[prev in list] [next in list] [prev in thread] [next in thread]
List: apparmor-dev
Subject: Re: [apparmor] WTF changed in latest aa-enforce?!
From: Aaron Lewis <the.warl0ck.1989 () gmail ! com>
Date: 2014-08-14 0:30:29
Message-ID: CAJZVxRkx_8VWJTtV5vVcwMb_A02po52f0Fzb8xeJ5DdDmNUU1Q () mail ! gmail ! com
[Download RAW message or body]
Okay, Thanks Seth. So
1. A comma is needed even if it's the last line before the ending '}'
-- That's a change
2. The error message does not show which line has the syntax error --
All I see is a stack trace, a python one, no line-number of the parsed
rule file
Am I wrong?
On Thu, Aug 14, 2014 at 6:02 AM, Seth Arnold <seth.arnold@canonical.com> wrote:
> On Wed, Aug 13, 2014 at 01:54:30PM +0200, Christian Boltz wrote:
>> > apparmor.common.AppArmorException: "Syntax Error: Missing '}' .
>> > Reached end of file /etc/apparmor.d/usr.sbin.nginx while inside
>> > profile /usr/sbin/nginx"
>>
>> The error message is misleading - you have a syntax error in the line
>> above the }
>>
>> > /usr/sbin/nginx {
>> [...]
>> > /var/lib/nginx/fastcgi/{**,} mrw,
>> > /var/log/nginx/{*,} w
>> > }
>
> Nice catch, proving once again that tools are nicer than eyes -- I looked
> for that exact type of error and still missed it.
>
> Anyway, here's a proposed patch to ensure that the {**,} and {,**} regexs
> are being properly parsed by the Python tools:
>
> === modified file 'utils/test/regex_tests.ini'
> --- utils/test/regex_tests.ini 2014-07-28 18:16:04 +0000
> +++ utils/test/regex_tests.ini 2014-08-13 22:00:21 +0000
> @@ -64,3 +64,18 @@
> /*.jpg = False
> /foo/*.bar = False
>
> +[/foo/{**,}]
> + /foo/ = True
> + /foo/bar = True
> + /foo/bar/ = True
> + /foo/bar/baz = True
> + /foo/bar/baz/ = True
> + /bar/ = False
> +
> +[/foo/{,**}]
> + /foo/ = True
> + /foo/bar = True
> + /foo/bar/ = True
> + /foo/bar/baz = True
> + /foo/bar/baz/ = True
> + /bar/ = False
>
> Signed-off-by: Seth Arnold <seth.arnold@canonical.com>
>
> Thanks
>
> --
> AppArmor mailing list
> AppArmor@lists.ubuntu.com
> Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
>
--
Best Regards,
Aaron Lewis - PGP: 0x13714D33 - http://pgp.mit.edu/
Finger Print: 9F67 391B B770 8FF6 99DC D92D 87F6 2602 1371 4D33
--
AppArmor mailing list
AppArmor@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic