mirrors/apparmor.d
1
0
Fork 0
mirror of https://github.com/roddhjav/apparmor.d.git synced 2025-01-18 00:48:10 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

build: improve complain flag replacement.

Browse source
This commit is contained in:
Alexandre Pujol 2023-01-24 19:55:03 +00:00
parent 2ae41686d9
commit 77c60129b3
Failed to generate hash of commit
1 changed files with 25 additions and 18 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

43
configure vendored
View file

@ -22,6 +22,24 @@ _displace_files() {
done done
} }
# Process management function to run a function over all the profile files
# $1 The function to run.
_process() {
local len nprof nproc fct="$1"
mapfile -t files < <(find "${ROOT:?}/apparmor.d" -type f)
len="${#files[@]}"
nproc=$(nproc)
(( nprof = len/nproc + 1 ))
start=0
end=$nprof
for ((ii = 0 ; ii < nproc ; ii++)); do
$fct $start $end "${files[@]}" &
(( start = end + 1 ))
(( end = end + nprof ))
done
wait
}
# Initialize a new clean apparmor.d build directory # Initialize a new clean apparmor.d build directory
initialize() { initialize() {
rm -rf "${ROOT:?}" rm -rf "${ROOT:?}"
@ -122,30 +140,19 @@ _complain() {
path="${files[$ii]}" path="${files[$ii]}"
(( ii = ii + 1 )) (( ii = ii + 1 ))
[[ -f "$path" ]] || continue [[ -f "$path" ]] || continue
flags="$(grep -o -m 1 'flags=(.*)' "$path" | cut -d '(' -f2 | cut -d ')' -f1)" mapfile -t flags < <(grep -o -m 1 'flags=(.*)' "$path" | cut -d '(' -f2 | cut -d ')' -f1)
[[ "$flags" =~ complain ]] && continue [[ "${flags[*]}" =~ complain ]] && continue
flags+=(complain)
sed -e "s/flags=(.*)//" \ sed -e "s/flags=(.*)//" \
-e "s/ {$/ flags=(complain $flags) {/" \ -e "s/ {$/ flags=(${flags[*]}) {/" \
-i "$path" -i "$path"
done done
} }
# Set complain flag on all profile (Dev only) # Set complain flag on all profile
complain() { complain() {
local len nprof nproc
_msg "Set complain flag on all profiles" _msg "Set complain flag on all profiles"
mapfile -t files < <(find "${ROOT:?}/apparmor.d" -type f) _process _complain
len="${#files[@]}"
nproc=$(nproc)
(( nprof = len/nproc + 1 ))
start=0
end=$nprof
for ((ii = 0 ; ii < nproc ; ii++)); do
_complain $start $end "${files[@]}" &
(( start = end + 1 ))
(( end = end + nprof ))
done
wait
} }
# Set AppArmor for full system policy # Set AppArmor for full system policy
@ -187,7 +194,7 @@ main() {
initialize || _die "initializing build directory" initialize || _die "initializing build directory"
ignore || _die "removing ignored profiles" ignore || _die "removing ignored profiles"
synchronise || _die "merging profiles" synchronise || _die "merging profiles"
configure || _die "configuring distributaion" configure || _die "configuring distribution"
flags || _die "settings flags" flags || _die "settings flags"
[[ "$COMPLAIN" == 1 ]] && complain [[ "$COMPLAIN" == 1 ]] && complain
[[ "$FULL" == 1 ]] && full [[ "$FULL" == 1 ]] && full