[apparmor] [PATCH 2/6] parser: Fail compilation if unknown mount options are found
John Johansen
john.johansen at canonical.com
Fri Dec 12 11:21:03 UTC 2014
On 12/11/2014 04:49 PM, Tyler Hicks wrote:
> The parser should not indicate success when mount rules contain
> unknown mount options:
>
> $ echo "/t { mount options=(XXX) -> **, }" | apparmor_parser -qQ
> $ echo $?
> 0
>
> This patch modifies the parser so that it prints an error message and
> exits with 1:
>
> $ echo "/t { mount options=(XXX) -> **, }" | apparmor_parser -qQ
> unsupported mount options
> $ echo $?
> 1
>
> Bug: https://bugs.launchpad.net/bugs/1401621
>
> Signed-off-by: Tyler Hicks <tyhicks at canonical.com>
Acked-by: John Johansen <john.johansen at canonical.com>
> ---
> parser/mount.cc | 4 ++++
> 1 file changed, 4 insertions(+)
>
> diff --git a/parser/mount.cc b/parser/mount.cc
> index a3ab5d3..b2a408a 100644
> --- a/parser/mount.cc
> +++ b/parser/mount.cc
> @@ -443,6 +443,10 @@ mnt_rule::mnt_rule(struct cond_entry *src_conds, char *device_p,
> PERROR(" unsupported mount conditions\n");
> exit(1);
> }
> + if (opts) {
> + PERROR(" unsupported mount options\n");
> + exit(1);
> + }
> }
>
> ostream &mnt_rule::dump(ostream &os)
>
More information about the AppArmor
mailing list