On Fri, Feb 28, 2014 at 09:34:51PM +0100, Christian Boltz wrote: > Am Montag, 24. Februar 2014 schrieb Steve Beattie: > > I should note that one side effect is that this patch effectively > > neuters the -r (revert) option for aa-disable. I don't really like > > that option (I'd rather point people at using aa-enforce to undo > > aa-disable). I can submit a patch that either removes the option or > > adds the functionality if we desire it. > > The -r option was probably inspired by the -r option of aa-complain and > aa-audit, but I understand your POV that it might be confusing in a > triple-state case (enforce/complain/disabled). > > Anyway, either remove the -r option or make sure it's working ;-)
Here's the patch to remove the -r option for aa-disable, as well as the test and manpage documentation for it. Thanks! -- Steve Beattie <sbeat...@ubuntu.com> http://NxNW.org/~steve/
Signed-off-by: Steve Beattie <st...@nxnw.org>
---
utils/aa-disable | 1 -
utils/aa-disable.pod | 4 ----
utils/apparmor/tools.py | 1 -
utils/test/minitools_test.py | 6 ------
4 files changed, 12 deletions(-)
Index: b/utils/aa-disable
===================================================================
--- a/utils/aa-disable
+++ b/utils/aa-disable
@@ -22,7 +22,6 @@ _ = init_translation()
parser = argparse.ArgumentParser(description=_('Disable the profile for the given programs'))
parser.add_argument('-d', '--dir', type=str, help=_('path to profiles'))
-parser.add_argument('-r', '--revert', action='store_true', help=_('enable the profile for the given programs'))
parser.add_argument('program', type=str, nargs='+', help=_('name of program'))
args = parser.parse_args()
Index: b/utils/aa-disable.pod
===================================================================
--- a/utils/aa-disable.pod
+++ b/utils/aa-disable.pod
@@ -35,10 +35,6 @@ B<-d --dir /path/to/profiles>
Specifies where to look for the AppArmor security profile set.
Defaults to /etc/apparmor.d.
-B<-r --revert>
-
- Enables the profile and loads it.
-
=head1 DESCRIPTION
B<aa-disable> is used to I<disable> one or more profiles.
Index: b/utils/test/minitools_test.py
===================================================================
--- a/utils/test/minitools_test.py
+++ b/utils/test/minitools_test.py
@@ -97,12 +97,6 @@ class Test(unittest.TestCase):
self.assertEqual(os.path.islink('./profiles/disable/%s'%os.path.basename(local_profilename)), True, 'Failed to create a symlink for %s in disable'%local_profilename)
- #Enable the ntpd profile and check if it was correctly re-enabled
- subprocess.check_output('%s ./../aa-disable -d ./profiles -r %s'%(python_interpreter, test_path), shell=True)
-
- self.assertEqual(os.path.islink('./profiles/disable/%s'%os.path.basename(local_profilename)), False, 'Failed to remove a symlink for %s from disable'%local_profilename)
-
-
def test_autodep(self):
pass
Index: b/utils/apparmor/tools.py
===================================================================
--- a/utils/apparmor/tools.py
+++ b/utils/apparmor/tools.py
@@ -33,7 +33,6 @@ class aa_tools:
if tool_name in ['audit', 'complain']:
self.remove = args.remove
elif tool_name == 'disable':
- self.revert = args.revert
self.disabledir = apparmor.profile_dir + '/disable'
self.check_disable_dir()
elif tool_name == 'autodep':
signature.asc
Description: Digital signature
-- AppArmor mailing list AppArmor@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
