Marcus Rueckert
f270973a6c
Accepted submit request 57745 from user jeff_mahoney OBS-URL: https://build.opensuse.org/request/show/57745 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/apparmor?expand=0&rev=1
120 lines
3.1 KiB
Plaintext
120 lines
3.1 KiB
Plaintext
---
|
|
|
|
parser/rc.aaeventd.suse | 2 +-
|
|
parser/rc.apparmor.functions | 16 ++++++++--------
|
|
parser/rc.apparmor.suse | 23 ++++++++++++++++++++++-
|
|
3 files changed, 31 insertions(+), 10 deletions(-)
|
|
|
|
--- a/parser/rc.aaeventd.suse
|
|
+++ b/parser/rc.aaeventd.suse
|
|
@@ -30,7 +30,7 @@
|
|
### BEGIN INIT INFO
|
|
# Provides: aaeventd
|
|
# Required-Start: apparmor
|
|
-# Required-Stop:
|
|
+# Required-Stop: $null
|
|
# Default-Start: 2 3 5
|
|
# Default-Stop:
|
|
# Short-Description: AppArmor Notification and Reporting
|
|
--- a/parser/rc.apparmor.functions
|
|
+++ b/parser/rc.apparmor.functions
|
|
@@ -111,9 +111,7 @@ is_apparmor_present() {
|
|
# check for subdomainfs version of module
|
|
grep -qE "^($modules)[[:space:]]" /proc/modules
|
|
|
|
- if [ $? -ne 0 ] ; then
|
|
- ls /sys/module/apparmor 2>/dev/null | grep -qE "^($modules)"
|
|
- fi
|
|
+ [ $? -ne 0 -a -d /sys/module/apparmor ]
|
|
|
|
return $?
|
|
}
|
|
@@ -380,10 +378,11 @@ apparmor_start() {
|
|
configure_owlsm
|
|
|
|
# if there is anything in the profiles file don't load
|
|
- cat "$SFS_MOUNTPOINT/profiles" | if ! read line ; then
|
|
+ if ! read line < "$SFS_MOUNTPOINT/profiles"; then
|
|
parse_profiles load
|
|
else
|
|
- aa_log_skipped_msg "AppArmor already loaded with profiles."
|
|
+ aa_log_skipped_msg ": already loaded with profiles."
|
|
+ return 0
|
|
fi
|
|
aa_log_end_msg 0
|
|
return 0
|
|
@@ -415,7 +414,8 @@ remove_profiles() {
|
|
#them so stor to tmp first
|
|
MODULE_PLIST=$(mktemp ${APPARMOR_TMPDIR}/tmp.XXXXXXXX)
|
|
sed -e "s/ (\(enforce\|complain\))$//" "$SFS_MOUNTPOINT/profiles" | sort >"$MODULE_PLIST"
|
|
- cat "$MODULE_PLIST" | while read profile ; do
|
|
+ # Skip subprofiles, they'll be removed with the owning profile
|
|
+ grep -v // "$MODULE_PLIST" | while IFS= read profile ; do
|
|
echo -n "$profile" > "$SFS_MOUNTPOINT/.remove"
|
|
rc=$?
|
|
if [ ${rc} -ne 0 ] ; then
|
|
@@ -430,7 +430,7 @@ apparmor_stop() {
|
|
aa_log_daemon_msg "Unloading AppArmor profiles "
|
|
remove_profiles
|
|
rc=$?
|
|
- log_end_msg $rc
|
|
+ aa_log_end_msg $rc
|
|
return $rc
|
|
}
|
|
|
|
@@ -468,7 +468,7 @@ __apparmor_restart() {
|
|
profiles_names_list ${PNAMES_LIST}
|
|
MODULE_PLIST=$(mktemp ${APPARMOR_TMPDIR}/tmp.XXXXXXXX)
|
|
sed -e "s/ (\(enforce\|complain\))$//" "$SFS_MOUNTPOINT/profiles" | sort >"$MODULE_PLIST"
|
|
- sort "$PNAMES_LIST" | comm -2 -3 "$MODULE_PLIST" - | while read profile ; do
|
|
+ sort "$PNAMES_LIST" | comm -2 -3 "$MODULE_PLIST" - | while IFS= read profile ; do
|
|
echo -n "$profile" > "$SFS_MOUNTPOINT/.remove"
|
|
done
|
|
rm "$MODULE_PLIST"
|
|
--- a/parser/rc.apparmor.suse
|
|
+++ b/parser/rc.apparmor.suse
|
|
@@ -34,6 +34,7 @@
|
|
# Required-Start: boot.cleanup
|
|
# Required-Stop: $null
|
|
# Should-Start: $local_fs
|
|
+# Should-Stop: $null
|
|
# Default-Start: B
|
|
# Default-Stop:
|
|
# Short-Description: AppArmor initialization
|
|
@@ -76,7 +77,19 @@ aa_log_warning_msg() {
|
|
}
|
|
|
|
aa_log_failure_msg() {
|
|
- log_failure_msg $*
|
|
+ log_failure_msg '\n'$*
|
|
+}
|
|
+
|
|
+aa_log_action_begin() {
|
|
+ echo -n
|
|
+}
|
|
+
|
|
+aa_log_action_end() {
|
|
+ echo -n
|
|
+}
|
|
+
|
|
+aa_log_daemon_msg() {
|
|
+ echo -en "$@ "
|
|
}
|
|
|
|
aa_log_skipped_msg() {
|
|
@@ -84,6 +97,14 @@ aa_log_skipped_msg() {
|
|
echo -e "$rc_skipped"
|
|
}
|
|
|
|
+aa_log_end_msg() {
|
|
+ v="-v"
|
|
+ if [ "$1" != '0' ]; then
|
|
+ rc="-v$1"
|
|
+ fi
|
|
+ rc_status $v
|
|
+}
|
|
+
|
|
usage() {
|
|
echo "Usage: $0 {start|stop|restart|try-restart|reload|force-reload|status|kill}"
|
|
}
|