parser/rc.apparmor.functions: Don't unload libvirt's dynamic profiles on

reload. For now just special-case libvirt's profiles. If more applications use dynamic profiles, this should be generalized in some way to flag profiles as dynamic. (LP: #702774)
2025-03-04 08:24:42 +01:00 · 2011-02-22 11:29:33 -06:00 · 2011-02-22 11:29:33 -06:00 · 4cd73b7a93
commit 4cd73b7a93
parent 6e6b57fbd1 fb188972dc
1 changed files with 3 additions and 3 deletions
--- a/parser/rc.apparmor.functions
+++ b/parser/rc.apparmor.functions
@ -1,7 +1,7 @@
 #!/bin/sh
 # ----------------------------------------------------------------------
-#    Copyright (c) 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007
-#    NOVELL (All rights reserved)
+#    Copyright (c) 1999-2008 NOVELL (All rights reserved)
+#    Copyright (c) 2009-2011 Canonical Ltd. (All rights reserved)
 #
 #    This program is free software; you can redistribute it and/or
 #    modify it under the terms of version 2 of the GNU General Public
@ -464,7 +464,7 @@ __apparmor_restart() {
 	PNAMES_LIST=$(mktemp ${APPARMOR_TMPDIR}/tmp.XXXXXXXX)
 	profiles_names_list ${PNAMES_LIST}
 	MODULE_PLIST=$(mktemp ${APPARMOR_TMPDIR}/tmp.XXXXXXXX)
-	sed  -e "s/ (\(enforce\|complain\))$//" "$SFS_MOUNTPOINT/profiles" | sort >"$MODULE_PLIST"
+	sed  -e "s/ (\(enforce\|complain\))$//" "$SFS_MOUNTPOINT/profiles" | egrep -v '^libvirt-[0-9a-f\-]+$' | sort >"$MODULE_PLIST"
 	sort "$PNAMES_LIST" | comm -2 -3 "$MODULE_PLIST" - | while IFS= read profile ; do
 		echo -n "$profile" > "$SFS_MOUNTPOINT/.remove"
 	done