mirror of
https://gitlab.com/apparmor/apparmor
synced 2025-09-05 08:45:22 +00:00
33 lines
1.1 KiB
Diff
33 lines
1.1 KiB
Diff
Index: linux-2.6/security/apparmor/lsm.c
|
|
===================================================================
|
|
--- linux-2.6.orig/security/apparmor/lsm.c
|
|
+++ linux-2.6/security/apparmor/lsm.c
|
|
@@ -24,6 +24,15 @@
|
|
/* struct subdomain write update lock (read side is RCU). */
|
|
spinlock_t sd_lock = SPIN_LOCK_UNLOCKED;
|
|
|
|
+/* Boottime disable flag */
|
|
+int apparmor_enabled=1;
|
|
+static int __init apparmor_enabled_setup(char *str)
|
|
+{
|
|
+ apparmor_enabled = simple_strtol(str, NULL, 0);
|
|
+ return 1;
|
|
+}
|
|
+__setup("apparmor=", apparmor_enabled_setup);
|
|
+
|
|
/* Flag values, also controllable via apparmorfs/control.
|
|
* We explicitly do not allow these to be modifiable when exported via
|
|
* /sys/modules/parameters, as we want to do additional mediation and
|
|
@@ -833,6 +842,11 @@ static int __init apparmor_init(void)
|
|
int error;
|
|
const char *complainmsg = ": complainmode enabled";
|
|
|
|
+ if (!apparmor_enabled) {
|
|
+ AA_INFO("AppArmor: Disabled by boottime parameter\n");
|
|
+ return 0;
|
|
+ }
|
|
+
|
|
if ((error = create_apparmorfs())) {
|
|
AA_ERROR("Unable to activate AppArmor filesystem\n");
|
|
goto createfs_out;
|