[apparmor] [PATCH 23/32] apparmor: provide the ability to boot with a default profile set on init
seth.arnold at canonical.com
Thu Jan 31 06:59:03 UTC 2013
On Wed, Jan 30, 2013 at 10:27:49PM -0800, Seth Arnold wrote:
> > - /* unconfined profiles don't have a mode string appended */
> > - if (!unconfined(profile))
> > + /* 'unconfined' profile don't have a mode string appended */
> > + unconfined = unconfined(profile) && profile == profile->ns->unconfined;
> > + if (!unconfined)
> > mode_len = strlen(mode_str) + 3; /* + 3 for _() */
> Oh, this is a bit unfortunate. (Also, && feels wrong, should it be
> ||?) Can unconfined() be extended to handle this case? Would it be
> wrong elsewhere?
Okay, ignore the second bit here, the next patch explains it. :)
I'm still curious about && vs || though.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 490 bytes
Desc: Digital signature
More information about the AppArmor