[apparmor] [patch] [01/38] Pass 'strict' flag from is_equal to is_equal_localvars

Christian Boltz Fri, 12 Aug 2016 13:44:10 -0700

Hello,

File rules contain some optional details (like leading permissions and
the file keyword) which should be ignored in non-strict mode.


This patch passes through the 'strict' parameter to is_equal_localvars
and adds it as function parameter in all existing rule classes.
It also adjusts test-baserule.py to test with the additional parameter.


[ 01-pass-strict-param-to-is_equal_localvars.diff ]

=== modified file ./utils/apparmor/rule/capability.py
--- utils/apparmor/rule/capability.py   2016-01-07 20:41:32.718787664 +0100
+++ utils/apparmor/rule/capability.py   2016-01-16 20:53:03.510459170 +0100
@@ -109,7 +109,7 @@
         # still here? -> then it is covered
         return True
 
-    def is_equal_localvars(self, rule_obj):
+    def is_equal_localvars(self, rule_obj, strict):
         '''compare if rule-specific variables are equal'''
 
         if not type(rule_obj) == CapabilityRule:
=== modified file ./utils/apparmor/rule/change_profile.py
--- utils/apparmor/rule/change_profile.py       2016-01-07 20:41:32.718787664 
+0100
+++ utils/apparmor/rule/change_profile.py       2016-01-16 20:53:07.858431360 
+0100
@@ -133,7 +133,7 @@
         # still here? -> then it is covered
         return True
 
-    def is_equal_localvars(self, rule_obj):
+    def is_equal_localvars(self, rule_obj, strict):
         '''compare if rule-specific variables are equal'''
 
         if not type(rule_obj) == ChangeProfileRule:
=== modified file ./utils/apparmor/rule/dbus.py
--- utils/apparmor/rule/dbus.py 2016-01-07 20:41:32.722787641 +0100
+++ utils/apparmor/rule/dbus.py 2016-01-16 20:53:11.418408587 +0100
@@ -263,7 +263,7 @@
         return True
 
 
-    def is_equal_localvars(self, rule_obj):
+    def is_equal_localvars(self, rule_obj, strict):
         '''compare if rule-specific variables are equal'''
 
         if not type(rule_obj) == DbusRule:
=== modified file ./utils/apparmor/rule/__init__.py
--- utils/apparmor/rule/__init__.py     2016-01-15 23:17:34.323170864 +0100
+++ utils/apparmor/rule/__init__.py     2016-01-16 20:57:26.616768804 +0100
@@ -211,7 +211,7 @@
         ):
             return False
 
-        return self.is_equal_localvars(rule_obj)
+        return self.is_equal_localvars(rule_obj, strict)
 
     def _is_equal_aare(self, self_value, self_all, other_value, other_all, 
cond_name):
         '''check if other_* is the same as self_* - for AARE'''
@@ -229,7 +229,7 @@
         return True
 
     # @abstractmethod  FIXME - uncomment when python3 only
-    def is_equal_localvars(self, other_rule):
+    def is_equal_localvars(self, other_rule, strict):
         '''compare if rule-specific variables are equal'''
         raise NotImplementedError("'%s' needs to implement 
is_equal_localvars(), but didn't" % (str(self)))
 
=== modified file ./utils/apparmor/rule/network.py
--- utils/apparmor/rule/network.py      2016-01-07 20:41:32.718787664 +0100
+++ utils/apparmor/rule/network.py      2016-01-16 20:53:30.094289065 +0100
@@ -162,7 +162,7 @@
         # still here? -> then it is covered
         return True
 
-    def is_equal_localvars(self, rule_obj):
+    def is_equal_localvars(self, rule_obj, strict):
         '''compare if rule-specific variables are equal'''
 
         if not type(rule_obj) == NetworkRule:
=== modified file ./utils/apparmor/rule/ptrace.py
--- utils/apparmor/rule/ptrace.py       2016-01-07 20:41:32.730787594 +0100
+++ utils/apparmor/rule/ptrace.py       2016-01-16 20:53:33.542266990 +0100
@@ -144,7 +144,7 @@
         # still here? -> then it is covered
         return True
 
-    def is_equal_localvars(self, rule_obj):
+    def is_equal_localvars(self, rule_obj, strict):
         '''compare if rule-specific variables are equal'''
 
         if not type(rule_obj) == PtraceRule:
=== modified file ./utils/apparmor/rule/rlimit.py
--- utils/apparmor/rule/rlimit.py       2016-01-07 20:41:32.706787734 +0100
+++ utils/apparmor/rule/rlimit.py       2016-01-16 20:53:36.510247988 +0100
@@ -218,7 +218,7 @@
         # still here? -> then it is covered
         return True
 
-    def is_equal_localvars(self, rule_obj):
+    def is_equal_localvars(self, rule_obj, strict):
         '''compare if rule-specific variables are equal'''
 
         if not type(rule_obj) == RlimitRule:
=== modified file ./utils/apparmor/rule/signal.py
--- utils/apparmor/rule/signal.py       2016-01-07 20:41:32.718787664 +0100
+++ utils/apparmor/rule/signal.py       2016-01-16 20:53:40.158224630 +0100
@@ -194,7 +194,7 @@
         # still here? -> then it is covered
         return True
 
-    def is_equal_localvars(self, rule_obj):
+    def is_equal_localvars(self, rule_obj, strict):
         '''compare if rule-specific variables are equal'''
 
         if not type(rule_obj) == SignalRule:
--- utils/test/test-baserule.py 2015-11-19 17:42:26.325879118 +0100
+++ utils/test/test-baserule.py 2016-01-16 20:57:47.712632644 +0100
@@ -43,7 +43,7 @@
     def test_is_equal_localvars(self):
         obj = BaseRule()
         with self.assertRaises(NotImplementedError):
-            obj.is_equal_localvars(BaseRule())
+            obj.is_equal_localvars(BaseRule(), False)
 
     def test_is_covered_localvars(self):
         obj = BaseRule()



Regards,

Christian Boltz
-- 
depressing, infuriating, sickening and
Acked-by: John Johansen <[email protected]>
[John Johansen in apparmor]

signature.asc
Description: This is a digitally signed message part.

-- 
AppArmor mailing list
[email protected]
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/apparmor

[apparmor] [patch] [01/38] Pass 'strict' flag from is_equal to is_equal_localvars

Reply via email to