diff --git a/cmd/aa-log/main.go b/cmd/aa-log/main.go index d58089310..ccd6e9cca 100644 --- a/cmd/aa-log/main.go +++ b/cmd/aa-log/main.go @@ -55,7 +55,7 @@ func aaLog(logger string, path string, profile string) error { case "systemd": file, err = logs.GetJournalctlLogs(path, since, !slices.Contains(logs.LogFiles, path)) default: - err = fmt.Errorf("Logger %s not supported.", logger) + err = fmt.Errorf("logger %s not supported", logger) } if err != nil { return err diff --git a/pkg/aa/apparmor.go b/pkg/aa/apparmor.go index 90a28ee8c..f0deaffc9 100644 --- a/pkg/aa/apparmor.go +++ b/pkg/aa/apparmor.go @@ -8,7 +8,7 @@ import ( "github.com/roddhjav/apparmor.d/pkg/paths" ) -// Default Apparmor magic directory: /etc/apparmor.d/. +// MagicRoot is the default Apparmor magic directory: /etc/apparmor.d/. var MagicRoot = paths.New("/etc/apparmor.d") // AppArmorProfileFiles represents a full set of apparmor profiles diff --git a/pkg/aa/base.go b/pkg/aa/base.go index 609525111..eaf69f71c 100644 --- a/pkg/aa/base.go +++ b/pkg/aa/base.go @@ -104,10 +104,7 @@ type Qualifier struct { } func newQualifierFromLog(log map[string]string) Qualifier { - audit := false - if log["apparmor"] == "AUDIT" { - audit = true - } + audit := log["apparmor"] == "AUDIT" return Qualifier{Audit: audit} } diff --git a/pkg/aa/blocks.go b/pkg/aa/blocks.go index 901fdaae8..d0826dfa2 100644 --- a/pkg/aa/blocks.go +++ b/pkg/aa/blocks.go @@ -27,21 +27,21 @@ func (p *Hat) String() string { return renderTemplate(p.Kind(), p) } -func (r *Hat) Validate() error { +func (p *Hat) Validate() error { return nil } -func (r *Hat) Compare(other Rule) int { +func (p *Hat) Compare(other Rule) int { o, _ := other.(*Hat) - return compare(r.Name, o.Name) + return compare(p.Name, o.Name) } -func (r *Hat) Merge(other Rule) bool { +func (p *Hat) Merge(other Rule) bool { return false // Never merge hat blocks } -func (r *Hat) Lengths() []int { +func (p *Hat) Lengths() []int { return []int{} // No len for hat } -func (r *Hat) setPaddings(max []int) {} // No paddings for hat +func (p *Hat) setPaddings(max []int) {} // No paddings for hat diff --git a/pkg/aa/capability.go b/pkg/aa/capability.go index b1ba27c6a..a55f8bc9b 100644 --- a/pkg/aa/capability.go +++ b/pkg/aa/capability.go @@ -84,8 +84,8 @@ func (r *Capability) Merge(other Rule) bool { func (r *Capability) Lengths() []int { return []int{ - r.Qualifier.getLenAudit(), - r.Qualifier.getLenAccess(), + r.getLenAudit(), + r.getLenAccess(), length("", r.Names), } } diff --git a/pkg/aa/change_profile.go b/pkg/aa/change_profile.go index 769427024..5334b343c 100644 --- a/pkg/aa/change_profile.go +++ b/pkg/aa/change_profile.go @@ -106,8 +106,8 @@ func (r *ChangeProfile) Merge(other Rule) bool { func (r *ChangeProfile) Lengths() []int { return []int{ - r.Qualifier.getLenAudit(), - r.Qualifier.getLenAccess(), + r.getLenAudit(), + r.getLenAccess(), length("", r.ExecMode), length("", r.Exec), length("", r.ProfileName), diff --git a/pkg/aa/dbus.go b/pkg/aa/dbus.go index 79072925f..fa4ec7ec4 100644 --- a/pkg/aa/dbus.go +++ b/pkg/aa/dbus.go @@ -125,7 +125,7 @@ func (r *Dbus) Compare(other Rule) int { func (r *Dbus) Merge(other Rule) bool { o, _ := other.(*Dbus) - if !r.Qualifier.Equal(o.Qualifier) { + if !r.Equal(o.Qualifier) { return false } if r.Bus == o.Bus && r.Name == o.Name && r.Path == o.Path && diff --git a/pkg/aa/file.go b/pkg/aa/file.go index 36c7101a4..a43c56a4a 100644 --- a/pkg/aa/file.go +++ b/pkg/aa/file.go @@ -168,7 +168,7 @@ func (r *File) Compare(other Rule) int { func (r *File) Merge(other Rule) bool { o, _ := other.(*File) - if !r.Qualifier.Equal(o.Qualifier) { + if !r.Equal(o.Qualifier) { return false } if r.Owner == o.Owner && r.Path == o.Path && r.Target == o.Target { @@ -189,8 +189,8 @@ func (r *File) Lengths() []int { lenPath = length("", r.Path) } return []int{ - r.Qualifier.getLenAudit(), - r.Qualifier.getLenAccess(), + r.getLenAudit(), + r.getLenAccess(), length("owner", r.Owner), lenPath, } @@ -314,8 +314,8 @@ func (r *Link) Merge(other Rule) bool { func (r *Link) Lengths() []int { return []int{ - r.Qualifier.getLenAudit(), - r.Qualifier.getLenAccess(), + r.getLenAudit(), + r.getLenAccess(), length("owner", r.Owner), length("subset", r.Subset), length("", r.Path), diff --git a/pkg/aa/io_uring.go b/pkg/aa/io_uring.go index 3346ed4c6..76e9e172d 100644 --- a/pkg/aa/io_uring.go +++ b/pkg/aa/io_uring.go @@ -78,7 +78,7 @@ func (r *IOUring) Compare(other Rule) int { func (r *IOUring) Merge(other Rule) bool { o, _ := other.(*IOUring) - if !r.Qualifier.Equal(o.Qualifier) { + if !r.Equal(o.Qualifier) { return false } if r.Label == o.Label { @@ -91,8 +91,8 @@ func (r *IOUring) Merge(other Rule) bool { func (r *IOUring) Lengths() []int { return []int{ - r.Qualifier.getLenAudit(), - r.Qualifier.getLenAccess(), + r.getLenAudit(), + r.getLenAccess(), length("", r.Access), length("label=", r.Label), } diff --git a/pkg/aa/mount.go b/pkg/aa/mount.go index a9d8dbeaf..bbf66b577 100644 --- a/pkg/aa/mount.go +++ b/pkg/aa/mount.go @@ -181,7 +181,7 @@ func (r *Mount) Merge(other Rule) bool { o, _ := other.(*Mount) mc := &r.MountConditions - if !r.Qualifier.Equal(o.Qualifier) { + if !r.Equal(o.Qualifier) { return false } if r.Source == o.Source && r.MountPoint == o.MountPoint && @@ -194,10 +194,10 @@ func (r *Mount) Merge(other Rule) bool { func (r *Mount) Lengths() []int { return []int{ - r.Qualifier.getLenAudit(), - r.Qualifier.getLenAccess(), - r.MountConditions.getLenFsType(), - r.MountConditions.getLenOptions(), + r.getLenAudit(), + r.getLenAccess(), + r.getLenFsType(), + r.getLenOptions(), length("", r.Source), length("", r.MountPoint), } @@ -278,7 +278,7 @@ func (r *Umount) Merge(other Rule) bool { o, _ := other.(*Umount) mc := &r.MountConditions - if !r.Qualifier.Equal(o.Qualifier) { + if !r.Equal(o.Qualifier) { return false } if r.MountPoint == o.MountPoint && mc.Merge(o.MountConditions) { @@ -290,10 +290,10 @@ func (r *Umount) Merge(other Rule) bool { func (r *Umount) Lengths() []int { return []int{ - r.Qualifier.getLenAudit(), - r.Qualifier.getLenAccess(), - r.MountConditions.getLenFsType(), - r.MountConditions.getLenOptions(), + r.getLenAudit(), + r.getLenAccess(), + r.getLenFsType(), + r.getLenOptions(), length("", r.MountPoint), } } @@ -374,7 +374,7 @@ func (r *Remount) Merge(other Rule) bool { o, _ := other.(*Remount) mc := &r.MountConditions - if !r.Qualifier.Equal(o.Qualifier) { + if !r.Equal(o.Qualifier) { return false } if r.MountPoint == o.MountPoint && mc.Merge(o.MountConditions) { @@ -386,10 +386,10 @@ func (r *Remount) Merge(other Rule) bool { func (r *Remount) Lengths() []int { return []int{ - r.Qualifier.getLenAudit(), - r.Qualifier.getLenAccess(), - r.MountConditions.getLenFsType(), - r.MountConditions.getLenOptions(), + r.getLenAudit(), + r.getLenAccess(), + r.getLenFsType(), + r.getLenOptions(), length("", r.MountPoint), } } diff --git a/pkg/aa/mqueue.go b/pkg/aa/mqueue.go index 82106ec79..12ae4bd59 100644 --- a/pkg/aa/mqueue.go +++ b/pkg/aa/mqueue.go @@ -112,7 +112,7 @@ func (r *Mqueue) Compare(other Rule) int { func (r *Mqueue) Merge(other Rule) bool { o, _ := other.(*Mqueue) - if !r.Qualifier.Equal(o.Qualifier) { + if !r.Equal(o.Qualifier) { return false } if r.Type == o.Type && r.Label == o.Label && r.Name == o.Name { @@ -125,8 +125,8 @@ func (r *Mqueue) Merge(other Rule) bool { func (r *Mqueue) Lengths() []int { return []int{ - r.Qualifier.getLenAudit(), - r.Qualifier.getLenAccess(), + r.getLenAudit(), + r.getLenAccess(), length("", r.Access), length("type=", r.Type), length("label=", r.Label), diff --git a/pkg/aa/network.go b/pkg/aa/network.go index 69bd01c83..d5a2af70b 100644 --- a/pkg/aa/network.go +++ b/pkg/aa/network.go @@ -147,8 +147,8 @@ func (r *Network) Merge(other Rule) bool { func (r *Network) Lengths() []int { return []int{ - r.Qualifier.getLenAudit(), - r.Qualifier.getLenAccess(), + r.getLenAudit(), + r.getLenAccess(), length("", r.Domain), length("", r.Type), length("", r.Protocol), diff --git a/pkg/aa/parse.go b/pkg/aa/parse.go index ef8a7acd9..baf1a3718 100644 --- a/pkg/aa/parse.go +++ b/pkg/aa/parse.go @@ -514,7 +514,7 @@ func newRules(rules []rule) (Rules, error) { for _, rule := range rules { if len(rule) == 0 { - return nil, fmt.Errorf("Empty rule") + return nil, fmt.Errorf("empty rule") } owner := false @@ -563,7 +563,7 @@ func newRules(rules []rule) (Rules, error) { // return nil, fmt.Errorf("Unknown rule: %s", rule) } } else { - return nil, fmt.Errorf("Unrecognized rule: %s", rule) + return nil, fmt.Errorf("unrecognized rule: %s", rule) } } } @@ -657,7 +657,7 @@ done: return nb, nil } -// Parse apparmor profile rules by paragraphs +// ParseRules parses apparmor profile rules by paragraphs func ParseRules(input string) (ParaRules, []string, error) { paragraphRules := ParaRules{} paragraphs := []string{} diff --git a/pkg/aa/pivot_root.go b/pkg/aa/pivot_root.go index 2341f4458..8632b4490 100644 --- a/pkg/aa/pivot_root.go +++ b/pkg/aa/pivot_root.go @@ -86,8 +86,8 @@ func (r *PivotRoot) Merge(other Rule) bool { func (r *PivotRoot) Lengths() []int { return []int{ - r.Qualifier.getLenAudit(), - r.Qualifier.getLenAccess(), + r.getLenAudit(), + r.getLenAccess(), length("oldroot=", r.OldRoot), length("", r.NewRoot), length("", r.TargetProfile), diff --git a/pkg/aa/preamble.go b/pkg/aa/preamble.go index 4b54954a9..50e7dbef7 100644 --- a/pkg/aa/preamble.go +++ b/pkg/aa/preamble.go @@ -72,10 +72,10 @@ func newAbi(q Qualifier, rule rule) (Rule, error) { } path := rule.Get(0) - switch { - case path[0] == '"': + switch path[0] { + case '"': magic = false - case path[0] == '<': + case '<': magic = true default: return nil, fmt.Errorf("invalid path %s in rule: %s", path, rule) @@ -198,10 +198,10 @@ func newInclude(rule rule) (Rule, error) { } path := r[0] - switch { - case path[0] == '"': + switch path[0] { + case '"': magic = false - case path[0] == '<': + case '<': magic = true default: return nil, fmt.Errorf("invalid path format: %v", path) diff --git a/pkg/aa/profile.go b/pkg/aa/profile.go index 30e8b106f..10e5f6c58 100644 --- a/pkg/aa/profile.go +++ b/pkg/aa/profile.go @@ -81,19 +81,19 @@ func (p *Profile) String() string { return renderTemplate(p.Kind(), p) } -func (r *Profile) Validate() error { - if err := validateValues(r.Kind(), tokFLAGS, r.Flags); err != nil { - return fmt.Errorf("profile %s: %w", r.Name, err) +func (p *Profile) Validate() error { + if err := validateValues(p.Kind(), tokFLAGS, p.Flags); err != nil { + return fmt.Errorf("profile %s: %w", p.Name, err) } - return r.Rules.Validate() + return p.Rules.Validate() } -func (r *Profile) Compare(other Rule) int { +func (p *Profile) Compare(other Rule) int { o, _ := other.