apparmor:

- Change /etc/rc.apparmor to /etc/default/apparmor - Remove Uneeded AA_PROFILES_PATH from it XXX: - apparmor sv needs polishing
2018-05-15 22:16:31 +00:00 · 2018-05-15 22:16:31 +00:00 · 1c2412f0b2
parent 5390642a48
commit 1c2412f0b2
6 changed files with 8 additions and 12 deletions
--- a/srcpkgs/apparmor/INSTALL.msg
+++ b/srcpkgs/apparmor/INSTALL.msg
@ -1,2 +1,2 @@
 To ensure AppArmor is enabled upon reboot add 'apparmor=1 security=apparmor' to your grub CMDLINE and rebuild your grub config with 'grub-mkconfig -o /boot/grub/grub.cfg'.
-You'll also need to swith 'APPARMOR' setting in /etc/rc.apparmor to your taste.
+You'll also need to swith 'APPARMOR' setting in /etc/default/apparmor to your taste.
--- a/srcpkgs/apparmor/files/apparmor/finish
+++ b/srcpkgs/apparmor/files/apparmor/finish
@ -1,7 +1,7 @@
 #!/bin/sh
-[ -r /etc/rc.apparmor ] && . /etc/rc.apparmor || exit 1
+[ -r /etc/default/apparmor ] && . /etc/default/apparmor || exit 1

 # Find all profiles in $APPARMORD and unload them
-for profile in $(find ${APPARMORD} -maxdepth 1 -type f); do
+for profile in $(find /etc/apparmor.d -maxdepth 1 -type f); do
 	apparmor_parser -R $profile
 done
--- a/srcpkgs/apparmor/files/apparmor/run
+++ b/srcpkgs/apparmor/files/apparmor/run
@ -1,8 +1,8 @@
 #!/bin/sh
-[ -r /etc/rc.apparmor ] && . /etc/rc.apparmor || exit 1
+[ -r /etc/default/apparmor ] && . /etc/default/apparmor || exit 1

 # Find all profiles in $APPARMORD and load them
-for profile in $(find ${APPARMORD} -maxdepth 1 -type f); do
+for profile in $(find /etc/apparmor.d -maxdepth 1 -type f); do
 	apparmor_parser -a $profile
 done
 exec chpst -b apparmor pause
--- a/srcpkgs/runit-void/files/09-apparmor.sh
+++ b/srcpkgs/runit-void/files/09-apparmor.sh
@ -4,7 +4,7 @@
 [ ! -d /sys/kernel/security/apparmor ] && return

 # Load config
-[ -r /etc/rc.apparmor ] && . /etc/rc.apparmor
+[ -r /etc/default/apparmor ] && . /etc/default/apparmor

 # Proceed to load profiles depending on user settings
 msg "Loading AppArmor profiles..."
--- a/srcpkgs/runit-void/files/rc.apparmor
+++ b/srcpkgs/runit-void/files/rc.apparmor
@ -5,7 +5,3 @@
 # - complain
 # - enforce
 #APPARMOR=disable
-
-# Profiles path:
-AA_PROFILES_PATH="/etc/apparmor.d"
-
--- a/srcpkgs/runit-void/template
+++ b/srcpkgs/runit-void/template
@ -32,7 +32,7 @@ post_install() {
 	vconf ${FILESDIR}/hostname
 	vconf ${FILESDIR}/os-release
 	vconf ${FILESDIR}/locale.conf
-	vconf ${FILESDIR}/rc.apparmor
+	vinstall ${FILESDIR}/rc.apparmor 644 /etc/default/apparmor
 	vinstall ${FILESDIR}/09-apparmor.sh 644 /etc/runit/core-services/
 	# Enable services at post-install time instead.
 	rm -f ${DESTDIR}/etc/runit/runsvdir/current
@ -45,7 +45,7 @@ runit-void-apparmor_package() {
 	short_desc+=" - AppArmor initialization"
 	depends="${sourcepkg}-${version}_${revision}"
 	pkg_install() {
-		vmove etc/rc.apparmor
+		vmove etc/default/apparmor
 		vmove etc/runit/core-services/09-apparmor.sh
 	}
 }