On Mon, Mar 03, 2014 at 08:33:50AM -0800, Steve Beattie wrote: > On Fri, Feb 28, 2014 at 09:34:51PM +0100, Christian Boltz wrote: > > Am Montag, 24. Februar 2014 schrieb Steve Beattie: > > > I should note that one side effect is that this patch effectively > > > neuters the -r (revert) option for aa-disable. I don't really like > > > that option (I'd rather point people at using aa-enforce to undo > > > aa-disable). I can submit a patch that either removes the option or > > > adds the functionality if we desire it. > > > > The -r option was probably inspired by the -r option of aa-complain and > > aa-audit, but I understand your POV that it might be confusing in a > > triple-state case (enforce/complain/disabled). > > > > Anyway, either remove the -r option or make sure it's working ;-) > > Here's the patch to remove the -r option for aa-disable, as well as the > test and manpage documentation for it. Thanks! > > -- > Steve Beattie > <sbeat...@ubuntu.com> > http://NxNW.org/~steve/
Nice.
Acked-by: Seth Arnold <seth.arn...@canonical.com>
Thanks
> Signed-off-by: Steve Beattie <st...@nxnw.org>
> ---
> utils/aa-disable | 1 -
> utils/aa-disable.pod | 4 ----
> utils/apparmor/tools.py | 1 -
> utils/test/minitools_test.py | 6 ------
> 4 files changed, 12 deletions(-)
>
> Index: b/utils/aa-disable
> ===================================================================
> --- a/utils/aa-disable
> +++ b/utils/aa-disable
> @@ -22,7 +22,6 @@ _ = init_translation()
>
> parser = argparse.ArgumentParser(description=_('Disable the profile for the
> given programs'))
> parser.add_argument('-d', '--dir', type=str, help=_('path to profiles'))
> -parser.add_argument('-r', '--revert', action='store_true', help=_('enable
> the profile for the given programs'))
> parser.add_argument('program', type=str, nargs='+', help=_('name of
> program'))
> args = parser.parse_args()
>
> Index: b/utils/aa-disable.pod
> ===================================================================
> --- a/utils/aa-disable.pod
> +++ b/utils/aa-disable.pod
> @@ -35,10 +35,6 @@ B<-d --dir /path/to/profiles>
> Specifies where to look for the AppArmor security profile set.
> Defaults to /etc/apparmor.d.
>
> -B<-r --revert>
> -
> - Enables the profile and loads it.
> -
> =head1 DESCRIPTION
>
> B<aa-disable> is used to I<disable> one or more profiles.
> Index: b/utils/test/minitools_test.py
> ===================================================================
> --- a/utils/test/minitools_test.py
> +++ b/utils/test/minitools_test.py
> @@ -97,12 +97,6 @@ class Test(unittest.TestCase):
>
>
> self.assertEqual(os.path.islink('./profiles/disable/%s'%os.path.basename(local_profilename)),
> True, 'Failed to create a symlink for %s in disable'%local_profilename)
>
> - #Enable the ntpd profile and check if it was correctly re-enabled
> - subprocess.check_output('%s ./../aa-disable -d ./profiles -r
> %s'%(python_interpreter, test_path), shell=True)
> -
> -
> self.assertEqual(os.path.islink('./profiles/disable/%s'%os.path.basename(local_profilename)),
> False, 'Failed to remove a symlink for %s from disable'%local_profilename)
> -
> -
> def test_autodep(self):
> pass
>
> Index: b/utils/apparmor/tools.py
> ===================================================================
> --- a/utils/apparmor/tools.py
> +++ b/utils/apparmor/tools.py
> @@ -33,7 +33,6 @@ class aa_tools:
> if tool_name in ['audit', 'complain']:
> self.remove = args.remove
> elif tool_name == 'disable':
> - self.revert = args.revert
> self.disabledir = apparmor.profile_dir + '/disable'
> self.check_disable_dir()
> elif tool_name == 'autodep':
signature.asc
Description: Digital signature
-- AppArmor mailing list AppArmor@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
