use libapparmor's find mountpoint fn to find the interface

Drop support for the old subdomainfs mountpoint and use the fn exported by libapparmor. Signed-off-by: John Johansen <john.johansen@canonical.com> Acked-by: Seth Arnold <seth.arnold@canonical.com>
2025-08-22 10:07:12 +00:00 · 2013-09-29 02:44:19 -07:00 · 2013-09-29 02:44:19 -07:00 · f85bf5fa68
commit f85bf5fa68
parent d22b985e3f
2 changed files with 4 additions and 52 deletions
--- a/parser/Makefile
+++ b/parser/Makefile
@ -86,6 +86,7 @@ AAREDIR= libapparmor_re
 AAREOBJECT = ${AAREDIR}/libapparmor_re.a
 AAREOBJECTS = $(AAREOBJECT) libstdc++.a
 AARE_LDFLAGS=-static-libgcc -L.
+AALIB = -lapparmor

 LEX_C_FILES	= parser_lex.c
 YACC_C_FILES	= parser_yacc.c parser_yacc.h
@ -154,7 +155,7 @@ libstdc++.a:

 apparmor_parser: $(OBJECTS) $(AAREOBJECTS)
 	$(CXX) $(LDFLAGS) $(EXTRA_CFLAGS) -o $@ $(OBJECTS) $(LIBS) \
-	      ${LEXLIB}  $(AAREOBJECTS) $(AARE_LDFLAGS)
+	      ${LEXLIB}  $(AAREOBJECTS) $(AARE_LDFLAGS) $(AALIB)

 parser_yacc.c parser_yacc.h: parser_yacc.y parser.h profile.h
 	$(YACC) $(YFLAGS) -o parser_yacc.c parser_yacc.y
--- a/parser/parser_main.c
+++ b/parser/parser_main.c
@ -28,7 +28,6 @@
 #include <getopt.h>
 #include <errno.h>
 #include <fcntl.h>
-#include <mntent.h>
 #include <libintl.h>
 #include <locale.h>
 #include <dirent.h>
@ -42,6 +41,7 @@
 #include <sys/sysctl.h>
 #include <sys/types.h>
 #include <sys/stat.h>
+#include <sys/apparmor.h>

 #include "lib.h"
 #include "parser.h"
@ -607,58 +607,10 @@ static int process_config_file(const char *name)
 	return 1;
 }

-static inline char *try_subdomainfs_mountpoint(const char *mntpnt,
-					       const char *path)
-{
-	char *proposed_base = NULL;
-	char *retval = NULL;
-	struct stat buf;
-
-	if (asprintf(&proposed_base, "%s%s", mntpnt, path)<0 || !proposed_base) {
-		PERROR(_("%s: Could not allocate memory for subdomainbase mount point\n"),
-		       progname);
-		exit(ENOMEM);
-	}
-	if (stat(proposed_base, &buf) == 0) {
-		retval = proposed_base;
-	} else {
-		free(proposed_base);
-	}
-	return retval;
-}

 int find_subdomainfs_mountpoint(void)
 {
-	FILE *mntfile;
-	struct mntent *mntpt;
-
-	if ((mntfile = setmntent(MOUNTED_FS, "r"))) {
-		while ((mntpt = getmntent(mntfile))) {
-			char *proposed = NULL;
-			if (strcmp(mntpt->mnt_type, "securityfs") == 0) {
-				proposed = try_subdomainfs_mountpoint(mntpt->mnt_dir, "/" MODULE_NAME);
-				if (proposed != NULL) {
-					subdomainbase = proposed;
-					break;
-				}
-				proposed = try_subdomainfs_mountpoint(mntpt->mnt_dir, "/" OLD_MODULE_NAME);
-				if (proposed != NULL) {
-					subdomainbase = proposed;
-					break;
-				}
-			}
-			if (strcmp(mntpt->mnt_type, "subdomainfs") == 0) {
-				proposed = try_subdomainfs_mountpoint(mntpt->mnt_dir, "");
-				if (proposed != NULL) {
-					subdomainbase = proposed;
-					break;
-				}
-			}
-		}
-		endmntent(mntfile);
-	}
-
-	if (!subdomainbase) {
+	if (aa_find_mountpoint(&subdomainbase) == -1) {
 		struct stat buf;
 		if (stat(DEFAULT_APPARMORFS, &buf) == -1) {
 		PERROR(_("Warning: unable to find a suitable fs in %s, is it "
@ -672,7 +624,6 @@ int find_subdomainfs_mountpoint(void)
 	return (subdomainbase == NULL);
 }

-
 int have_enough_privilege(void)
 {
 	uid_t uid, euid;