diff --git a/configure b/configure index e7fb46ce..33db21de 100755 --- a/configure +++ b/configure @@ -9,7 +9,7 @@ DISTRIBUTION="$(lsb_release --id --short)" readonly DISTRIBUTION="${DISTRIBUTION,,}" readonly ROOT=.build -_die() { printf 'Error: %s\n' "$*" >&2 && exit 1; } +_die() { printf 'Error: %s\n' "$*" >&2 && exit 1; } _warning() { printf ' Warning: %s\n' "$*" >&2; } _title() { printf '%s\n' "$*" >&2; } _msg() { printf ' - %s\n' "$*" >&2; } @@ -36,7 +36,7 @@ ignore() { while read -r profile; do [[ "$profile" =~ ^\# ]] && continue [[ -z "$profile" ]] && continue - if [[ -e "${ROOT:?}/$profile" ]]; then + if [[ -e "${ROOT:?}/$profile" ]]; then rm -r "${ROOT:?}/$profile" else find "$ROOT/apparmor.d" -iname "$profile" -type f -exec rm {} \; @@ -86,7 +86,7 @@ configure() { ;; - *) _die "$DISTRIBUTION is not a supported distribution." ;; + *) _die "$DISTRIBUTION is not a supported distribution." ;; esac } @@ -96,7 +96,7 @@ flags() { _msg "Set profiles flags from dists/flags/$name" while read -r profile; do - IFS=' ' read -r -a manifest <<< "$profile" + IFS=' ' read -r -a manifest <<<"$profile" profile="${manifest[0]:-}" flags="${manifest[1]:-}" [[ "$profile" =~ ^\# || -z "$profile" ]] && continue @@ -127,7 +127,7 @@ complain() { [[ "$flags" =~ complain ]] && continue echo -n . sed -e "s/flags=(.*)//" \ - -e "s/ {$/ flags=(complain $flags) {/" \ + -e "s/ {$/ flags=(complain $flags) {/" \ -i "$path" done echo diff --git a/pick b/pick index a9aa73c0..f9b1518b 100755 --- a/pick +++ b/pick @@ -3,6 +3,11 @@ # Copyright (C) 2021 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +set -eu + +DISTRIBUTION="$(lsb_release --id --short)" +readonly DISTRIBUTION="${DISTRIBUTION,,}" + _set_complain() { local path="$1" [[ -d "$path" ]] && return @@ -25,12 +30,15 @@ _install_tunables() { for path in apparmor.d/tunables/*; do install -Dm0644 "$path" "/etc/apparmor.d/tunables/$(basename "$path")" done + if [[ "$DISTRIBUTION" != "arch" ]]; then + sed -i -e '/Archlinux/d' /etc/apparmor.d/tunables/extend + sed -i -e '/etc/d' /etc/apparmor.d/tunables/global + fi } _reload_apparmor() { systemctl restart apparmor || true systemctl status apparmor - return $? } pick() { @@ -41,7 +49,6 @@ pick() { [[ "$COMPLAIN" == 1 ]] && _set_complain "/etc/apparmor.d/$profile" fi done - return $? } # Print help message @@ -59,7 +66,7 @@ main() { local opts err small_arg="ch" long_arg="complain,help" - opts="$(getopt -o $small_arg -l $long_arg -n "$PROGRAM" -- "$@")" + opts="$(getopt -o $small_arg -l $long_arg -n "pick" -- "$@")" err=$? eval set -- "$opts" while true; do case $1 in @@ -72,7 +79,6 @@ main() { _install_abstractions _install_tunables pick "$@" && _reload_apparmor - return $? } COMPLAIN=0