Snappy

Merge lp:~sergiusens/snappy/seccompError into lp:~snappy-dev/snappy/15.04-deprecated

  1. seccompError
  2. Merge into 15.04-deprecated
Proposed by Sergio Schvezov
Status: Merged
Approved by: Ricardo Salveti
Approved revision: 457
Merged at revision: 458
Proposed branch: lp:~sergiusens/snappy/seccompError
Merge into: lp:~snappy-dev/snappy/15.04-deprecated
Diff against target: 46 lines (+14/-0)
3 files modified
snappy/errors.go (+3/-0)
snappy/security.go (+4/-0)
snappy/security_test.go (+7/-0)
To merge this branch: bzr merge lp:~sergiusens/snappy/seccompError
Reviewer Review Type Date Requested Status
Ricardo Salveti (community) Approve
Review via email: mp+263964@code.launchpad.net

Commit message

Backport, Provide a more specific error than '%f is a directory' when missing a seccomp entry

To post a comment you must log in.
Revision history for this message
Ricardo Salveti (rsalveti) wrote :

Looks good.

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'snappy/errors.go'
2--- snappy/errors.go 2015-07-06 19:08:24 +0000
3+++ snappy/errors.go 2015-07-06 19:59:08 +0000
4@@ -143,6 +143,9 @@
5
6 // ErrInvalidPart is returned when something on the filesystem does not make sense
7 ErrInvalidPart = errors.New("invalid package on system")
8+
9+ // ErrNoSeccompPolicy is returned when an expected seccomp policy is not provided.
10+ ErrNoSeccompPolicy = errors.New("no seccomp policy provided")
11 )
12
13 // ErrArchitectureNotSupported is returned when trying to install a snappy package that
14
15=== modified file 'snappy/security.go'
16--- snappy/security.go 2015-04-22 07:11:43 +0000
17+++ snappy/security.go 2015-07-06 19:59:08 +0000
18@@ -151,6 +151,10 @@
19 syscalls := []string{}
20
21 if sd.SecurityOverride != nil {
22+ if sd.SecurityOverride.Seccomp == "" {
23+ return nil, ErrNoSeccompPolicy
24+ }
25+
26 fn := filepath.Join(baseDir, sd.SecurityOverride.Seccomp)
27 var s securitySeccompOverride
28 err := readSeccompOverride(fn, &s)
29
30=== modified file 'snappy/security_test.go'
31--- snappy/security_test.go 2015-04-19 14:02:33 +0000
32+++ snappy/security_test.go 2015-07-06 19:59:08 +0000
33@@ -37,6 +37,13 @@
34 c.Assert(string(content), Equals, expected)
35 }
36
37+func (a *SecurityTestSuite) TestSnappyNoSeccompOverrideEntry(c *C) {
38+ sd := SecurityDefinitions{SecurityOverride: &SecurityOverrideDefinition{}}
39+
40+ _, err := generateSeccompPolicy(c.MkDir(), "appName", sd)
41+ c.Assert(err, Equals, ErrNoSeccompPolicy)
42+}
43+
44 // no special security settings generate the default
45 func (a *SecurityTestSuite) TestSnappyHandleApparmorSecurityDefault(c *C) {
46 sec := &SecurityDefinitions{}

Subscribers

People subscribed via source and target branches