def get_next_to_profile(self):
'''Iterator function to walk the list of arguments passed'''
for p in self.profiling:
if not p:
continue
program = None
profile = None
if os.path.exists(p) or p.startswith('/'):
fq_path = apparmor.get_full_path(p).strip()
if os.path.commonprefix([apparmor.profile_dir, fq_path]) == apparmor.profile_dir:
program = None
profile = fq_path
else:
program = fq_path
profile = apparmor.get_profile_filename(fq_path)
else:
which = apparmor.which(p)
if which is not None:
program = apparmor.get_full_path(which)
profile = apparmor.get_profile_filename(program)
elif os.path.exists(os.path.join(apparmor.profile_dir, p)):
program = None
profile = apparmor.get_full_path(os.path.join(apparmor.profile_dir, p)).strip()
else:
if '/' not in p:
aaui.UI_Info(_("Can't find %(program)s in the system path list. If the name of the application\nis correct, please run 'which %(program)s' as a user with correct PATH\nenvironment set up in order to find the fully-qualified path and\nuse the full path as parameter.") % { 'program': p })
else:
aaui.UI_Info(_("%s does not exist, please double-check the path.") % p)
continue
yield (program, profile)
def clean_profile(self, program):
filename = apparmor.get_profile_filename(program)
import apparmor.cleanprofile as cleanprofile
prof = cleanprofile.Prof(filename)
cleanprof = cleanprofile.CleanProf(True, prof, prof)
deleted = cleanprof.remove_duplicate_rules(program)
aaui.UI_Info(_("\nDeleted %s rules.") % deleted)
apparmor.changed[program] = True
if filename:
if not self.silent:
q = aaui.PromptQuestion()
q.title = 'Changed Local Profiles'
q.explanation = _('The local profile for %(program)s in file %(file)s was changed. Would you like to save it?') % { 'program': program, 'file': filename }
q.functions = ['CMD_SAVE_CHANGES', 'CMD_VIEW_CHANGES', 'CMD_ABORT']
q.default = 'CMD_VIEW_CHANGES'
q.options = []
q.selected = 0
ans = ''
arg = None
while ans != 'CMD_SAVE_CHANGES':
ans, arg = q.promptUser()
if ans == 'CMD_SAVE_CHANGES':
apparmor.write_profile_ui_feedback(program)
self.reload_profile(filename)
elif ans == 'CMD_VIEW_CHANGES':
#oldprofile = apparmor.serialize_profile(apparmor.original_aa[program], program, '')
newprofile = apparmor.serialize_profile(apparmor.aa[program], program, '')
apparmor.display_changes_with_comments(filename, newprofile)
else:
apparmor.write_profile_ui_feedback(program)
self.reload_profile(filename)
else:
raise apparmor.AppArmorException(_('The profile for %s does not exists. Nothing to clean.') % program)
def get_next_to_profile(self):
'''Iterator function to walk the list of arguments passed'''
for p in self.profiling:
if not p:
continue
program = None
profile = None
if os.path.exists(p) or p.startswith('/'):
fq_path = apparmor.get_full_path(p).strip()
if os.path.commonprefix([apparmor.profile_dir,
fq_path]) == apparmor.profile_dir:
program = None
profile = fq_path
else:
program = fq_path
profile = apparmor.get_profile_filename(fq_path)
else:
which = apparmor.which(p)
if which is not None:
program = apparmor.get_full_path(which)
profile = apparmor.get_profile_filename(program)
elif os.path.exists(os.path.join(apparmor.profile_dir, p)):
program = None
profile = apparmor.get_full_path(
os.path.join(apparmor.profile_dir, p)).strip()
else:
if '/' not in p:
aaui.UI_Info(
_("Can't find %(program)s in the system path list. If the name of the application\nis correct, please run 'which %(program)s' as a user with correct PATH\nenvironment set up in order to find the fully-qualified path and\nuse the full path as parameter."
) % {'program': p})
else:
aaui.UI_Info(
_("%s does not exist, please double-check the path."
) % p)
continue
yield (program, profile)
def act(self):
# used by aa-cleanprof
apparmor.read_profiles()
for (program, profile) in self.get_next_to_profile():
if program is None:
program = profile
if not program or not (os.path.exists(program)
or apparmor.profile_exists(program)):
if program and not program.startswith('/'):
program = aaui.UI_GetString(
_('The given program cannot be found, please try with the fully qualified path name of the program: '
), '')
else:
aaui.UI_Info(
_("%s does not exist, please double-check the path.") %
program)
sys.exit(1)
if program and apparmor.profile_exists(program):
if self.name == 'cleanprof':
self.clean_profile(program)
else:
filename = apparmor.get_profile_filename(program)
if not os.path.isfile(
filename) or apparmor.is_skippable_file(filename):
aaui.UI_Info(
_('Profile for %s not found, skipping') % program)
else:
# One simply does not walk in here!
raise apparmor.AppArmorException('Unknown tool: %s' %
self.name)
self.reload_profile(profile)
else:
if '/' not in program:
aaui.UI_Info(
_("Can't find %(program)s in the system path list. If the name of the application\nis correct, please run 'which %(program)s' as a user with correct PATH\nenvironment set up in order to find the fully-qualified path and\nuse the full path as parameter."
) % {'program': program})
else:
aaui.UI_Info(
_("%s does not exist, please double-check the path.") %
program)
sys.exit(1)
def cmd_autodep(self):
apparmor.read_profiles()
for (program, profile) in self.get_next_to_profile():
if not program:
aaui.UI_Info(_('Please pass an application to generate a profile for, not a profile itself - skipping %s.') % profile)
continue
apparmor.check_qualifiers(program)
if os.path.exists(apparmor.get_profile_filename(program)) and not self.force:
aaui.UI_Info(_('Profile for %s already exists - skipping.') % program)
else:
apparmor.autodep(program)
if self.aa_mountpoint:
apparmor.reload(program)
def clean_profile(self, program):
filename = apparmor.get_profile_filename(program)
import apparmor.cleanprofile as cleanprofile
prof = cleanprofile.Prof(filename)
cleanprof = cleanprofile.CleanProf(True, prof, prof)
deleted = cleanprof.remove_duplicate_rules(program)
aaui.UI_Info(_("\nDeleted %s rules.") % deleted)
apparmor.changed[program] = True
if filename:
if not self.silent:
q = aaui.PromptQuestion()
q.title = 'Changed Local Profiles'
q.explanation = _(
'The local profile for %(program)s in file %(file)s was changed. Would you like to save it?'
) % {
'program': program,
'file': filename
}
q.functions = [
'CMD_SAVE_CHANGES', 'CMD_VIEW_CHANGES', 'CMD_ABORT'
]
q.default = 'CMD_VIEW_CHANGES'
q.options = []
q.selected = 0
ans = ''
arg = None
while ans != 'CMD_SAVE_CHANGES':
ans, arg = q.promptUser()
if ans == 'CMD_SAVE_CHANGES':
apparmor.write_profile_ui_feedback(program)
self.reload_profile(filename)
elif ans == 'CMD_VIEW_CHANGES':
#oldprofile = apparmor.serialize_profile(apparmor.original_aa[program], program, '')
newprofile = apparmor.serialize_profile(
apparmor.aa[program], program, '')
apparmor.display_changes_with_comments(
filename, newprofile)
else:
apparmor.write_profile_ui_feedback(program)
self.reload_profile(filename)
else:
raise apparmor.AppArmorException(
_('The profile for %s does not exists. Nothing to clean.') %
program)
def cmd_autodep(self):
apparmor.read_profiles()
for (program, profile) in self.get_next_to_profile():
if not program:
aaui.UI_Info(
_('Please pass an application to generate a profile for, not a profile itself - skipping %s.'
) % profile)
continue
apparmor.check_qualifiers(program)
if os.path.exists(
apparmor.get_profile_filename(program)) and not self.force:
aaui.UI_Info(
_('Profile for %s already exists - skipping.') % program)
else:
apparmor.autodep(program)
if self.aa_mountpoint:
apparmor.reload(program)
def act(self):
# used by aa-cleanprof
apparmor.read_profiles()
for (program, profile) in self.get_next_to_profile():
if program is None:
program = profile
if not program or not(os.path.exists(program) or apparmor.profile_exists(program)):
if program and not program.startswith('/'):
program = aaui.UI_GetString(_('The given program cannot be found, please try with the fully qualified path name of the program: '), '')
else:
aaui.UI_Info(_("%s does not exist, please double-check the path.") % program)
sys.exit(1)
if program and apparmor.profile_exists(program):
if self.name == 'cleanprof':
self.clean_profile(program)
else:
filename = apparmor.get_profile_filename(program)
if not os.path.isfile(filename) or apparmor.is_skippable_file(filename):
aaui.UI_Info(_('Profile for %s not found, skipping') % program)
else:
# One simply does not walk in here!
raise apparmor.AppArmorException('Unknown tool: %s' % self.name)
self.reload_profile(profile)
else:
if '/' not in program:
aaui.UI_Info(_("Can't find %(program)s in the system path list. If the name of the application\nis correct, please run 'which %(program)s' as a user with correct PATH\nenvironment set up in order to find the fully-qualified path and\nuse the full path as parameter.") % { 'program': program })
else:
aaui.UI_Info(_("%s does not exist, please double-check the path.") % program)
sys.exit(1)