On Mon, Mar 03, 2014 at 08:33:50AM -0800, Steve Beattie wrote: > On Fri, Feb 28, 2014 at 09:34:51PM +0100, Christian Boltz wrote: > > Am Montag, 24. Februar 2014 schrieb Steve Beattie: > > > I should note that one side effect is that this patch effectively > > > neuters the -r (revert) option for aa-disable. I don't really like > > > that option (I'd rather point people at using aa-enforce to undo > > > aa-disable). I can submit a patch that either removes the option or > > > adds the functionality if we desire it. > > > > The -r option was probably inspired by the -r option of aa-complain and > > aa-audit, but I understand your POV that it might be confusing in a > > triple-state case (enforce/complain/disabled). > > > > Anyway, either remove the -r option or make sure it's working ;-) > > Here's the patch to remove the -r option for aa-disable, as well as the > test and manpage documentation for it. Thanks! > > -- > Steve Beattie > <sbeat...@ubuntu.com> > http://NxNW.org/~steve/
Nice. Acked-by: Seth Arnold <seth.arn...@canonical.com> Thanks > Signed-off-by: Steve Beattie <st...@nxnw.org> > --- > utils/aa-disable | 1 - > utils/aa-disable.pod | 4 ---- > utils/apparmor/tools.py | 1 - > utils/test/minitools_test.py | 6 ------ > 4 files changed, 12 deletions(-) > > Index: b/utils/aa-disable > =================================================================== > --- a/utils/aa-disable > +++ b/utils/aa-disable > @@ -22,7 +22,6 @@ _ = init_translation() > > parser = argparse.ArgumentParser(description=_('Disable the profile for the > given programs')) > parser.add_argument('-d', '--dir', type=str, help=_('path to profiles')) > -parser.add_argument('-r', '--revert', action='store_true', help=_('enable > the profile for the given programs')) > parser.add_argument('program', type=str, nargs='+', help=_('name of > program')) > args = parser.parse_args() > > Index: b/utils/aa-disable.pod > =================================================================== > --- a/utils/aa-disable.pod > +++ b/utils/aa-disable.pod > @@ -35,10 +35,6 @@ B<-d --dir /path/to/profiles> > Specifies where to look for the AppArmor security profile set. > Defaults to /etc/apparmor.d. > > -B<-r --revert> > - > - Enables the profile and loads it. > - > =head1 DESCRIPTION > > B<aa-disable> is used to I<disable> one or more profiles. > Index: b/utils/test/minitools_test.py > =================================================================== > --- a/utils/test/minitools_test.py > +++ b/utils/test/minitools_test.py > @@ -97,12 +97,6 @@ class Test(unittest.TestCase): > > > self.assertEqual(os.path.islink('./profiles/disable/%s'%os.path.basename(local_profilename)), > True, 'Failed to create a symlink for %s in disable'%local_profilename) > > - #Enable the ntpd profile and check if it was correctly re-enabled > - subprocess.check_output('%s ./../aa-disable -d ./profiles -r > %s'%(python_interpreter, test_path), shell=True) > - > - > self.assertEqual(os.path.islink('./profiles/disable/%s'%os.path.basename(local_profilename)), > False, 'Failed to remove a symlink for %s from disable'%local_profilename) > - > - > def test_autodep(self): > pass > > Index: b/utils/apparmor/tools.py > =================================================================== > --- a/utils/apparmor/tools.py > +++ b/utils/apparmor/tools.py > @@ -33,7 +33,6 @@ class aa_tools: > if tool_name in ['audit', 'complain']: > self.remove = args.remove > elif tool_name == 'disable': > - self.revert = args.revert > self.disabledir = apparmor.profile_dir + '/disable' > self.check_disable_dir() > elif tool_name == 'autodep':
signature.asc
Description: Digital signature
-- AppArmor mailing list AppArmor@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor