Here is a patch to standardize on all utils using the "aa-" prefix instead

of a mix of symlinks to non-prefixed comands, and "apparmor_" prefixed
commands.

This also refactors the manpage generation slightly since we no longer
need special cases for the manpages, and drops aa-eventd from the default
list of tools to install (it also lacks a manpage).

common/Make.rules

@@ -169,8 +169,7 @@ install_manpages: $(MANPAGES)
 	$(foreach dir, ${MANDIRS}, \
 	     install -d ${DESTDIR}/${MANDIR}/man${dir} ; \
 	     install -m 644 $(filter %.${dir}, ${MANPAGES}) ${DESTDIR}/${MANDIR}/man${dir}; \
-	     $(foreach aa_page, $(filter %.${dir}, ${AA_MANPAGES}), \
+	)
-	     	ln -sf $(aa_page) ${DESTDIR}/${MANDIR}/man${dir}/${aa_page:%=aa-%};))
 
 %.1: %.pod
 	$(POD2MAN) $< --release=NOVELL/SUSE --center=AppArmor --section=1 > $@

parser/rc.apparmor.functions

@@ -77,7 +77,7 @@ fi
 ABSTRACTIONS="-I${PROFILE_DIR}"
 AA_EV_BIN=/usr/sbin/aa-eventd
 AA_EV_PIDFILE=/var/run/aa-eventd.pid
-AA_STATUS=/usr/sbin/apparmor_status
+AA_STATUS=/usr/sbin/aa-status
 SD_EV_BIN=/usr/sbin/sd-event-dispatch.pl
 SD_EV_PIDFILE=/var/run/sd-event-dispatch.init.pid
 SD_STATUS=/usr/sbin/subdomain_status

utils/Makefile

@@ -27,12 +27,10 @@ common/Make.rules: $(COMMONDIR)/Make.rules
 	ln -sf $(COMMONDIR) .
 endif
 
-TOOLS = genprof logprof autodep audit complain enforce \
+TOOLS = aa-genprof aa-logprof aa-autodep aa-audit aa-complain aa-enforce \
-	unconfined aa-eventd apparmor_status aa-decode \
+	aa-unconfined aa-status aa-decode aa-notify
-	apparmor_notify
 
-AA_MANPAGES = autodep.8 complain.8 enforce.8 logprof.8 genprof.8 unconfined.8 audit.8
+MANPAGES = ${TOOLS:=.8} logprof.conf.5
-MANPAGES    = ${AA_MANPAGES} logprof.conf.5 apparmor_status.8 aa-decode.8 apparmor_notify.8
 
 all: ${MANPAGES} ${HTMLMANPAGES}
 	make -C po all
@@ -51,24 +49,12 @@ install: ${MANPAGES} ${HTMLMANPAGES}
 	install -d ${CONFDIR}
 	install -m 644 logprof.conf severity.db notify.conf ${CONFDIR}
 	install -d ${BINDIR}
-	ln -sf apparmor_status ${BINDIR}/aa-status
-	ln -sf audit ${BINDIR}/aa-audit
-	ln -sf autodep ${BINDIR}/aa-autodep
-	ln -sf complain ${BINDIR}/aa-complain
-	ln -sf enforce ${BINDIR}/aa-enforce
-	ln -sf genprof ${BINDIR}/aa-genprof
-	ln -sf logprof ${BINDIR}/aa-logprof
-	ln -sf unconfined ${BINDIR}/aa-unconfined
-	ln -sf apparmor_notify ${BINDIR}/aa-notify
 	install -m 755 ${TOOLS} ${BINDIR}
 	install -d ${PERLDIR}
 	install -m 755 SubDomain.pm Repository.pm Config.pm Reports.pm Severity.pm ${PERLDIR}
 	make -C po install DESTDIR=${DESTDIR} NAME=${NAME}
 	mkdir -m 0700 -p $(DESTDIR)/var/log/apparmor
 	make install_manpages DESTDIR=${DESTDIR}
-	# special case for apparmor_status
-	ln -sf apparmor_status.8 ${DESTDIR}/${MANDIR}/man8/aa-status.8
-	ln -sf apparmor_notify.8 ${DESTDIR}/${MANDIR}/man8/aa-notify.8
 
 .PHONY: clean
 .SILENT: clean

utils/aa-notify

@@ -276,8 +276,8 @@ sub kill_running_daemons {
     # Look for other daemon instances of this script and kill them. This
     # can happen on logout and back in (in which case $notify_exe fails
     # anyway). 'ps xw' should output something like:
-    #  9987 ?        Ss     0:01 /usr/bin/perl ./bin/apparmor_notify -p
+    #  9987 ?        Ss     0:01 /usr/bin/perl ./bin/aa-notify -p
-    # 10170 ?        Ss     0:00 /usr/bin/perl ./bin/apparmor_notify -p
+    # 10170 ?        Ss     0:00 /usr/bin/perl ./bin/aa-notify -p
     open(PS,"$ps_exe xw|") or die "Unable to run '$ps_exe':$!\n";
     while(<PS>) {
         chomp;
@@ -319,7 +319,7 @@ sub do_notify {
     my $seconds = 5;
     our $time_to_die = 0;
 
