← Back to team overview

apport-hackers team mailing list archive

[Merge] lp:~mdeslaur/apport/machooks into lp:apport

 

Marc Deslauriers has proposed merging lp:~mdeslaur/apport/machooks into lp:apport.

Requested reviews:
  Apport upstream developers (apport-hackers)

For more details, see:
https://code.launchpad.net/~mdeslaur/apport/machooks/+merge/67716

This adds MAC (AppArmor) hooks into Apport so they can be removed from each individual package that ships an AppArmor profile.
-- 
https://code.launchpad.net/~mdeslaur/apport/machooks/+merge/67716
Your team Apport upstream developers is requested to review the proposed merge of lp:~mdeslaur/apport/machooks into lp:apport.
=== modified file 'apport/hookutils.py'
--- apport/hookutils.py	2011-06-30 10:00:29 +0000
+++ apport/hookutils.py	2011-07-12 15:33:13 +0000
@@ -335,12 +335,19 @@
 
 def recent_syslog(pattern):
     '''Extract recent messages from syslog which match a regex.
-        
+
+    pattern should be a "re" object.
+    '''
+    return recent_logfile('/var/log/syslog', pattern)
+
+def recent_logfile(logfile, pattern):
+    '''Extract recent messages from a logfile which match a regex.
+
     pattern should be a "re" object.
     '''
     lines = ''
     try:
-        for line in open('/var/log/syslog'):
+        for line in open(logfile):
             if pattern.search(line):
                 lines += line
     except IOError:
@@ -512,6 +519,30 @@
         'cupsys-driver-gutenprint', 'gimp-gutenprint', 'gutenprint-doc',
         'gutenprint-locales', 'system-config-printer-common', 'kdeprint')
 
+def attach_mac_events(report):
+    '''Attach MAC information and events to the report.'''
+    mac_regex = 'audit\(|apparmor|selinux|security'
+    mac_re = re.compile(mac_regex, re.IGNORECASE)
+    aa_denied_regex = 'apparmor="DENIED"'
+    aa_denied_re = re.compile(aa_denied_regex, re.IGNORECASE)
+
+    if os.path.exists('/var/log/kern.log'):
+        report['KernLog'] = recent_logfile('/var/log/kern.log',mac_re)
+    elif os.path.exists('/var/log/messages'):
+        report['KernLog'] = recent_logfile('/var/log/messages',mac_re)
+
+    if os.path.exists('/var/log/audit/audit.log'):
+        attach_root_command_outputs(report, {'AuditLog': 'grep "' + mac_regex + '" /var/log/audit/audit.log'})
+
+    attach_file(report, '/proc/version_signature', 'ProcVersionSignature')
+    attach_file(report, '/proc/cmdline', 'ProcCmdline')
+
+    if re.search(aa_denied_re, report.get('KernLog', '')) or re.search(aa_denied_re, report.get('AuditLog', '')):
+        tags = report.get('Tags', '')
+        if tags:
+            tags += ' '
+        report['Tags'] = tags + 'apparmor'
+
 def attach_related_packages(report, packages):
     '''Attach version information for related packages