),', None)),
> - (' signal send set=(hup, quit) peer=/usr/sbin/daemon,',
> - (None, None,
> - 'signal send set=(hup, quit) peer=/usr/sbin/daemon,', None)),
> + (' signal,', (None, None,
> 'signal,', None,
> None)),
> + (' audit signal,', ('audit', None,
> 'signal,', None,
> None)),
> + (' signal receive,', (None, None,
> 'signal receive,', 'receive',
> None)),
> + (' signal (send, receive),', (None, None,
> 'signal (send, receive),', '(send, receive)',
> None)),
> + (' audit signal (receive),', ('audit', None,
> 'signal (receive),', '(receive)',
> None)),
> + (' signal (send, receive) set=(usr1 usr2),', (None, None,
> 'signal (send, receive) set=(usr1 usr2),', '(send, receive) set=(usr1
> usr2)', None)),
> + (' signal send set=(hup, quit) peer=/usr/sbin/daemon,', (None,
> None, 'signal send set=(hup, quit) peer=/usr/sbin/daemon,',
> +
> 'send set=(hup, quit) peer=/usr/sbin/daemon',
> None)),
>
> (' signalling,', False),
> (' audit signalling,', False),
>
>
> Regards,
>
> Christian Boltz
>
--
AppArmor mailing list
[email protected]
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/apparmor
