Snappy

Merge lp:~sergiusens/snappy/seccompError into lp:~snappy-dev/snappy/15.04-deprecated

seccompError
Merge into 15.04-deprecated

Proposed by Sergio Schvezov on 2015-07-06

Status:

Merged

Approved by:

Ricardo Salveti on 2015-07-06

Approved revision:

457

Merged at revision:

458

Proposed branch:

lp:~sergiusens/snappy/seccompError

Merge into:

lp:~snappy-dev/snappy/15.04-deprecated

Diff against target:

46 lines (+14/-0)

3 files modified

snappy/errors.go (+3/-0)
snappy/security.go (+4/-0)
snappy/security_test.go (+7/-0)

To merge this branch:

bzr merge lp:~sergiusens/snappy/seccompError

Undecided

Fix Released

Link a bug report

Reviewer	Review Type	Date Requested	Status
Ricardo Salveti (community)		2015-07-06	Approve on 2015-07-06
Review via email: mp+263964@code.launchpad.net

Commit Message

Backport, Provide a more specific error than '%f is a directory' when missing a seccomp entry

Ricardo Salveti (rsalveti) wrote on 2015-07-06:

Looks good.

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk

Subscribers

People subscribed via source and target branches

to all changes:

Sergio Schvezov

Snappy Developers

1	=== modified file 'snappy/errors.go'
2	--- snappy/errors.go 2015-07-06 19:08:24 +0000
3	+++ snappy/errors.go 2015-07-06 19:59:08 +0000
4	@@ -143,6 +143,9 @@
5
6	// ErrInvalidPart is returned when something on the filesystem does not make sense
7	ErrInvalidPart = errors.New("invalid package on system")
8	+
9	+ // ErrNoSeccompPolicy is returned when an expected seccomp policy is not provided.
10	+ ErrNoSeccompPolicy = errors.New("no seccomp policy provided")
11	)
12
13	// ErrArchitectureNotSupported is returned when trying to install a snappy package that
14
15	=== modified file 'snappy/security.go'
16	--- snappy/security.go 2015-04-22 07:11:43 +0000
17	+++ snappy/security.go 2015-07-06 19:59:08 +0000
18	@@ -151,6 +151,10 @@
19	syscalls := []string{}
20
21	if sd.SecurityOverride != nil {
22	+ if sd.SecurityOverride.Seccomp == "" {
23	+ return nil, ErrNoSeccompPolicy
24	+ }
25	+
26	fn := filepath.Join(baseDir, sd.SecurityOverride.Seccomp)
27	var s securitySeccompOverride
28	err := readSeccompOverride(fn, &s)
29
30	=== modified file 'snappy/security_test.go'
31	--- snappy/security_test.go 2015-04-19 14:02:33 +0000
32	+++ snappy/security_test.go 2015-07-06 19:59:08 +0000
33	@@ -37,6 +37,13 @@
34	c.Assert(string(content), Equals, expected)
35	}
36
37	+func (a SecurityTestSuite) TestSnappyNoSeccompOverrideEntry(c C) {
38	+ sd := SecurityDefinitions{SecurityOverride: &SecurityOverrideDefinition{}}
39	+
40	+ _, err := generateSeccompPolicy(c.MkDir(), "appName", sd)
41	+ c.Assert(err, Equals, ErrNoSeccompPolicy)
42	+}
43	+
44	// no special security settings generate the default
45	func (a SecurityTestSuite) TestSnappyHandleApparmorSecurityDefault(c C) {
46	sec := &SecurityDefinitions{}

Snappy

Merge lp:~sergiusens/snappy/seccompError into lp:~snappy-dev/snappy/15.04-deprecated

Commit Message

Description of the Change

Preview Diff

Subscribers