2024-03-26 00:34:14 +01:00
|
|
|
// apparmor.d - Full set of apparmor profiles
|
|
|
|
// Copyright (C) 2021-2024 Alexandre Pujol <alexandre@pujol.io>
|
|
|
|
// SPDX-License-Identifier: GPL-2.0-only
|
|
|
|
|
|
|
|
package prepare
|
|
|
|
|
|
|
|
import (
|
|
|
|
"os"
|
|
|
|
"path/filepath"
|
|
|
|
|
2024-04-28 01:36:16 +02:00
|
|
|
"github.com/roddhjav/apparmor.d/pkg/paths"
|
2024-10-02 17:22:46 +02:00
|
|
|
"github.com/roddhjav/apparmor.d/pkg/prebuild"
|
2024-03-26 00:34:14 +01:00
|
|
|
)
|
|
|
|
|
|
|
|
type Merge struct {
|
2024-10-02 17:22:46 +02:00
|
|
|
prebuild.Base
|
2024-03-26 00:34:14 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
func init() {
|
|
|
|
RegisterTask(&Merge{
|
2024-10-02 17:22:46 +02:00
|
|
|
Base: prebuild.Base{
|
2024-03-26 00:34:14 +01:00
|
|
|
Keyword: "merge",
|
2024-10-04 17:14:40 +02:00
|
|
|
Msg: "Merge profiles (from group/, profiles-*-*/) to a unified apparmor.d directory",
|
2024-03-26 00:34:14 +01:00
|
|
|
},
|
|
|
|
})
|
|
|
|
}
|
|
|
|
|
|
|
|
func (p Merge) Apply() ([]string, error) {
|
|
|
|
res := []string{}
|
|
|
|
dirToMerge := []string{
|
|
|
|
"groups/*/*", "groups",
|
|
|
|
"profiles-*-*/*", "profiles-*",
|
|
|
|
}
|
|
|
|
|
|
|
|
idx := 0
|
|
|
|
for idx < len(dirToMerge)-1 {
|
|
|
|
dirMoved, dirRemoved := dirToMerge[idx], dirToMerge[idx+1]
|
2024-10-02 17:22:46 +02:00
|
|
|
files, err := filepath.Glob(prebuild.RootApparmord.Join(dirMoved).String())
|
2024-03-26 00:34:14 +01:00
|
|
|
if err != nil {
|
|
|
|
return res, err
|
|
|
|
}
|
|
|
|
for _, file := range files {
|
2024-10-02 17:22:46 +02:00
|
|
|
err := os.Rename(file, prebuild.RootApparmord.Join(filepath.Base(file)).String())
|
2024-03-26 00:34:14 +01:00
|
|
|
if err != nil {
|
|
|
|
return res, err
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2024-10-02 17:22:46 +02:00
|
|
|
files, err = filepath.Glob(prebuild.RootApparmord.Join(dirRemoved).String())
|
2024-03-26 00:34:14 +01:00
|
|
|
if err != nil {
|
|
|
|
return []string{}, err
|
|
|
|
}
|
|
|
|
for _, file := range files {
|
|
|
|
if err := paths.New(file).RemoveAll(); err != nil {
|
|
|
|
return res, err
|
|
|
|
}
|
|
|
|
}
|
|
|
|
idx = idx + 2
|
|
|
|
}
|
|
|
|
return res, nil
|
|
|
|
}
|