cephadm: update hosts_facts to read apparmor profile names with spaces

author John Mulligan <jmulligan@redhat.com>

Mon, 10 Jun 2024 18:30:31 +0000 (14:30 -0400)

committer John Mulligan <jmulligan@redhat.com>

Tue, 11 Jun 2024 18:07:42 +0000 (14:07 -0400)
author John Mulligan <jmulligan@redhat.com>
Mon, 10 Jun 2024 18:30:31 +0000 (14:30 -0400)
committer John Mulligan <jmulligan@redhat.com>
Tue, 11 Jun 2024 18:07:42 +0000 (14:07 -0400)
diff --git a/src/cephadm/cephadmlib/host_facts.py b/src/cephadm/cephadmlib/host_facts.py

index 1cfb2ac84d92632da4b04c8529678d7c5d4e5942..387a4a3cb0a2b63a43d01284442a05ba20f85ab0 100644 (file)
--- a/src/cephadm/cephadmlib/host_facts.py
+++ b/src/cephadm/cephadmlib/host_facts.py
@@ -719,8 +719,9 @@ class HostFacts:
                      else:
                          summary = {}  # type: Dict[str, int]
                          for line in profiles.split('\n'):
-                            item, mode = line.split(' ')
-                            mode = mode.strip('()')
+                            mode = line.rsplit(' ', 1)[-1]
+                            assert mode[0] == '(' and mode[-1] == ')'
+                            mode = mode[1:-1]
                              if mode in summary:
                                  summary[mode] += 1
                              else:
diff --git a/src/cephadm/tests/test_enclosure.py b/src/cephadm/tests/test_enclosure.py

index 243f07e85771cd5c23febce5719078f147ceede9..b8e21853eae84530d7e8025784f7d04cb0186604 100644 (file)
--- a/src/cephadm/tests/test_enclosure.py
+++ b/src/cephadm/tests/test_enclosure.py
@@ -83,9 +83,8 @@ def test_host_facts_security(cephadm_fs):
          '/usr/bin/man (enforce)',
          '1password (unconfined)',
          'Discord (unconfined)',
-        # These examples with spaces in the name fail currently
-        # 'MongoDB Compass (unconfined)',
-        # 'profile name with spaces (enforce)',
+        'MongoDB Compass (unconfined)',
+        'profile name with spaces (enforce)',
      ]
      cephadm_fs.create_file(
          '/sys/kernel/security/apparmor/profiles',
@@ -105,5 +104,5 @@ def test_host_facts_security(cephadm_fs):
      assert ksec['type'] == 'AppArmor'
      assert ksec['type'] == 'AppArmor'
      assert ksec['complain'] == 0
-    assert ksec['enforce'] == 0
-    assert ksec['unconfined'] == 1
+    assert ksec['enforce'] == 1
+    assert ksec['unconfined'] == 2
author	John Mulligan <jmulligan@redhat.com>
	Mon, 10 Jun 2024 18:30:31 +0000 (14:30 -0400)
committer	John Mulligan <jmulligan@redhat.com>
	Tue, 11 Jun 2024 18:07:42 +0000 (14:07 -0400)
src/cephadm/cephadmlib/host_facts.py		patch \| blob \| history
src/cephadm/tests/test_enclosure.py		patch \| blob \| history