2024-10-03 12:55:33 +02:00
|
|
|
// apparmor.d - Full set of apparmor profiles
|
|
|
|
// Copyright (C) 2021-2024 Alexandre Pujol <alexandre@pujol.io>
|
|
|
|
// SPDX-License-Identifier: GPL-2.0-only
|
|
|
|
|
|
|
|
package prepare
|
|
|
|
|
|
|
|
import (
|
|
|
|
"fmt"
|
|
|
|
"os"
|
|
|
|
|
|
|
|
"github.com/roddhjav/apparmor.d/pkg/prebuild"
|
|
|
|
)
|
|
|
|
|
|
|
|
const ext = ".apparmor.d"
|
|
|
|
|
|
|
|
type Overwrite struct {
|
|
|
|
prebuild.Base
|
|
|
|
OneFile bool
|
|
|
|
}
|
|
|
|
|
|
|
|
func init() {
|
|
|
|
RegisterTask(&Overwrite{
|
|
|
|
Base: prebuild.Base{
|
|
|
|
Keyword: "overwrite",
|
|
|
|
Msg: "Overwrite dummy upstream profiles",
|
|
|
|
},
|
|
|
|
OneFile: false,
|
|
|
|
})
|
|
|
|
}
|
|
|
|
|
|
|
|
func (p Overwrite) Apply() ([]string, error) {
|
|
|
|
res := []string{}
|
|
|
|
if prebuild.ABI == 3 {
|
|
|
|
return res, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
disableDir := prebuild.RootApparmord.Join("disable")
|
|
|
|
if err := disableDir.Mkdir(); err != nil {
|
|
|
|
return res, err
|
|
|
|
}
|
|
|
|
|
|
|
|
path := prebuild.DistDir.Join("overwrite")
|
|
|
|
if !path.Exist() {
|
|
|
|
return res, fmt.Errorf("%s not found", path)
|
|
|
|
}
|
2024-10-12 16:31:24 +02:00
|
|
|
for _, name := range path.MustReadFilteredFileAsLines() {
|
2024-10-03 12:55:33 +02:00
|
|
|
origin := prebuild.RootApparmord.Join(name)
|
|
|
|
dest := prebuild.RootApparmord.Join(name + ext)
|
|
|
|
if !dest.Exist() && p.OneFile {
|
|
|
|
continue
|
|
|
|
}
|
2025-01-12 18:22:39 +01:00
|
|
|
if origin.Exist() {
|
|
|
|
if err := origin.Rename(dest); err != nil {
|
|
|
|
return res, err
|
|
|
|
}
|
2024-10-03 12:55:33 +02:00
|
|
|
}
|
|
|
|
originRel, err := origin.RelFrom(dest)
|
|
|
|
if err != nil {
|
|
|
|
return res, err
|
|
|
|
}
|
|
|
|
if err := os.Symlink(originRel.String(), disableDir.Join(name).String()); err != nil {
|
|
|
|
return res, err
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return res, nil
|
|
|
|
}
|