mirror of
https://gitlab.com/apparmor/apparmor.git
synced 2025-03-04 08:24:42 +01:00
0d42a832c1
This is not the cleanup this code needs, but a quick hack to add the -M flag so we can specify a feature file (or directory) to use for the compile. It mostly just moves around existing code and adds the -M option, though it does introduce a few changes. While I didn't do it in this patch I propose we drop support for the match file without create support. This is several years old now and would clean things up a lot. Note: that the manually input -m or -M drop support for it already I just can't see a good way to support a single input stream indicating the result/existance of two separate files. This needs more work but is needed to support tests and the policy_mediates frame work depends on the policydb getting generated with the special stub rules to indicate whether policy was compiled expecting a certain feature. But this can break the current tests, at least once a bug in the policy rule counting is fixed in a follow on patch. Signed-off-by: John Johansen <john.johansen@canonical.com> Acked-by: Seth Arnold <seth.arnold@canonical.com> |
||
|---|---|---|
| .. | ||
| features.dbus | ||
| features.mount | ||
| features.mount+dbus | ||
| features.nopolicydb | ||