remove subdomainfs support

It has been over 10 years since transition from subdomainfs to using securityfs. Lets drop this deprecated code. PR: https://gitlab.com/apparmor/apparmor/merge_requests/258 Signed-off-by: John Johansen <john.johansen@canonical.com> Acked-by: seth.arnold@canonical.com
2025-08-22 10:07:12 +00:00 · 2018-11-03 16:39:49 -07:00 · 2018-11-03 16:39:49 -07:00 · 94ff870f78
commit 94ff870f78
parent 0d5ab43d59
23 changed files with 14 additions and 325 deletions
--- a/changehat/mod_apparmor/mod_apparmor.pod
+++ b/changehat/mod_apparmor/mod_apparmor.pod
@ -139,7 +139,7 @@ them at L<https://bugs.launchpad.net/apparmor/+filebug>.
 =head1 SEE ALSO
-apparmor(7), subdomain.conf(5), apparmor_parser(8), aa_change_hat(2) and
+apparmor(7), apparmor_parser(8), aa_change_hat(2) and
 L<https://wiki.apparmor.net>.
 =cut
--- a/parser/Makefile
+++ b/parser/Makefile
@ -30,7 +30,7 @@ SYSTEMD_UNIT_DIR=${DESTDIR}/usr/lib/systemd/system
 CONFDIR=/etc/apparmor
 INSTALL_CONFDIR=${DESTDIR}${CONFDIR}
 LOCALEDIR=/usr/share/locale
-MANPAGES=apparmor.d.5 apparmor.7 apparmor_parser.8 subdomain.conf.5 aa-teardown.8
+MANPAGES=apparmor.d.5 apparmor.7 apparmor_parser.8 aa-teardown.8
 YACC	:= bison
 YFLAGS	:= -d
@ -72,9 +72,6 @@ endif
 # Internationalization support. Define a package and a LOCALEDIR
 EXTRA_CFLAGS+=-DPACKAGE=\"${NAME}\" -DLOCALEDIR=\"${LOCALEDIR}\"
 # Compile-time configuration of the location of the config file
 EXTRA_CFLAGS+=-DSUBDOMAIN_CONFDIR=\"${CONFDIR}\"
 SRCS = parser_common.c parser_include.c parser_interface.c parser_lex.c \
       parser_main.c parser_misc.c parser_merge.c parser_symtab.c \
       parser_yacc.c parser_regex.c parser_variable.c parser_policy.c \
@ -373,7 +370,6 @@ install-arch: $(INSTALLDEPS)
 .PHONY: install-indep
 install-indep: indep
 	install -m 755 -d $(INSTALL_CONFDIR)
 	install -m 644 subdomain.conf $(INSTALL_CONFDIR)
 	install -m 644 parser.conf $(INSTALL_CONFDIR)
 	install -m 755 -d ${DESTDIR}/var/lib/apparmor
 	install -m 755 -d $(APPARMOR_BIN_PREFIX)
--- a/parser/apparmor.pod
+++ b/parser/apparmor.pod
@ -212,7 +212,7 @@ Else, if auditd is running, see auditd(8) and auditd.conf(5).
 =head1 SEE ALSO
 apparmor_parser(8), aa_change_hat(2), apparmor.d(5),
-subdomain.conf(5), aa-autodep(1), clean(1),
+aa-autodep(1), clean(1),
 auditd(8),
 aa-unconfined(8), aa-enforce(1), aa-complain(1), and
 L<https://wiki.apparmor.net>.
--- a/parser/apparmor_parser.pod
+++ b/parser/apparmor_parser.pod
@ -179,7 +179,7 @@ defined as relative paths.
 Add element n to the search path when resolving #include directives
 defined as an absolute paths.
-=item -f n, --subdomainfs n
+=item -f n, --apparmorfs n
 Set the location of the apparmor security filesystem (default is
 "/sys/kernel/security/apparmor").
@ -408,7 +408,7 @@ L<https://bugs.launchpad.net/apparmor/+filebug>.
 =head1 SEE ALSO
-apparmor(7), apparmor.d(5), subdomain.conf(5), aa_change_hat(2), and
+apparmor(7), apparmor.d(5), aa_change_hat(2), and
 L<https://wiki.apparmor.net>.
 =cut
--- a/parser/parser_include.c
+++ b/parser/parser_include.c
@ -17,21 +17,21 @@
 *   along with this program; if not, contact Canonical, Ltd.
 */
-/* Handle subdomain includes, as a straight forward preprocessing phase.
+/* Handle apparmor includes, as a straight forward preprocessing phase.
   While we are at it we will strip comments.  Why? because it made it
   easier.
   We support 2 types of includes
 #include <name> which searches for the first occurance of name in the
-   subdomain directory path.
+   apparmor directory path.
 #include "name" which will search for a relative or absolute pathed
   file
 -p : preprocess only.  Dump output to stdout
 -I path : add a path to be search by #include < >
-b path : set the base path to something other than /etc/subdomain.d
+-b path : set the base path to something other than /etc/apparmor.d
 */
@ -57,13 +57,6 @@
 /* maximum depth of nesting */
 #define MAX_NEST_LEVEL 100
 /* Location of the subdomain.conf file */
 #ifdef SUBDOMAIN_CONFDIR
 #define SUBDOMAIN_CONF SUBDOMAIN_CONFDIR "/subdomain.conf"
 #else	/* !defined SUBDOMAIN_CONFDIR */
 #define SUBDOMAIN_CONF "/etc/subdomain.conf"
 #endif	/* SUBDOMAIN_CONFDIR */
 static char *path[MAX_PATH] = { NULL };
 static int npath = 0;
@ -71,12 +64,11 @@ static int fgetline(FILE * f, char *buffer, size_t len);
 static int stripcomment(char *s);
 static char *stripblanks(char *s);
-/* default base directory is /etc/subdomain.d, it can be overriden
+/* default base directory is /etc/apparmor.d, it can be overriden
   with the -b option. */
 const char *basedir;
 static const char *default_basedir = "/etc/apparmor.d";
 static const char *old_basedir = "/etc/subdomain.d";
 /* set up basedir so that it can be overridden/used later. */
@ -94,12 +86,6 @@ void init_base_dir(void)
 		basedir = default_basedir;
 		return;
 	}
 	rc = stat(old_basedir, &sbuf);
 	if (rc == 0 && S_ISDIR(sbuf.st_mode)) {
 		basedir = old_basedir;
 		return;
 	}
 }
 /* Set the base dir.  Used to change default path for relative includes */
@ -164,53 +150,9 @@ int add_search_dir(const char *dir)
 	return 1;
 }
 /* Parse Subdomain.conf and put the default dirs in place.  
   subdomain.conf is a shell sourcable file
   we only parse entries starting with
   SUBDOMAIN_PATH=
   if there are multiple entries with SUBDOMAIN_PATH=
   each will get added.
   SUBDOMAIN_PATH=/etc/subdomain.d:/etc/subdomain.d/include
   is the same as
   SUBDOMAIN_PATH=/etc/subdomain.d
   SUBDOMAIN_PATH=/etc/subdomain.d/include */
 void parse_default_paths(void)
 {
-	autofclose FILE *f;
+	add_search_dir(basedir);
 	char buf[1024];
 	char *t, *s;
 	int saved_npath = npath;
 	f = fopen(SUBDOMAIN_CONF, "r");
 	if (f == NULL)
 		goto out;
 	memset(buf, 0, sizeof(buf));
 	while (fgetline(f, buf, 1024)) {
 		if (stripcomment(buf) && (t = strstr(buf, "SUBDOMAIN_PATH="))) {
 			t += 15;
 			/* handle : separating path elements */
 			do {
 				s = strchr(t, ':');
 				if (s)
 					*s = 0;
 				if (!add_search_dir(stripblanks(t)))
 					break;
 				if (s)
 					t = s + 1;
 			} while (s != NULL);
 		}
 	}
 	/* if subdomain.conf doesn't set a base search dir set it to this */
 out:
 	if (npath - saved_npath == 0) {
 		add_search_dir(basedir);
 	}
 }
 FILE *search_path(char *filename, char **fullpath)
--- a/parser/rc.apparmor.functions
+++ b/parser/rc.apparmor.functions
@ -33,25 +33,12 @@
 CONFIG_DIR=/etc/apparmor
 MODULE=apparmor
 OLD_MODULE=subdomain
 if [ -f "${CONFIG_DIR}/${MODULE}.conf" ] ; then
 	APPARMOR_CONF="${CONFIG_DIR}/${MODULE}.conf"
 elif [ -f "${CONFIG_DIR}/${OLD_MODULE}.conf" ] ; then
 	APPARMOR_CONF="${CONFIG_DIR}/${OLD_MODULE}.conf"
 elif [ -f "/etc/immunix/subdomain.conf" ] ; then
 	aa_log_warning_msg "/etc/immunix/subdomain.conf is deprecated, use ${CONFIG_DIR}/subdomain.conf instead"
 	APPARMOR_CONF="/etc/immunix/subdomain.conf"
 elif [ -f "/etc/subdomain.conf" ] ; then
 	aa_log_warning_msg "/etc/subdomain.conf is deprecated, use ${CONFIG_DIR}/subdomain.conf instead"
 	APPARMOR_CONF="/etc/subdomain.conf"
 else
 	aa_log_warning_msg "Unable to find config file in ${CONFIG_DIR}, installation problem?"
 fi
 # Read configuration options from /etc/subdomain.conf, default is to
 # warn if subdomain won't load.
 SUBDOMAIN_MODULE_PANIC="warn"
 SUBDOMAIN_ENABLE_OWLSM="no"
 APPARMOR_ENABLE_AAEVENTD="no"
 if [ -f "${APPARMOR_CONF}" ] ; then
@ -61,28 +48,18 @@ fi
 PARSER=/sbin/apparmor_parser
-# SUBDOMAIN_DIR and APPARMOR_DIR might be defined in subdomain.conf|apparmor.conf
+# APPARMOR_DIR might be defined in apparmor.conf
 if [ -d "${APPARMOR_DIR}" ] ; then
 	PROFILE_DIR=${APPARMOR_DIR}
 elif [ -d "${SUBDOMAIN_DIR}" ] ; then
 	PROFILE_DIR=${SUBDOMAIN_DIR}
 elif [ -d /etc/apparmor.d ] ; then
 	PROFILE_DIR=/etc/apparmor.d
 elif [ -d /etc/subdomain.d ] ; then
 	PROFILE_DIR=/etc/subdomain.d
 fi
 ABSTRACTIONS="-I${PROFILE_DIR}"
 AA_EV_BIN=/usr/sbin/aa-eventd
 AA_EV_PIDFILE=/var/run/aa-eventd.pid
 AA_STATUS=/usr/sbin/aa-status
 SD_EV_BIN=/usr/sbin/sd-event-dispatch.pl
 SD_EV_PIDFILE=/var/run/sd-event-dispatch.init.pid
 SD_STATUS=/usr/sbin/subdomain_status
 SECURITYFS=/sys/kernel/security
 SUBDOMAINFS_MOUNTPOINT=$(grep subdomainfs /etc/fstab  | \
 	sed -e 's|^[[:space:]]*[^[:space:]]\+[[:space:]]\+\(/[^[:space:]]*\)[[:space:]]\+subdomainfs.*$|\1|' 2> /dev/null)
 # keep exit status from parser during profile load.  0 is good, 1 is bad
 STATUS=0
@ -96,9 +73,6 @@ is_apparmor_present() {
 		shift
 	done
 	# check for subdomainfs version of module
 	grep -qE "^($modules)[[:space:]]" /proc/modules
 	[ $? -ne 0 -a -d /sys/module/apparmor ]
 	return $?