-    print "Starting apparmor_notify\n";
+    print "Starting aa-notify\n";
     kill_running_daemons();
 
     # Daemonize, but not if in debug mode
@@ -450,7 +450,7 @@ sub do_notify {
             }
         }
     }
-    print STDERR "Stopping apparmor_notify\n";
+    print STDERR "Stopping aa-notify\n";
 }
 
 sub show_since {
@@ -517,18 +517,18 @@ sub do_show_messages {
 
 sub _warn {
     my $msg = $_[0];
-    print STDERR "apparmor_notify: WARN: $msg\n";
+    print STDERR "aa-notify: WARN: $msg\n";
 }
 sub _error {
     my $msg = $_[0];
-    print STDERR "apparmor_notify: ERROR: $msg\n";
+    print STDERR "aa-notify: ERROR: $msg\n";
     exitscript(1);
 }
 
 sub _debug {
     $opt_d or return;
     my $msg = $_[0];
-    print STDERR "apparmor_notify: DEBUG: $msg\n";
+    print STDERR "aa-notify: DEBUG: $msg\n";
 }
 
 sub exitscript {
@@ -539,7 +539,7 @@ sub exitscript {
 
 sub usage {
     my $s = <<'EOF';
-USAGE: apparmor_notify [OPTIONS]
+USAGE: aa-notify [OPTIONS]
 
 Display AppArmor notifications or messages for DENIED entries.
 

utils/aa-notify.pod

@@ -23,20 +23,20 @@
 
 =head1 NAME
 
-apparmor_notify - display information about logged AppArmor messages.
+aa-notify - display information about logged AppArmor messages.
 
 =head1 SYNOPSIS
 
-B<apparmor_notify> [option]
+B<aa-notify> [option]
 
 =head1 DESCRIPTION
 
-B<apparmor_notify> will display a summary or provide desktop notifications
+B<aa-notify> will display a summary or provide desktop notifications
 for AppArmor DENIED messages.
 
 =head1 OPTIONS
 
-B<apparmor_notify> accepts the following arguments:
+B<aa-notify> accepts the following arguments:
 
 =over 4
 
@@ -78,13 +78,13 @@ displays a short usage statement.
 
 =head1 CONFIGURATION
 
-System-wide configuration for B<apparmor_notify> is done via
+System-wide configuration for B<aa-notify> is done via
 /etc/apparmor/notify.conf:
 
   # set to 'yes' to enable AppArmor DENIED notifications
   show_notifications="yes"
 
-  # only people in use_group can use apparmor_notify
+  # only people in use_group can use aa-notify
   use_group="admin"
 
 Per-user configuration is done via ~/.apparmor/notify.conf:
@@ -94,7 +94,7 @@ Per-user configuration is done via ~/.apparmor/notify.conf:
 
 =head1 BUGS
 
-B<apparmor_notify> needs to be able to read the logfiles containing the
+B<aa-notify> needs to be able to read the logfiles containing the
 AppArmor DENIED messages.
 
 If you find any additional bugs, please report them to Launchpad at

utils/aa-status.pod

@@ -24,16 +24,16 @@
 
 =head1 NAME
 
-apparmor_status - display various information about the current AppArmor
+aa-status - display various information about the current AppArmor
 policy.
 
 =head1 SYNOPSIS
 
-B<apparmor_status> [option]
+B<aa-status> [option]
 
 =head1 DESCRIPTION
 
-B<apparmor_status> will report various aspects of the current state of
+B<aa-status> will report various aspects of the current state of
 AppArmor confinement. By default, it displays the same information as if
 the I<--verbose> argument were given. A sample of what this looks like
 is:
@@ -52,7 +52,7 @@ support being used in scripts.
 
 =head1 OPTIONS
 
-B<apparmor_status> accepts only one argument at a time out of:
+B<aa-status> accepts only one argument at a time out of:
 
 =over 4
 
@@ -85,11 +85,11 @@ displays a short usage statement.
 
 =head1 BUGS
 
-B<apparmor_status> must be run as root to read the state of the loaded
+B<aa-status> must be run as root to read the state of the loaded
 policy from the apparmor module. It uses the /proc filesystem to determine
 which processes are confined and so is susceptible to race conditions.
 
-Upon exiting, B<apparmor_status> will set its return value to the
+Upon exiting, B<aa-status> will set its return value to the
 following values:
 
 =item 0

utils/notify.conf

@@ -11,5 +11,5 @@
 # Set to 'no' to disable AppArmor notifications globally
 show_notifications="yes"
 
-# Only people in use_group can use apparmor-notify
+# Only people in use_group can use aa-notify
 use_group="admin"