diff --git a/pkg/prebuild/directive/core.go b/pkg/prebuild/directive/core.go index 207d8231b..75346d35d 100644 --- a/pkg/prebuild/directive/core.go +++ b/pkg/prebuild/directive/core.go @@ -10,36 +10,25 @@ import ( "strings" "github.com/arduino/go-paths-helper" + "github.com/roddhjav/apparmor.d/pkg/prebuild/cfg" ) // Define the directive keyword globally const Keyword = "#aa:" -// Build the profiles with the following directive applied -var Directives = map[string]Directive{} +var ( + // Build the profiles with the following directive applied + Directives = map[string]Directive{} -var regDirective = regexp.MustCompile(`(?m).*` + Keyword + `([a-z]*) (.*)`) + regDirective = regexp.MustCompile(`(?m).*` + Keyword + `([a-z]*) (.*)`) +) // Main directive interface type Directive interface { - Usage() string - Message() string + cfg.BaseInterface Apply(opt *Option, profile string) string } -type DirectiveBase struct { - message string - usage string -} - -func (d *DirectiveBase) Usage() string { - return d.usage -} - -func (d *DirectiveBase) Message() string { - return d.message -} - // Directive options type Option struct { Name string @@ -72,6 +61,10 @@ func NewOption(file *paths.Path, match []string) *Option { } } +func RegisterDirective(d Directive) { + Directives[d.Name()] = d +} + func Run(file *paths.Path, profile string) string { for _, match := range regDirective.FindAllStringSubmatch(profile, -1) { opt := NewOption(file, match) diff --git a/pkg/prebuild/directive/core_test.go b/pkg/prebuild/directive/core_test.go index 28d45d845..c74192ff5 100644 --- a/pkg/prebuild/directive/core_test.go +++ b/pkg/prebuild/directive/core_test.go @@ -11,32 +11,6 @@ import ( "github.com/arduino/go-paths-helper" ) -func TestDirective_Usage(t *testing.T) { - tests := []struct { - name string - d Directive - wantMessage string - wantUsage string - }{ - { - name: "empty", - d: Directives["stack"], - wantMessage: "Stack directive applied", - wantUsage: `#aa:stack profiles_name...`, - }, - } - for _, tt := range tests { - t.Run(tt.name, func(t *testing.T) { - if got := tt.d.Usage(); got != tt.wantUsage { - t.Errorf("Directive.Usage() = %v, want %v", got, tt.wantUsage) - } - if got := tt.d.Message(); got != tt.wantMessage { - t.Errorf("Directive.Usage() = %v, want %v", got, tt.wantMessage) - } - }) - } -} - func TestNewOption(t *testing.T) { tests := []struct { name string diff --git a/pkg/prebuild/directive/dbus.go b/pkg/prebuild/directive/dbus.go index 9b107b27b..2c171624e 100644 --- a/pkg/prebuild/directive/dbus.go +++ b/pkg/prebuild/directive/dbus.go @@ -18,6 +18,7 @@ import ( "strings" "github.com/roddhjav/apparmor.d/pkg/aa" + "github.com/roddhjav/apparmor.d/pkg/prebuild/cfg" ) var defaultInterfaces = []string{ @@ -26,17 +27,18 @@ var defaultInterfaces = []string{ } type Dbus struct { - DirectiveBase + cfg.Base } func init() { - Directives["dbus"] = &Dbus{ - DirectiveBase: DirectiveBase{ - message: "Dbus directive applied", - usage: `#aa:dbus own bus=(system | session) name= - #aa:dbus talk bus=(system | session) name= label=`, + RegisterDirective(&Dbus{ + Base: cfg.Base{ + Keyword: "dbus", + Msg: "Dbus directive applied", + Help: `#aa:dbus own bus= name= [interface=AARE] [path=AARE] + #aa:dbus talk bus= name= label= [interface=AARE] [path=AARE]`, }, - } + }) } func setInterfaces(rules map[string]string) []string { diff --git a/pkg/prebuild/directive/exec.go b/pkg/prebuild/directive/exec.go index bd1e5d375..88514572f 100644 --- a/pkg/prebuild/directive/exec.go +++ b/pkg/prebuild/directive/exec.go @@ -8,20 +8,22 @@ import ( "strings" "github.com/roddhjav/apparmor.d/pkg/aa" + "github.com/roddhjav/apparmor.d/pkg/prebuild/cfg" "golang.org/x/exp/slices" ) type Exec struct { - DirectiveBase + cfg.Base } func init() { - Directives["exec"] = &Exec{ - DirectiveBase: DirectiveBase{ - message: "Exec directive applied", - usage: `#aa:exec [P|U|p|u|PU|pu|] profiles_name...`, + RegisterDirective(&Exec{ + Base: cfg.Base{ + Keyword: "exec", + Msg: "Exec directive applied", + Help: `#aa:exec [P|U|p|u|PU|pu|] profiles...`, }, - } + }) } func (d Exec) Apply(opt *Option, profile string) string { @@ -35,7 +37,7 @@ func (d Exec) Apply(opt *Option, profile string) string { p := &aa.AppArmorProfile{} for name := range opt.ArgMap { - content, err := rootApparmord.Join(name).ReadFile() + content, err := cfg.RootApparmord.Join(name).ReadFile() if err != nil { panic(err) } diff --git a/pkg/prebuild/directive/exec_test.go b/pkg/prebuild/directive/exec_test.go index d5dcc60e7..a2c8a6f15 100644 --- a/pkg/prebuild/directive/exec_test.go +++ b/pkg/prebuild/directive/exec_test.go @@ -8,6 +8,7 @@ import ( "testing" "github.com/arduino/go-paths-helper" + "github.com/roddhjav/apparmor.d/pkg/prebuild/cfg" ) func TestExec_Apply(t *testing.T) { @@ -49,7 +50,7 @@ func TestExec_Apply(t *testing.T) { } for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { - rootApparmord = tt.rootApparmord + cfg.RootApparmord = tt.rootApparmord if got := Directives["exec"].Apply(tt.opt, tt.profile); got != tt.want { t.Errorf("Exec.Apply() = %v, want %v", got, tt.want) } diff --git a/pkg/prebuild/directive/filter.go b/pkg/prebuild/directive/filter.go index 496358b8e..58a0675b9 100644 --- a/pkg/prebuild/directive/filter.go +++ b/pkg/prebuild/directive/filter.go @@ -8,35 +8,37 @@ import ( "regexp" "strings" - oss "github.com/roddhjav/apparmor.d/pkg/os" + "github.com/roddhjav/apparmor.d/pkg/prebuild/cfg" "golang.org/x/exp/slices" ) type FilterOnly struct { - DirectiveBase + cfg.Base } type FilterExclude struct { - DirectiveBase + cfg.Base } func init() { - Directives["only"] = &FilterOnly{ - DirectiveBase: DirectiveBase{ - message: "Only directive applied", - usage: `#aa:only `, + RegisterDirective(&FilterOnly{ + Base: cfg.Base{ + Keyword: "only", + Msg: "Only directive applied", + Help: `#aa:only filters...`, }, - } - Directives["exclude"] = &FilterExclude{ - DirectiveBase: DirectiveBase{ - message: "Exclude directive applied", - usage: `#aa:exclude `, + }) + RegisterDirective(&FilterExclude{ + Base: cfg.Base{ + Keyword: "exclude", + Msg: "Exclude directive applied", + Help: `#aa:exclude filters...