Re: [apparmor] [patch] Drop seen_events counter from aa.py
Hello, Am Freitag, 14. Oktober 2016, 12:16:52 CEST schrieb Steve Beattie: > On Fri, Oct 14, 2016 at 12:43:19AM +0200, Christian Boltz wrote: > > seen_events is a global variable in aa.py that gets increased at > > several places, but isn't used (read or printed) anywhere. Since I > > can't imagine how it could become useful, simply drop it. > > I've no problem dropping this variable if we're not using it anywhere. > > That said, I know previously in the development of the perl version > of the tools, there was some experimentation with showing things like > progress bars or information like e.g. "37 of 146 pending rejections > would be covered by adding this rule". I think there's a place for > indicators that show contextual information about the current run of > whatever tool is being used, and this variable may have been added > as a data gathering element to support that. That sounds like an interesting idea, but I doubt a simple counter (like the two I dropped) would provide this information ;-) What you propose would be more or less easy when adding the specific rule type (like a file rule for file events) - we'd just need to check is_covered() of the pending file events [1]. Things become slightly more interesting (and possibly a bit slower) when counting for an include file because we'd need to check all event types, not only file events, and check against all rules in the include. I'm not saying it's impossible, "just" more interesting ;-) Feel free to open a feature request to make sure this idea doesn't get lost, but I probably don't need to mention that we have more urgent things on the TODO list ;-) Regards, Christian Boltz [1] Currently we don't delete the events from the log queue because the for loop makes sure to hit them only once, but that would be an easy fix. -- > [qpopper] Jepp. Den einzurichten, dauert max. 10 Min. Und ist absolut > pflegeleicht. ;) Hm... womit verbringst Du denn die letzten neun Minuten? Oder kommt hier ein 286er zum Einsatz? [> Michael Raab und Andreas Feile in suse-linux] signature.asc Description: This is a digitally signed message part. -- AppArmor mailing list AppArmor@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
[apparmor] [patch] Drop seen_events counter from aa.py
Hello, seen_events is a global variable in aa.py that gets increased at several places, but isn't used (read or printed) anywhere. Since I can't imagine how it could become useful, simply drop it. Also drop an outdated comment in handle_children that lived next to a seen_events line. [ 01-drop-seen_events.diff ] === modified file ./utils/apparmor/aa.py --- utils/apparmor/aa.py2016-10-14 00:35:27.514276563 +0200 +++ utils/apparmor/aa.py2016-10-14 00:34:20.802587963 +0200 @@ -95,7 +95,6 @@ existing_profiles = dict() -seen_events = 0 # was our # To store the globs entered by users so they can be provided again # format: user_globs['/foo*'] = AARE('/foo*') user_globs = {} @@ -1056,7 +1055,6 @@ family = None sock_type = None protocol = None -global seen_events regex_nullcomplain = re.compile('^null(-complain)*-profile$') for entry in entries: @@ -1114,8 +1112,6 @@ if aamode == 'PERMITTING': q.default = 'CMD_ADDHAT' -seen_events += 1 - ans = q.promptUser()[0] if ans == 'CMD_FINISHED': @@ -1283,9 +1279,6 @@ exec_toggle = False q.functions += build_x_functions(default, options, exec_toggle) -# options = '|'.join(options) -seen_events += 1 - # ask user about the exec mode to use ans = '' # unused: 'CMD_px_safe', 'CMD_cx_safe', 'CMD_nx_safe', 'CMD_pix_safe', 'CMD_cix_safe', 'CMD_nix_safe', 'CMD_ux_safe', 'CMD_EXEC_TOGGLE' @@ -1525,7 +1518,6 @@ def ask_the_questions(): found = 0 -global seen_events for aamode in sorted(log_dict.keys()): # Describe the type of changes if aamode == 'PERMITTING': @@ -1580,8 +1572,6 @@ else: options.append(rule_obj.get_clean()) -seen_events += 1 - done = False while not done: q.options = options Regards, Christian Boltz -- Mach halt nicht. Viel Glueck fuer die naechsten Jahre noch ein System mit 2.95 zu finden. Sogar debian hat gcc 3 in unstable. Okay, das dauert noch, ehmm ... 10 Jahre, bis das stable wird, aber immerhin. [Michael Matz in suse-programming] signature.asc Description: This is a digitally signed message part. -- AppArmor mailing list AppArmor@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor