felipe/apparmor.d
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

chore: apply some linter recommendations.

Browse source
This commit is contained in:
Alexandre Pujol 2025-04-04 23:45:24 +02:00
parent 3b6b50cf63
commit 984cf28e61
No known key found for this signature in database
GPG key ID: C5469996F0DF68EC
37 changed files with 125 additions and 126 deletions
Download patch file Download diff file Expand all files Collapse all files

2
pkg/aa/apparmor.go
View file

@ -8,7 +8,7 @@ import (
"github.com/roddhjav/apparmor.d/pkg/paths"
)
// Default Apparmor magic directory: /etc/apparmor.d/.
// MagicRoot is the default Apparmor magic directory: /etc/apparmor.d/.
var MagicRoot = paths.New("/etc/apparmor.d")
// AppArmorProfileFiles represents a full set of apparmor profiles

5
pkg/aa/base.go
View file

@ -104,10 +104,7 @@ type Qualifier struct {
}
func newQualifierFromLog(log map[string]string) Qualifier {
audit := false
if log["apparmor"] == "AUDIT" {
audit = true
}
audit := log["apparmor"] == "AUDIT"
return Qualifier{Audit: audit}
}

12
pkg/aa/blocks.go
View file

@ -27,21 +27,21 @@ func (p *Hat) String() string {
return renderTemplate(p.Kind(), p)
}
func (r *Hat) Validate() error {
func (p *Hat) Validate() error {
return nil
}
func (r *Hat) Compare(other Rule) int {
func (p *Hat) Compare(other Rule) int {
o, _ := other.(*Hat)
return compare(r.Name, o.Name)
return compare(p.Name, o.Name)
}
func (r *Hat) Merge(other Rule) bool {
func (p *Hat) Merge(other Rule) bool {
return false // Never merge hat blocks
}
func (r *Hat) Lengths() []int {
func (p *Hat) Lengths() []int {
return []int{} // No len for hat
}
func (r *Hat) setPaddings(max []int) {} // No paddings for hat
func (p *Hat) setPaddings(max []int) {} // No paddings for hat

4
pkg/aa/capability.go
View file

@ -84,8 +84,8 @@ func (r *Capability) Merge(other Rule) bool {
func (r *Capability) Lengths() []int {
return []int{
r.Qualifier.getLenAudit(),
r.Qualifier.getLenAccess(),
r.getLenAudit(),
r.getLenAccess(),
length("", r.Names),
}
}

4
pkg/aa/change_profile.go
View file

@ -106,8 +106,8 @@ func (r *ChangeProfile) Merge(other Rule) bool {
func (r *ChangeProfile) Lengths() []int {
return []int{
r.Qualifier.getLenAudit(),
r.Qualifier.getLenAccess(),
r.getLenAudit(),
r.getLenAccess(),
length("", r.ExecMode),
length("", r.Exec),
length("", r.ProfileName),

2
pkg/aa/dbus.go
View file

@ -125,7 +125,7 @@ func (r *Dbus) Compare(other Rule) int {
func (r *Dbus) Merge(other Rule) bool {
o, _ := other.(*Dbus)
if !r.Qualifier.Equal(o.Qualifier) {
if !r.Equal(o.Qualifier) {
return false
}
if r.Bus == o.Bus && r.Name == o.Name && r.Path == o.Path &&

10
pkg/aa/file.go
View file

@ -168,7 +168,7 @@ func (r *File) Compare(other Rule) int {
func (r *File) Merge(other Rule) bool {
o, _ := other.(*File)
if !r.Qualifier.Equal(o.Qualifier) {
if !r.Equal(o.Qualifier) {
return false
}
if r.Owner == o.Owner && r.Path == o.Path && r.Target == o.Target {
@ -189,8 +189,8 @@ func (r *File) Lengths() []int {
lenPath = length("", r.Path)
}
return []int{
r.Qualifier.getLenAudit(),
r.Qualifier.getLenAccess(),
r.getLenAudit(),
r.getLenAccess(),
length("owner", r.Owner),
lenPath,
}
@ -314,8 +314,8 @@ func (r *Link) Merge(other Rule) bool {
func (r *Link) Lengths() []int {
return []int{
r.Qualifier.getLenAudit(),
r.Qualifier.getLenAccess(),
r.getLenAudit(),
r.getLenAccess(),
length("owner", r.Owner),
length("subset", r.Subset),
length("", r.Path),

6
pkg/aa/io_uring.go
View file

@ -78,7 +78,7 @@ func (r *IOUring) Compare(other Rule) int {
func (r *IOUring) Merge(other Rule) bool {
o, _ := other.(*IOUring)
if !r.Qualifier.Equal(o.Qualifier) {
if !r.Equal(o.Qualifier) {
return false
}
if r.Label == o.Label {
@ -91,8 +91,8 @@ func (r *IOUring) Merge(other Rule) bool {
func (r *IOUring) Lengths() []int {
return []int{
r.Qualifier.getLenAudit(),
r.Qualifier.getLenAccess(),
r.getLenAudit(),
r.getLenAccess(),
length("", r.Access),
length("label=", r.Label),
}

30
pkg/aa/mount.go
View file

@ -181,7 +181,7 @@ func (r *Mount) Merge(other Rule) bool {
o, _ := other.(*Mount)
mc := &r.MountConditions
if !r.Qualifier.Equal(o.Qualifier) {
if !r.Equal(o.Qualifier) {
return false
}
if r.Source == o.Source && r.MountPoint == o.MountPoint &&
@ -194,10 +194,10 @@ func (r *Mount) Merge(other Rule) bool {
func (r *Mount) Lengths() []int {
return []int{
r.Qualifier.getLenAudit(),
r.Qualifier.getLenAccess(),
r.MountConditions.getLenFsType(),
r.MountConditions.getLenOptions(),
r.getLenAudit(),
r.getLenAccess(),
r.getLenFsType(),
r.getLenOptions(),
length("", r.Source),
length("", r.MountPoint),
}
@ -278,7 +278,7 @@ func (r *Umount) Merge(other Rule) bool {
o, _ := other.(*Umount)
mc := &r.MountConditions
if !r.Qualifier.Equal(o.Qualifier) {
if !r.Equal(o.Qualifier) {
return false
}
if r.MountPoint == o.MountPoint && mc.Merge(o.MountConditions) {
@ -290,10 +290,10 @@ func (r *Umount) Merge(other Rule) bool {
func (r *Umount) Lengths() []int {
return []int{
r.Qualifier.getLenAudit(),
r.Qualifier.getLenAccess(),
r.MountConditions.getLenFsType(),
r.MountConditions.getLenOptions(),
r.getLenAudit(),
r.getLenAccess(),
r.getLenFsType(),
r.getLenOptions(),
length("", r.MountPoint),
}
}
@ -374,7 +374,7 @@ func (r *Remount) Merge(other Rule) bool {
o, _ := other.(*Remount)
mc := &r.MountConditions
if !r.Qualifier.Equal(o.Qualifier) {
if !r.Equal(o.Qualifier) {
return false
}
if r.MountPoint == o.MountPoint && mc.Merge(o.MountConditions) {
@ -386,10 +386,10 @@ func (r *Remount) Merge(other Rule) bool {
func (r *Remount) Lengths() []int {
return []int{
r.Qualifier.getLenAudit(),
r.Qualifier.getLenAccess(),
r.MountConditions.getLenFsType(),
r.MountConditions.getLenOptions(),
r.getLenAudit(),
r.getLenAccess(),
r.getLenFsType(),
r.getLenOptions(),
length("", r.MountPoint),
}
}

