[apparmor] [PATCH] aa_find_mountpoint man page format fix

Steve Beattie steve at nxnw.org
Thu Feb 16 00:17:56 UTC 2012 

On Wed, Feb 15, 2012 at 02:17:16PM -0800, Kees Cook wrote:
> This is a trivial manpage fix that makes pod2man stop yelling at me.

Acked-By: Steve Beattie <sbeattie at ubuntu.com> for both trunk and 2.7.

I was wondering what yelling you were referring to, as a local build
without your patch didn't yell at me. It turns out we don't pass
--stderr to pod2man; once that's added, the yelling starts. :-)

Attached is a patch (against trunk with your patch applied) that adds
it, as well as fixes a few other minor text issues I noticed while peeking
at your patch (in one case I re-flowed a paragraph, forgetting that it
would make review difficult, the change in question is just
s/errno/errno(3)/). I also have a question: is it really the case that
aa_is_enabled() will return either EPERM or EACCES if there aren't
sufficient permissions to determine if apparmor is enabled? Is that
due to kernel behavior drift across versions?

---
 libraries/libapparmor/doc/Makefile.am            |    1 +
 libraries/libapparmor/doc/aa_change_profile.pod  |    1 +
 libraries/libapparmor/doc/aa_find_mountpoint.pod |    9 +++++----
 libraries/libapparmor/doc/aa_getcon.pod          |    2 +-
 4 files changed, 8 insertions(+), 5 deletions(-)

Index: b/libraries/libapparmor/doc/Makefile.am
===================================================================
--- a/libraries/libapparmor/doc/Makefile.am
+++ b/libraries/libapparmor/doc/Makefile.am
@@ -16,4 +16,5 @@ BUILT_SOURCES = $(man_MANS)
 		--section=2 \
 		--release="AppArmor $(VERSION)" \
 		--center="AppArmor" \
+		--stderr \
 		$< > $@
Index: b/libraries/libapparmor/doc/aa_change_profile.pod
===================================================================
--- a/libraries/libapparmor/doc/aa_change_profile.pod
+++ b/libraries/libapparmor/doc/aa_change_profile.pod
@@ -170,6 +170,7 @@ The output when run:
 
 If /tmp/change_p is to be confined as well, then the following profile can be
 used (in addition to the one for 'i_cant_be_trusted_anymore', above):
+
  # Confine change_p to be able to read /etc/passwd and aa_change_profile()
  # to the 'i_cant_be_trusted_anymore' profile.
  /tmp/change_p {
Index: b/libraries/libapparmor/doc/aa_find_mountpoint.pod
===================================================================
--- a/libraries/libapparmor/doc/aa_find_mountpoint.pod
+++ b/libraries/libapparmor/doc/aa_find_mountpoint.pod
@@ -38,8 +38,9 @@ Link with B<-lapparmor> when compiling.
 
 =head1 DESCRIPTION
 
-The aa_is_enabled function returns true (1) if apparmor is enabled.  If it
-isn't it sets the errno to reflect the reason it is not enabled and returns 0.
+The aa_is_enabled function returns true (1) if apparmor is enabled.
+If it isn't it sets the errno(3) to reflect the reason it is not
+enabled and returns 0.
 
 The aa_find_mountpoint function finds where the apparmor filesystem is mounted
 on the system, and returns a string containing the mount path.  It is the
@@ -84,7 +85,7 @@ Did not have sufficient permissions to d
 
 =item B<EACCES>
 
-+Did not have sufficient permissions to determine if AppArmor is enabled.
+Did not have sufficient permissions to determine if AppArmor is enabled.
 
 =back
 
@@ -98,7 +99,7 @@ Insufficient memory was available.
 
 =item B<EACCES>
 
-Access to the the required paths was denied.
+Access to the required paths was denied.
 
 =item B<ENOENT>
 
Index: b/libraries/libapparmor/doc/aa_getcon.pod
===================================================================
--- a/libraries/libapparmor/doc/aa_getcon.pod
+++ b/libraries/libapparmor/doc/aa_getcon.pod
@@ -50,7 +50,7 @@ Link with B<-lapparmor> when compiling.
 The aa_getcon function gets the current AppArmor confinement context for the
 current task.  The confinement context is usually just the name of the AppArmor
 profile restricting the task, but it may include the profile namespace or in
-some cases a set of profile names (known as a stack of profiles).  The returned string *con should be freed using <free()>.
+some cases a set of profile names (known as a stack of profiles).  The returned string *con should be freed using free().
 
 The aa_gettaskcon function is like the aa_getcon function except it will work
 for any arbitrary task in the system.

-- 
Steve Beattie
<sbeattie at ubuntu.com>
http://NxNW.org/~steve/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20120215/15f1d3d5/attachment.pgp>

More information about the AppArmor mailing list