apparmor: catch config file opening error

.travis.yml

@@ -27,6 +27,9 @@ script:
  - ../configure --enable-tests --with-distro=unknown
  - make -j4
  - make DESTDIR=$TRAVIS_BUILD_DIR/install install
+ - cd ..
+ - ./config/apparmor/lxc-generate-aa-rules.py config/apparmor/container-rules.base
+
 notifications:
   email:
     recipients:

config/apparmor/lxc-generate-aa-rules.py

@@ -3,6 +3,7 @@
 import sys
 
 blocks = []
+denies = []
 
 #
 # blocks is an array of paths under which we want to block by
@@ -63,28 +64,6 @@ def add_allow(path):
             prev.append(n)
             prev = n['children']
 
-config = "config"
-if len(sys.argv) > 1:
-    config = sys.argv[1]
-with open(config) as f:
-    for x in f.readlines():
-        x.strip()
-        if x[:1] == '#':
-            continue
-        try:
-            (cmd, path) = x.split(' ')
-        except:  # blank line
-            continue
-        if cmd == "block":
-            add_block(path)
-        elif cmd == "allow":
-            add_allow(path)
-        else:
-            print("Unknown command: %s" % cmd)
-            sys.exit(1)
-
-denies = []
-
 
 def collect_chars(children, ref, index):
     r = ""
@@ -126,14 +105,48 @@ def gen_denies(pathsofar, children):
             newpath = "%s/%s" % (pathsofar, c['path'])
             gen_denies(newpath, c['children'])
 
-for b in blocks:
-    gen_denies(b['path'], b['children'])
 
-denies.sort()
+def main():
+    config = "config"
+    if len(sys.argv) > 1:
+        config = sys.argv[1]
+
+    lines = None
+    try:
+        with open(config) as f:
+            lines = f.readlines()
+    except FileNotFoundError as err:
+        print("Config file not found")
+        print(err)
+        sys.exit(1)
+
+    for line in lines:
+        line.strip()
+        if line.startswith('#'):
+            continue
+        try:
+            (cmd, path) = line.split(' ')
+        except:  # blank line
+            continue
+        if cmd == "block":
+            add_block(path)
+        elif cmd == "allow":
+            add_allow(path)
+        else:
+            print("Unknown command: %s" % cmd)
+            sys.exit(1)
+    for block in blocks:
+        gen_denies(block['path'], block['children'])
+
+    denies.sort()
+
+    genby = "  # generated by: lxc-generate-aa-rules.py"
+    for a in sys.argv[1:]:
+        genby += " %s" % a
+    print(genby)
+    for d in denies:
+        print("  %s" % d)
+
 
-genby = "  # generated by: lxc-generate-aa-rules.py"
-for a in sys.argv[1:]:
-    genby += " %s" % a
-print(genby)
-for d in denies:
-    print("  %s" % d)
+if __name__ == "__main__":
+    main()