[apparmor] [patch] merge 'path' if conditions in logparser.py / add_event_to_tree()

Christian Boltz apparmor at cboltz.de
Mon Feb 23 20:58:53 UTC 2015 

Hello,

logparser.py / add_event_to_tree() has 5 places to handle 'path' events.
This patch merges most if conditions to reduce that to 2 places.

This patch is just a cleanup without any behaviour change, therefore 
trunk is probably enough (but I won't object if someone acks it for 2.9 ;-)


Sidenote: I don't like things like
    if 'file_' in e['operation']
too much. Can/should we make this
    if e['operation'].startswith('file_')
?

(same question for 'xattr' and 'inode_' ;-)



[ logparser-merge-path-handling.diff ]

=== modified file 'utils/apparmor/logparser.py'
--- utils/apparmor/logparser.py 2015-01-17 10:04:12 +0000
+++ utils/apparmor/logparser.py 2015-02-23 20:41:18 +0000
@@ -257,20 +258,16 @@
             else:
                 self.debug_logger.debug('add_event_to_tree: dropped exec event in %s' % e['profile'])
 
-        elif 'file_' in e['operation']:
-            self.add_to_tree(e['pid'], e['parent'], 'path',
-                             [profile, hat, prog, aamode, e['denied_mask'], e['name'], ''])
-        elif e['operation'] in ['open', 'truncate', 'mkdir', 'mknod', 'rename_src',
-                                'rename_dest', 'unlink', 'rmdir', 'symlink_create', 'link']:
+        elif ( 'file_' in e['operation'] or 'xattr' in e['operation'] or
+            e['operation'] in ['open', 'truncate', 'mkdir', 'mknod', 'rename_src',
+                                'rename_dest', 'unlink', 'rmdir', 'symlink_create', 'link',
+                                'sysctl', 'setattr'] ):
             #print(e['operation'], e['name'])
             self.add_to_tree(e['pid'], e['parent'], 'path',
                              [profile, hat, prog, aamode, e['denied_mask'], e['name'], ''])
         elif e['operation'] == 'capable':
             self.add_to_tree(e['pid'], e['parent'], 'capability',
                              [profile, hat, prog, aamode, e['name'], ''])
-        elif e['operation'] == 'setattr' or 'xattr' in e['operation']:
-            self.add_to_tree(e['pid'], e['parent'], 'path',
-                             [profile, hat, prog, aamode, e['denied_mask'], e['name'], ''])
         elif 'inode_' in e['operation']:
             is_domain_change = False
             if e['operation'] == 'inode_permission' and (e['denied_mask'] & AA_MAY_EXEC) and aamode == 'PERMITTING':
@@ -288,10 +285,6 @@
                 self.add_to_tree(e['pid'], e['parent'], 'path',
                                  [profile, hat, prog, aamode, e['denied_mask'], e['name'], ''])
 
-        elif e['operation'] == 'sysctl':
-            self.add_to_tree(e['pid'], e['parent'], 'path',
-                             [profile, hat, prog, aamode, e['denied_mask'], e['name'], ''])
-
         elif e['operation'] == 'clone':
             parent, child = e['pid'], e['task']
             if not parent:


Regards,

Christian Boltz
-- 
On a more positive note, bug#755845 keeps me very fit running to and fro
the datacentre because I keep forgetting to mount /dev/pts myself.
[Per Jessen in opensuse-factory]

More information about the AppArmor mailing list