bus_type=-1
config_file=-1
checker_include_all=0
+verbose_mode=0
schema_file="$checker_dir/rules.xsl"
system_privileges_file="$tmpdir/privileges_system"
echo -e "\tfilename dbus policy configuration file"
echo -e "\t-s system bus"
echo -e "\t-u session bus"
+ echo -e "\t-d enable verbose mode"
echo -e "\t-v include every iso xsls"
echo -e "\t-p enable profile mode"
}
# use "checker opt + config-file"
# getopts doesn't support - "checker config-file + opt"
-while getopts :suvp opt
+while getopts :sudvp opt
do case "$opt" in
s) if [ $bus_type -eq -1 ]; then
bus_type=0
echo "check session bus"
fi
;;
- v) checker_include_all=1
- echo "use iso_dsdl_include.xsl"
+ d) echo "enable verbose mode"
+ verbose_mode=1
+ ;;
+ v) echo "include every xsl. iso_dsdl_include.xsl"
+ checker_include_all=1
;;
p) echo "enable profile mode"
xslt_processor="$xslt_processor --profile"
echo
}
+# print_matched_xml (str filename, int policyindex, str allow/deny, int allowindex)
+# print_matched_xml "$filename" $policy "" 0
+function print_matched_xml(){
+ local cnt_policy=0
+ local cnt_allow=0
+ local cnt_deny=0
+ local filename="$1"
+ local policy_index=$2
+ local allowdeny="$3"
+ local allow_index=$4
+ local found_policy_tag=0
+ local print_to_end=0
+ local line_cnt=0
+ local is_comment=0
+ local reg1="^[[:blank:]]*<!--.*$"
+ local reg2="^[[:blank:]]*<!--.*-->[[:blank:]]*$"
+ local reg3="^.*-->[[:blank:]]*$"
+ local reg_start_allow="^[[:blank:]]*<$allowdeny.*$"
+ local reg_end_tag=".*/>[[:blank:]]*$"
+ local reg_start_policy="^[[:blank:]]*<policy.*$"
+ local reg_end_policy="^.*</policy[[:blank:]]*>[[:blank:]]*$"
+
+ #echo "printline: $filename $policy_index $allowdeny $allow_index"
+ while IFS= read -r line
+ do
+ line_cnt=$((line_cnt+1))
+
+ # ignore comment
+ if [ $is_comment -eq 1 ]; then
+ if [[ $line =~ $reg3 ]]; then
+ is_comment=0
+ fi
+ continue
+ fi
+ # ignore comment
+ if [[ $line =~ $reg1 ]]; then
+ if [[ ! $line =~ $reg2 ]]; then
+ is_comment=1
+ fi
+ continue
+ fi
+
+ # print multiple line
+ if [ $print_to_end -eq 1 ]; then
+ echo "$filename:$line_cnt: $line"
+ if [[ "$line" =~ $reg_end_tag ]]; then
+ print_to_end=0
+ fi
+ continue
+ fi
+
+ # end of policy
+ if [ -z "$allowdeny" ] && [ $found_policy_tag -eq 1 ]; then
+ echo "$filename:$line_cnt: $line"
+ if [[ "$line" =~ $reg_end_policy ]]; then
+ break
+ fi
+ continue
+ fi
+
+ # is matched policy ?
+ if [[ "$line" =~ $reg_start_policy ]]; then
+ cnt_policy=$((cnt_policy+1))
+ cnt_allow=0
+ cnt_deny=0
+ found_policy_tag=0
+ if [ $cnt_policy -eq $policy_index ]; then
+ echo "$filename:$line_cnt: $line"
+ found_policy_tag=1
+ fi
+ continue
+ fi
+
+ if [ $found_policy_tag -eq 0 ]; then
+ continue
+ fi
+
+ # find matched allow or deny
+ if [[ "$line" =~ $reg_start_allow ]]; then
+ cnt_allow=$((cnt_allow+1))
+ if [ $allow_index -eq 0 ] || [ $cnt_allow -eq $allow_index ]; then
+ echo "$filename:$line_cnt: $line"
+ if [[ ! "$line" =~ $reg_end_tag ]]; then
+ print_to_end=1
+ continue
+ fi
+ fi
+ fi
+ done < "$filename"
+}
+
+# print_err_info (str filename, str line)
+function print_err_info(){
+ local filename=$1
+ local line=$2
+ local ipolicy=0
+ local allowdeny=0
+ local iallowdeny=0
+
+ # line contain a word 'policy' ? "FAILED(assert) at /busconfig/policy[1]/allow[1] ..."
+ if [[ "$line" =~ ^(FAILED).*/policy(\[([0-9]{1,2})\])?(/(allow|deny)(\[([0-9]{1,2})\])?)?[[:blank:]]+.*$ ]]; then
+ ipolicy=${BASH_REMATCH[3]}
+ allowdeny=${BASH_REMATCH[5]}
+ if [ ! -z ${BASH_REMATCH[7]} ]; then
+ iallowdeny=${BASH_REMATCH[7]}
+ fi
+
+ print_matched_xml "$filename" $ipolicy "$allowdeny" $iallowdeny
+ echo ""
+ return
+ fi
+
+ echo "$line"
+}
+
+function verbose_mode(){
+ local filename=$1
+ local result=$2
+
+ IFS=$'\n'
+ lines=($result)
+ IFS=' '
+ for line in "${lines[@]}"; do
+ echo $line
+ if [[ "$line" =~ ^(FAILED).*$ ]]; then
+ print_err_info "$filename" "$line"
+ fi
+ done
+}
+
function check_policy_dir() {
for d in "${conf_path[@]}"; do
echo "$d/${sub_conf_path[$bus_type]}"
target_path="$d/${sub_conf_path[$bus_type]}/*.conf"
-
for f in $target_path; do
if [ -f $f ]; then
- check_policy_file "$f"
+ result=$(check_policy_file "$f")
+ if [ $verbose_mode -eq 1 ]; then
+ verbose_mode "$f" "$result"
+ else
+ echo "$result"
+ fi
fi
done
done
}
if [ $bus_type -eq -1 ]; then
- check_policy_file "$config_file"
+ #check_policy_file "$config_file"
+ result=$(check_policy_file "$config_file")
+ if [ $verbose_mode -eq 1 ]; then
+ verbose_mode "$config_file" "$result"
+ else
+ echo "$result"
+ fi
else
check_policy_dir
fi
exit 0
+
projects / platform / core / system / dbus-tools.git / commitdiff