mir/apparmor
2
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor synced 2025-08-22 18:17:09 +00:00
Code Issues Releases Wiki Activity

Support unloading profiles in kill and prompt mode

Browse Source 
... in aa-teardown (actually everything that uses rc.apparmor.functions)
and aa-remove-unknown.

Fixes: https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/2093797
This commit is contained in:
Christian Boltz 2025-01-11 19:55:54 +01:00
parent b4cb33b488
commit 1c2d79de7f
No known key found for this signature in database
GPG Key ID: C6A682EA63C82F1C
2 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
parser/rc.apparmor.functions
View File

@ -253,7 +253,7 @@ remove_profiles() {
retval=0 retval=0
# We filter child profiles as removing the parent will remove # We filter child profiles as removing the parent will remove
# the children # the children
sed -e "s/ (\(enforce\|complain\|unconfined\))$//" "$SFS_MOUNTPOINT/profiles" | \ sed -e "s/ (\(enforce\|complain\|prompt\|kill\|unconfined\))$//" "$SFS_MOUNTPOINT/profiles" | \
LC_COLLATE=C sort | grep -v // | { LC_COLLATE=C sort | grep -v // | {
while read -r profile ; do while read -r profile ; do
printf "%s" "$profile" > "$SFS_MOUNTPOINT/.remove" printf "%s" "$profile" > "$SFS_MOUNTPOINT/.remove"

2
utils/aa-remove-unknown
View File

@ -89,7 +89,7 @@ LOADED_PROFILES=$("$PARSER" -N $PROFILE_DIRS) || {
echo "$LOADED_PROFILES" | awk ' echo "$LOADED_PROFILES" | awk '
BEGIN { BEGIN {
while (getline < "'${PROFILES}'" ) { while (getline < "'${PROFILES}'" ) {
sub(/ \((enforce|complain|unconfined)\)$/, "", $0); sub(/ \((enforce|complain|prompt|kill|unconfined)\)$/, "", $0);
if (match($0, /^libvirt-[0-9a-f\-]+$/) == 0) if (match($0, /^libvirt-[0-9a-f\-]+$/) == 0)
arr[$0] = $0 arr[$0] = $0
} }