Hello, this patch brings back the edit option for the path of file rules.
Also add it to aa-mergeprof to keep ask_the_questions() in sync. Note: aa-mergeprof will ask about path mismatchs basically always. That's because AARE is too careful on the matching - something to be fixed in a later patch. [ 20-re-add-new-to-logprof.diff ] === modified file ./utils/aa-mergeprof --- utils/aa-mergeprof 2016-03-28 20:01:55.574692469 +0200 +++ utils/aa-mergeprof 2016-03-28 22:18:16.188493767 +0200 @@ -731,6 +731,28 @@ globbed_rule_obj.glob_ext() options, default_option = add_to_options(options, globbed_rule_obj.get_raw()) + elif ans == 'CMD_NEW': + if not re_match_include(selection): + edit_rule_obj = selection_to_rule_obj(rule_obj, selection) + prompt, oldpath = edit_rule_obj.edit_header() + + newpath = aaui.UI_GetString(prompt, oldpath) + if newpath: + try: + input_matches_path = rule_obj.validate_edit(newpath) # note that we check against the original rule_obj here, not edit_rule_obj (which might be based on a globbed path) + except AppArmorException: + aaui.UI_Important(_('The path you entered is invalid (not starting with / or a variable)!')) + continue + + if not input_matches_path: + ynprompt = _('The specified path does not match this log entry:\n\n Log Entry: %(path)s\n Entered Path: %(ans)s\nDo you really want to use this path?') % { 'path': oldpath, 'ans': newpath } + key = aaui.UI_YesNo(ynprompt, 'n') + if key == 'n': + continue + + edit_rule_obj.store_edit(newpath) + options, default_option = add_to_options(options, edit_rule_obj.get_raw()) + else: done = False === modified file ./utils/apparmor/aa.py --- utils/apparmor/aa.py 2016-03-28 20:01:55.574692469 +0200 +++ utils/apparmor/aa.py 2016-03-28 22:18:54.340287309 +0200 @@ -1641,6 +1641,28 @@ globbed_rule_obj.glob_ext() options, default_option = add_to_options(options, globbed_rule_obj.get_raw()) + elif ans == 'CMD_NEW': + if not re_match_include(selection): + edit_rule_obj = selection_to_rule_obj(rule_obj, selection) + prompt, oldpath = edit_rule_obj.edit_header() + + newpath = aaui.UI_GetString(prompt, oldpath) + if newpath: + try: + input_matches_path = rule_obj.validate_edit(newpath) # note that we check against the original rule_obj here, not edit_rule_obj (which might be based on a globbed path) + except AppArmorException: + aaui.UI_Important(_('The path you entered is invalid (not starting with / or a variable)!')) + continue + + if not input_matches_path: + ynprompt = _('The specified path does not match this log entry:\n\n Log Entry: %(path)s\n Entered Path: %(ans)s\nDo you really want to use this path?') % { 'path': oldpath, 'ans': newpath } + key = aaui.UI_YesNo(ynprompt, 'n') + if key == 'n': + continue + + edit_rule_obj.store_edit(newpath) + options, default_option = add_to_options(options, edit_rule_obj.get_raw()) + else: done = False # END of code (mostly) shared with aa-mergeprof @@ -1960,6 +1982,9 @@ if rule_obj.can_glob_ext: buttons += ['CMD_GLOBEXT'] + if rule_obj.can_edit: + buttons += ['CMD_NEW'] + if rule_obj.audit: buttons += ['CMD_AUDIT_OFF'] else: Regards, Christian Boltz -- Linux wurde nur möglich, weil 20 Jahre Betriessystemforschung sorgfältig studiert, analysiert, diskutiert und verworfen wurden. [Ingo Molnar auf linux-kernel]
signature.asc
Description: This is a digitally signed message part.
-- AppArmor mailing list AppArmor@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor