mirrors/apparmor.d
1
0
Fork 0
mirror of https://github.com/roddhjav/apparmor.d.git synced 2024-11-15 07:54:17 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

Add option to set complain flag on all profiles.

Browse Source
This commit is contained in:
Alexandre Pujol 2021-09-27 20:32:30 +01:00
parent c96c641d80
commit a30fda0ad7
No known key found for this signature in database
GPG Key ID: C5469996F0DF68EC
2 changed files with 35 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
configure vendored
View File

@ -8,6 +8,14 @@ readonly ROOT=.build
_die() { printf '%s\n' "$*" >&2 && exit 1; } _die() { printf '%s\n' "$*" >&2 && exit 1; }
_warning() { printf ' Warning: %s\n' "$*" >&2; } _warning() { printf ' Warning: %s\n' "$*" >&2; }
has_option() {
local item option="$1";
for item in "${OPTIONS[@]}"; do
[[ "$item" == "$option" ]] && return 0
done
return 1
}
# Displace files in the package sources # Displace files in the package sources
# $@ List of files to displace # $@ List of files to displace
_displace_files() { _displace_files() {
@ -52,7 +60,7 @@ configure() {
"${ROOT:?}"/root/usr/share/libalpm/hooks/apparmor.hook "${ROOT:?}"/root/usr/share/libalpm/hooks/apparmor.hook
echo " Debian does not support abi 3.0 yet." echo " Debian does not support abi 3.0 yet."
find "$ROOT/apparmor.d" -type f -exec sed -i -e "s;abi <abi/3.0>,;;" {} \; find "$ROOT/apparmor.d" -type f -exec sed -e '/abi /d' -i {} \;
echo " Debian does not have etc tunable." echo " Debian does not have etc tunable."
sed -i -e '/etc/d' "$ROOT/apparmor.d/tunables/global" sed -i -e '/etc/d' "$ROOT/apparmor.d/tunables/global"
@ -100,6 +108,25 @@ setflags() {
fi fi
done <profiles.flags done <profiles.flags
if has_option complain; then
setflag_complain
fi
}
# Set complain flag on all profile (Dev only)
setflag_complain() {
echo "Set complain flag on all profile"
for path in "${ROOT:?}/apparmor.d/"*; do
[[ -d "$path" ]] && continue
flags="$(grep -o -m 1 'flags=(.*)' "$path" | cut -d '(' -f2 | cut -d ')' -f1)"
[[ "$flags" =~ complain ]] && continue
echo -n .
sed -e "s/flags=(.*)//" \
-e "s/ {$/ flags=(complain $flags) {/" \
-i "$path"
done
echo
} }
# Print help message # Print help message
@ -109,17 +136,21 @@ cmd_help() {
Options: Options:
--distribution=DIST Set the target Linux distribution: archlinux, debian --distribution=DIST Set the target Linux distribution: archlinux, debian
--options=OPT Set prefefined build options.
--help Print this help message and exit. --help Print this help message and exit.
_EOF _EOF
} }
main() { main() {
local opts err local opts err
opts="$(getopt -o h -l distribution:,help -n "$PROGRAM" -- "$@")" opts="$(getopt -o h -l distribution:,options:,help -n "$PROGRAM" -- "$@")"
err=$? err=$?
eval set -- "$opts" eval set -- "$opts"
while true; do case $1 in while true; do case $1 in
--distribution) DISTRIBUTION="$2"; shift 2 ;; --distribution) DISTRIBUTION="$2"; shift 2 ;;
--options)
# shellcheck disable=SC2206
OPTIONS=(${2//,/ }); shift 2 ;;
-h|--help) shift; cmd_help; exit 0 ;; -h|--help) shift; cmd_help; exit 0 ;;
--) shift; break ;; --) shift; break ;;
esac done esac done

4
debian/rules vendored
View File

@ -3,13 +3,13 @@
# Copyright (C) 2021 Alexandre Pujol <alexandre@pujol.io> # Copyright (C) 2021 Alexandre Pujol <alexandre@pujol.io>
# #
#export DH_VERBOSE=1 DH_OPTIONS ?=
%: %:
dh $@ --with=config-package dh $@ --with=config-package
override_dh_auto_configure: override_dh_auto_configure:
./configure --distribution=debian ./configure --distribution=debian --options=$(DH_OPTIONS)
override_dh_install: override_dh_install:
mv systemd system mv systemd system