On Mon, Jul 01, 2013 at 05:15:07PM -0500, Jamie Strandboge wrote: > Attached is a patch for aa-easyprof that adds significant functionality over > what is currently in trunk. I could try to break these out in discrete chunks,
I've got one comment from what I've read so far.. more to follow.
Thanks
> === modified file 'utils/aa-easyprof'
> --- utils/aa-easyprof 2012-08-23 20:53:33 +0000
> +++ utils/aa-easyprof 2013-06-28 13:28:59 +0000
> @@ -1,7 +1,7 @@
> #! /usr/bin/env python
> # ------------------------------------------------------------------
> #
> -# Copyright (C) 2011-2012 Canonical Ltd.
> +# Copyright (C) 2011-2013 Canonical Ltd.
> #
> # This program is free software; you can redistribute it and/or
> # modify it under the terms of version 2 of the GNU General Public
> @@ -11,7 +11,6 @@
>
> import apparmor.easyprof
> from apparmor.easyprof import AppArmorException, error
> -import optparse
> import os
> import sys
>
> @@ -23,6 +22,7 @@
>
> (opt, args) = apparmor.easyprof.parse_args()
> binary = None
> + manifest = None
>
> m = usage()
> if opt.show_policy_group and not opt.policy_groups:
> @@ -34,33 +34,63 @@
> if len(args) >= 1:
> binary = args[0]
>
> - try:
> - easyp = apparmor.easyprof.AppArmorEasyProfile(binary, opt)
> - except AppArmorException as e:
> - error(e.value)
> - except Exception:
> - raise
> -
> - if opt.list_templates:
> - apparmor.easyprof.print_basefilenames(easyp.get_templates())
> - sys.exit(0)
> - elif opt.template and opt.show_template:
> - files = [os.path.join(easyp.dirs['templates'], opt.template)]
> - apparmor.easyprof.print_files(files)
> - sys.exit(0)
> - elif opt.list_policy_groups:
> - apparmor.easyprof.print_basefilenames(easyp.get_policy_groups())
> - sys.exit(0)
> - elif opt.policy_groups and opt.show_policy_group:
> - for g in opt.policy_groups.split(','):
> - files = [os.path.join(easyp.dirs['policygroups'], g)]
> + # parse_manifest() returns a list of tuples (binary, options). Create a
> + # list of these profile tuples to support multiple profiles in one
> manifest
> + profiles = []
> + if opt.manifest:
> + try:
> + # should hide this in a common function
> + if sys.version_info[0] >= 3:
> + f = open(opt.manifest, "r", encoding="utf-8")
> + else:
> + f = open(opt.manifest, "r")
> + manifest = f.read()
> + except OSError:
> + error("Manifest file '%s' does not exist\n" % opt.manifest)
I think the exception's reason should be printed, too -- "does not
exist" could be wrong if the file or directory permissions forbid
reading the file or if there are IO errors.
> + profiles = apparmor.easyprof.parse_manifest(manifest, opt)
> + else: # fake up a tuple list when processing command line args
> + profiles.append( (binary, opt) )
Thanks
signature.asc
Description: Digital signature
-- AppArmor mailing list AppArmor@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
