felipe/apparmor.d
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat(aa): add initial profile validation structure.

Browse source
This commit is contained in:
Alexandre Pujol 2024-05-25 22:36:39 +01:00
parent 2dd6046697
commit 92641e7e28
No known key found for this signature in database
GPG key ID: C5469996F0DF68EC
20 changed files with 222 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

22
pkg/aa/rules.go
View file

@ -28,6 +28,7 @@ const (
// Rule generic interface for all AppArmor rules
type Rule interface {
Validate() error
Less(other any) bool
Equals(other any) bool
String() string
@ -37,6 +38,15 @@ type Rule interface {
type Rules []Rule
func (r Rules) Validate() error {
for _, rule := range r {
if err := rule.Validate(); err != nil {
return err
}
}
return nil
}
func (r Rules) String() string {
return renderTemplate("rules", r)
}
@ -82,6 +92,18 @@ func Must[T any](v T, err error) T {
return v
}
func validateValues(rule string, key string, values []string) error {
for _, v := range values {
if v == "" {
continue
}
if !slices.Contains(requirements[rule][key], v) {
return fmt.Errorf("invalid mode '%s'", v)
}
}
return nil
}
// Helper function to convert a string to a slice of rule values according to
// the rule requirements as defined in the requirements map.
func toValues(rule string, key string, input string) ([]string, error) {