I took a quick look at this bug to attempt to locate the problem. I
originally thought it was due to the Python utils' parser not supporting
include rules that are missing a leading '#' but that's not the case
since the regex in utils/apparmor/regex.py supports such an include
rule:
RE_INCLUDE = re.compile('^\s*#?include\s*<(?P<magicpath>.*)>' +
RE_EOL)
The problem here is due to the regex only supporting include paths that
are surrounded by <>. The apparmor_parser allows for absolute include
paths to be surrounded by "" or by nothing at all and that is what the
Python utils do not currently support.
Also note that there are existing, but commented out, tests for this
style of include rules in utils/test/test-regex_matches.py:
class Test_re_match_include(AATest):
tests = [
...
# ('include foo', 'foo'
), # XXX not supported in tools yet
# ('include /foo/bar', '/foo/bar'
), # XXX not supported in tools yet
# ('include "foo"', 'foo'
), # XXX not supported in tools yet
# ('include "/foo/bar"', '/foo/bar'
), # XXX not supported in tools yet
...
]
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1733700
Title:
apparmor python tools do not understand 'include' rules
To manage notifications about this bug go to:
https://bugs.launchpad.net/apparmor/+bug/1733700/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
