[apparmor] [patch 3/6] utils/: add check to ensure severity.db contains all capabilities
John Johansen
john.johansen at canonical.com
Thu Mar 22 18:46:04 UTC 2012
On 03/22/2012 10:06 AM, Steve Beattie wrote:
> This patch adds a new make target, check_severity_db, to the
> utils/Makefile. It greps the severity.db for the presence of each
> capability, as computed by the newly abstracted out variable in
> common/Make.rules, and issues a build time error if it finds any
> missing.
>
> It also silences the check targets, so that only the output from them
> will be emitted.
>
Acked-by: John Johansen <john.johansen at canonical.com>
> ---
> utils/Makefile | 17 ++++++++++++++++-
> 1 file changed, 16 insertions(+), 1 deletion(-)
>
> Index: b/utils/Makefile
> ===================================================================
> --- a/utils/Makefile
> +++ b/utils/Makefile
> @@ -68,7 +68,22 @@ clean: _clean
> rm -f Make.rules
> $(MAKE) -C po clean
>
> -check:
> +# ${CAPABILITIES} is defined in common/Make.rules
> +.PHONY: check_severity_db
> +.SILENT: check_severity_db
> +check_severity_db: /usr/include/sys/capability.h severity.db
> + # The sed statement is based on the one in the parser's makefile
> + RC=0 ; for cap in ${CAPABILITIES} ; do \
> + if ! grep -q -w $${cap} severity.db ; then \
> + echo "Warning! capability $${cap} not found in severity.db" ; \
> + RC=1 ; \
> + fi ;\
> + done ; \
> + test "$$RC" -eq 0
> +
> +.PHONY: check
> +.SILENT: check
> +check: check_severity_db
> for i in ${MODULES} ${PERLTOOLS} ; do \
> perl -c $$i || exit 1; \
> done
>
>
> -- AppArmor mailing list AppArmor at lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
>
More information about the AppArmor
mailing list