[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [libvirt] [PATCH 4/4] apparmor: Rename virt-aa-helper profile



On Tue, Jan 22, 2019 at 2:40 PM Michal Privoznik <mprivozn redhat com> wrote:
>
> The profile name should reflect the path under which the binary
> it describes is installed.
>
> Signed-off-by: Michal Privoznik <mprivozn redhat com>
> ---
>  src/security/Makefile.inc.am                           | 10 +++++-----
>  ...bvirt.virt-aa-helper => usr.libexec.virt-aa-helper} |  4 ++--
>  2 files changed, 7 insertions(+), 7 deletions(-)
>  rename src/security/apparmor/{usr.lib.libvirt.virt-aa-helper => usr.libexec.virt-aa-helper} (92%)
>
> diff --git a/src/security/Makefile.inc.am b/src/security/Makefile.inc.am
> index b24cdfd083..ae8e979b84 100644
> --- a/src/security/Makefile.inc.am
> +++ b/src/security/Makefile.inc.am
> @@ -36,7 +36,7 @@ EXTRA_DIST += \
>         security/apparmor/TEMPLATE.lxc \
>         security/apparmor/libvirt-qemu \
>         security/apparmor/libvirt-lxc \
> -       security/apparmor/usr.lib.libvirt.virt-aa-helper \
> +       security/apparmor/usr.libexec.virt-aa-helper \

And a final reply with essentially the same content: this depends on
--libexecdir from the configure step.

>         security/apparmor/usr.sbin.libvirtd \
>         $(NULL)
>
> @@ -90,7 +90,7 @@ endif WITH_SECDRIVER_APPARMOR
>  if WITH_APPARMOR_PROFILES
>  apparmordir = $(sysconfdir)/apparmor.d/
>  apparmor_DATA = \
> -       security/apparmor/usr.lib.libvirt.virt-aa-helper \
> +       security/apparmor/usr.libexec.virt-aa-helper \
>         security/apparmor/usr.sbin.libvirtd \
>         $(NULL)
>
> @@ -110,11 +110,11 @@ APPARMOR_LOCAL_DIR = "$(DESTDIR)$(apparmordir)/local"
>  install-apparmor-local:
>         $(MKDIR_P) "$(APPARMOR_LOCAL_DIR)"
>         echo "# Site-specific additions and overrides for \
> -               'usr.lib.libvirt.virt-aa-helper'" \
> -               >"$(APPARMOR_LOCAL_DIR)/usr.lib.libvirt.virt-aa-helper"
> +               'usr.libexec.virt-aa-helper'" \
> +               >"$(APPARMOR_LOCAL_DIR)/usr.libexec.virt-aa-helper"
>
>  uninstall-apparmor-local:
> -       rm -f "$(APPARMOR_LOCAL_DIR)/usr.lib.libvirt.virt-aa-helper"
> +       rm -f "$(APPARMOR_LOCAL_DIR)/usr.libexec.virt-aa-helper"
>         rmdir "$(APPARMOR_LOCAL_DIR)" || :
>
>  INSTALL_DATA_LOCAL += install-apparmor-local
> diff --git a/src/security/apparmor/usr.lib.libvirt.virt-aa-helper b/src/security/apparmor/usr.libexec.virt-aa-helper
> similarity index 92%
> rename from src/security/apparmor/usr.lib.libvirt.virt-aa-helper
> rename to src/security/apparmor/usr.libexec.virt-aa-helper
> index e2c336fca0..f24095ef89 100644
> --- a/src/security/apparmor/usr.lib.libvirt.virt-aa-helper
> +++ b/src/security/apparmor/usr.libexec.virt-aa-helper
> @@ -1,7 +1,7 @@
>  # Last Modified: Mon Apr  5 15:10:27 2010
>  #include <tunables/global>
>
> -profile virt-aa-helper /usr/{lib,lib64}/libvirt/virt-aa-helper {
> +profile virt-aa-helper /usr/libexec/virt-aa-helper {
>    #include <abstractions/base>
>
>    # needed for searching directories
> @@ -63,5 +63,5 @@ profile virt-aa-helper /usr/{lib,lib64}/libvirt/virt-aa-helper {
>    /**.[iI][sS][oO] r,
>    /**/disk{,.*} r,
>
> -  #include <local/usr.lib.libvirt.virt-aa-helper>
> +  #include <local/usr.libexec.virt-aa-helper>
>  }
> --
> 2.19.2
>


-- 
Christian Ehrhardt
Software Engineer, Ubuntu Server
Canonical Ltd


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]