(*Profile) - if res := compare(r.Name, o.Name); res != 0 { + if res := compare(p.Name, o.Name); res != 0 { return res } - return compare(r.Attachments, o.Attachments) + return compare(p.Attachments, o.Attachments) } func (p *Profile) Merge(other Rule) bool { @@ -103,11 +103,11 @@ func (p *Profile) Merge(other Rule) bool { return false } -func (r *Profile) Lengths() []int { +func (p *Profile) Lengths() []int { return []int{} // No len for profile } -func (r *Profile) setPaddings(max []int) {} // No paddings for profile +func (p *Profile) setPaddings(max []int) {} // No paddings for profile func (p *Profile) Sort() { p.Rules = p.Rules.Sort() diff --git a/pkg/aa/ptrace.go b/pkg/aa/ptrace.go index 91547087c..7e0990fe8 100644 --- a/pkg/aa/ptrace.go +++ b/pkg/aa/ptrace.go @@ -80,7 +80,7 @@ func (r *Ptrace) Compare(other Rule) int { func (r *Ptrace) Merge(other Rule) bool { o, _ := other.(*Ptrace) - if !r.Qualifier.Equal(o.Qualifier) { + if !r.Equal(o.Qualifier) { return false } if r.Peer == o.Peer { @@ -93,8 +93,8 @@ func (r *Ptrace) Merge(other Rule) bool { func (r *Ptrace) Lengths() []int { return []int{ - r.Qualifier.getLenAudit(), - r.Qualifier.getLenAccess(), + r.getLenAudit(), + r.getLenAccess(), length("", r.Access), length("peer=", r.Peer), } diff --git a/pkg/aa/resolve.go b/pkg/aa/resolve.go index 6ce768bc0..8dc09b2c6 100644 --- a/pkg/aa/resolve.go +++ b/pkg/aa/resolve.go @@ -80,7 +80,7 @@ func (f *AppArmorProfileFile) resolveValues(input string) ([]string, error) { values := []string{} match := regVariableReference.FindStringSubmatch(input) if len(match) == 0 { - return nil, fmt.Errorf("Invalid variable reference: %s", input) + return nil, fmt.Errorf("invalid variable reference: %s", input) } variable := match[0] @@ -105,7 +105,7 @@ func (f *AppArmorProfileFile) resolveValues(input string) ([]string, error) { } if !found { - return nil, fmt.Errorf("Variable %s not defined", varname) + return nil, fmt.Errorf("variable %s not defined", varname) } return values, nil } @@ -113,7 +113,7 @@ func (f *AppArmorProfileFile) resolveValues(input string) ([]string, error) { // resolveInclude resolves all includes defined in the profile preamble func (f *AppArmorProfileFile) resolveInclude(include *Include) error { if include == nil || include.Path == "" { - return fmt.Errorf("Invalid include: %v", include) + return fmt.Errorf("invalid include: %v", include) } _, isCached := includeCache[include] diff --git a/pkg/aa/signal.go b/pkg/aa/signal.go index c0fa4e1be..319e16584 100644 --- a/pkg/aa/signal.go +++ b/pkg/aa/signal.go @@ -106,7 +106,7 @@ func (r *Signal) Compare(other Rule) int { func (r *Signal) Merge(other Rule) bool { o, _ := other.(*Signal) - if !r.Qualifier.Equal(o.Qualifier) { + if !r.Equal(o.Qualifier) { return false } switch { @@ -124,8 +124,8 @@ func (r *Signal) Merge(other Rule) bool { func (r *Signal) Lengths() []int { return []int{ - r.Qualifier.getLenAudit(), - r.Qualifier.getLenAccess(), + r.getLenAudit(), + r.getLenAccess(), length("", r.Access), length("set=", r.Set), length("peer=", r.Peer), diff --git a/pkg/aa/unix.go b/pkg/aa/unix.go index 3b14c2984..1e8a99298 100644 --- a/pkg/aa/unix.go +++ b/pkg/aa/unix.go @@ -124,7 +124,7 @@ func (r *Unix) Compare(other Rule) int { func (r *Unix) Merge(other Rule) bool { o, _ := other.(*Unix) - if !r.Qualifier.Equal(o.Qualifier) { + if !r.Equal(o.Qualifier) { return false } if r.Type == o.Type && r.Protocol == o.Protocol && r.Address == o.Address && @@ -139,8 +139,8 @@ func (r *Unix) Merge(other Rule) bool { func (r *Unix) Lengths() []int { return []int{ - r.Qualifier.getLenAudit(), - r.Qualifier.getLenAccess(), + r.getLenAudit(), + r.getLenAccess(), length("", r.Access), length("type=", r.Type), length("protocol=", r.Protocol), diff --git a/pkg/logging/logging.go b/pkg/logging/logging.go index 7f5af2e08..642dc8273 100644 --- a/pkg/logging/logging.go +++ b/pkg/logging/logging.go @@ -81,7 +81,7 @@ func Warning(msg string, a ...interface{}) int { return Print("%s", Warningf(msg, a...)) } -// Fatalf returns a formatted error message +// Error returns a formatted error message func Error(msg string, a ...interface{}) int { return Print("%s", fmt.Sprintf("%s%s%s\n", Indent, errorText, fmt.Sprintf(msg, a...))) } diff --git a/pkg/paths/paths.go b/pkg/paths/paths.go index f84dd27d1..912611850 100644 --- a/pkg/paths/paths.go +++ b/pkg/paths/paths.go @@ -521,7 +521,7 @@ func (p *Path) ReadFileAsLines() ([]string, error) { return nil, err } txt := string(data) - txt = strings.Replace(txt, "\r\n", "\n", -1) + txt = strings.ReplaceAll(txt, "\r\n", "\n") return strings.Split(txt, "\n"), nil } @@ -542,7 +542,7 @@ func (p *Path) MustReadFilteredFileAsLines() []string { panic(err) } txt := string(data) - txt = strings.Replace(txt, "\r\n", "\n", -1) + txt = strings.ReplaceAll(txt, "\r\n", "\n") txt = util.Filter(txt) res := strings.Split(txt, "\n") if slices.Contains(res, "") { @@ -636,7 +636,9 @@ func (p *Path) String() string { func (p *Path) Canonical() *Path { canonical := p.Clone() // https://github.com/golang/go/issues/17084#issuecomment-246645354 - canonical.FollowSymLink() + if err := canonical.FollowSymLink(); err != nil { + return nil + } if absPath, err := canonical.Abs(); err == nil { canonical = absPath } diff --git a/pkg/prebuild/builder/attach.go b/pkg/prebuild/builder/attach.go index cc1062a69..83a5fbe50 100644 --- a/pkg/prebuild/builder/attach.go +++ b/pkg/prebuild/builder/attach.go @@ -38,9 +38,9 @@ func (b ReAttach) Apply(opt *Option, profile string) (string, error) { if strings.Contains(profile, "attach_disconnected") { insert = "@{att} = /att/" + opt.Name + "/\n" - profile = strings.Replace(profile, + profile = strings.ReplaceAll(profile, "attach_disconnected", - "attach_disconnected,attach_disconnected.path=@{att}", -1, + "attach_disconnected,attach_disconnected.path=@{att}", ) old := "include if exists " diff --git a/pkg/prebuild/builder/core.go b/pkg/prebuild/builder/core.go index 93b73d76c..bfc1aa025 100644 --- a/pkg/prebuild/builder/core.go +++ b/pkg/prebuild/builder/core.go @@ -20,13 +20,13 @@ var ( Builders = map[string]Builder{} ) -// Main directive interface +// Builder main directive interface type Builder interface { prebuild.BaseInterface Apply(opt *Option, profile string) (string, error) } -// Builder options +// Option for a builder type Option struct { Name string File *paths.Path diff --git a/pkg/prebuild/builder/userspace.go b/pkg/prebuild/builder/userspace.go index 71c1ce23e..20498bb4f 100644 --- a/pkg/prebuild/builder/userspace.go +++ b/pkg/prebuild/builder/userspace.go @@ -54,7 +54,7 @@ func (b Userspace) Apply(opt *Option, profile string) (string, error) { matches := regAttachments.FindAllString(profile, -1) if len(matches) > 0 { att := f.GetDefaultProfile().GetAttachments() - strheader := strings.Replace(matches[0], tokATTACHMENT, att, -1) + strheader := strings.ReplaceAll(matches[0], tokATTACHMENT, att) return regAttachments.ReplaceAllLiteralString(profile, strheader), nil } return profile, nil diff --git a/pkg/prebuild/cli/cli.go b/pkg/prebuild/cli/cli.go index 25d36ff78..779cd5c0c 100644 --- a/pkg/prebuild/cli/cli.go +++ b/pkg/prebuild/cli/cli.go @@ -18,9 +18,9 @@ import ( ) const ( - nilABI uint = 0 - nilVer float64 = 0.0 - usage = `aa-prebuild [-h] [--complain | --enforce] [--full] [--abi 3|4] [--version V] [--file FILE] + nilABI = 0 + nilVer = 0.0 + usage = `aa-prebuild [-h] [--complain | --enforce] [--full] [--abi 