6
pkg/aa/mqueue.go
View file

@ -112,7 +112,7 @@ func (r *Mqueue) Compare(other Rule) int {
func (r *Mqueue) Merge(other Rule) bool {
o, _ := other.(*Mqueue)
if !r.Qualifier.Equal(o.Qualifier) {
if !r.Equal(o.Qualifier) {
return false
}
if r.Type == o.Type && r.Label == o.Label && r.Name == o.Name {
@ -125,8 +125,8 @@ func (r *Mqueue) Merge(other Rule) bool {
func (r *Mqueue) Lengths() []int {
return []int{
r.Qualifier.getLenAudit(),
r.Qualifier.getLenAccess(),
r.getLenAudit(),
r.getLenAccess(),
length("", r.Access),
length("type=", r.Type),
length("label=", r.Label),

4
pkg/aa/network.go
View file

@ -147,8 +147,8 @@ func (r *Network) Merge(other Rule) bool {
func (r *Network) Lengths() []int {
return []int{
r.Qualifier.getLenAudit(),
r.Qualifier.getLenAccess(),
r.getLenAudit(),
r.getLenAccess(),
length("", r.Domain),
length("", r.Type),
length("", r.Protocol),

6
pkg/aa/parse.go
View file

@ -514,7 +514,7 @@ func newRules(rules []rule) (Rules, error) {
for _, rule := range rules {
if len(rule) == 0 {
return nil, fmt.Errorf("Empty rule")
return nil, fmt.Errorf("empty rule")
}
owner := false
@ -563,7 +563,7 @@ func newRules(rules []rule) (Rules, error) {
// return nil, fmt.Errorf("Unknown rule: %s", rule)
}
} else {
return nil, fmt.Errorf("Unrecognized rule: %s", rule)
return nil, fmt.Errorf("unrecognized rule: %s", rule)
}
}
}
@ -657,7 +657,7 @@ done:
return nb, nil
}
// Parse apparmor profile rules by paragraphs
// ParseRules parses apparmor profile rules by paragraphs
func ParseRules(input string) (ParaRules, []string, error) {
paragraphRules := ParaRules{}
paragraphs := []string{}

4
pkg/aa/pivot_root.go
View file

@ -86,8 +86,8 @@ func (r *PivotRoot) Merge(other Rule) bool {
func (r *PivotRoot) Lengths() []int {
return []int{
r.Qualifier.getLenAudit(),
r.Qualifier.getLenAccess(),
r.getLenAudit(),
r.getLenAccess(),
length("oldroot=", r.OldRoot),
length("", r.NewRoot),
length("", r.TargetProfile),

12
pkg/aa/preamble.go
View file

@ -72,10 +72,10 @@ func newAbi(q Qualifier, rule rule) (Rule, error) {
}
path := rule.Get(0)
switch {
case path[0] == '"':
switch path[0] {
case '"':
magic = false
case path[0] == '<':
case '<':
magic = true
default:
return nil, fmt.Errorf("invalid path %s in rule: %s", path, rule)
@ -198,10 +198,10 @@ func newInclude(rule rule) (Rule, error) {
}
path := r[0]
switch {
case path[0] == '"':
switch path[0] {
case '"':
magic = false
case path[0] == '<':
case '<':
magic = true
default:
return nil, fmt.Errorf("invalid path format: %v", path)

18
pkg/aa/profile.go
View file

@ -81,19 +81,19 @@ func (p *Profile) String() string {
return renderTemplate(p.Kind(), p)
}
func (r *Profile) Validate() error {
if err := validateValues(r.Kind(), tokFLAGS, r.Flags); err != nil {
return fmt.Errorf("profile %s: %w", r.Name, err)
func (p *Profile) Validate() error {
if err := validateValues(p.Kind(), tokFLAGS, p.Flags); err != nil {
return fmt.Errorf("profile %s: %w", p.Name, err)
}
return r.Rules.Validate()
return p.Rules.Validate()
}
func (r *Profile) Compare(other Rule) int {
func (p *Profile) Compare(other Rule) int {
o, _ := other.(*Profile)
if res := compare(r.Name, o.Name); res != 0 {
if res := compare(p.Name, o.Name); res != 0 {
return res
}
return compare(r.Attachments, o.Attachments)
return compare(p.Attachments, o.Attachments)
}
func (p *Profile) Merge(other Rule) bool {
@ -103,11 +103,11 @@ func (p *Profile) Merge(other Rule) bool {
return false
}
func (r *Profile) Lengths() []int {
func (p *Profile) Lengths() []int {
return []int{} // No len for profile
}
func (r *Profile) setPaddings(max []int) {} // No paddings for profile
func (p *Profile) setPaddings(max []int) {} // No paddings for profile
func (p *Profile) Sort() {
p.Rules = p.Rules.Sort()

6
pkg/aa/ptrace.go
View file

@ -80,7 +80,7 @@ func (r *Ptrace) Compare(other Rule) int {
func (r *Ptrace) Merge(other Rule) bool {
o, _ := other.(*Ptrace)
if !r.Qualifier.Equal(o.Qualifier) {
if !r.Equal(o.Qualifier) {
return false
}
if r.Peer == o.Peer {
@ -93,8 +93,8 @@ func (r *Ptrace) Merge(other Rule) bool {
func (r *Ptrace) Lengths() []int {
return []int{
r.Qualifier.getLenAudit(),
r.Qualifier.getLenAccess(),
r.getLenAudit(),
r.getLenAccess(),
length("", r.Access),
length("peer=", r.Peer),
}

6
pkg/aa/resolve.go
View file

@ -80,7 +80,7 @@ func (f *AppArmorProfileFile) resolveValues(input string) ([]string, error) {
values := []string{}
match := regVariableReference.FindStringSubmatch(input)
if len(match) == 0 {
return nil, fmt.Errorf("Invalid variable reference: %s", input)
return nil, fmt.Errorf("invalid variable reference: %s", input)
}
variable := match[0]
@ -105,7 +105,7 @@ func (f *AppArmorProfileFile) resolveValues(input string) ([]string, error) {
}
if !found {
return nil, fmt.Errorf("Variable %s not defined", varname)
return nil, fmt.Errorf("variable %s not defined", varname)
}
return values, nil
}
@ -113,7 +113,7 @@ func (f *AppArmorProfileFile) resolveValues(input string) ([]string, error) {
// resolveInclude resolves all includes defined in the profile preamble
func (f *AppArmorProfileFile) resolveInclude(include *Include) error {
if include == nil || include.Path == "" {
return fmt.Errorf("Invalid include: %v", include)
return fmt.Errorf("invalid include: %v", include)
}
_, isCached := includeCache[include]

6
pkg/aa/signal.go
View file

@ -106,7 +106,7 @@ func (r *Signal) Compare(other Rule) int {
func (r *Signal) Merge(other Rule) bool {
o, _ := other.(*Signal)
if !r.Qualifier.Equal(o.Qualifier) {
if !r.Equal(o.Qualifier) {
return false
}
switch {
@ -124,8 +124,8 @@ func (r *Signal) Merge(other Rule) bool {
func (r *Signal) Lengths() []int {
return []int{
r.Qualifier.getLenAudit(),
r.Qualifier.getLenAccess(),
r.getLenAudit(),
r.getLenAccess(),
length("", r.Access),
length("set=", r.Set),
length("peer=", r.Peer),

6
pkg/aa/unix.go
View file

@ -124,7 +124,7 @@ func (r *Unix) Compare(other Rule) int {
func (r *Unix) Merge(other Rule) bool {
o, _ := other.(*Unix)
if !r.Qualifier.Equal(o.Qualifier) {
if !r.Equal(o.Qualifier) {
return false
}
if r.Type == o.Type && r.Protocol == o.Protocol && r.Address == o.Address &&
@ -139,8 +139,8 @@ func (r *Unix) Merge(other Rule) bool {
func (r *Unix) Lengths() []int {
return []int{
r.Qualifier.getLenAudit(),
r.Qualifier.getLenAccess(),
r.getLenAudit(),
r.getLenAccess(),
length("", r.Access),
length("type=", r.Type),
length("protocol=", r.Protocol),