Hello, Am Sonntag, 29. November 2015 schrieb Tyler Hicks: > aa-easyprof is used to generate profiles and the lack of an > abstraction file during profile generation should not be an error > condition. > > Leave the handling of the abstraction file for the parser. It will > fail if the file does not exist when the profile is being compiled. > > https://launchpad.net/bugs/1521031
I understand why you want this change, and agree that raising an exception in aa-easyprof is too heavy. OTOH, I don't like to silently ignore missing abstractions. What about printing a warning message? It won't hurt in build environments (I'd guess nobody reads warnings - if something is serious, it's an error ;-) but if someone calls aa-easyprof manually, it can still be helpful. > --- a/utils/apparmor/easyprof.py > +++ b/utils/apparmor/easyprof.py > @@ -507,8 +507,6 @@ class AppArmorEasyProfile: > def gen_abstraction_rule(self, abstraction): > '''Generate an abstraction rule''' > p = os.path.join(self.aa_topdir, "abstractions", abstraction) > - if not os.path.exists(p): > - raise AppArmorException("%s does not exist" % p) better: warn("%s does not exist" % p) You'll need to import warn() from apparmor.common. Actually apparmor.easyprof also has a warn() function - I seriously recommend to de-duplicate it and import it from apparmor.common. Speaking about de-duplicating - there are quite some functions in apparmor.easyprof that are also in apparmor.common. Often with nearly the same code, but it seems apparmor.commen received more bugfixes ;-) (comparing both files with meld is the easiest way to see the common code) Regards, Christian Boltz -- Programming today is a race between software engineers striving to build bigger and better idiot-proof programs, and the Universe trying to produce bigger and better idiots. So far, the Universe is winning. -- AppArmor mailing list AppArmor@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor