snap-confine

Merge lp:~jdstrand/snap-confine/ubuntu-core-launcher.complain-as-unrestricted into lp:~snappy-dev/snap-confine/trunk

  1. ubuntu-core-launcher.complain-as-unrestricted
  2. Merge into trunk
Proposed by Jamie Strandboge
Status: Merged
Merged at revision: 122
Proposed branch: lp:~jdstrand/snap-confine/ubuntu-core-launcher.complain-as-unrestricted
Merge into: lp:~snappy-dev/snap-confine/trunk
Diff against target: 115 lines (+66/-0)
4 files modified
debian/changelog (+8/-0)
src/seccomp.c (+11/-0)
tests/test_complain (+17/-0)
tests/test_complain_missed (+30/-0)
To merge this branch: bzr merge lp:~jdstrand/snap-confine/ubuntu-core-launcher.complain-as-unrestricted
Reviewer Review Type Date Requested Status
Tyler Hicks (community) Approve
Snappy Developers Pending
Review via email: mp+291823@code.launchpad.net

Description of the change

 * implement @complain as a synonym for @unrestricted since snappy will use
   @complain to toggle developer mode. This allows snaps to work in developer
   mode while seccomp logging is being developed

To post a comment you must log in.
lp:~jdstrand/snap-confine/ubuntu-core-launcher.complain-as-unrestricted updated
120. By Jamie Strandboge

merge from trunk

Revision history for this message
Tyler Hicks (tyhicks) wrote :

Looks good to me.

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'debian/changelog'
2--- debian/changelog 2016-04-11 23:10:23 +0000
3+++ debian/changelog 2016-04-13 21:44:22 +0000
4@@ -1,3 +1,11 @@
5+ubuntu-core-launcher (1.0.24) UNRELEASED; urgency=medium
6+
7+ * implement @complain as a synonym for @unrestricted since snappy will use
8+ @complain to toggle developer mode. This allows snaps to work in developer
9+ mode while seccomp logging is being developed
10+
11+ -- Jamie Strandboge <jamie@ubuntu.com> Wed, 13 Apr 2016 16:13:20 -0500
12+
13 ubuntu-core-launcher (1.0.23) xenial; urgency=medium
14
15 [ Jamie Strandboge ]
16
17=== modified file 'src/seccomp.c'
18--- src/seccomp.c 2016-04-11 23:10:01 +0000
19+++ src/seccomp.c 2016-04-13 21:44:22 +0000
20@@ -37,6 +37,7 @@
21
22 struct preprocess {
23 bool unrestricted;
24+ bool complain;
25 };
26
27 // strip whitespace from the end of the given string (inplace)
28@@ -83,6 +84,7 @@
29 size_t lineno = 0;
30
31 p->unrestricted = false;
32+ p->complain = false;
33
34 while (fgets(buf, sizeof(buf), f) != NULL) {
35 lineno++;
36@@ -95,6 +97,10 @@
37 // seccomp sandbox
38 if (strcmp(buf, "@unrestricted") == 0)
39 p->unrestricted = true;
40+
41+ // check for special "@complain" rule
42+ if (strcmp(buf, "@complain") == 0)
43+ p->complain = true;
44 }
45
46 if (fseek(f, 0L, SEEK_SET) != 0)
47@@ -164,6 +170,11 @@
48 if (pre.unrestricted)
49 goto out;
50
51+ // FIXME: right now complain mode is the equivalent to unrestricted.
52+ // We'll want to change this once we seccomp logging is in order.
53+ if (pre.complain)
54+ goto out;
55+
56 char buf[SC_MAX_LINE_LENGTH];
57 while (fgets(buf, sizeof(buf), f) != NULL) {
58 lineno++;
59
60=== added file 'tests/test_complain'
61--- tests/test_complain 1970-01-01 00:00:00 +0000
62+++ tests/test_complain 2016-04-13 21:44:22 +0000
63@@ -0,0 +1,17 @@
64+#!/bin/sh
65+
66+set -e
67+
68+. $(pwd)/common.sh
69+
70+cat >$TMP/myprofile <<EOF
71+# some comment
72+@complain
73+EOF
74+
75+printf "Test that the @complain keyword works"
76+if $L appid myprofile /bin/ls / >/dev/null; then
77+ PASS
78+else
79+ FAIL
80+fi
81
82=== added file 'tests/test_complain_missed'
83--- tests/test_complain_missed 1970-01-01 00:00:00 +0000
84+++ tests/test_complain_missed 2016-04-13 21:44:22 +0000
85@@ -0,0 +1,30 @@
86+#!/bin/sh
87+
88+set -e
89+
90+. $(pwd)/common.sh
91+
92+cat >$TMP/myprofile <<EOF
93+# super strict filter
94+@complai
95+@complaim
96+@omplain
97+@COMPLAIN
98+complain
99+EOF
100+
101+# ensure that the command "true" can not run due to impossible
102+# filtering
103+
104+printf "Test that near misses of complain fail"
105+if $L appid myprofile /bin/true 2>/dev/null; then
106+ # true returned successfully, our filtering is broken!
107+ FAIL
108+else
109+ # true returend a error code, check dmesg
110+ if dmesg|tail -n1|grep -q "audit"; then
111+ PASS
112+ else
113+ FAIL
114+ fi
115+fi

Subscribers

People subscribed via source and target branches