mirror of
https://gitlab.com/apparmor/apparmor
synced 2025-08-29 21:38:15 +00:00
Subject: initscript: kill rebuild option
[This is a slight update to a patch originally by jjohansen@suse.de] The ability of the rcapparmor initscript to rebuild the apparmor module if attmepts to load the module failed had been broken for a while; this patch rips out the option altogether. The ability to drop to runlevel 1 if the apparmor module can't be loaded is still available, if not recently tested.
This commit is contained in:
parent
5cc6094944
commit
f309bbd8e7
@ -159,6 +159,7 @@ fi
|
||||
* Wed Apr 4 2007 - sbeattie@suse.de
|
||||
- rcapparmor: fix dpkg ignore check
|
||||
- rcapparmor: support apparmor built into kernel
|
||||
- rcapparmor: kill old cruft
|
||||
* Tue Apr 3 2007 - sbeattie@suse.de
|
||||
- Add manpages to package
|
||||
* Thu Mar 29 2007 - coolo@suse.de
|
||||
|
@ -86,7 +86,6 @@ SECURITYFS=/sys/kernel/security
|
||||
|
||||
SUBDOMAINFS_MOUNTPOINT=$(grep subdomainfs /etc/fstab | \
|
||||
sed -e 's|^[[:space:]]*[^[:space:]]\+[[:space:]]\+\(/[^[:space:]]*\)[[:space:]]\+subdomainfs.*$|\1|' 2> /dev/null)
|
||||
SUBDOMAIN_SRC="/usr/src/kernel-modules/SubDomain/module"
|
||||
|
||||
if [ -d "/var/lib/${MODULE}" ] ; then
|
||||
APPARMOR_TMPDIR="/var/lib/${MODULE}"
|
||||
@ -190,40 +189,6 @@ profiles_names_list() {
|
||||
done
|
||||
}
|
||||
|
||||
rebuild_subdomain() {
|
||||
if [ -d "$SUBDOMAIN_SRC" ] ; then
|
||||
# only try to rebuild for the running kernel
|
||||
cd "$SUBDOMAIN_SRC"
|
||||
kernelver=`uname -r`
|
||||
kernelsrc=`readlink "/lib/modules/$kernelver/build"`
|
||||
line="KERNELVER=$kernelver KERNELSRC=$kernelsrc"
|
||||
/usr/bin/env $line ${SUBDOMAIN_SRC}/BUILD-SUBDOMAIN ;
|
||||
rc=$?
|
||||
if [ $rc -ne 0 ] ; then
|
||||
sd_log_failure_msg "- could not rebuild AppArmor module"
|
||||
return $rc
|
||||
fi
|
||||
depmod -a
|
||||
rc=$?
|
||||
if [ $rc -ne 0 ] ; then
|
||||
sd_log_failure_msg "- could not set AppArmor module dependencies"
|
||||
return $rc ;
|
||||
fi
|
||||
|
||||
sd_action "Loading AppArmor module" /sbin/modprobe $MODULE $1
|
||||
rc=$?
|
||||
if [ $rc -ne 0 ] ; then
|
||||
# we couldn't find the module
|
||||
sd_log_failure_msg "- could not load rebuilt AppArmor module"
|
||||
rc=$?
|
||||
return $rc
|
||||
fi
|
||||
else
|
||||
sd_log_failure_msg "- could not rebuild AppArmor, module source not found."
|
||||
return -1
|
||||
fi
|
||||
}
|
||||
|
||||
failstop_system() {
|
||||
level=$(runlevel | cut -d" " -f2)
|
||||
if [ $level -ne "1" ] ; then
|
||||
@ -241,16 +206,6 @@ module_panic() {
|
||||
case "$SUBDOMAIN_MODULE_PANIC" in
|
||||
"warn"|"WARN")
|
||||
return 1 ;;
|
||||
"build"|"BUILD") rebuild_subdomain
|
||||
rc=$?
|
||||
return $rc ;;
|
||||
"build-panic"|"BUILD-PANIC") rebuild_subdomain
|
||||
rc=$?
|
||||
if [ $rc -ne 0 ] ; then
|
||||
failstop_system
|
||||
rc=$?
|
||||
fi
|
||||
return $rc ;;
|
||||
"panic"|"PANIC") failstop_system
|
||||
rc=$?
|
||||
return $rc ;;
|
||||
|
Loading…
x
Reference in New Issue
Block a user