On Fri, Aug 12, 2016 at 10:46:32PM +0200, Christian Boltz wrote: > Hello, > > _is_covered_list() has a sanity check that raises an exception if both > other_value and other_all evaluate to False. This breaks when using > _is_covered_list() for FileRule.perms which can be empty if exec_perms > are specified. > > This patch adds an optional parameter that allows to skip the sanity > check. > > > [ 05-is_covered_list-make-sanity-check-optional.diff ]
Acked-by: Seth Arnold <[email protected]> Thanks > > --- utils/apparmor/rule/__init__.py 2016-01-18 18:59:53.451076435 +0100 > +++ utils/apparmor/rule/__init__.py 2016-01-18 18:56:44.740261951 +0100 > @@ -167,10 +167,10 @@ > # still here? -> then it is covered > return True > > - def _is_covered_list(self, self_value, self_all, other_value, other_all, > cond_name): > + def _is_covered_list(self, self_value, self_all, other_value, other_all, > cond_name, sanity_check=True): > '''check if other_* is covered by self_* - for lists''' > > - if not other_value and not other_all: > + if sanity_check and not other_value and not other_all: > raise AppArmorBug('No %(cond_name)s specified in other > %(rule_name)s rule' % {'cond_name': cond_name, 'rule_name': self.rule_name}) > > if not self_all: > >
signature.asc
Description: PGP signature
-- AppArmor mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