@ -249,44 +223,17 @@ failstop_system() {
 	return 255
 }
 module_panic() {
 	# the module failed to load, determine what action should be taken
 	case "$SUBDOMAIN_MODULE_PANIC" in
 		"warn"|"WARN")
 			return 1 ;;
 		"panic"|"PANIC") failstop_system
 			rc=$?
 			return $rc ;;
 		*) aa_log_failure_msg "- invalid AppArmor module fail option"
 			return 255 ;;
 	esac
 }
 is_apparmor_loaded() {
 	if ! is_securityfs_mounted ; then
 		mount_securityfs
 	fi
 	mount_subdomainfs
 	if [ -f "${SECURITYFS}/${MODULE}/profiles" ]; then
 		SFS_MOUNTPOINT="${SECURITYFS}/${MODULE}"
 		return 0
 	fi
-	if [ -f "${SECURITYFS}/${OLD_MODULE}/profiles" ]; then
+	is_apparmor_present apparmor
 		SFS_MOUNTPOINT="${SECURITYFS}/${OLD_MODULE}"
 		return 0
 	fi
 	if [ -f "${SUBDOMAINFS_MOUNTPOINT}/profiles" ]; then
 		SFS_MOUNTPOINT=${SUBDOMAINFS_MOUNTPOINT}
 		return 0
 	fi
 	# check for subdomainfs version of module
 	is_apparmor_present apparmor subdomain
 	return $?
 }
@ -305,26 +252,6 @@ mount_securityfs() {
 	return 0
 }
 mount_subdomainfs() {
 	# for backwords compatibility
 	if grep -q subdomainfs /proc/filesystems && \
 	   ! grep -q subdomainfs /proc/mounts && \
 	   [ -n "${SUBDOMAINFS_MOUNTPOINT}" ]; then
 		aa_action "Mounting subdomainfs on ${SUBDOMAINFS_MOUNTPOINT}" \
 				mount "${SUBDOMAINFS_MOUNTPOINT}"
 		return $?
 	fi
 	return 0
 }
 unmount_subdomainfs() {
 	SUBDOMAINFS=$(grep subdomainfs /proc/mounts  | cut -d" " -f2 2> /dev/null)
 	if [ -n "${SUBDOMAINFS}" ]; then
 		aa_action "Unmounting subdomainfs" umount ${SUBDOMAINFS}
 	fi
 }
 apparmor_start() {
 	aa_log_daemon_msg "Starting AppArmor"
 	if ! is_apparmor_present ; then
@ -358,7 +285,7 @@ apparmor_start() {
 remove_profiles() {
-	# removing profiles as we directly read from subdomainfs
+	# removing profiles as we directly read from apparmorfs
 	# doesn't work, since we are removing entries which screws up
 	# our position.  Lets hope there are never enough profiles to
 	# overflow the variable
@ -406,11 +333,8 @@ apparmor_kill() {
 		return 1
 	fi
 	unmount_subdomainfs
 	if is_apparmor_present apparmor ; then
 		MODULE=apparmor
 	elif is_apparmor_present subdomain ; then
 		MODULE=subdomain
 	else
 		aa_log_failure_msg "AppArmor is builtin"
 		return 1
@ -457,27 +381,11 @@ apparmor_try_restart() {
 	return $?
 }
 configure_owlsm () {
 	if [ "${SUBDOMAIN_ENABLE_OWLSM}" = "yes" -a -f ${SFS_MOUNTPOINT}/control/owlsm ] ; then
 		# Sigh, the "sh -c" is necessary for the SuSE aa_action
 		# and it can't be abstracted out as a seperate function, as
 		# that breaks under RedHat's action, which needs a
 		# binary to invoke.
 		aa_action "Enabling OWLSM extension" sh -c "echo -n \"1\" > \"${SFS_MOUNTPOINT}/control/owlsm\""
 	elif [ -f "${SFS_MOUNTPOINT}/control/owlsm" ] ; then
 		aa_action "Disabling OWLSM extension" sh -c "echo -n \"0\" > \"${SFS_MOUNTPOINT}/control/owlsm\""
 	fi
 }
 apparmor_status () {
 	if test -x ${AA_STATUS} ; then
 		${AA_STATUS} --verbose
 		return $?
 	fi
 	if test -x ${SD_STATUS} ; then
 		${SD_STATUS} --verbose
 		return $?
 	fi
 	if ! is_apparmor_loaded ; then
 		echo "AppArmor is not loaded."
 		rc=1
--- a/parser/subdomain.conf
+++ b/parser/subdomain.conf
@ -1,53 +0,0 @@
 # subdomain.conf is a shared AppArmor configuration file that is sh sourcable.
 ################## AppArmor init.d configuration ################
 # Move this to /etc/sysconfig/apparmor eventually
 ## Path: 	System/AppArmor
 ## Description: Enable the OWLSM extension to AppArmor
 ## Type: 	yesno
 ## Default:	no
 #
 # Enable OWLSM extension to AppArmor?
 # OWLSM is an extension to AppArmor that prevents processes from
 # following symlinks they don't own and creating hardlinks to files they
 # don't own, in an attempt to prevent /tmp race attacks. However, OWLSM
 # can break some applications, so is disabled by default.
 SUBDOMAIN_ENABLE_OWLSM="no"
 ## Path: 	System/AppArmor
 ## Description: Enable the AppArmor event daemon for reporting
 ## Type: 	yesno
 ## Default:	no
 #
 # Enable the AppArmor event daemon for reporting?
 APPARMOR_ENABLE_AAEVENTD="no"
 #SUBDOMAIN_MODULE_PANIC=XXX
 #This option controls how subdomain behaves when the init script attempts
 #to load the AppArmor module and fails.  There are 4 options
 #warn  - log a failure message. (default behavior)
 #build - attempt to build the AppArmor module is the module can't be loaded.
 #        If successful
 #           the module will be built for the running kernel and loaded.
 #        If the build fails
 #           a failure message is logged
 #panic - If the AppArmor module fails to load
 #           a failure message will be logged
 #           and the machine will drop to runlevel 1 (single user)
 #build-panic - If the AppArmor module fails to load
 #                 attempt to build the module
 #                 If building the module fails
 #                    panic (drop to runlevel 1)  
 #SUBDOMAIN_MODULE_PANIC=warn
 ################## subdomain_parser configuration ################
 #SUBDOMAIN_PATH=XXXX
 #This option specifies the include path that the subdomain_parser will
 #use by default.  If no entry is specified /etc/subdomain.d is used by
 #default.
 #SUBDOMAIN_PATH=/etc/subdomain.d
--- a/parser/subdomain.conf.pod
+++ b/parser/subdomain.conf.pod
@ -1,104 +0,0 @@
 # ----------------------------------------------------------------------
 #    Copyright (c) 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007,
 #                  2008, 2009
 #    NOVELL (All rights reserved)
 #
 #    Copyright (c) 2010 - 2012
 #    Canonical Ltd. (All rights reserved)
 #
 #    This program is free software; you can redistribute it and/or
 #    modify it under the terms of version 2 of the GNU General Public
 #    License published by the Free Software Foundation.
 #
 #    This program is distributed in the hope that it will be useful,
 #    but WITHOUT ANY WARRANTY; without even the implied warranty of
 #    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 #    GNU General Public License for more details.
 #
 #    You should have received a copy of the GNU General Public License
 #    along with this program; if not, contact Novell, Inc.
 # ----------------------------------------------------------------------
 =pod
 =head1 NAME
 /etc/apparmor/subdomain.conf - configuration file for fine-tuning the
 behavior of the AppArmor security tool.
 =head1 DESCRIPTION
 The AppArmor security tool can be configured to have
 certain default behaviors based on configuration options set
 in subdomain.conf. There are two variables that can be set in
 subdomain.conf: B<SUBDOMAIN_PATH>, and B<SUBDOMAIN_MODULE_PANIC>.
 =begin comment
 FIXME keep quiet about OWLSM support for now.
 =head2 SUBDOMAIN_ENABLE_OWLSM
 This veriable is a yes/no toggle and is by default set to I<no>.
 This variable determines whether the AppArmor initscript will enable
 or disable the OWLsm security extension to AppArmor when the AppArmor
 security tool is started. When enabled the OWLsm feature prevents programs
 from following symlinks in temporary directories that are not owned by
 the program's UID, and prevents processes from creating hardlinks to
 files not owned by their UID.
 =end comment
 =head2 SUBDOMAIN_PATH
 This variable accepts a string (path), and is by default set to
 '/etc/apparmor.d/' This variable defines where the AppArmor security
 tool looks for its policy definitions (a.k.a. AppArmor profiles).
 =head2 SUBDOMAIN_MODULE_PANIC
 This variable accepts a string that is one of four values: I<warn>,
 I<build>, I<panic>, or I<build-panic>, and is set by default to I<warn>. 
 This setting controls the behavior of the AppArmor initscript if it
 cannot successfully load the AppArmor kernel module on startup. The four
 possible settings are:
 =over 4
 =item I<warn> 
 Log a failure message (the default behavior).
 =item I<build> 
 Attempt to build the AppArmor module against the currently running
 kernel. If the compilation is successful, the module will be loaded and
 AppArmor started; if the compilation fails, a failure message is logged.
 =item I<panic> 
 Log a failure message and drop to runlevel 1 (single user).
 =item I<build-panic>
 Attempt to build the module against the running kernel (like I<build>)
 and if the compilation fails, drop to runlevel 1 (single user).
 =back
 =head1 BUGS
 Setting the initscript to recompile the module will fail on SUSE, as the
 module source is no longer installed by default. However, the module has
 been included with the SUSE kernel, so no rebuilding should be necessary.
 If you find any additional bugs, please report them at
 L<https://bugs.launchpad.net/apparmor/+filebug>.
 =head1 SEE ALSO
 apparmor(7), apparmor_parser(8), and
 L<https://wiki.apparmor.net>.
--- a/tests/stress/subdomain/Makefile
+++ b/tests/stress/subdomain/Makefile
--- a/tests/stress/subdomain/change_hat.c
+++ b/tests/stress/subdomain/change_hat.c
--- a/tests/stress/subdomain/change_hat.profile.pre
+++ b/tests/stress/subdomain/change_hat.profile.pre
--- a/tests/stress/subdomain/child.c
+++ b/tests/stress/subdomain/child.c
--- a/tests/stress/subdomain/child.profile.pre
+++ b/tests/stress/subdomain/child.profile.pre
--- a/tests/stress/subdomain/kill.sh
+++ b/tests/stress/subdomain/kill.sh
--- a/tests/stress/subdomain/open.c
+++ b/tests/stress/subdomain/open.c
--- a/tests/stress/subdomain/open.profile.pre
+++ b/tests/stress/subdomain/open.profile.pre
--- a/tests/stress/subdomain/s-2.4.20.sh
+++ b/tests/stress/subdomain/s-2.4.20.sh
--- a/tests/stress/subdomain/s.sh
+++ b/tests/stress/subdomain/s.sh
--- a/tests/stress/subdomain/sh.profile.pre
+++ b/tests/stress/subdomain/sh.profile.pre
--- a/tests/stress/subdomain/stress.sh
+++ b/tests/stress/subdomain/stress.sh
--- a/tests/stress/subdomain/stress.sh-2.4.20
+++ b/tests/stress/subdomain/stress.sh-2.4.20
--- a/tests/stress/subdomain/uservars.inc
+++ b/tests/stress/subdomain/uservars.inc
--- a/utils/apparmor/config.py
+++ b/utils/apparmor/config.py
@ -40,7 +40,7 @@ from apparmor.common import AppArmorException, open_file_read  # , warn, msg,
 # CFG = None
 # REPO_CFG = None
-# SHELL_FILES = ['easyprof.conf', 'notify.conf', 'parser.conf', 'subdomain.conf']
+# SHELL_FILES = ['easyprof.conf', 'notify.conf', 'parser.conf']
 class Config(object):
    def __init__(self, conf_type, conf_dir='/etc/apparmor'):
        self.CONF_DIR = conf_dir