Skip to content

L
lxc
Commit 07eeec68 by Martin Pitt Committed by Stéphane Graber
Options

Call /lib/apparmor/profile-load directly instead of the wrapper

AppArmor ships /lib/apparmor/profile-load. /lib/init/apparmor-profile-load is merely a wrapper which calls the former, so just call it directly to avoid the dependency on the wrapper. LP: #1432683
parent b0acb499
Showing with 6 additions and 6 deletions
config/init/systemd/lxc-apparmor-load
...@@ -6,9 +6,9 @@ set -eu ...@@ -6,9 +6,9 @@ set -eu
# don't load profiles if mount mediation is not supported # don't load profiles if mount mediation is not supported
SYSF=/sys/kernel/security/apparmor/features/mount/mask SYSF=/sys/kernel/security/apparmor/features/mount/mask
if [ -f $SYSF ]; then if [ -f $SYSF ]; then
if [ -x /lib/init/apparmor-profile-load ]; then if [ -x /lib/apparmor/profile-load ]; then
/lib/init/apparmor-profile-load usr.bin.lxc-start /lib/apparmor/profile-load usr.bin.lxc-start
/lib/init/apparmor-profile-load lxc-containers /lib/apparmor/profile-load lxc-containers
fi fi
fi fi
config/init/upstart/lxc.conf
...@@ -36,9 +36,9 @@ pre-start script ...@@ -36,9 +36,9 @@ pre-start script
# don't load profiles if mount mediation is not supported # don't load profiles if mount mediation is not supported
SYSF=/sys/kernel/security/apparmor/features/mount/mask SYSF=/sys/kernel/security/apparmor/features/mount/mask
if [ -f $SYSF ]; then if [ -f $SYSF ]; then
if [ -x /lib/init/apparmor-profile-load ]; then if [ -x /lib/apparmor/profile-load ]; then
/lib/init/apparmor-profile-load usr.bin.lxc-start /lib/apparmor/profile-load usr.bin.lxc-start
/lib/init/apparmor-profile-load lxc-containers /lib/apparmor/profile-load lxc-containers
fi fi
fi fi
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment