diff options
author | Michael Palimaka (kensington) <kensington@astralcloak.net> | 2011-11-24 19:08:35 +0000 |
---|---|---|
committer | Michael Palimaka (kensington) <kensington@astralcloak.net> | 2011-11-24 19:08:35 +0000 |
commit | bea451f1574b743d76b0fcd82960b475ee6261ec (patch) | |
tree | ac7ea2d80b18ecc5b816b9c1e60374ae2061993a /sys-apps/apparmor | |
parent | dev-python/bottle: Version bump (diff) | |
download | sunrise-bea451f1574b743d76b0fcd82960b475ee6261ec.tar.gz sunrise-bea451f1574b743d76b0fcd82960b475ee6261ec.tar.bz2 sunrise-bea451f1574b743d76b0fcd82960b475ee6261ec.zip |
sys-apps/apparmor: Avoid bashisms in initscript. Thanks to mgorny for the report, and Tommy[D] for the review.
svn path=/sunrise/; revision=12528
Diffstat (limited to 'sys-apps/apparmor')
-rw-r--r-- | sys-apps/apparmor/ChangeLog | 5 | ||||
-rw-r--r-- | sys-apps/apparmor/Manifest | 6 | ||||
-rw-r--r-- | sys-apps/apparmor/files/apparmor-confd | 5 | ||||
-rwxr-xr-x | sys-apps/apparmor/files/apparmor-init | 26 |
4 files changed, 25 insertions, 17 deletions
diff --git a/sys-apps/apparmor/ChangeLog b/sys-apps/apparmor/ChangeLog index 21a426b32..366b545d6 100644 --- a/sys-apps/apparmor/ChangeLog +++ b/sys-apps/apparmor/ChangeLog @@ -2,6 +2,11 @@ # Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2 # $Header: $ + 24 Nov 2011; Michael Palimaka (kensington) <kensington@astralcloak.net> + files/apparmor-confd, files/apparmor-init: + Avoid bashisms in initscript. Thanks to mgorny for the report, and Tommy[D] + for the review. + 13 Nov 2011; Michael Palimaka (kensington) <kensington@astralcloak.net> +apparmor-2.6.1.ebuild, +files/apparmor-2.6.1-makefile.patch, +files/apparmor-confd, +files/apparmor-init, +metadata.xml: diff --git a/sys-apps/apparmor/Manifest b/sys-apps/apparmor/Manifest index e6c91322f..3c594cbd8 100644 --- a/sys-apps/apparmor/Manifest +++ b/sys-apps/apparmor/Manifest @@ -1,7 +1,7 @@ AUX apparmor-2.6.1-makefile.patch 2556 RMD160 614eab68a68a847325ef43b1d92330d41ef7eb55 SHA1 95efd84a6b675f78d4a8bb982c331a57f8f186b5 SHA256 ff98a5a9e3593e959e578d07b89956476f79a1a0e139f4e12a2ae1e665b02881 -AUX apparmor-confd 336 RMD160 c1814e81038e4bf01a1f0570b77bc6a1cf10aacb SHA1 60089f51a68da6638a43ed823ac7460f606fe9e1 SHA256 d477eb288c1fbe00ea9714e9d16ba8cba658628aed3a1c4d6a1dc9cb32f005c5 -AUX apparmor-init 3776 RMD160 4a7f850d3e5c98f36aa8cab1191ba3633ef42353 SHA1 1fe748225a58d17bd5e7ebbf3e4ffb711ded4e1b SHA256 09f8daa692c7a07305ffea0e79b2815b655d69b618e2abb825a0857ab6009560 +AUX apparmor-confd 324 RMD160 4f06f3491dce4c245332a5ee7f351638b9384bba SHA1 224d0ab3b504ceff522d470311dc5e86b51d83c1 SHA256 f6a6fb9897a492d9f53aad447324f006e5242c3e78f534bc55087bd564c287f0 +AUX apparmor-init 3892 RMD160 714b9533ba76ed25010aea1323132e7a893ee5c7 SHA1 a3271eeecdc223e373f62f3b6f5a86dfaac70746 SHA256 efb8adfc3a192ab429773828276745246da84cd0351a271655faf975c24abaad DIST apparmor-2.6.1.tar.gz 1612637 RMD160 241f0ba363b7f7c2d7e25cba4f6d7f6eb2c6f3f9 SHA1 c8837b1e0c4bd90858579cb9758af203122889aa SHA256 9cb015d8c1023d7549621d1caeea0cd92a33c48dba0762d75385f9ff7a11e2f4 EBUILD apparmor-2.6.1.ebuild 1003 RMD160 dfcbd71afb56902dd956fa72d0f6d17d029b3670 SHA1 9b81fd3103a9b5cac044c883c233ed7651183de1 SHA256 cd2ec215bf6b6876074aea94bf2939d9212005add15061d5317e81b0ef19fb15 -MISC ChangeLog 392 RMD160 5e557eae96c0947f0ee9b0d17538d9e64508df6b SHA1 2f5b34a77e17aafd7d9e5318b6fefbaeecc07cb6 SHA256 8e3882f501cb96109bb43f90e44ef1f131394aa59401083c7000330c1c5861a2 +MISC ChangeLog 608 RMD160 0f81f098550e8af50437715e32478a860060f401 SHA1 f386264b8b8e44178eb945da0d46da51a2788178 SHA256 a0fd0562fdb4a07e0f33ef3e8447aa8b1755aa1144f8e2a7addecdb08b44852a MISC metadata.xml 209 RMD160 184537d7a401571abe0e5cbf9258ba3947d19382 SHA1 f2ea13baedca19e24be6ed7c3e6b765f7ff67cba SHA256 b0f0595f625235a62d9d40753827ae160e42156371fd9568bd2779042517f5e8 diff --git a/sys-apps/apparmor/files/apparmor-confd b/sys-apps/apparmor/files/apparmor-confd index 11058073c..1490ca728 100644 --- a/sys-apps/apparmor/files/apparmor-confd +++ b/sys-apps/apparmor/files/apparmor-confd @@ -4,11 +4,10 @@ PARSER=/sbin/apparmor_parser # Directory in which profiles are stored +# Note, subdirectories can be ignored by placing +# an empty ".ignore" file within PROFILE_DIR=/etc/apparmor.d/ -# Directories within PROFILE_DIR to be ignored -IGNORE_PROFILES=( "abstractions" "tunables" ) - # Where securityfs is/will be mounted SECURITYFS=/sys/kernel/security/apparmor diff --git a/sys-apps/apparmor/files/apparmor-init b/sys-apps/apparmor/files/apparmor-init index 6fac7b1ac..f0e4cc5b2 100755 --- a/sys-apps/apparmor/files/apparmor-init +++ b/sys-apps/apparmor/files/apparmor-init @@ -76,18 +76,17 @@ check_config() { } get_profile_files() { - if [[ "$PROFILE_DIR" != */ ]]; then - PROFILE_DIR="${PROFILE_DIR}/" - fi - ARGS="" - LENGTH=${#IGNORE_PROFILES[@]} + IGNORES="$( find ${PROFILE_DIR} -name .ignore )" + LENGTH=$( echo "$IGNORES" | wc -l ) - for ((I=1; I <= $LENGTH; I++)); do - ARGS="${ARGS} -path ${PROFILE_DIR}${IGNORE_PROFILES[$(($I-1))]} -prune" + I=1; + for IGNORE in $IGNORES; do + ARGS="${ARGS} -path $( dirname ${IGNORE} ) -prune" if [ $LENGTH -gt 1 -a $I -lt $LENGTH ]; then ARGS="${ARGS} -o" fi + I=$(($I+1)) done if [ -z "$ARGS" ]; then @@ -132,10 +131,11 @@ load_profiles() { fi PROFILES="$(get_profile_files)" + for PROFILE in $PROFILES; do $PARSER $PARSER_ARGS $PROFILE if [ $? -ne 0 ]; then - if [ "${PARSER_ARGS}" == "replace" ]; then + if [ "${PARSER_ARGS}" = "replace" ]; then ewarn "Error loading '${PROFILE}', continuing" else eerror "Error loading '${PROFILE}', aborting" @@ -151,7 +151,8 @@ load_profiles() { remove_profiles() { PROFILES=$(get_active_profiles) for PROFILE in $PROFILES; do - echo -n "$PROFILE" > "${SECURITYFS}/.remove" + #use printf instead of echo -n for POSIX compatibility + printf "$PROFILE" > "${SECURITYFS}/.remove" done return 0 } @@ -201,8 +202,11 @@ unload_obsolete_profiles() { echo $(${PARSER} -N "$PROFILE") >> new done - for PROFILE in $(comm -2 -3 old new); do - echo -n "$PROFILE" > "${SECURITYFS}/.remove" + sort new > new_sorted + + for PROFILE in $(comm -2 -3 old new_sorted); do + #use printf instead of echo -n for POSIX compatibility + printf "$PROFILE" > "${SECURITYFS}/.remove" done rm -rf "${TEMPDIR}" |