On Fri, Aug 12, 2016 at 10:54:53PM +0200, Christian Boltz wrote:
> Hello,
> this patch changes aa.py to use FileRule and FileRuleset for parsing and 
> saving profiles.
> In detail, this means:
> - add 'file' to the list of rule classes to enable it at various places
> - store file rules in aa[profile][hat]['file'] (not 'path' as before)
>   to be consistent with the FileRule name
> - drop the no longer needed delete_path_duplicates() - this is now
>   handled by FileRuleset like in all other rule classes.
>   (same change in cleanprofile.py)
>   with FileRule.match()
> - drop write_path_rules() and write_paths() and replace them with the
>   new write_file() function.
> - adjust several code sections to use write_file and 'file' instead of
>   'path'
> FileRule doesn't drop optional keywords ('allow' and 'file'), therefore
> adjust cleanprof_test.out to the changed behaviour. (If someone insists
> on dropping optional keywords in aa-cleanprof, that's something for a
> future patch.)
> Also adjust the list of known failures in test-parser-simple-tests.py -
> switching to FileRule avoids several test failures (and introduces a few
> new ones ;-)
> This patch introduces a "brain split" which means
> - parsing and writing the profile and aa-cleanprof use the new location
>   (aa[profile][hat]['file'])
> - aa-logprof and aa-genprof still save data to the old location
>   (aa[profile][hat]['allow']['path']) and probably ask superfluous
>   questions because there are no rules existing in the old location
> TL;DR: don't try aa-logprof or aa-genprof with only this patch applied.
> I know this isn't ideal, but still better than an even bigger and
> totally unreadable patch ;-)
> [ 14-switch-to-FileRule.diff ]

Acked-by: Steve Beattie <st...@nxnw.org>. Thanks.

Steve Beattie

Attachment: signature.asc
Description: PGP signature

AppArmor mailing list
Modify settings or unsubscribe at: 

Reply via email to