Join GitHub today
GitHub is home to over 20 million developers working together to host and review code, manage projects, and build software together.
interfaces: add common support for udev #3658
Conversation
All checks have passed
codecov-io
commented
Aug 4, 2017
Codecov Report
@@ Coverage Diff @@
## master #3658 +/- ##
==========================================
+ Coverage 75.16% 75.18% +0.01%
==========================================
Files 388 388
Lines 33628 33637 +9
==========================================
+ Hits 25278 25289 +11
+ Misses 6534 6532 -2
Partials 1816 1816
Continue to review full report at Codecov.
|
| @@ -142,3 +145,15 @@ func (iface *commonInterface) SecCompConnectedPlug(spec *seccomp.Specification, | ||
| } | ||
| return nil | ||
| } | ||
| + | ||
| +func (iface *commonInterface) UDevConnectedPlug(spec *udev.Specification, plug *interfaces.Plug, plugAttrs map[string]interface{}, slot *interfaces.Slot, slotAttrs map[string]interface{}) error { | ||
| + old := "###SLOT_SECURITY_TAGS###" |
adglkh
Aug 4, 2017
Contributor
I prefer to use the following code for a few reasons here, instead of introducing tags and doing the string.Replace here.
- less code for consistency with other functions in commonInterface
- In favor of "format" here rather than "replace" for performance consideration (nitpicking, we have a large code snippet udev rules for udisk2, modemManager, maybe more in the future)
if iface.connectedPlugUdev != "" {
for appName := range plug.Apps {
tag := udevSnapSecurityName(plug.Snap.Name(), appName)
spec.AddSnippet(fmt.Sprintf(iface.connectedPlugUdev, tag))
}
}
People could use %[1]s if there're multiple udev entries there or simply use "%s" if only one entry exists.
I'll leave the decision to you though.
zyga
Aug 4, 2017
Contributor
I used format first but then changed this so that it is consistent with ###replaceme### markers we use elsewhere in the interface code. We can revisit that but then we should do it consistently in the whole stack (all of builtin/*.go)
| @@ -142,3 +145,15 @@ func (iface *commonInterface) SecCompConnectedPlug(spec *seccomp.Specification, | ||
| } | ||
| return nil | ||
| } | ||
| + | ||
| +func (iface *commonInterface) UDevConnectedPlug(spec *udev.Specification, plug *interfaces.Plug, plugAttrs map[string]interface{}, slot *interfaces.Slot, slotAttrs map[string]interface{}) error { | ||
| + old := "###SLOT_SECURITY_TAGS###" |
adglkh
Aug 4, 2017
Contributor
I prefer to use the following code for a few reasons here, instead of introducing tags and doing the string.Replace here.
- less code for consistency with other functions in commonInterface
- In favor of "format" here rather than "replace" for performance consideration (nitpicking, we have a large code snippet udev rules for udisk2, modemManager, maybe more in the future)
if iface.connectedPlugUdev != "" {
for appName := range plug.Apps {
tag := udevSnapSecurityName(plug.Snap.Name(), appName)
spec.AddSnippet(fmt.Sprintf(iface.connectedPlugUdev, tag))
}
}
People could use %[1]s if there're multiple udev entries there or simply use "%s" if only one entry exists.
I'll leave the decision to you though.
zyga
Aug 4, 2017
Contributor
I used format first but then changed this so that it is consistent with ###replaceme### markers we use elsewhere in the interface code. We can revisit that but then we should do it consistently in the whole stack (all of builtin/*.go)
zyga commentedAug 4, 2017
Many interfaces will need to support udev-based device tagging. To
counter the explosion of custom interface types the common interface can
be grown to support per-app udev tags.
There's also some helper for testing, placed in export_test.go, since
common_test is not using builtin_test package. I'll clean that up
separately.
Signed-off-by: Zygmunt Krynicki zygmunt.krynicki@canonical.com