From 37705c12be3368e0e488829f6eee3b66f0ccdd6f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Guido=20G=C3=BCnther?= Date: Mon, 6 Jan 2014 18:27:31 +0100 Subject: [PATCH] Allow to install apparmor profiles Make it easy to install the shipped examples. The aim is to have reasonably working templates so that distros only need to minimally patch these and can feed things upstream more easily. This was prompted by http://bugs.debian.org/725144 --- configure.ac | 12 +++++++++++- examples/apparmor/Makefile.am | 18 ++++++++++++++++++ 2 files changed, 29 insertions(+), 1 deletion(-) diff --git a/configure.ac b/configure.ac index 2622dfd530..97752f4e54 100644 --- a/configure.ac +++ b/configure.ac @@ -1418,6 +1418,16 @@ elif test "with_secdriver_apparmor" != "no" ; then fi AM_CONDITIONAL([WITH_SECDRIVER_APPARMOR], [test "$with_secdriver_apparmor" != "no"]) +if test "$with_apparmor" != "no"; then +AC_ARG_WITH([apparmor-profiles], + [AS_HELP_STRING([--with-apparmor-profiles], + [install apparmor profiles @<:@default=no@:>@])], + [with_apparmor_profiles=yes], + [with_apparmor_profiles=no]) +else + with_apparmor_profiles="no" +fi +AM_CONDITIONAL([WITH_APPARMOR_PROFILES], [test "$with_apparmor_profiles" != "no"]) dnl DTrace static probes AC_ARG_WITH([dtrace], @@ -2607,7 +2617,7 @@ AC_MSG_NOTICE([]) AC_MSG_NOTICE([Security Drivers]) AC_MSG_NOTICE([]) AC_MSG_NOTICE([ SELinux: $with_secdriver_selinux ($SELINUX_MOUNT)]) -AC_MSG_NOTICE([AppArmor: $with_secdriver_apparmor]) +AC_MSG_NOTICE([AppArmor: $with_secdriver_apparmor (install profiles: $with_apparmor_profiles)]) AC_MSG_NOTICE([]) AC_MSG_NOTICE([Driver Loadable Modules]) AC_MSG_NOTICE([]) diff --git a/examples/apparmor/Makefile.am b/examples/apparmor/Makefile.am index 79cf5c92ab..6e69440448 100644 --- a/examples/apparmor/Makefile.am +++ b/examples/apparmor/Makefile.am @@ -19,3 +19,21 @@ EXTRA_DIST= \ libvirt-qemu \ usr.lib.libvirt.virt-aa-helper \ usr.sbin.libvirtd + +if WITH_APPARMOR_PROFILES +apparmordir = $(sysconfdir)/apparmor.d/ +apparmor_DATA = \ + usr.lib.libvirt.virt-aa-helper \ + usr.sbin.libvirtd \ + $(NULL) + +abstractionsdir = $(apparmordir)/abstractions +abstractions_DATA = \ + libvirt-qemu \ + $(NULL) + +templatesdir = $(apparmordir)/libvirtd +templates_DATA = \ + TEMPLATE \ + $(NULL) +endif WITH_APPARMOR_PROFILES -- GitLab