mirror of
https://github.com/home-assistant/supervisor.git
synced 2025-11-08 18:39:33 +00:00
7769d6fff1
* Cleanup and fixup Apparmor implementation * Update addon.py * Update validate.py * Create apparmor.py * Update exceptions.py * Update apparmor.py * Create apparmor.py * Update const.py * Update bootstrap.py * Update const.py * Update config.py * Update addons.py * Update apparmor.py * Add support for host AppArmor * Update apparmor.py * Update apparmor.py * Update apparmor.py * Update apparmor.py * Update apparmor.py * Update addon.py * Update apparmor.py * Update addon.py * Update addon.py * Update addon.py * Update addon.py * Update const.py * Update supervisor.py * Update supervisor.py * Update supervisor.py * Add snapshot support * some cleanup * Cleanup v2 * Update aiohttp * fix lint * fix bugs * Add info logs
67 lines
1.9 KiB
Python
67 lines
1.9 KiB
Python
"""Some functions around apparmor profiles."""
|
|
import logging
|
|
import re
|
|
|
|
from ..exceptions import AppArmorFileError, AppArmorInvalidError
|
|
|
|
_LOGGER = logging.getLogger(__name__)
|
|
|
|
RE_PROFILE = re.compile(r"^profile ([^ ]+).*$")
|
|
|
|
|
|
def get_profile_name(profile_file):
|
|
"""Read the profile name from file."""
|
|
profiles = set()
|
|
|
|
try:
|
|
with profile_file.open('r') as profile:
|
|
for line in profile:
|
|
match = RE_PROFILE.match(line)
|
|
if not match:
|
|
continue
|
|
profiles.add(match.group(1))
|
|
except OSError as err:
|
|
_LOGGER.error("Can't read apparmor profile: %s", err)
|
|
raise AppArmorFileError()
|
|
|
|
if len(profiles) != 1:
|
|
_LOGGER.error("To many profiles inside file: %s", profiles)
|
|
raise AppArmorInvalidError()
|
|
|
|
return profiles.pop()
|
|
|
|
|
|
def validate_profile(profile_file, profile_name):
|
|
"""Check if profile from file is valid with profile name."""
|
|
if profile_name == get_profile_name(profile_file):
|
|
return True
|
|
return False
|
|
|
|
|
|
def adjust_profile(profile_file, profile_name, profile_new):
|
|
"""Fix the profile name."""
|
|
org_profile = get_profile_name(profile_file)
|
|
profile_data = []
|
|
|
|
# Process old data
|
|
try:
|
|
with profile_file.open('r') as profile:
|
|
for line in profile:
|
|
match = RE_PROFILE.match(line)
|
|
if not match:
|
|
profile_data.append(line)
|
|
else:
|
|
profile_data.append(
|
|
line.replace(org_profile, profile_name))
|
|
except OSError as err:
|
|
_LOGGER.error("Can't adjust origin profile: %s", err)
|
|
raise AppArmorFileError()
|
|
|
|
# Write into new file
|
|
try:
|
|
with profile_new.open('w') as profile:
|
|
profile.writelines(profile_data)
|
|
except OSError as err:
|
|
_LOGGER.error("Can't write new profile: %s", err)
|
|
raise AppArmorFileError()
|