`, }, - } + }) } func filterRuleForUs(opt *Option) bool { - return slices.Contains(opt.ArgList, oss.Distribution) || slices.Contains(opt.ArgList, oss.Family) + return slices.Contains(opt.ArgList, cfg.Distribution) || slices.Contains(opt.ArgList, cfg.Family) } func filter(only bool, opt *Option, profile string) string { diff --git a/pkg/prebuild/directive/filter_test.go b/pkg/prebuild/directive/filter_test.go index 2ff756c96..4dbeca916 100644 --- a/pkg/prebuild/directive/filter_test.go +++ b/pkg/prebuild/directive/filter_test.go @@ -7,7 +7,7 @@ package directive import ( "testing" - oss "github.com/roddhjav/apparmor.d/pkg/os" + "github.com/roddhjav/apparmor.d/pkg/prebuild/cfg" ) func TestFilterOnly_Apply(t *testing.T) { @@ -77,8 +77,8 @@ func TestFilterOnly_Apply(t *testing.T) { } for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { - oss.Distribution = tt.dist - oss.Family = tt.family + cfg.Distribution = tt.dist + cfg.Family = tt.family if got := Directives["only"].Apply(tt.opt, tt.profile); got != tt.want { t.Errorf("FilterOnly.Apply() = %v, want %v", got, tt.want) } @@ -126,8 +126,8 @@ func TestFilterExclude_Apply(t *testing.T) { } for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { - oss.Distribution = tt.dist - oss.Family = tt.family + cfg.Distribution = tt.dist + cfg.Family = tt.family if got := Directives["exclude"].Apply(tt.opt, tt.profile); got != tt.want { t.Errorf("FilterExclude.Apply() = %v, want %v", got, tt.want) } diff --git a/pkg/prebuild/directive/stack.go b/pkg/prebuild/directive/stack.go index fc1ac4876..23c4f19d1 100644 --- a/pkg/prebuild/directive/stack.go +++ b/pkg/prebuild/directive/stack.go @@ -9,12 +9,10 @@ import ( "regexp" "strings" - "github.com/arduino/go-paths-helper" + "github.com/roddhjav/apparmor.d/pkg/prebuild/cfg" "github.com/roddhjav/apparmor.d/pkg/util" ) -var rootApparmord = paths.New(".build/apparmor.d") - var ( regRules = regexp.MustCompile(`(?m)^profile.*{$((.|\n)*)}`) regEndOfRules = regexp.MustCompile(`(?m)([\t ]*include if exists <.*>\n)+}`) @@ -27,22 +25,23 @@ var ( ) type Stack struct { - DirectiveBase + cfg.Base } func init() { - Directives["stack"] = &Stack{ - DirectiveBase: DirectiveBase{ - message: "Stack directive applied", - usage: `#aa:stack profiles_name...`, + RegisterDirective(&Stack{ + Base: cfg.Base{ + Keyword: "stack", + Msg: "Stack directive applied", + Help: `#aa:stack profiles...`, }, - } + }) } func (s Stack) Apply(opt *Option, profile string) string { res := "" for name := range opt.ArgMap { - tmp, err := rootApparmord.Join(name).ReadFile() + tmp, err := cfg.RootApparmord.Join(name).ReadFile() if err != nil { panic(err) } diff --git a/pkg/prebuild/directive/stack_test.go b/pkg/prebuild/directive/stack_test.go index 07df8fe9d..4d5a284ae 100644 --- a/pkg/prebuild/directive/stack_test.go +++ b/pkg/prebuild/directive/stack_test.go @@ -8,6 +8,7 @@ import ( "testing" "github.com/arduino/go-paths-helper" + "github.com/roddhjav/apparmor.d/pkg/prebuild/cfg" ) func TestStack_Apply(t *testing.T) { @@ -66,7 +67,7 @@ profile parent @{exec_path} { } for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { - rootApparmord = tt.rootApparmord + cfg.RootApparmord = tt.rootApparmord if got := Directives["stack"].Apply(tt.opt, tt.profile); got != tt.want { t.Errorf("Stack.Apply() = %v, want %v", got, tt.want) }