[apparmor] [patch] fix profiles install
John Johansen
john.johansen at canonical.com
Wed Nov 21 04:43:07 UTC 2012
On 11/09/2012 10:43 AM, Steve Beattie wrote:
> This patch fixes an existing install failure in the profiles tree, due
> to the apparmor_api subtree not getting added in the Makefile. Rather
> Rather than require every sub-directory that gets added to be
> enumerated, it uses find to determine what directories and files to
> install, to avoid future breakage. It is admittedly slower than the
> original code because install(1) is being invoked for every file in
> the apparmor.d tree, rather than acting on wildcard globs. That said,
> I think it's an acceptable tradeoff.
>
> (I attempted to use Make functions to do this, but it was... convoluted
> to say the least, and had the added difficulty of not handling empty
> directories without error, which would have required more convolution to
> address.)
>
I can accept the tradeoff because I know I will end up breaking things
again.
Acked-by: John Johansen <john.johansen at canonical.com>
> ---
> profiles/Makefile | 34 +++++++++++-----------------------
> 1 file changed, 11 insertions(+), 23 deletions(-)
>
> Index: b/profiles/Makefile
> ===================================================================
> --- a/profiles/Makefile
> +++ b/profiles/Makefile
> @@ -36,13 +36,12 @@ PROFILES_DEST=${DESTDIR}/etc/apparmor.d
> EXTRAS_DEST=${DESTDIR}/usr/share/apparmor/extra-profiles/
> PROFILES_SOURCE=./apparmor.d
> EXTRAS_SOURCE=./apparmor/profiles/extras/
> -SUBDIRS_MUST_BE_SKIPPED=${PROFILES_SOURCE}/abstractions ${PROFILES_SOURCE}/apache2.d ${PROFILES_SOURCE}/program-chunks ${PROFILES_SOURCE}/tunables ${PROFILES_SOURCE}/local
> -PROFILES_TO_COPY=$(filter-out ${SUBDIRS_MUST_BE_SKIPPED}, $(wildcard ${PROFILES_SOURCE}/*))
> -TUNABLES_TO_COPY=$(filter-out ${PROFILES_SOURCE}/tunables/home.d ${PROFILES_SOURCE}/tunables/multiarch.d, $(wildcard ${PROFILES_SOURCE}/tunables/*))
> -ABSTRACTIONS_TO_COPY=$(filter-out ${PROFILES_SOURCE}/abstractions/ubuntu-browsers.d, $(wildcard ${PROFILES_SOURCE}/abstractions/*))
> +
> +SUBDIRS=$(shell find ${PROFILES_SOURCE} -type d -print)
> +TOPLEVEL_PROFILES=$(filter-out ${SUBDIRS}, $(wildcard ${PROFILES_SOURCE}/*))
>
> local:
> - for profile in ${PROFILES_TO_COPY}; do \
> + for profile in ${TOPLEVEL_PROFILES}; do \
> fn=$$(basename $$profile); \
> echo "# Site-specific additions and overrides for '$$fn'" > ${PROFILES_SOURCE}/local/$$fn; \
> done; \
> @@ -50,26 +49,15 @@ local:
> .PHONY: install
> install: local
> install -m 755 -d ${PROFILES_DEST}
> - install -m 755 -d ${PROFILES_DEST}/abstractions \
> - ${PROFILES_DEST}/apache2.d \
> - ${PROFILES_DEST}/disable \
> - ${PROFILES_DEST}/program-chunks \
> - ${PROFILES_DEST}/tunables \
> - ${PROFILES_DEST}/tunables/home.d \
> - ${PROFILES_DEST}/tunables/multiarch.d \
> - ${PROFILES_DEST}/local
> - install -m 644 ${PROFILES_TO_COPY} ${PROFILES_DEST}
> - install -m 644 ${ABSTRACTIONS_TO_COPY} ${PROFILES_DEST}/abstractions
> - install -m 755 -d ${PROFILES_DEST}/abstractions/ubuntu-browsers.d
> - install -m 644 ${PROFILES_SOURCE}/abstractions/ubuntu-browsers.d/* ${PROFILES_DEST}/abstractions/ubuntu-browsers.d
> - install -m 644 ${PROFILES_SOURCE}/apache2.d/* ${PROFILES_DEST}/apache2.d
> - install -m 644 ${PROFILES_SOURCE}/program-chunks/* ${PROFILES_DEST}/program-chunks
> - install -m 644 ${TUNABLES_TO_COPY} ${PROFILES_DEST}/tunables
> - install -m 644 ${PROFILES_SOURCE}/tunables/home.d/* ${PROFILES_DEST}/tunables/home.d
> - install -m 644 ${PROFILES_SOURCE}/tunables/multiarch.d/* ${PROFILES_DEST}/tunables/multiarch.d
> + install -m 755 -d ${PROFILES_DEST}/disable
> + for dir in ${SUBDIRS} ; do \
> + install -m 755 -d "${PROFILES_DEST}/$${dir#${PROFILES_SOURCE}}" ; \
> + done
> + for file in $$(find ${PROFILES_SOURCE} -type f -print) ; do \
> + install -m 644 "$${file}" "${PROFILES_DEST}/$$(dirname $${file#${PROFILES_SOURCE}})" ; \
> + done
> install -m 755 -d ${EXTRAS_DEST}
> install -m 644 ${EXTRAS_SOURCE}/* ${EXTRAS_DEST}
> - install -m 644 ${PROFILES_SOURCE}/local/* ${PROFILES_DEST}/local
>
> LOCAL_ADDITIONS=$(filter-out ${PROFILES_SOURCE}/local/README, $(wildcard ${PROFILES_SOURCE}/local/*))
> .PHONY: clean
>
>
>
More information about the AppArmor
mailing list