On Wed, Mar 01, 2017 at 08:52:01PM +, Tyler Hicks wrote:
> Introduce an apparmor.aa.init_aa() method and move the initialization
> code of the apparmor.aa module into it. Note that this change will break
> any external users of apparmor.aa because global variables that were
> previously initial
On 03/01/2017 04:11 PM, Seth Arnold wrote:
> On Wed, Mar 01, 2017 at 08:52:06PM +, Tyler Hicks wrote:
>> The test-aa-easyprof.py script was attempting to do its own special
>> setup to import the in-tree easyprof module. However, this proved to be
>> very flaky and resulted in the test periodic
On Wed, Mar 01, 2017 at 08:52:06PM +, Tyler Hicks wrote:
> The test-aa-easyprof.py script was attempting to do its own special
> setup to import the in-tree easyprof module. However, this proved to be
> very flaky and resulted in the test periodically failing due to an
> AttributeError the firs
The test-aa-easyprof.py script was attempting to do its own special
setup to import the in-tree easyprof module. However, this proved to be
very flaky and resulted in the test periodically failing due to an
AttributeError the first time easyprof.parse_args() was called.
This patch removes the flak
If USE_SYSTEM is not set, the utils make check target will instruct
test-aa-easyprof.py to provide the path of the in-tree
profiles/apparmor.d directory to aa-easyprof as the parser base
directory.
If USE_SYSTEM is set, the default base directory (/etc/apparmor.d) is
used.
The test-aa-easyprof.py
When testing against a clean system without the apparmor_parser binary
installed, the test-aa-easyprof.py script ends up skipping profile
verification because it can't find the parser binary. This even causes a
test failure due to the test_genpolicy_invalid_template_policy test.
Adding a --parser
Introduce an apparmor.aa.init_aa() method and move the initialization
code of the apparmor.aa module into it. Note that this change will break
any external users of apparmor.aa because global variables that were
previously initialized when importing apparmor.aa will not be
initialized unless a call
The utils tests should make use of the logprof.conf that resides in
utils/test/ when testing against the in-tree parser and profiles. When
testing against the system, it the utils tests should continue to use
the system logprof.conf.
This patch updates the parser and profiles paths to point to the
When aa.py is imported, it looks for a set of profiles and it also looks
for the parser. Both of these paths are configured by logprof.conf but
it isn't always obvious which logprof.conf file was used and, therefore,
it isn't always obvious where aa.py is looking. This patch includes the
paths in t
if USE_SYSTEM is not set, the utils make check target will instruct
test-aa-easyprof.py to provide the path of the in-tree parser executable
to aa-easyprof.
If USE_SYSTEM is set, the default parser path (/sbin/apparmor_parser or
the result of `which apparmor_parser`) is used.
The test-aa-easyprof
https://launchpad.net/bugs/1521031
aa-easyprof accepts a list of abstractions to include and, by default,
execs apparmor_parser to verify the generated profile including any
abstractions. However, aa-easyprof didn't provide the same flexibility
as apparmor_parser when it came to where in the files
The utils tests, ran via $(make -C utils/ check), have long suffered from
requiring files which originate in the AppArmor source tree to be installed
in a system-wide manner. Some examples of files that are assumed to be
installed in system-wide locations are profiles, abstractions, configuration
f
Hi Seth
Yes, I thnik you're right. But I just wanted to notice this problem,
because of no result "aa-unconfined" utility. The latest Linux kernel
version, which is used in 12.04 LTS Release is 3.2.86, while "Precise" is
still at 3.2.79 level. Anyway, according to the kernel mailing list the
mainl
13 matches
Mail list logo
