felipe/apparmor.d
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat(aa-log): parse mount conditions from logs.

Browse source
This commit is contained in:
Alexandre Pujol 2024-02-24 16:58:38 +00:00
parent 511bca60fb
commit d6dc89b4f3
No known key found for this signature in database
GPG key ID: C5469996F0DF68EC
1 changed files with 29 additions and 39 deletions
Download patch file Download diff file Expand all files Collapse all files

68
pkg/aa/mount.go
View file

@ -4,31 +4,36 @@
package aa package aa
import "golang.org/x/exp/slices" import (
"strings"
"golang.org/x/exp/slices"
)
type MountConditions struct { type MountConditions struct {
Fs string
Op string
FsType string FsType string
Options []string Options []string
} }
func (m MountConditions) Less(other MountConditions) bool { func MountConditionsFromLog(log map[string]string) MountConditions {
if m.Fs == other.Fs { if _, present := log["flags"]; present {
if m.Op == other.Op { return MountConditions{
if m.FsType == other.FsType { FsType: log["fstype"],
return len(m.Options) < len(other.Options) Options: strings.Split(log["flags"], ", "),
}
return m.FsType < other.FsType
} }
return m.Op < other.Op
} }
return m.Fs < other.Fs return MountConditions{FsType: log["fstype"]}
}
func (m MountConditions) Less(other MountConditions) bool {
if m.FsType == other.FsType {
return len(m.Options) < len(other.Options)
}
return m.FsType < other.FsType
} }
func (m MountConditions) Equals(other MountConditions) bool { func (m MountConditions) Equals(other MountConditions) bool {
return m.Fs == other.Fs && m.Op == other.Op && m.FsType == other.FsType && return m.FsType == other.FsType && slices.Equal(m.Options, other.Options)
slices.Equal(m.Options, other.Options)
} }
type Mount struct { type Mount struct {
@ -40,15 +45,10 @@ type Mount struct {
func MountFromLog(log map[string]string) ApparmorRule { func MountFromLog(log map[string]string) ApparmorRule {
return &Mount{ return &Mount{
Qualifier: NewQualifierFromLog(log), Qualifier: NewQualifierFromLog(log),
MountConditions: MountConditions{ MountConditions: MountConditionsFromLog(log),
Fs: "", Source: log["srcname"],
Op: "", MountPoint: log["name"],
FsType: log["fstype"],
Options: []string{},
},
Source: log["srcname"],
MountPoint: log["name"],
} }
} }
@ -81,14 +81,9 @@ type Umount struct {
func UmountFromLog(log map[string]string) ApparmorRule { func UmountFromLog(log map[string]string) ApparmorRule {
return &Umount{ return &Umount{
Qualifier: NewQualifierFromLog(log), Qualifier: NewQualifierFromLog(log),
MountConditions: MountConditions{ MountConditions: MountConditionsFromLog(log),
Fs: "", MountPoint: log["name"],
Op: "",
FsType: log["fstype"],
Options: []string{},
},
MountPoint: log["name"],
} }
} }
@ -118,14 +113,9 @@ type Remount struct {
func RemountFromLog(log map[string]string) ApparmorRule { func RemountFromLog(log map[string]string) ApparmorRule {
return &Remount{ return &Remount{
Qualifier: NewQualifierFromLog(log), Qualifier: NewQualifierFromLog(log),
MountConditions: MountConditions{ MountConditions: MountConditionsFromLog(log),
Fs: "", MountPoint: log["name"],
Op: "",
FsType: log["fstype"],
Options: []string{},
},
MountPoint: log["name"],
} }
} }