diff --git a/configure.ac b/configure.ac index 2622dfd5306ac8c8c698fb42075a50ee21c073bb..97752f4e54a6dccaa12f4921f1d807de39cc104b 100644 --- a/configure.ac +++ b/configure.ac @@ -1418,6 +1418,16 @@ elif test "with_secdriver_apparmor" != "no" ; then fi AM_CONDITIONAL([WITH_SECDRIVER_APPARMOR], [test "$with_secdriver_apparmor" != "no"]) +if test "$with_apparmor" != "no"; then +AC_ARG_WITH([apparmor-profiles], + [AS_HELP_STRING([--with-apparmor-profiles], + [install apparmor profiles @<:@default=no@:>@])], + [with_apparmor_profiles=yes], + [with_apparmor_profiles=no]) +else + with_apparmor_profiles="no" +fi +AM_CONDITIONAL([WITH_APPARMOR_PROFILES], [test "$with_apparmor_profiles" != "no"]) dnl DTrace static probes AC_ARG_WITH([dtrace], @@ -2607,7 +2617,7 @@ AC_MSG_NOTICE([]) AC_MSG_NOTICE([Security Drivers]) AC_MSG_NOTICE([]) AC_MSG_NOTICE([ SELinux: $with_secdriver_selinux ($SELINUX_MOUNT)]) -AC_MSG_NOTICE([AppArmor: $with_secdriver_apparmor]) +AC_MSG_NOTICE([AppArmor: $with_secdriver_apparmor (install profiles: $with_apparmor_profiles)]) AC_MSG_NOTICE([]) AC_MSG_NOTICE([Driver Loadable Modules]) AC_MSG_NOTICE([]) diff --git a/examples/apparmor/Makefile.am b/examples/apparmor/Makefile.am index 79cf5c92ab17bac4711157176381a5225b7d55a8..6e6944044800eef755c7670db6188c67a5dcc2a3 100644 --- a/examples/apparmor/Makefile.am +++ b/examples/apparmor/Makefile.am @@ -19,3 +19,21 @@ EXTRA_DIST= \ libvirt-qemu \ usr.lib.libvirt.virt-aa-helper \ usr.sbin.libvirtd + +if WITH_APPARMOR_PROFILES +apparmordir = $(sysconfdir)/apparmor.d/ +apparmor_DATA = \ + usr.lib.libvirt.virt-aa-helper \ + usr.sbin.libvirtd \ + $(NULL) + +abstractionsdir = $(apparmordir)/abstractions +abstractions_DATA = \ + libvirt-qemu \ + $(NULL) + +templatesdir = $(apparmordir)/libvirtd +templates_DATA = \ + TEMPLATE \ + $(NULL) +endif WITH_APPARMOR_PROFILES