From c558a480de6ae09d93e527400f2904c4f272a8af Mon Sep 17 00:00:00 2001
From: Simon McVittie <simon.mcvittie@collabora.co.uk>
Date: Wed, 22 Jun 2016 14:15:15 +0100
Subject: [PATCH] apparmor-session-lockdown: produce more useful diagnostics

The list of profiles and processes isn't all that long. If we're
going to make assertions about this information, we should
probably show it first.

Reviewed-by: Philip Withnall <philip.withnall@collabora.co.uk>
Signed-off-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
Differential Revision: https://phabricator.apertis.org/D3448
---
 apparmor/session-lockdown/no-deny | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/apparmor/session-lockdown/no-deny b/apparmor/session-lockdown/no-deny
index 6d02e77..5baa1ef 100755
--- a/apparmor/session-lockdown/no-deny
+++ b/apparmor/session-lockdown/no-deny
@@ -140,7 +140,15 @@ def after_reboot():
     log_subprocess('aa-status')
 
     profiles = get_profiles()
+
+    for k, v in profiles.items():
+        print('# profile: {!r}: {!r}'.format(k, v))
+
     processes = get_processes(profiles)
+
+    for k, v in processes.items():
+        print('# process: {!r}: {!r}'.format(k, v))
+
     enforce_processes = filter_processes(processes, 'enforce')
     enforce_process_profiles = [x[1] for x in enforce_processes]
     complain_processes = filter_processes(processes, 'complain')
-- 
GitLab