Subject: initscript: kill rebuild option

[This is a slight update to a patch originally by jjohansen@suse.de] The ability of the rcapparmor initscript to rebuild the apparmor module if attmepts to load the module failed had been broken for a while; this patch rips out the option altogether. The ability to drop to runlevel 1 if the apparmor module can't be loaded is still available, if not recently tested.
2025-08-29 21:38:15 +00:00 · 2007-04-04 21:28:43 +00:00 · 2007-04-04 21:28:43 +00:00 · f309bbd8e7
commit f309bbd8e7
parent 5cc6094944
2 changed files with 1 additions and 45 deletions
--- a/parser/apparmor-parser.spec.in
+++ b/parser/apparmor-parser.spec.in
@ -159,6 +159,7 @@ fi
 * Wed Apr  4 2007 - sbeattie@suse.de
 - rcapparmor: fix dpkg ignore check
 - rcapparmor: support apparmor built into kernel
+- rcapparmor: kill old cruft
 * Tue Apr  3 2007 - sbeattie@suse.de
 - Add manpages to package
 * Thu Mar 29 2007 - coolo@suse.de
--- a/parser/rc.apparmor.functions
+++ b/parser/rc.apparmor.functions
@ -86,7 +86,6 @@ SECURITYFS=/sys/kernel/security

 SUBDOMAINFS_MOUNTPOINT=$(grep subdomainfs /etc/fstab  | \
 	sed -e 's|^[[:space:]]*[^[:space:]]\+[[:space:]]\+\(/[^[:space:]]*\)[[:space:]]\+subdomainfs.*$|\1|' 2> /dev/null)
-SUBDOMAIN_SRC="/usr/src/kernel-modules/SubDomain/module"

 if [ -d "/var/lib/${MODULE}" ] ; then
 	APPARMOR_TMPDIR="/var/lib/${MODULE}"
@ -190,40 +189,6 @@ profiles_names_list() {
 	done
 }

-rebuild_subdomain() {
-	if [ -d "$SUBDOMAIN_SRC" ] ; then
-		# only try to rebuild for the running kernel
-		cd "$SUBDOMAIN_SRC"
-		kernelver=`uname -r`
-                kernelsrc=`readlink "/lib/modules/$kernelver/build"`
-		line="KERNELVER=$kernelver KERNELSRC=$kernelsrc"
-		/usr/bin/env $line ${SUBDOMAIN_SRC}/BUILD-SUBDOMAIN ;
-		rc=$?
-		if [ $rc -ne 0 ] ; then
-			sd_log_failure_msg "- could not rebuild AppArmor module"
-			return $rc
-		fi
-		depmod -a
-		rc=$?
-		if [ $rc -ne 0 ] ; then
-			sd_log_failure_msg "- could not set AppArmor module dependencies"
-			return $rc ;
-		fi	
-
-		sd_action "Loading AppArmor module" /sbin/modprobe $MODULE $1
-		rc=$?
-		if [ $rc -ne 0 ] ; then
-			# we couldn't find the module
-			sd_log_failure_msg "- could not load rebuilt AppArmor module"
-			rc=$?
-			return $rc
-		fi
-	else
-		sd_log_failure_msg "- could not rebuild AppArmor, module source not found."
-		return -1
-	fi
-}
-
 failstop_system() {
 	level=$(runlevel | cut -d" " -f2)
 	if [ $level -ne "1" ] ; then
@ -241,16 +206,6 @@ module_panic() {
 	case "$SUBDOMAIN_MODULE_PANIC" in
 		"warn"|"WARN")
 			return 1 ;;
-		"build"|"BUILD") rebuild_subdomain
-			rc=$?
-			return $rc ;;
-		"build-panic"|"BUILD-PANIC") rebuild_subdomain
-			rc=$?
-			if [ $rc -ne 0 ] ; then
-				failstop_system
-				rc=$?
-			fi
-			return $rc ;;
 		"panic"|"PANIC") failstop_system
 			rc=$?
 			return $rc ;;