[apparmor] [patch] Fix aa_log_end_msg() in rc.apparmor.suse
Seth Arnold
seth.arnold at canonical.com
Wed Jul 22 22:35:40 UTC 2015
On Wed, Jul 22, 2015 at 09:42:05PM +0200, Christian Boltz wrote:
> This patch is the improved version - it adds a small helper function to
> set $? (as handed over to aa_log_end_msg()) and then calls rc_status -v.
This is involving a fair amount of magic-at-a-distance kind of side
effects that is usually overlooked in future maintenance efforts.
So here's a few questions, which might be difficult but I have to ask:
- Why does rcapparmor still exist on SuSE? I might have expected the move
to systemd to remove the reason for this script to exist.
- If rcapparmor should continue to survive, is there any way to rewrite
portions of it to involve less dependence on global variables?
> This means that "rcapparmor kill" now shows "failed" because it's
> impossible to unload something that is compiled directly into the
> kernel.
"kill" should probably instead unload all the profiles. If there's a point
for it to still exist, that is.
Since this in suse-specific code, what happens here really doesn't influence
much else. and you're in the best position to judge correctness, so here's:
Acked-by: Seth Arnold <seth.arnold at canonical.com>
for both 2.9 and trunk, but I really suspect the right answer is much more
intrusive.
Thanks
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20150722/8a5805e0/attachment.pgp>
More information about the AppArmor
mailing list