[apparmor] [PATCH] Convert aa-status to Python
Jamie Strandboge
jamie at canonical.com
Thu May 26 20:23:06 UTC 2011
On Thu, 2011-05-26 at 13:13 -0700, Seth Arnold wrote:
> On Thu, May 26, 2011 at 1:07 PM, Marc Deslauriers
> <marc.deslauriers at canonical.com> wrote:
> > Hmm..I'm not quite sure where this is used during boot. Is it in
> > SUSE-specific init scripts?
>
> Check out /etc/init/mysql.conf on an Ubuntu 10.10 system. Not sure if
> this has survived to 11.04 or not, I like to let others test large
> upgrades for me. :)
>
> pre-start script
> #Sanity checks
> [ -r $HOME/my.cnf ]
> [ -d /var/run/mysqld ] || install -m 755 -o mysql -g root -d /var/run/mysqld
> # Load AppArmor profile
> if aa-status --enabled 2>/dev/null; then
> apparmor_parser -r /etc/apparmor.d/usr.sbin.mysqld || true
> fi
> LC_ALL=C BLOCKSIZE= df --portability /var/lib/mysql/. | tail -n 1
> | awk '{ exit ($4<4096) }'
> end script
These days, these should all be moved over to
upstart's /lib/init/apparmor-profile-load, like with avahi:
pre-start script
/lib/init/apparmor-profile-load usr.sbin.avahi-daemon
end script
/lib/init/apparmor-profile-load does not use aa-status, so going forward
we should be ok here. If packages in oneiric are still using the old
method, then that is a bug that we need to fix.
--
Jamie Strandboge | http://www.canonical.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20110526/c9521dec/attachment.pgp>
More information about the AppArmor
mailing list