Commit a5213b57 authored by Tyler Hicks's avatar Tyler Hicks

utils: Ignore unsupported rules

The profile parsing in the Immunix::AppArmor perl module has fallen
behind when it comes to some of the newer rule types and syntax
supported by apparmor_parser.

When an unsupported rule is found, it causes aa-logprof and aa-genprof
to error out. This patch creates a list of valid, but unsupported rule
types that should be ignored by the perl module when parsing policy.
Signed-off-by: Tyler Hicks's avatarTyler Hicks <tyhicks@canonical.com>
Acked-by: default avatarJohn Johansen <john.johansen@canonical.com>
parent 9af79061
......@@ -5423,6 +5423,8 @@ sub parse_profile_data($$$) {
$initial_comment .= "$_\n";
}
}
} elsif (/^\s*(audit\s+)?(deny\s+)?(owner\s+)?(capability|dbus|file|mount|pivot_root|remount|umount)/) {
# ignore valid rules that are currently unsupported by AppArmor.pm
} else {
# we hit something we don't understand in a profile...
die sprintf(gettext('%s contains syntax errors. Line [%s]'), $file, $_) . "\n";
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment