[apparmor] [patch] Change aa.py delete_duplicates() to loop over rule classes

Fri, 05 Jun 2015 06:52:33 -0700 

Hello,

this patch changes aa.py delete_duplicates() to loop over the rule 
classes.

That's better than doing copy&paste for each added rule class ;-)


[ 45-delete_duplicates-use-loop.diff ]

=== modified file utils/apparmor/aa.py
--- utils/apparmor/aa.py        2015-06-05 15:19:00.724318954 +0200
+++ utils/apparmor/aa.py        2015-06-05 15:40:36.233292517 +0200
@@ -2066,20 +2066,18 @@
     # Allow rules covered by denied rules shouldn't be deleted
     # only a subset allow rules may actually be denied
 
+    ruletypes = ['capability', 'change_profile', 'network', 'rlimit']
+
     if include.get(incname, False):
-        deleted += 
profile['network'].delete_duplicates(include[incname][incname]['network'])
-        deleted += 
profile['capability'].delete_duplicates(include[incname][incname]['capability'])
-        deleted += 
profile['change_profile'].delete_duplicates(include[incname][incname]['change_profile'])
-        deleted += 
profile['rlimit'].delete_duplicates(include[incname][incname]['rlimit'])
+        for rule_type in ruletypes:
+            deleted += 
profile[rule_type].delete_duplicates(include[incname][incname][rule_type])
 
         deleted += delete_path_duplicates(profile, incname, 'allow')
         deleted += delete_path_duplicates(profile, incname, 'deny')
 
     elif filelist.get(incname, False):
-        deleted += 
profile['network'].delete_duplicates(filelist[incname][incname]['network'])
-        deleted += 
profile['capability'].delete_duplicates(filelist[incname][incname]['capability'])
-        deleted += 
profile['change_profile'].delete_duplicates(filelist[incname][incname]['change_profile'])
-        deleted += 
profile['rlimit'].delete_duplicates(filelist[incname][incname]['rlimit'])
+        for rule_type in ruletypes:
+            deleted += 
profile[rule_type].delete_duplicates(filelist[incname][incname][rule_type])
 
         deleted += delete_path_duplicates(profile, incname, 'allow')
         deleted += delete_path_duplicates(profile, incname, 'deny')



Regards,

Christian Boltz
-- 
And in those years, you have never had a bigger issue than a tray icon
not working? - Damn! KDE team must be doing one fantastic job!
[Bjørn Lie in opensuse-factory]


-- 
AppArmor mailing list
AppArmor@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/apparmor

Reply via email to