[apparmor] [patch] [02/38] check_and_split_list: optionally allow empty list
Seth Arnold
seth.arnold at canonical.com
Wed Sep 14 19:32:46 UTC 2016
On Fri, Aug 12, 2016 at 10:44:14PM +0200, Christian Boltz wrote:
> Hello,
>
> $subject.
>
> File permissions can be an empty list (if only exec permissions are
> specified). This patch adds the optional allow_empty_list parameter so
> that the function can handle this case.
>
>
>
> [ 02-check_and_split_list-optionally-allow-empty-list.diff ]
Acked-by: Seth Arnold <seth.arnold at canonical.com>
Thanks
>
> --- utils/apparmor/rule/__init__.py 2016-01-07 20:41:32.718787664 +0100
> +++ utils/apparmor/rule/__init__.py 2016-01-15 23:00:18.765000352 +0100
> @@ -431,14 +431,14 @@
> raise NotImplementedError("get_glob_ext is not available for this rule type!")
>
>
> -def check_and_split_list(lst, allowed_keywords, all_obj, classname, keyword_name):
> +def check_and_split_list(lst, allowed_keywords, all_obj, classname, keyword_name, allow_empty_list=False):
> '''check if lst is all_obj or contains only items listed in allowed_keywords'''
>
> if lst == all_obj:
> return None, True, None
> elif type_is_str(lst):
> result_list = {lst}
> - elif (type(lst) == list or type(lst) == tuple) and len(lst) > 0:
> + elif (type(lst) == list or type(lst) == tuple) and (len(lst) > 0 or allow_empty_list):
> result_list = set(lst)
> else:
> raise AppArmorBug('Passed unknown %(type)s object to %(classname)s: %(unknown_object)s' %
>
>
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20160914/a7e2a562/attachment.pgp>
More information about the AppArmor
mailing list