On 12/10/2015 04:35 AM, Christian Boltz wrote: > Hello, > > collapse_log() creates temporary SignalRule etc. objects which are then > checked against the existing profile content. > > These temporary objects are based on log events, therefore flag them as > such. This will ensure proper handling and escaping by the AARE class. > > Acked-by: John Johansen <john.johan...@canonical.com>
> [ 36-collapse-log-set-log_event.diff ] > > === modified file ./utils/apparmor/aa.py > --- utils/apparmor/aa.py 2015-12-08 19:30:43.210864711 +0100 > +++ utils/apparmor/aa.py 2015-12-10 12:38:08.008844270 +0100 > @@ -2509,26 +2509,26 @@ > for cap in prelog[aamode][profile][hat]['capability'].keys(): > # If capability not already in profile > # XXX remove first check when we have proper profile > initialisation > - if aa[profile][hat].get('capability', False) and not > aa[profile][hat]['capability'].is_covered(CapabilityRule(cap)): > + if aa[profile][hat].get('capability', False) and not > aa[profile][hat]['capability'].is_covered(CapabilityRule(cap, > log_event=True)): > log_dict[aamode][profile][hat]['capability'][cap] = > True > > nd = prelog[aamode][profile][hat]['netdomain'] > for family in nd.keys(): > for sock_type in nd[family].keys(): > - if not is_known_rule(aa[profile][hat], 'network', > NetworkRule(family, sock_type)): > + if not is_known_rule(aa[profile][hat], 'network', > NetworkRule(family, sock_type, log_event=True)): > > log_dict[aamode][profile][hat]['netdomain'][family][sock_type] = True > > ptrace = prelog[aamode][profile][hat]['ptrace'] > for peer in ptrace.keys(): > for access in ptrace[peer].keys(): > - if not is_known_rule(aa[profile][hat], 'ptrace', > PtraceRule(access, peer)): > + if not is_known_rule(aa[profile][hat], 'ptrace', > PtraceRule(access, peer, log_event=True)): > > log_dict[aamode][profile][hat]['ptrace'][peer][access] = True > > sig = prelog[aamode][profile][hat]['signal'] > for peer in sig.keys(): > for access in sig[peer].keys(): > for signal in sig[peer][access].keys(): > - if not is_known_rule(aa[profile][hat], 'signal', > SignalRule(access, signal, peer)): > + if not is_known_rule(aa[profile][hat], 'signal', > SignalRule(access, signal, peer, log_event=True)): > > log_dict[aamode][profile][hat]['signal'][peer][access][signal] = True > > > > > Regards, > > Christian Boltz > -- AppArmor mailing list AppArmor@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor