diff --git a/common/Make.rules b/common/Make.rules index 97a0dece0..b945dc993 100644 --- a/common/Make.rules +++ b/common/Make.rules @@ -169,8 +169,7 @@ install_manpages: $(MANPAGES) $(foreach dir, ${MANDIRS}, \ install -d ${DESTDIR}/${MANDIR}/man${dir} ; \ install -m 644 $(filter %.${dir}, ${MANPAGES}) ${DESTDIR}/${MANDIR}/man${dir}; \ - $(foreach aa_page, $(filter %.${dir}, ${AA_MANPAGES}), \ - ln -sf $(aa_page) ${DESTDIR}/${MANDIR}/man${dir}/${aa_page:%=aa-%};)) + ) %.1: %.pod $(POD2MAN) $< --release=NOVELL/SUSE --center=AppArmor --section=1 > $@ diff --git a/parser/rc.apparmor.functions b/parser/rc.apparmor.functions index cc95282b2..226cdb9f2 100644 --- a/parser/rc.apparmor.functions +++ b/parser/rc.apparmor.functions @@ -77,7 +77,7 @@ fi ABSTRACTIONS="-I${PROFILE_DIR}" AA_EV_BIN=/usr/sbin/aa-eventd AA_EV_PIDFILE=/var/run/aa-eventd.pid -AA_STATUS=/usr/sbin/apparmor_status +AA_STATUS=/usr/sbin/aa-status SD_EV_BIN=/usr/sbin/sd-event-dispatch.pl SD_EV_PIDFILE=/var/run/sd-event-dispatch.init.pid SD_STATUS=/usr/sbin/subdomain_status diff --git a/utils/Makefile b/utils/Makefile index 1ee7691a2..15bd1b623 100644 --- a/utils/Makefile +++ b/utils/Makefile @@ -27,12 +27,10 @@ common/Make.rules: $(COMMONDIR)/Make.rules ln -sf $(COMMONDIR) . endif -TOOLS = genprof logprof autodep audit complain enforce \ - unconfined aa-eventd apparmor_status aa-decode \ - apparmor_notify +TOOLS = aa-genprof aa-logprof aa-autodep aa-audit aa-complain aa-enforce \ + aa-unconfined aa-status aa-decode aa-notify -AA_MANPAGES = autodep.8 complain.8 enforce.8 logprof.8 genprof.8 unconfined.8 audit.8 -MANPAGES = ${AA_MANPAGES} logprof.conf.5 apparmor_status.8 aa-decode.8 apparmor_notify.8 +MANPAGES = ${TOOLS:=.8} logprof.conf.5 all: ${MANPAGES} ${HTMLMANPAGES} make -C po all @@ -51,24 +49,12 @@ install: ${MANPAGES} ${HTMLMANPAGES} install -d ${CONFDIR} install -m 644 logprof.conf severity.db notify.conf ${CONFDIR} install -d ${BINDIR} - ln -sf apparmor_status ${BINDIR}/aa-status - ln -sf audit ${BINDIR}/aa-audit - ln -sf autodep ${BINDIR}/aa-autodep - ln -sf complain ${BINDIR}/aa-complain - ln -sf enforce ${BINDIR}/aa-enforce - ln -sf genprof ${BINDIR}/aa-genprof - ln -sf logprof ${BINDIR}/aa-logprof - ln -sf unconfined ${BINDIR}/aa-unconfined - ln -sf apparmor_notify ${BINDIR}/aa-notify install -m 755 ${TOOLS} ${BINDIR} install -d ${PERLDIR} install -m 755 SubDomain.pm Repository.pm Config.pm Reports.pm Severity.pm ${PERLDIR} make -C po install DESTDIR=${DESTDIR} NAME=${NAME} mkdir -m 0700 -p $(DESTDIR)/var/log/apparmor make install_manpages DESTDIR=${DESTDIR} - # special case for apparmor_status - ln -sf apparmor_status.8 ${DESTDIR}/${MANDIR}/man8/aa-status.8 - ln -sf apparmor_notify.8 ${DESTDIR}/${MANDIR}/man8/aa-notify.8 .PHONY: clean .SILENT: clean diff --git a/utils/audit b/utils/aa-audit similarity index 100% rename from utils/audit rename to utils/aa-audit diff --git a/utils/audit.pod b/utils/aa-audit.pod similarity index 100% rename from utils/audit.pod rename to utils/aa-audit.pod diff --git a/utils/autodep b/utils/aa-autodep similarity index 100% rename from utils/autodep rename to utils/aa-autodep diff --git a/utils/autodep.pod b/utils/aa-autodep.pod similarity index 100% rename from utils/autodep.pod rename to utils/aa-autodep.pod diff --git a/utils/complain b/utils/aa-complain similarity index 100% rename from utils/complain rename to utils/aa-complain diff --git a/utils/complain.pod b/utils/aa-complain.pod similarity index 100% rename from utils/complain.pod rename to utils/aa-complain.pod diff --git a/utils/enforce b/utils/aa-enforce similarity index 100% rename from utils/enforce rename to utils/aa-enforce diff --git a/utils/enforce.pod b/utils/aa-enforce.pod similarity index 100% rename from utils/enforce.pod rename to utils/aa-enforce.pod diff --git a/utils/genprof b/utils/aa-genprof similarity index 100% rename from utils/genprof rename to utils/aa-genprof diff --git a/utils/genprof.pod b/utils/aa-genprof.pod similarity index 100% rename from utils/genprof.pod rename to utils/aa-genprof.pod diff --git a/utils/logprof b/utils/aa-logprof similarity index 100% rename from utils/logprof rename to utils/aa-logprof diff --git a/utils/logprof.pod b/utils/aa-logprof.pod similarity index 100% rename from utils/logprof.pod rename to utils/aa-logprof.pod diff --git a/utils/apparmor_notify b/utils/aa-notify similarity index 97% rename from utils/apparmor_notify rename to utils/aa-notify index 6a11cbff2..a6ed65213 100755 --- a/utils/apparmor_notify +++ b/utils/aa-notify @@ -276,8 +276,8 @@ sub kill_running_daemons { # Look for other daemon instances of this script and kill them. This # can happen on logout and back in (in which case $notify_exe fails # anyway). 'ps xw' should output something like: - # 9987 ? Ss 0:01 /usr/bin/perl ./bin/apparmor_notify -p - # 10170 ? Ss 0:00 /usr/bin/perl ./bin/apparmor_notify -p + # 9987 ? Ss 0:01 /usr/bin/perl ./bin/aa-notify -p + # 10170 ? Ss 0:00 /usr/bin/perl ./bin/aa-notify -p open(PS,"$ps_exe xw|") or die "Unable to run '$ps_exe':$!\n"; while() { chomp; @@ -319,7 +319,7 @@ sub do_notify { my $seconds = 5; our $time_to_die = 0; - print "Starting apparmor_notify\n"; + print "Starting aa-notify\n"; kill_running_daemons(); # Daemonize, but not if in debug mode @@ -450,7 +450,7 @@ sub do_notify { } } } - print STDERR "Stopping apparmor_notify\n"; + print STDERR "Stopping aa-notify\n"; } sub show_since { @@ -517,18 +517,18 @@ sub do_show_messages { sub _warn { my $msg = $_[0]; - print STDERR "apparmor_notify: WARN: $msg\n"; + print STDERR "aa-notify: WARN: $msg\n"; } sub _error { my $msg = $_[0]; - print STDERR "apparmor_notify: ERROR: $msg\n"; + print STDERR "aa-notify: ERROR: $msg\n"; exitscript(1); } sub _debug { $opt_d or return; my $msg = $_[0]; - print STDERR "apparmor_notify: DEBUG: $msg\n"; + print STDERR "aa-notify: DEBUG: $msg\n"; } sub exitscript { @@ -539,7 +539,7 @@ sub exitscript { sub usage { my $s = <<'EOF'; -USAGE: apparmor_notify [OPTIONS] +USAGE: aa-notify [OPTIONS] Display AppArmor notifications or messages for DENIED entries. diff --git a/utils/apparmor_notify.pod b/utils/aa-notify.pod similarity index 84% rename from utils/apparmor_notify.pod rename to utils/aa-notify.pod index 9ed4adb45..b7b39b2a8 100644 --- a/utils/apparmor_notify.pod +++ b/utils/aa-notify.pod @@ -23,20 +23,20 @@ =head1 NAME -apparmor_notify - display information about logged AppArmor messages. +aa-notify - display information about logged AppArmor messages. =head1 SYNOPSIS -B [option] +B [option] =head1 DESCRIPTION -B will display a summary or provide desktop notifications +B will display a summary or provide desktop notifications for AppArmor DENIED messages. =head1 OPTIONS -B accepts the following arguments: +B accepts the following arguments: =over 4 @@ -78,13 +78,13 @@ displays a short usage statement. =head1 CONFIGURATION -System-wide configuration for B is done via +System-wide configuration for B is done via /etc/apparmor/notify.conf: # set to 'yes' to enable AppArmor DENIED notifications show_notifications="yes" - # only people in use_group can use apparmor_notify + # only people in use_group can use aa-notify use_group="admin" Per-user configuration is done via ~/.apparmor/notify.conf: @@ -94,7 +94,7 @@ Per-user configuration is done via ~/.apparmor/notify.conf: =head1 BUGS -B needs to be able to read the logfiles containing the +B needs to be able to read the logfiles containing the AppArmor DENIED messages. If you find any additional bugs, please report them to Launchpad at diff --git a/utils/apparmor_status b/utils/aa-status similarity index 100% rename from utils/apparmor_status rename to utils/aa-status diff --git a/utils/apparmor_status.pod b/utils/aa-status.pod similarity index 88% rename from utils/apparmor_status.pod rename to utils/aa-status.pod index 6d3184098..2964c553e 100644 --- a/utils/apparmor_status.pod +++ b/utils/aa-status.pod @@ -24,16 +24,16 @@ =head1 NAME -apparmor_status - display various information about the current AppArmor +aa-status - display various information about the current AppArmor policy. =head1 SYNOPSIS -B [option] +B [option] =head1 DESCRIPTION -B will report various aspects of the current state of +B will report various aspects of the current state of AppArmor confinement. By default, it displays the same information as if the I<--verbose> argument were given. A sample of what this looks like is: @@ -52,7 +52,7 @@ support being used in scripts. =head1 OPTIONS -B accepts only one argument at a time out of: +B accepts only one argument at a time out of: =over 4 @@ -85,11 +85,11 @@ displays a short usage statement. =head1 BUGS -B must be run as root to read the state of the loaded +B must be run as root to read the state of the loaded policy from the apparmor module. It uses the /proc filesystem to determine which processes are confined and so is susceptible to race conditions. -Upon exiting, B will set its return value to the +Upon exiting, B will set its return value to the following values: =item 0 diff --git a/utils/unconfined b/utils/aa-unconfined similarity index 100% rename from utils/unconfined rename to utils/aa-unconfined diff --git a/utils/unconfined.pod b/utils/aa-unconfined.pod similarity index 100% rename from utils/unconfined.pod rename to utils/aa-unconfined.pod diff --git a/utils/notify.conf b/utils/notify.conf index 08b7f5d22..82a0067ec 100644 --- a/utils/notify.conf +++ b/utils/notify.conf @@ -11,5 +11,5 @@ # Set to 'no' to disable AppArmor notifications globally show_notifications="yes" -# Only people in use_group can use apparmor-notify +# Only people in use_group can use aa-notify use_group="admin"