felipe/apparmor.d
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat(aa): add the Kind struct to manage aa rules.

Browse source
This commit is contained in:
Alexandre Pujol 2024-05-28 18:15:22 +01:00
parent 1333ec2025
commit 3b0944c615
No known key found for this signature in database
GPG key ID: C5469996F0DF68EC
23 changed files with 239 additions and 223 deletions
Download patch file Download diff file Expand all files Collapse all files

32
pkg/aa/file.go
View file

@ -11,14 +11,14 @@ import (
)
const (
tokLINK = "link"
tokFILE = "file"
tokOWNER = "owner"
tokSUBSET = "subset"
LINK Kind = "link"
FILE Kind = "file"
tokOWNER = "owner"
tokSUBSET = "subset"
)
func init() {
requirements[tokFILE] = requirement{
requirements[FILE] = requirement{
"access": {"m", "r", "w", "l", "k"},
"transition": {
"ix", "ux", "Ux", "px", "Px", "cx", "Cx", "pix", "Pix", "cix",
@ -40,15 +40,15 @@ func isOwner(log map[string]string) bool {
// cmpFileAccess compares two access strings for file rules.
// It is aimed to be used in slices.SortFunc.
func cmpFileAccess(i, j string) int {
if slices.Contains(requirements[tokFILE]["access"], i) &&
slices.Contains(requirements[tokFILE]["access"], j) {
return requirementsWeights[tokFILE]["access"][i] - requirementsWeights[tokFILE]["access"][j]
if slices.Contains(requirements[FILE]["access"], i) &&
slices.Contains(requirements[FILE]["access"], j) {
return requirementsWeights[FILE]["access"][i] - requirementsWeights[FILE]["access"][j]
}
if slices.Contains(requirements[tokFILE]["transition"], i) &&
slices.Contains(requirements[tokFILE]["transition"], j) {
return requirementsWeights[tokFILE]["transition"][i] - requirementsWeights[tokFILE]["transition"][j]
if slices.Contains(requirements[FILE]["transition"], i) &&
slices.Contains(requirements[FILE]["transition"], j) {
return requirementsWeights[FILE]["transition"][i] - requirementsWeights[FILE]["transition"][j]
}
if slices.Contains(requirements[tokFILE]["access"], i) {
if slices.Contains(requirements[FILE]["access"], i) {
return -1
}
return 1
@ -121,8 +121,8 @@ func (r *File) Constraint() constraint {
return blockKind
}
func (r *File) Kind() string {
return tokFILE
func (r *File) Kind() Kind {
return FILE
}
type Link struct {
@ -179,6 +179,6 @@ func (r *Link) Constraint() constraint {
return blockKind
}
func (r *Link) Kind() string {
return tokLINK
func (r *Link) Kind() Kind {
return LINK
}