mir/apparmor
2
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor synced 2025-08-31 06:16:03 +00:00
Code Issues Releases Wiki Activity

This patch fixes up a couple of bashisms in the rc.apparmor.functions

Browse Source 
file that prevented it from working correctly on systems where /bin/sh
isn't bash, and is probably more readable to boot. It still will parse
things properly when confined binaries or thier corresponding profiles
contain spaces in their names.

Fix based on feedback and patches from Arkadiusz Miskiewicz
<arekm@maven.pl>/PLD and Kees Cook/Ubuntu.
This commit is contained in:
Steve Beattie
2007-03-27 18:38:28 +00:00
parent c54f56b49f
commit 79e6a4fec5
2 changed files with 5 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
parser/rc.apparmor.functions
View File

@@ -129,7 +129,7 @@ parse_profiles() {
return 1
fi
if [ "X" == "X$(ls $PROFILE_DIR/)" ]; then
if [ -z "$(ls $PROFILE_DIR/)" ]; then
sd_log_skipped_msg "- No profiles found\nNo AppArmor policy loaded."
return 1
fi
@@ -388,7 +388,7 @@ remove_profiles() {
fi
retval=0
IFS=$'\n' && for profile in $(sed -e "s/ (\(enforce\|complain\))$//" "$SFS_MOUNTPOINT/profiles") ; do
sed -e "s/ (\(enforce\|complain\))$//" "$SFS_MOUNTPOINT/profiles" | while read profile ; do
echo "\"$profile\" { }" | $PARSER -R >/dev/null
rc=$?
if [ ${rc} -ne 0 ] ; then
@@ -431,9 +431,7 @@ __subdomain_restart() {
profiles_names_list ${PNAMES_LIST}
MODULE_PLIST=$(mktemp ${APPARMOR_TMPDIR}/tmp.XXXXXXXX)
sed -e "s/ (\(enforce\|complain\))$//" "$SFS_MOUNTPOINT/profiles" | sort >"$MODULE_PLIST"
#profiles=$(cat $PNAMES_LIST | sort | comm -2 -3 "$MODULE_PLIST" -)
#for profile in $profiles ; do
IFS=$'\n' && for profile in $(cat $PNAMES_LIST | sort | comm -2 -3 "$MODULE_PLIST" -) ; do
sort "$PNAMES_LIST" | comm -2 -3 "$MODULE_PLIST" - | while read profile ; do
echo "\"$profile\" {}" | $PARSER -R >/dev/null
done
rm "$MODULE_PLIST"