On Mon, Nov 17, 2014 at 01:18:11PM -0800, Steve Beattie wrote: > Update patch follows. It adds a header such that sample results look like: > > [unix] > [ > [Raw_Unix_Rule] > audit = False > deny = False > raw rule = unix peer=(label=@{profile_name}), > [Raw_Unix_Rule] > audit = False > deny = False > raw rule = unix (receive) peer=(label=unconfined), > [Raw_Unix_Rule] > audit = False > deny = False > raw rule = unix (create), > [Raw_Unix_Rule] > audit = False > deny = False > raw rule = unix (getattr, getopt, setopt, shutdown), > ] > [ptrace] > [ > [Raw_Ptrace_Rule] > audit = False > deny = False > raw rule = ptrace (readby), > [Raw_Ptrace_Rule] > audit = False > deny = False > raw rule = ptrace (tracedby), > [Raw_Ptrace_Rule] > audit = False > deny = False > raw rule = ptrace (read) peer=@{profile_name}, > ] > > It also fixes a situation where, when the list or tuple is empty, it would > output: > > [@{DOVECOT_MAILSTORE}] > [ > [--- empty ---] > ] > > and instead corrects it to just output: > > [@{DOVECOT_MAILSTORE}] > [--- empty ---] > > It also reduces the indention for lists and tuples by one to one, as it > was causing the raw rules to be overly indented. > > Signed-off-by: Steve Beattie <st...@nxnw.org>
Poke, any feedback on this? Thanks. > --- > utils/apparmor/common.py | 16 +++++++++------- > utils/apparmor/rules.py | 8 ++++++++ > 2 files changed, 17 insertions(+), 7 deletions(-) > > Index: b/utils/apparmor/common.py > =================================================================== > --- a/utils/apparmor/common.py > +++ b/utils/apparmor/common.py > @@ -20,6 +20,7 @@ import subprocess > import sys > import termios > import tty > +import apparmor.rules as rules > > DEBUGGING = False > > @@ -93,14 +94,15 @@ def recursive_print(src, dpth = 0, key = > if empty: > print (tabs + '[--- empty ---]') > elif isinstance(src, list) or isinstance(src, tuple): > - empty = True > - print (tabs + "[") > - for litem in src: > - recursive_print(litem, dpth + 2) > - empty = False > - if empty: > + if len(src) == 0: > print (tabs + '[--- empty ---]') > - print (tabs + "]") > + else: > + print (tabs + "[") > + for litem in src: > + recursive_print(litem, dpth + 1) > + print (tabs + "]") > + elif isinstance(src, rules._Raw_Rule): > + src.recursive_print(dpth) > else: > if key: > print (tabs + '%s = %s' % (key, src)) > Index: b/utils/apparmor/rules.py > =================================================================== > --- a/utils/apparmor/rules.py > +++ b/utils/apparmor/rules.py > @@ -56,6 +56,14 @@ class _Raw_Rule(object): > 'deny ' if self.deny else '', > self.rule) > > + def recursive_print(self, depth): > + tabs = ' ' * depth * 4 > + print('%s[%s]' % (tabs, type(self).__name__)) > + tabs += ' ' * 4 > + print('%saudit = %s' % (tabs, self.audit)) > + print('%sdeny = %s' % (tabs, self.deny)) > + print('%sraw rule = %s' % (tabs, self.rule)) > + > class Raw_DBUS_Rule(_Raw_Rule): > pass > -- Steve Beattie <sbeat...@ubuntu.com> http://NxNW.org/~steve/
signature.asc
Description: Digital signature
-- AppArmor mailing list AppArmor@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor