def get_next_to_profile(self): '''Iterator function to walk the list of arguments passed''' for p in self.profiling: if not p: continue program = None profile = None if os.path.exists(p) or p.startswith('/'): fq_path = apparmor.get_full_path(p).strip() if os.path.commonprefix([apparmor.profile_dir, fq_path]) == apparmor.profile_dir: program = None profile = fq_path else: program = fq_path profile = apparmor.get_profile_filename(fq_path) else: which = apparmor.which(p) if which is not None: program = apparmor.get_full_path(which) profile = apparmor.get_profile_filename(program) elif os.path.exists(os.path.join(apparmor.profile_dir, p)): program = None profile = apparmor.get_full_path(os.path.join(apparmor.profile_dir, p)).strip() else: if '/' not in p: aaui.UI_Info(_("Can't find %(program)s in the system path list. If the name of the application\nis correct, please run 'which %(program)s' as a user with correct PATH\nenvironment set up in order to find the fully-qualified path and\nuse the full path as parameter.") % { 'program': p }) else: aaui.UI_Info(_("%s does not exist, please double-check the path.") % p) continue yield (program, profile)
def clean_profile(self, program): filename = apparmor.get_profile_filename(program) import apparmor.cleanprofile as cleanprofile prof = cleanprofile.Prof(filename) cleanprof = cleanprofile.CleanProf(True, prof, prof) deleted = cleanprof.remove_duplicate_rules(program) aaui.UI_Info(_("\nDeleted %s rules.") % deleted) apparmor.changed[program] = True if filename: if not self.silent: q = aaui.PromptQuestion() q.title = 'Changed Local Profiles' q.explanation = _('The local profile for %(program)s in file %(file)s was changed. Would you like to save it?') % { 'program': program, 'file': filename } q.functions = ['CMD_SAVE_CHANGES', 'CMD_VIEW_CHANGES', 'CMD_ABORT'] q.default = 'CMD_VIEW_CHANGES' q.options = [] q.selected = 0 ans = '' arg = None while ans != 'CMD_SAVE_CHANGES': ans, arg = q.promptUser() if ans == 'CMD_SAVE_CHANGES': apparmor.write_profile_ui_feedback(program) self.reload_profile(filename) elif ans == 'CMD_VIEW_CHANGES': #oldprofile = apparmor.serialize_profile(apparmor.original_aa[program], program, '') newprofile = apparmor.serialize_profile(apparmor.aa[program], program, '') apparmor.display_changes_with_comments(filename, newprofile) else: apparmor.write_profile_ui_feedback(program) self.reload_profile(filename) else: raise apparmor.AppArmorException(_('The profile for %s does not exists. Nothing to clean.') % program)
def get_next_to_profile(self): '''Iterator function to walk the list of arguments passed''' for p in self.profiling: if not p: continue program = None profile = None if os.path.exists(p) or p.startswith('/'): fq_path = apparmor.get_full_path(p).strip() if os.path.commonprefix([apparmor.profile_dir, fq_path]) == apparmor.profile_dir: program = None profile = fq_path else: program = fq_path profile = apparmor.get_profile_filename(fq_path) else: which = apparmor.which(p) if which is not None: program = apparmor.get_full_path(which) profile = apparmor.get_profile_filename(program) elif os.path.exists(os.path.join(apparmor.profile_dir, p)): program = None profile = apparmor.get_full_path( os.path.join(apparmor.profile_dir, p)).strip() else: if '/' not in p: aaui.UI_Info( _("Can't find %(program)s in the system path list. If the name of the application\nis correct, please run 'which %(program)s' as a user with correct PATH\nenvironment set up in order to find the fully-qualified path and\nuse the full path as parameter." ) % {'program': p}) else: aaui.UI_Info( _("%s does not exist, please double-check the path." ) % p) continue yield (program, profile)
def act(self): # used by aa-cleanprof apparmor.read_profiles() for (program, profile) in self.get_next_to_profile(): if program is None: program = profile if not program or not (os.path.exists(program) or apparmor.profile_exists(program)): if program and not program.startswith('/'): program = aaui.UI_GetString( _('The given program cannot be found, please try with the fully qualified path name of the program: ' ), '') else: aaui.UI_Info( _("%s does not exist, please double-check the path.") % program) sys.exit(1) if program and apparmor.profile_exists(program): if self.name == 'cleanprof': self.clean_profile(program) else: filename = apparmor.get_profile_filename(program) if not os.path.isfile( filename) or apparmor.is_skippable_file(filename): aaui.UI_Info( _('Profile for %s not found, skipping') % program) else: # One simply does not walk in here! raise apparmor.AppArmorException('Unknown tool: %s' % self.name) self.reload_profile(profile) else: if '/' not in program: aaui.UI_Info( _("Can't find %(program)s in the system path list. If the name of the application\nis correct, please run 'which %(program)s' as a user with correct PATH\nenvironment set up in order to find the fully-qualified path and\nuse the full path as parameter." ) % {'program': program}) else: aaui.UI_Info( _("%s does not exist, please double-check the path.") % program) sys.exit(1)
def cmd_autodep(self): apparmor.read_profiles() for (program, profile) in self.get_next_to_profile(): if not program: aaui.UI_Info(_('Please pass an application to generate a profile for, not a profile itself - skipping %s.') % profile) continue apparmor.check_qualifiers(program) if os.path.exists(apparmor.get_profile_filename(program)) and not self.force: aaui.UI_Info(_('Profile for %s already exists - skipping.') % program) else: apparmor.autodep(program) if self.aa_mountpoint: apparmor.reload(program)
def clean_profile(self, program): filename = apparmor.get_profile_filename(program) import apparmor.cleanprofile as cleanprofile prof = cleanprofile.Prof(filename) cleanprof = cleanprofile.CleanProf(True, prof, prof) deleted = cleanprof.remove_duplicate_rules(program) aaui.UI_Info(_("\nDeleted %s rules.") % deleted) apparmor.changed[program] = True if filename: if not self.silent: q = aaui.PromptQuestion() q.title = 'Changed Local Profiles' q.explanation = _( 'The local profile for %(program)s in file %(file)s was changed. Would you like to save it?' ) % { 'program': program, 'file': filename } q.functions = [ 'CMD_SAVE_CHANGES', 'CMD_VIEW_CHANGES', 'CMD_ABORT' ] q.default = 'CMD_VIEW_CHANGES' q.options = [] q.selected = 0 ans = '' arg = None while ans != 'CMD_SAVE_CHANGES': ans, arg = q.promptUser() if ans == 'CMD_SAVE_CHANGES': apparmor.write_profile_ui_feedback(program) self.reload_profile(filename) elif ans == 'CMD_VIEW_CHANGES': #oldprofile = apparmor.serialize_profile(apparmor.original_aa[program], program, '') newprofile = apparmor.serialize_profile( apparmor.aa[program], program, '') apparmor.display_changes_with_comments( filename, newprofile) else: apparmor.write_profile_ui_feedback(program) self.reload_profile(filename) else: raise apparmor.AppArmorException( _('The profile for %s does not exists. Nothing to clean.') % program)
def cmd_autodep(self): apparmor.read_profiles() for (program, profile) in self.get_next_to_profile(): if not program: aaui.UI_Info( _('Please pass an application to generate a profile for, not a profile itself - skipping %s.' ) % profile) continue apparmor.check_qualifiers(program) if os.path.exists( apparmor.get_profile_filename(program)) and not self.force: aaui.UI_Info( _('Profile for %s already exists - skipping.') % program) else: apparmor.autodep(program) if self.aa_mountpoint: apparmor.reload(program)
def act(self): # used by aa-cleanprof apparmor.read_profiles() for (program, profile) in self.get_next_to_profile(): if program is None: program = profile if not program or not(os.path.exists(program) or apparmor.profile_exists(program)): if program and not program.startswith('/'): program = aaui.UI_GetString(_('The given program cannot be found, please try with the fully qualified path name of the program: '), '') else: aaui.UI_Info(_("%s does not exist, please double-check the path.") % program) sys.exit(1) if program and apparmor.profile_exists(program): if self.name == 'cleanprof': self.clean_profile(program) else: filename = apparmor.get_profile_filename(program) if not os.path.isfile(filename) or apparmor.is_skippable_file(filename): aaui.UI_Info(_('Profile for %s not found, skipping') % program) else: # One simply does not walk in here! raise apparmor.AppArmorException('Unknown tool: %s' % self.name) self.reload_profile(profile) else: if '/' not in program: aaui.UI_Info(_("Can't find %(program)s in the system path list. If the name of the application\nis correct, please run 'which %(program)s' as a user with correct PATH\nenvironment set up in order to find the fully-qualified path and\nuse the full path as parameter.") % { 'program': program }) else: aaui.UI_Info(_("%s does not exist, please double-check the path.") % program) sys.exit(1)