[apparmor] [00/38] Replace file rule handling with FileRule and FileRuleset classes

Christian Boltz apparmor at cboltz.de
Sat Oct 1 18:55:56 UTC 2016 

Hello,

such a patch series deserves a little summary after hitting bzr ;-)

Am Freitag, 12. August 2016, 22:40:39 CEST schrieb Christian Boltz:
> this patch series introduces the FileRule and FileRuleset classes and
> changes several code sections to use these classes instead of the old
> 'path' hasher.

> diffstat over all patches in this series:

>  25 files changed, 2552 insertions(+), 1535 deletions(-)

That was the plan. With the additional patches, we end up with

 utils/aa-mergeprof                     |  491 +++----------
 utils/apparmor/aa.py                   | 1231 ++++++++-------------------------
 utils/apparmor/aamode.py               |  110 --
 utils/apparmor/aare.py                 |   58 +
 utils/apparmor/cleanprofile.py         |   36 
 utils/apparmor/regex.py                |   27 
 utils/apparmor/rule/__init__.py        |   72 +
 utils/apparmor/rule/capability.py      |    2 
 utils/apparmor/rule/change_profile.py  |    2 
 utils/apparmor/rule/dbus.py            |   16 
 utils/apparmor/rule/file.py            |  597 +++++++++++++++-
 utils/apparmor/rule/network.py         |    2 
 utils/apparmor/rule/ptrace.py          |    4 
 utils/apparmor/rule/rlimit.py          |    2 
 utils/apparmor/rule/signal.py          |    4 
 utils/apparmor/severity.py             |   24 
 utils/apparmor/ui.py                   |    1 
 utils/test/cleanprof_test.out          |    8 
 utils/test/fake_ldd                    |    2 
 utils/test/test-aa.py                  |  155 +++-
 utils/test/test-aare.py                |  114 +++
 utils/test/test-baserule.py            |   17 
 utils/test/test-file.py                | 1174 ++++++++++++++++++++++++++++++-
 utils/test/test-parser-simple-tests.py |   24 
 utils/test/test-regex_matches.py       |   44 -
 utils/test/test-severity.py            |    9 
 utils/test/test-translations.py        |    2 
 27 files changed, 2600 insertions(+), 1628 deletions(-)

So we now have 1028 more lines, but also 1311 lines added to the tests, 
which means about 300 lines less "real" code. And, despite the pure 
numbers, some added features (support for leading perms and asking about 
new hats/subprofiles in aa-mergeprof), some bugfixes, and, most 
important, much more readable code :-)

Another interesting detail is that the oldest patches of this series is 
from 2016-01-15. Yes, it took "some" time to move all the file rule 
handling into the FileRule class ;-)


Regards,

Christian Boltz
-- 
> Kann man das für alle MUAs sagen?
Nein, wohl nicht.  Es gibt todkranke, kranke (die durch richtige
Konfiguration wieder gesund werden) und gesunde MUAs.
[> Ratti und Mathias Bauer in suse-linux]
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20161001/27ce4009/attachment.pgp>

More information about the AppArmor mailing list