[apparmor] fun when building without awk

Christian Boltz apparmor at cboltz.de
Sun Jun 17 21:35:58 UTC 2012


Hello,

because of some breakage in update-alternatives in the openSUSE build
system, a build of AppArmor started with gawk installed, but without the
/bin/awk symlink.

The result is quite funny[tm] - for example, the generated apparmor.vim
contains things like:

syn keyword  sdCapKey          /bin/sh: awk: command not found
/bin/sh: awk: command not found
/bin/sh: awk: command not found
/bin/sh: awk: command not found
/bin/sh: awk: command not found
/bin/sh: awk: command not found
/bin/sh: awk: command not found
/bin/sh: awk: command not found
[...]
syn match  sdCap
/\v^\s*(audit\s+)?(deny\s+)?capability\s+(/bin/sh:|awk:|command|not|found
/bin/sh:|awk:|command|not|found
/bin/sh:|awk:|command|not|found
/bin/sh:|awk:|command|not|found
/bin/sh:|awk:|command|not|found
/bin/sh:|awk:|command|not|found
[...]
syn match  sdNetwork        
/\v^\s*(audit\s+)?(deny\s+)?network(\s+(/bin/sh:|ax25|ipx|appletalk|netrom|bridge|atmpvc|x25|inet6|rose|netbeui|security|key|packet|ash|econet|atms»vc|rds|sna|irda|pppox|wanpipe|llc|can|tipc|bluetooth|iucv|rxrpc|isdn|phonet|ieee802154|caif|alg|nfc))?(\s+(stream|dgram|seqpacket|rdm|packet))?(\s+tcp|\s+udp|\s+icmp)?\s*,(\s*»$|(\s*#.*$)\@=)/
contains=sdComment nextgroup=@sdEntry,sdComment,sdError,sdInclude
" network rules containing 'raw'
syn match  sdNetworkDanger        
/\v^\s*(audit\s+)?(deny\s+)?network(\s+(/bin/sh:|ax25|ipx|appletalk|netrom|bridge|atmpvc|x25|inet6|rose|netbeui|security|key|packet|ash|econe»t|atmsvc|rds|sna|irda|pppox|wanpipe|llc|can|tipc|bluetooth|iucv|rxrpc|isdn|phonet|ieee802154|caif|alg|nfc))?(\s+(raw))(\s+tcp|\s+udp|\s+icmp)?\s*,(\s*$|(\s*#.*$)\@=)/
contains»=sdComment nextgroup=@sdEntry,sdComment,sdError,sdInclude

(notice the "/bin/sh:" in the sdNetwork and sdNetworkDanger line)

Can someone please add a check in the build process that errors out if
/bin/awk is not available?

I'm attaching the build log for reference so that you can check the details.


Regards,

Christian Boltz
-- 

Naja, zumindest war Maxtor "weitsichtig": mit einer 48bit-Adressierung
kann man 134217728 GB (128 Petabyte) ansprechen, das sollte eigentlich
fuer ein paar Jaehrchen reichen, oder? ;)) [David Haller in suse-linux]
-------------- next part --------------
A non-text attachment was scrubbed...
Name: apparmor-build-log.txt.bz2
Type: application/octet-stream
Size: 46526 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20120617/cfb2b6d5/attachment-0001.obj>


More information about the AppArmor mailing list