github/containerd
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity

Merge pull request #8069 from thaJeztah/apparmor_remove_version_code

Browse Source 
contrib/apparmor: remove code related to apparmor_parser version
This commit is contained in:
Phil Estes 2023-02-22 14:13:07 -05:00 committed by GitHub
commit e366facb87
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 2 additions and 151 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

87
contrib/apparmor/apparmor_test.go
View File

@ -22,92 +22,9 @@ import (
"testing" "testing"
) )
type versionExpected struct {
output string
version int
}
func TestParseVersion(t *testing.T) {
versions := []versionExpected{
{
output: `AppArmor parser version 2.10
Copyright (C) 1999-2008 Novell Inc.
Copyright 2009-2012 Canonical Ltd.
`,
version: 210000,
},
{
output: `AppArmor parser version 2.8
Copyright (C) 1999-2008 Novell Inc.
Copyright 2009-2012 Canonical Ltd.
`,
version: 208000,
},
{
output: `AppArmor parser version 2.20
Copyright (C) 1999-2008 Novell Inc.
Copyright 2009-2012 Canonical Ltd.
`,
version: 220000,
},
{
output: `AppArmor parser version 2.05
Copyright (C) 1999-2008 Novell Inc.
Copyright 2009-2012 Canonical Ltd.
`,
version: 205000,
},
{
output: `AppArmor parser version 2.9.95
Copyright (C) 1999-2008 Novell Inc.
Copyright 2009-2012 Canonical Ltd.
`,
version: 209095,
},
{
output: `AppArmor parser version 3.14.159
Copyright (C) 1999-2008 Novell Inc.
Copyright 2009-2012 Canonical Ltd.
`,
version: 314159,
},
{
output: `AppArmor parser version 3.0.0-beta1
Copyright (C) 1999-2008 Novell Inc.
Copyright 2009-2018 Canonical Ltd.
`,
version: 300000,
},
{
output: `AppArmor parser version 3.0.0-beta1-foo-bar
Copyright (C) 1999-2008 Novell Inc.
Copyright 2009-2018 Canonical Ltd.
`,
version: 300000,
},
{
output: `AppArmor parser version 2.7.0~rc2
Copyright (C) 1999-2008 Novell Inc.
Copyright 2009-2018 Canonical Ltd.
`,
version: 207000,
},
}
for _, v := range versions {
version, err := parseVersion(v.output)
if err != nil {
t.Fatalf("expected error to be nil for %#v, got: %v", v, err)
}
if version != v.version {
t.Fatalf("expected version to be %d, was %d, for: %#v\n", v.version, version, v)
}
}
}
func TestDumpDefaultProfile(t *testing.T) { func TestDumpDefaultProfile(t *testing.T) {
if _, err := getVersion(); err != nil { if _, err := aaParser("--version"); err != nil {
t.Skipf("AppArmor not available: %+v", err) t.Skipf("apparmor_parser not available: %+v", err)
} }
name := "test-dump-default-profile" name := "test-dump-default-profile"
prof, err := DumpDefaultProfile(name) prof, err := DumpDefaultProfile(name)

66
contrib/apparmor/template.go
View File

@ -26,7 +26,6 @@ import (
"io" "io"
"os" "os"
"path" "path"
"strconv"
"strings" "strings"
"text/template" "text/template"
@ -91,7 +90,6 @@ type data struct {
Imports []string Imports []string
InnerImports []string InnerImports []string
DaemonProfile string DaemonProfile string
Version int
} }
func cleanProfileName(profile string) string { func cleanProfileName(profile string) string {
@ -117,11 +115,6 @@ func loadData(name string) (*data, error) {
if macroExists("abstractions/base") { if macroExists("abstractions/base") {
p.InnerImports = append(p.InnerImports, "#include <abstractions/base>") p.InnerImports = append(p.InnerImports, "#include <abstractions/base>")
} }
ver, err := getVersion()
if err != nil {
return nil, fmt.Errorf("get apparmor_parser version: %w", err)
}
p.Version = ver
// Figure out the daemon profile. // Figure out the daemon profile.
currentProfile, err := os.ReadFile("/proc/self/attr/current") currentProfile, err := os.ReadFile("/proc/self/attr/current")
@ -162,65 +155,6 @@ func aaParser(args ...string) (string, error) {
return string(out), err return string(out), err
} }
func getVersion() (int, error) {
out, err := aaParser("--version")
if err != nil {
return -1, err
}
return parseVersion(out)
}
// parseVersion takes the output from `apparmor_parser --version` and returns
// a representation of the {major, minor, patch} version as a single number of
// the form MMmmPPP {major, minor, patch}.
func parseVersion(output string) (int, error) {
// output is in the form of the following:
// AppArmor parser version 2.9.1
// Copyright (C) 1999-2008 Novell Inc.
// Copyright 2009-2012 Canonical Ltd.
version, _, _ := strings.Cut(output, "\n")
if i := strings.LastIndex(version, " "); i >= 0 {
version = version[i+1:]
}
// trim "-beta1" suffix from version="3.0.0-beta1" if exists
version, _, _ = strings.Cut(version, "-")
// also trim tilde
version, _, _ = strings.Cut(version, "~")
// split by major minor version
v := strings.SplitN(version, ".", 4)
if len(v) == 0 || len(v) > 3 {
return -1, fmt.Errorf("parsing version failed for output: `%s`", output)
}
// Default the versions to 0.
var majorVersion, minorVersion, patchLevel int
majorVersion, err := strconv.Atoi(v[0])
if err != nil {
return -1, err
}
if len(v) > 1 {
minorVersion, err = strconv.Atoi(v[1])
if err != nil {
return -1, err
}
}
if len(v) > 2 {
patchLevel, err = strconv.Atoi(v[2])
if err != nil {
return -1, err
}
}
// major*10^5 + minor*10^3 + patch*10^0
numericVersion := majorVersion*1e5 + minorVersion*1e3 + patchLevel
return numericVersion, nil
}
func isLoaded(name string) (bool, error) { func isLoaded(name string) (bool, error) {
f, err := os.Open("/sys/kernel/security/apparmor/profiles") f, err := os.Open("/sys/kernel/security/apparmor/profiles")
if err != nil { if err != nil {