[apparmor] [patch] Move file mode regexes and add pux

Hello, this patch adds the missing pux to PROFILE_MODE_RE and PROFILE_MODE_NT_RE. Also move those regexes and PROFILE_MODE_DENY_RE directly above validate_profile_mode() which is the only user. I propose this patch for trunk and 2.9. [ 63-move-file-mode-regexes-and-add-pux.diff ] ===

[apparmor] [patch] Allow boolean definitions outside profiles, not inside

Hello, according to the parser test profiles (which are the only documentation I found about this), definition of boolean variables is only allowed outside profiles, not inside them. parse_profile_data() got it the wrong way round, therefore this patch fixes the condition and updates the error

[apparmor] [patch] Fix parsing of boolean assignments

Hello, parsing of boolean assignments failed with TypeError: '_sre.SRE_Match' object is not subscriptable because of a missing .groups() I propose this patch for trunk and 2.9. [ 62-fix-parse-boolean.diff ] === modified file utils/apparmor/aa.py --- utils/apparmor/aa.py2015-07-04

[apparmor] [patch] Improve validate_profile_mode() and drop PROFILE_MODE_NT_RE

Hello, the only difference between PROFILE_MODE_RE and PROFILE_MODE_NT_RE was that the latter one additionally allowed 'x', which looks wrong. (Standalone 'x' is ok for deny rules, but those are handled by PROFILE_MODE_DENY_RE.) This patch completely drops PROFILE_MODE_NT_RE and the related

[apparmor] [patch] Make profile flags more whitespace tolerant

Hello, as shown in profile/flags/flags_ok_whitespace.sd, the parser is quite tolerant to additional or missing whitespace around flags=, while the tools are more strict. This patch updates the RE_PROFILE_START regex to follow this tolerance. [ 66-make-flags-whitespace-tolerant.diff ] ===

[apparmor] [patch] Fix some parser test syntax errors

Hello, this patch fixes some parser test syntax errors. Errors include typos (DESCRIPT__ON), missing value after #=EXRESULT and #=EXRESULT=PASS (= instead of space). I propose this patch for trunk and 2.9. [ fix-parser-tests.diff ] === modified file

Re: [apparmor] [patch] Make profile flags more whitespace tolerant

Hello, Am Sonntag, 5. Juli 2015 schrieb Christian Boltz: as shown in profile/flags/flags_ok_whitespace.sd, the parser is quite Just in case it isn't clear - I'm talking about parser/tst/simple_tests/profile/flags/flags_ok_whitespace.sd here ;-) Regards, Christian Boltz -- I'm not out to

[apparmor] [patch] Allow variables in change_profile rules

Hello, now that the parser allows variables in change_profile rules, the tools should also do that ;-) [ 67-change-profile-allow-var.diff ] === modified file utils/apparmor/regex.py --- utils/apparmor/regex.py 2015-07-05 16:49:54.682489394 +0200 +++ utils/apparmor/regex.py 2015-07-05

Re: [apparmor] [patch] Make profile flags more whitespace tolerant

Hello, Am Sonntag, 5. Juli 2015 schrieb Steve Beattie: No changes to utils/test/test-regex_matches.py to confirm that the regex works as expected? The existing tests continue to work, but right, it's a good idea to add another test with less usual whitespace around the flags. Here we go:

Re: [apparmor] [patch] Make profile flags more whitespace tolerant

On Sun, Jul 05, 2015 at 04:52:34PM +0200, Christian Boltz wrote: as shown in profile/flags/flags_ok_whitespace.sd, the parser is quite tolerant to additional or missing whitespace around flags=, while the tools are more strict. This patch updates the RE_PROFILE_START regex to follow this

[apparmor] How I found several bugs in less than an hour - without even searching for them

Hello, yes, that's possible, and you won't believe how easy it was! I even got additional 5% test coverage with this simple trick! Read on to see the most useful patch since sliced bread! Let's see if the clickbait approach in the subject helps to get this patch reviewed quickly ;-) - and now