Hello, this patch brings back the edit option for the path of file rules.
Also add it to aa-mergeprof to keep ask_the_questions() in sync.
Note: aa-mergeprof will ask about path mismatchs basically always.
That's because AARE is too careful on the matching - something to be
fixed in a later patch.
[ 20-re-add-new-to-logprof.diff ]
=== modified file ./utils/aa-mergeprof
--- utils/aa-mergeprof 2016-03-28 20:01:55.574692469 +0200
+++ utils/aa-mergeprof 2016-03-28 22:18:16.188493767 +0200
@@ -731,6 +731,28 @@
globbed_rule_obj.glob_ext()
options, default_option =
add_to_options(options, globbed_rule_obj.get_raw())
+ elif ans == 'CMD_NEW':
+ if not re_match_include(selection):
+ edit_rule_obj =
selection_to_rule_obj(rule_obj, selection)
+ prompt, oldpath =
edit_rule_obj.edit_header()
+
+ newpath = aaui.UI_GetString(prompt,
oldpath)
+ if newpath:
+ try:
+ input_matches_path =
rule_obj.validate_edit(newpath) # note that we check against the original
rule_obj here, not edit_rule_obj (which might be based on a globbed path)
+ except AppArmorException:
+ aaui.UI_Important(_('The path you
entered is invalid (not starting with / or a variable)!'))
+ continue
+
+ if not input_matches_path:
+ ynprompt = _('The specified path
does not match this log entry:\n\n Log Entry: %(path)s\n Entered Path:
%(ans)s\nDo you really want to use this path?') % { 'path': oldpath, 'ans':
newpath }
+ key = aaui.UI_YesNo(ynprompt, 'n')
+ if key == 'n':
+ continue
+
+ edit_rule_obj.store_edit(newpath)
+ options, default_option =
add_to_options(options, edit_rule_obj.get_raw())
+
else:
done = False
=== modified file ./utils/apparmor/aa.py
--- utils/apparmor/aa.py 2016-03-28 20:01:55.574692469 +0200
+++ utils/apparmor/aa.py 2016-03-28 22:18:54.340287309 +0200
@@ -1641,6 +1641,28 @@
globbed_rule_obj.glob_ext()
options, default_option =
add_to_options(options, globbed_rule_obj.get_raw())
+ elif ans == 'CMD_NEW':
+ if not re_match_include(selection):
+ edit_rule_obj =
selection_to_rule_obj(rule_obj, selection)
+ prompt, oldpath =
edit_rule_obj.edit_header()
+
+ newpath = aaui.UI_GetString(prompt,
oldpath)
+ if newpath:
+ try:
+ input_matches_path =
rule_obj.validate_edit(newpath) # note that we check against the original
rule_obj here, not edit_rule_obj (which might be based on a globbed path)
+ except AppArmorException:
+ aaui.UI_Important(_('The path you
entered is invalid (not starting with / or a variable)!'))
+ continue
+
+ if not input_matches_path:
+ ynprompt = _('The specified path
does not match this log entry:\n\n Log Entry: %(path)s\n Entered Path:
%(ans)s\nDo you really want to use this path?') % { 'path': oldpath, 'ans':
newpath }
+ key = aaui.UI_YesNo(ynprompt, 'n')
+ if key == 'n':
+ continue
+
+ edit_rule_obj.store_edit(newpath)
+ options, default_option =
add_to_options(options, edit_rule_obj.get_raw())
+
else:
done = False
# END of code (mostly) shared with aa-mergeprof
@@ -1960,6 +1982,9 @@
if rule_obj.can_glob_ext:
buttons += ['CMD_GLOBEXT']
+ if rule_obj.can_edit:
+ buttons += ['CMD_NEW']
+
if rule_obj.audit:
buttons += ['CMD_AUDIT_OFF']
else:
Regards,
Christian Boltz
--
Linux wurde nur möglich, weil 20 Jahre Betriessystemforschung
sorgfältig studiert, analysiert, diskutiert und verworfen
wurden. [Ingo Molnar auf linux-kernel]
signature.asc
Description: This is a digitally signed message part.
-- AppArmor mailing list AppArmor@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