3|4] [--version V] [--file FILE] Prebuild apparmor.d profiles for a given distribution and apply internal built-in directives. @@ -41,7 +41,7 @@ var ( complain bool enforce bool full bool - abi uint + abi int version float64 file string ) @@ -55,8 +55,8 @@ func init() { flag.BoolVar(&complain, "complain", false, "Set complain flag on all profiles.") flag.BoolVar(&enforce, "e", false, "Set enforce flag on all profiles.") flag.BoolVar(&enforce, "enforce", false, "Set enforce flag on all profiles.") - flag.UintVar(&abi, "a", nilABI, "Target apparmor ABI.") - flag.UintVar(&abi, "abi", nilABI, "Target apparmor ABI.") + flag.IntVar(&abi, "a", nilABI, "Target apparmor ABI.") + flag.IntVar(&abi, "abi", nilABI, "Target apparmor ABI.") flag.Float64Var(&version, "v", nilVer, "Target apparmor version.") flag.Float64Var(&version, "version", nilVer, "Target apparmor version.") flag.StringVar(&file, "F", "", "Only prebuild a given file.") diff --git a/pkg/prebuild/directive/core.go b/pkg/prebuild/directive/core.go index aadf9294e..6138eec0c 100644 --- a/pkg/prebuild/directive/core.go +++ b/pkg/prebuild/directive/core.go @@ -23,7 +23,7 @@ var ( regDirective = regexp.MustCompile(`(?m).*` + Keyword + `([a-z]*)( .*)?`) ) -// Main directive interface +// Directive main interface type Directive interface { prebuild.BaseInterface Apply(opt *Option, profile string) (string, error) @@ -39,7 +39,7 @@ func Usage() string { return res } -// Directive options +// Option for the directive type Option struct { Name string ArgMap map[string]string @@ -83,7 +83,7 @@ func (o *Option) cleanKeyword(input string) string { return reg.ReplaceAllString(input, "") } -// Check if the directive is inline or if it is a paragraph +// IsInline checks if either the directive is in one line or if it is a paragraph func (o *Option) IsInline() bool { inline := true tmp := strings.Split(o.Raw, Keyword) @@ -106,7 +106,7 @@ func Run(file *paths.Path, profile string) (string, error) { opt := NewOption(file, match) drtv, ok := Directives[opt.Name] if !ok { - return "", fmt.Errorf("Unknown directive '%s' in %s", opt.Name, opt.File) + return "", fmt.Errorf("unknown directive '%s' in %s", opt.Name, opt.File) } profile, err = drtv.Apply(opt, profile) if err != nil { diff --git a/pkg/prebuild/directive/dbus.go b/pkg/prebuild/directive/dbus.go index 39cd06e57..06fedffb5 100644 --- a/pkg/prebuild/directive/dbus.go +++ b/pkg/prebuild/directive/dbus.go @@ -61,32 +61,32 @@ func (d Dbus) Apply(opt *Option, profile string) (string, error) { generatedDbus := r.String() lenDbus := len(generatedDbus) generatedDbus = generatedDbus[:lenDbus-1] - profile = strings.Replace(profile, opt.Raw, generatedDbus, -1) + profile = strings.ReplaceAll(profile, opt.Raw, generatedDbus) return profile, nil } func (d Dbus) sanityCheck(opt *Option) (string, error) { if len(opt.ArgList) < 1 { - return "", fmt.Errorf("Unknown dbus action: %s in %s", opt.Name, opt.File) + return "", fmt.Errorf("unknown dbus action: %s in %s", opt.Name, opt.File) } action := opt.ArgList[0] if action != "own" && action != "talk" && action != "common" { - return "", fmt.Errorf("Unknown dbus action: %s in %s", opt.Name, opt.File) + return "", fmt.Errorf("unknown dbus action: %s in %s", opt.Name, opt.File) } if _, present := opt.ArgMap["name"]; !present { - return "", fmt.Errorf("Missing name for 'dbus: %s' in %s", action, opt.File) + return "", fmt.Errorf("missing name for 'dbus: %s' in %s", action, opt.File) } if _, present := opt.ArgMap["bus"]; !present { - return "", fmt.Errorf("Missing bus for '%s' in %s", opt.ArgMap["name"], opt.File) + return "", fmt.Errorf("missing