Merge pull request netblue30#6556 from kmk3/sort-py-strip-ws

kmk3 · web-flow · commit 3826645ef139 · 2024-12-05T08:01:39.000Z
build: sort.py: strip whitespace in profiles
diff --git a/contrib/sort.py b/contrib/sort.py
@@ -9,7 +9,7 @@
 from sys import argv, exit as sys_exit, stderr
 
 __doc__ = f"""\
-Sort the arguments of commands in profiles.
+Strip whitespace and sort the arguments of commands in profiles.
 
 Usage: {path.basename(argv[0])} [-h] [-i] [-n] [--] [/path/to/profile ...]
 
@@ -20,6 +20,10 @@
 
 Note that this is only applicable to commands that support multiple arguments.
 
+Trailing whitespace is removed in all lines (that is, not just in lines
+containing supported commands) and other whitespace is stripped depending on
+the command.
+
 Options:
     -h  Print this message.
     -i  Edit the profile file(s) in-place (this is the default).
@@ -42,7 +46,8 @@
 
 def sort_alphabetical(original_items):
     items = original_items.split(",")
-    items = filter(None, set(items))
+    items = set(map(str.strip, items))
+    items = filter(None, items)
     items = sorted(items)
     return ",".join(items)
 
@@ -54,6 +59,9 @@ def sort_protocol(original_protocols):
         unix,inet,inet6,netlink,packet,bluetooth
     """
 
+    # remove all whitespace
+    original_protocols = "".join(original_protocols.split())
+
     # shortcut for common protocol lines
     if original_protocols in ("unix", "unix,inet,inet6"):
         return original_protocols
@@ -71,26 +79,25 @@ def check_profile(filename, overwrite):
         lines = profile.read().split("\n")
         was_fixed = False
         fixed_profile = []
-        for lineno, line in enumerate(lines, 1):
+        for lineno, original_line in enumerate(lines, 1):
+            line = original_line.rstrip()
             if line[:12] in ("private-bin ", "private-etc ", "private-lib "):
-                fixed_line = f"{line[:12]}{sort_alphabetical(line[12:])}"
+                line = f"{line[:12]}{sort_alphabetical(line[12:])}"
             elif line[:13] in ("seccomp.drop ", "seccomp.keep "):
-                fixed_line = f"{line[:13]}{sort_alphabetical(line[13:])}"
+                line = f"{line[:13]}{sort_alphabetical(line[13:])}"
             elif line[:10] in ("caps.drop ", "caps.keep "):
-                fixed_line = f"{line[:10]}{sort_alphabetical(line[10:])}"
+                line = f"{line[:10]}{sort_alphabetical(line[10:])}"
             elif line[:8] == "protocol":
-                fixed_line = f"protocol {sort_protocol(line[9:])}"
+                line = f"protocol {sort_protocol(line[9:])}"
             elif line[:8] == "seccomp ":
-                fixed_line = f"{line[:8]}{sort_alphabetical(line[8:])}"
-            else:
-                fixed_line = line
-            if fixed_line != line:
+                line = f"{line[:8]}{sort_alphabetical(line[8:])}"
+            if line != original_line:
                 was_fixed = True
                 print(
-                    f"{filename}:{lineno}:-{line}\n"
-                    f"{filename}:{lineno}:+{fixed_line}"
+                    f"{filename}:{lineno}:-{original_line}\n"
+                    f"{filename}:{lineno}:+{line}"
                 )
-            fixed_profile.append(fixed_line)
+            fixed_profile.append(line)
 
         if was_fixed:
             if overwrite:
