/srv/irclogs.ubuntu.com/2024/01/18/#ubuntu-devel.txt

=== guiverc2 is now known as guiverc
adrien\o08:18
adrienis there a way to get a serialized output from apparmor profiles? I'd like to see which paths are covered (I don't need exact data, only approximate)08:32
adrienI've see -p to only preprocess profiles which might be enough to grep with the paths that I am interested in but I'm wondering if there's a cleaner way08:33
adrienI finally had another look at erlang/rabbitmq-server and the TLS configuration appears to be simply forwarded to erlang/tls without going through code which means that any code change would have to be done in erlang instead and I'm not proficient in erlang11:41
tsimonq2adrien: jjohansen or sarnold may know the answer to your AppArmor question. That's a good one, let me know what you find.18:32
jjohansenadrien: so currently apparmor_parser -p is probably your best bet, there is wip to be able to expose more controls around the profile dump (different levels of processing) but nothing that is available atm18:35
jjohansenat least not cleanly, there are the -D flags, but their dumps can change (its not a fixed format) and they are fairly messy18:36
jjohansenapparmor_parser --help=D18:37
jjohansenwill give the full list supported by a give parser18:37
jjohansenapparmor_parser -D rule-exprs would be the next closest thing to -p, it late stage dumping what the rules get converted to before the statemachine build18:41
jjohansenit comes after includes, variable expansion, rule dedup, etc. It has a certain order to it, but exactly what depends on the dedup phase and that has changed over time, and not all rule types have always supported dedup, etc.18:41
jjohansenand a single rule might expand into multiple rule-exprs18:41
jjohansenso it probably not what you are looking for18:41
georgiag--debug might be helpful as well18:45
jjohansenbut as with dump, its messy and not a fixed format18:46
jjohansendebug also can vary based on how the parser is compiled, as some of the output will only happen when DEBUG is set at build time18:47
jjohansenbut most it doesn't18:47
adrienthanks, these all look interesting; I'm not sure which one I'd settle on right now and I guess I'll know when I start using that at scale19:02
adrienfor context, I am interested in finding out which packages ship server programs which communicated over TCP and do TLS, and maybe other protocols19:03
adrienI have some heuristics but more heuristics is better (and I'll also expand the scope but as you can imagine, there are already quite a few package that match this)19:03
plugwashhi, the autopkgtest documentation mentions a file called big_packages, but it doesn't say anything about how to view said file or request changes. Can anyone elaborate?20:15
plugwashok, I just reread the page and saw the git repo, still leaves the question of how to request changes.20:18
vorlonplugwash: MP20:21
plugwashdo you mean MR? if so where? (the repo i've found doesn't appear to be on a gitlab instance)20:23
vorlonmerge proposal; the repository is in launchpad, are you familiar with launchpad code hosting?20:23
vorlonplugwash https://code.launchpad.net/~ubuntu-release/autopkgtest-cloud has some info at the top about how this works20:26
plugwashhmm, I've cloned the repo, but I can't find big_packages, looking at the cgit url it looks like it's on it's own branch, but I don't seem to have that branch in my clone20:38
vorlonoh sorry one sec20:38
vorlonthat's simply the wrong repo I mangled urls when trying to translate20:39
vorlonhttps://code.launchpad.net/~ubuntu-release/autopkgtest-cloud/+git/autopkgtest-package-configs20:39
plugwashok I've made and pushed a commit, how do I turn that into a merge proposal?20:55
bdmurraywhen you did the push you should have seen a url for creating an MP20:57
bdmurrayhttps://code.launchpad.net/~plugwash/autopkgtest-cloud/+git/autopkgtest-cloud/+ref/main or there is a propose for merge link there20:58
bdmurrayIn the MP it would be helpful to point a failure log20:58
bdmurrayplugwash: Do you suspect that there are more packages that might need moving to big_packages?21:47
plugwashI would not be at all surprised but i'm not going to read every log to find out.21:51
bdmurrayplugwash: there is a tool called retry-autopkgtest-regressions that aids in searching log files but I'll do that21:52
rbasakplugwash: hello! Long time! Thank you for your help!22:17
bdmurrayliushuyu: what did you do to test the regression potential of gdb e.g. "may break ARM64 execution"?22:57

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!