bus for '%s' in %s", opt.ArgMap["name"], opt.File) } if _, present := opt.ArgMap["label"]; !present && action == "talk" { - return "", fmt.Errorf("Missing label for '%s' in %s", opt.ArgMap["name"], opt.File) + return "", fmt.Errorf("missing label for '%s' in %s", opt.ArgMap["name"], opt.File) } // Set default values if _, present := opt.ArgMap["path"]; !present { - opt.ArgMap["path"] = "/" + strings.Replace(opt.ArgMap["name"], ".", "/", -1) + "{,/**}" + opt.ArgMap["path"] = "/" + strings.ReplaceAll(opt.ArgMap["name"], ".", "/") + "{,/**}" } opt.ArgMap["name"] += "{,.*}" return action, nil diff --git a/pkg/prebuild/directive/exec.go b/pkg/prebuild/directive/exec.go index 5aee73740..b348fb46b 100644 --- a/pkg/prebuild/directive/exec.go +++ b/pkg/prebuild/directive/exec.go @@ -31,7 +31,7 @@ func init() { func (d Exec) Apply(opt *Option, profileRaw string) (string, error) { if len(opt.ArgList) == 0 { - return "", fmt.Errorf("No profile to exec") + return "", fmt.Errorf("no profile to exec") } transition := "Px" transitions := []string{"P", "U", "p", "u", "PU", "pu"} @@ -70,5 +70,5 @@ func (d Exec) Apply(opt *Option, profileRaw string) (string, error) { rules = rules.Sort() new := rules.String() new = new[:len(new)-1] - return strings.Replace(profileRaw, opt.Raw, new, -1), nil + return strings.ReplaceAll(profileRaw, opt.Raw, new), nil } diff --git a/pkg/prebuild/directive/filter.go b/pkg/prebuild/directive/filter.go index 88e1b394f..a6513f37e 100644 --- a/pkg/prebuild/directive/filter.go +++ b/pkg/prebuild/directive/filter.go @@ -59,7 +59,7 @@ func filter(only bool, opt *Option, profile string) (string, error) { } if opt.IsInline() { - profile = strings.Replace(profile, opt.Raw, "", -1) + profile = strings.ReplaceAll(profile, opt.Raw, "") } else { regRemoveParagraph := regexp.MustCompile(`(?s)` + opt.Raw + `\n.*?\n\n`) profile = regRemoveParagraph.ReplaceAllString(profile, "") diff --git a/pkg/prebuild/directive/stack.go b/pkg/prebuild/directive/stack.go index 03dd826e1..f80689827 100644 --- a/pkg/prebuild/directive/stack.go +++ b/pkg/prebuild/directive/stack.go @@ -40,7 +40,7 @@ func init() { func (s Stack) Apply(opt *Option, profile string) (string, error) { if len(opt.ArgList) == 0 { - return "", fmt.Errorf("No profile to stack") + return "", fmt.Errorf("no profile to stack") } t := opt.ArgList[0] if t != "X" { @@ -58,7 +58,7 @@ func (s Stack) Apply(opt *Option, profile string) (string, error) { stackedProfile := prebuild.RootApparmord.Join(name).MustReadFileAsString() m := regRules.FindStringSubmatch(stackedProfile) if len(m) < 2 { - return "", fmt.Errorf("No profile found in %s", name) + return "", fmt.Errorf("no profile found in %s", name) } stackedRules := m[1] stackedRules = regCleanStakedRules.Replace(stackedRules) @@ -68,9 +68,9 @@ func (s Stack) Apply(opt *Option, profile string) (string, error) { // Insert the stacked profile at the end of the current profile, remove the stack directive m := regEndOfRules.FindStringSubmatch(profile) if len(m) <= 1 { - return "", fmt.Errorf("No end of rules found in %s", opt.File) + return "", fmt.Errorf("no end of rules found in %s", opt.File) } - profile = strings.Replace(profile, m[0], res+m[0], -1) - profile = strings.Replace(profile, opt.Raw, "", -1) + profile = strings.ReplaceAll(profile, m[0], res+m[0]) + profile = strings.ReplaceAll(profile, opt.Raw, "") return profile, nil } diff --git a/pkg/prebuild/directories.go b/pkg/prebuild/directories.go index 52fc4bd8d..d5d5a7266 100644 --- a/pkg/prebuild/directories.go +++ b/pkg/prebuild/directories.go @@ -8,13 +8,13 @@ import "github.com/roddhjav/apparmor.d/pkg/paths" var ( // AppArmor ABI version - ABI uint = 0 + ABI = 0 // AppArmor version - Version float64 = 4.0 + Version = 4.0 // Pkgname is the name of the package - Pkgname string = "apparmor.d" + Pkgname = "apparmor.d" // Root is the root directory for the build (default: .build) Root *paths.Path = paths.New(".build") diff --git a/pkg/prebuild/files.go b/pkg/prebuild/files.go index c14730960..504f05c1c 100644 --- a/pkg/prebuild/files.go +++ b/pkg/prebuild/files.go @@ -10,7 +10,7 @@ import ( "github.com/roddhjav/apparmor.d/pkg/paths" ) -// Default content of debian/apparmor.d.hide. Whonix has special addition. +// Hide is the default content of debian/apparmor.d.hide. Whonix has special addition. var Hide = `# This file is generated by "make", all edit will be lost. /etc/apparmor.d/usr.bin.firefox @@ -55,7 +55,7 @@ type DebianHider struct { path *paths.Path } -// Initialize the file with content from Hide +// Init initializes the file with content from Hide func (d DebianHider) Init() error { return d.path.WriteFile([]byte(Hide)) } diff --git a/pkg/prebuild/os.go b/pkg/prebuild/os.go index 352f4e185..8ef8fb79e 100644 --- a/pkg/prebuild/os.go +++ b/pkg/prebuild/os.go @@ -67,13 +67,13 @@ func getDistribution() string { if id == "ubuntu" { return id } - id_like := Release["ID_LIKE"] + idLike := Release["ID_LIKE"] for main, based := range supportedDists { - if main == id || main == id_like { + if main == id || main == idLike { return main } else if slices.Contains(based, id) { return main - } else if slices.Contains(based, id_like) { + } else if slices.Contains(based, idLike) { return main } } diff --git a/pkg/prebuild/prepare/core.go b/pkg/prebuild/prepare/core.go index d96e21043..74d7778ed 100644 --- a/pkg/prebuild/prepare/core.go +++ b/pkg/prebuild/prepare/core.go @@ -18,7 +18,7 @@ var ( Tasks = map[string]Task{} ) -// Main directive interface +// Task main directive interface type Task interface { prebuild.BaseInterface Apply() ([]string, error) diff --git a/pkg/prebuild/prepare/fsp.go b/pkg/prebuild/prepare/fsp.go index c216b53eb..bfb333e56 100644 --- a/pkg/prebuild/prepare/fsp.go +++ b/pkg/prebuild/prepare/fsp.go @@ -39,8 +39,8 @@ func (p FullSystemPolicy) Apply() ([]string, error) { if err != nil { return res, err } - out = strings.Replace(out, "@{p_systemd}=unconfined", "@{p_systemd}=systemd", -1) - out = strings.Replace(out, "@{p_systemd_user}=unconfined", "@{p_systemd_user}=systemd-user", -1) + out = strings.ReplaceAll(out, "@{p_systemd}=unconfined", "@{p_systemd}=systemd") + out = strings.ReplaceAll(out, "@{p_systemd_user}=unconfined", "@{p_systemd_user}=systemd-user") if err := path.WriteFile([]byte(out)); err != nil { return res, err } diff --git a/tests/cmd/tldr.go b/tests/cmd/tldr.go index d86c80565..ec98fa8b4 100644 --- a/tests/cmd/tldr.go +++ b/tests/cmd/tldr.go @@ -17,14 +17,14 @@ import ( ) type Tldr struct { - Url string // Tldr download url + URL string // Tldr download url Dir *paths.Path // Tldr cache directory Ignore []string // List of ignored software } func NewTldr(dir *paths.Path) Tldr { return Tldr{ - Url: "https://github.com/tldr-pages/tldr/archive/refs/heads/main.tar.gz", + URL: "https://github.com/tldr-pages/tldr/archive/refs/heads/main.tar.gz", Dir: dir, } } @@ -33,9 +33,9 @@ func NewTldr(dir *paths.Path) Tldr { func (t Tldr) Download() error { gzPath := t.Dir.Parent().Join("tldr.tar.gz") if !gzPath.Exist() { - resp, err := http.Get(t.Url) + resp, err := http.Get(t.URL) if err != nil { - return fmt.Errorf("downloading %s: %w", t.Url, err) + return fmt.Errorf("downloading %s: %w", t.URL, err) } defer resp.Body.Close()