[apparmor] [PATCH] fix rc.apparmor.functions
John Johansen
john.johansen at canonical.com
Tue Mar 15 12:10:31 UTC 2011
The following patch from pld linux is missing from the AppArmor 2.6 release
---
--- rc.apparmor.functions.org 2010-03-17 21:06:13.768595265 +0100
+++ rc.apparmor.functions 2010-03-17 21:08:34.122087900 +0100
@@ -173,7 +173,7 @@
exit 1
;;
esac
- aa_log_action_begin "$PARSER_MSG"
+ aa_log_action_start "$PARSER_MSG"
# run the parser on all of the apparmor profiles
if [ ! -f "$PARSER" ]; then
aa_log_failure_msg "AppArmor parser not found"
@@ -412,9 +412,9 @@
retval=0
#the list of profiles isn't stable once we start adding or removing
- #them so stor to tmp first
+ #them so store to tmp first (in reverse order so hat profiles are removed first)
MODULE_PLIST=$(mktemp ${APPARMOR_TMPDIR}/tmp.XXXXXXXX)
- sed -e "s/ (\(enforce\|complain\))$//" "$SFS_MOUNTPOINT/profiles" | sort >"$MODULE_PLIST"
+ sed -e "s/ (\(enforce\|complain\))$//" "$SFS_MOUNTPOINT/profiles" | sort -r > "$MODULE_PLIST"
cat "$MODULE_PLIST" | while read profile ; do
echo -n "$profile" > "$SFS_MOUNTPOINT/.remove"
rc=$?
@@ -430,7 +430,7 @@
aa_log_daemon_msg "Unloading AppArmor profiles "
remove_profiles
rc=$?
- log_end_msg $rc
+ aa_log_end_msg $rc
return $rc
}
More information about the AppArmor
mailing list