[apparmor] [PATCH 10/10] use libapparmor's find mountpoint fn to find the interface
Seth Arnold
seth.arnold at canonical.com
Fri Jul 26 02:13:53 UTC 2013
On Sun, Jul 21, 2013 at 10:32:53PM -0700, John Johansen wrote:
> Drop support for the old subdomainfs mountpoint and use the fn exported
> by libapparmor.
>
> Signed-off-by: John Johansen <john.johansen at canonical.com>
Acked-by: Seth Arnold <seth.arnold at canonical.com>
> ---
> parser/Makefile | 3 ++-
> parser/parser_main.c | 53 ++--------------------------------------------------
> 2 files changed, 4 insertions(+), 52 deletions(-)
>
> diff --git a/parser/Makefile b/parser/Makefile
> index 4deb74b..c569adc 100644
> --- a/parser/Makefile
> +++ b/parser/Makefile
> @@ -86,6 +86,7 @@ AAREDIR= libapparmor_re
> AAREOBJECT = ${AAREDIR}/libapparmor_re.a
> AAREOBJECTS = $(AAREOBJECT) libstdc++.a
> AARE_LDFLAGS=-static-libgcc -L.
> +AALIB = -lapparmor
>
> LEX_C_FILES = parser_lex.c
> YACC_C_FILES = parser_yacc.c parser_yacc.h
> @@ -154,7 +155,7 @@ libstdc++.a:
>
> apparmor_parser: $(OBJECTS) $(AAREOBJECTS)
> $(CXX) $(LDFLAGS) $(EXTRA_CFLAGS) -o $@ $(OBJECTS) $(LIBS) \
> - ${LEXLIB} $(AAREOBJECTS) $(AARE_LDFLAGS)
> + ${LEXLIB} $(AAREOBJECTS) $(AARE_LDFLAGS) $(AALIB)
>
> parser_yacc.c parser_yacc.h: parser_yacc.y parser.h
> $(YACC) $(YFLAGS) -o parser_yacc.c parser_yacc.y
> diff --git a/parser/parser_main.c b/parser/parser_main.c
> index 0069b2c..6e93ebe 100644
> --- a/parser/parser_main.c
> +++ b/parser/parser_main.c
> @@ -28,7 +28,6 @@
> #include <getopt.h>
> #include <errno.h>
> #include <fcntl.h>
> -#include <mntent.h>
> #include <libintl.h>
> #include <locale.h>
> #include <dirent.h>
> @@ -42,6 +41,7 @@
> #include <sys/sysctl.h>
> #include <sys/types.h>
> #include <sys/stat.h>
> +#include <sys/apparmor.h>
>
> #include "lib.h"
> #include "parser.h"
> @@ -601,58 +601,10 @@ static int process_config_file(const char *name)
> return 1;
> }
>
> -static inline char *try_subdomainfs_mountpoint(const char *mntpnt,
> - const char *path)
> -{
> - char *proposed_base = NULL;
> - char *retval = NULL;
> - struct stat buf;
> -
> - if (asprintf(&proposed_base, "%s%s", mntpnt, path)<0 || !proposed_base) {
> - PERROR(_("%s: Could not allocate memory for subdomainbase mount point\n"),
> - progname);
> - exit(ENOMEM);
> - }
> - if (stat(proposed_base, &buf) == 0) {
> - retval = proposed_base;
> - } else {
> - free(proposed_base);
> - }
> - return retval;
> -}
>
> int find_subdomainfs_mountpoint(void)
> {
> - FILE *mntfile;
> - struct mntent *mntpt;
> -
> - if ((mntfile = setmntent(MOUNTED_FS, "r"))) {
> - while ((mntpt = getmntent(mntfile))) {
> - char *proposed = NULL;
> - if (strcmp(mntpt->mnt_type, "securityfs") == 0) {
> - proposed = try_subdomainfs_mountpoint(mntpt->mnt_dir, "/" MODULE_NAME);
> - if (proposed != NULL) {
> - subdomainbase = proposed;
> - break;
> - }
> - proposed = try_subdomainfs_mountpoint(mntpt->mnt_dir, "/" OLD_MODULE_NAME);
> - if (proposed != NULL) {
> - subdomainbase = proposed;
> - break;
> - }
> - }
> - if (strcmp(mntpt->mnt_type, "subdomainfs") == 0) {
> - proposed = try_subdomainfs_mountpoint(mntpt->mnt_dir, "");
> - if (proposed != NULL) {
> - subdomainbase = proposed;
> - break;
> - }
> - }
> - }
> - endmntent(mntfile);
> - }
> -
> - if (!subdomainbase) {
> + if (aa_find_mountpoint(&subdomainbase) == -1) {
> struct stat buf;
> if (stat(DEFAULT_APPARMORFS, &buf) == -1) {
> PERROR(_("Warning: unable to find a suitable fs in %s, is it "
> @@ -666,7 +618,6 @@ int find_subdomainfs_mountpoint(void)
> return (subdomainbase == NULL);
> }
>
> -
> int have_enough_privilege(void)
> {
> uid_t uid, euid;
> --
> 1.8.1.2
>
>
> --
> AppArmor mailing list
> AppArmor at lists.ubuntu.com
> Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20130725/6ceeadd9/attachment-0001.pgp>
More information about the AppArmor
mailing list