[apparmor] [patch] complain flag is enough, no symlink needed
Steve Beattie
steve at nxnw.org
Mon Feb 24 23:52:16 UTC 2014
On Tue, Feb 25, 2014 at 12:20:33AM +0100, Christian Boltz wrote:
> Hello,
>
> let me compile 20 minutes of discussions into the addition of a # ;-)
>
>
> Change aa-complain / set_complain() to (only) add the complain flag.
> We don't need to additionally create a force-complain symlink.
Acked-by: Steve Beattie <steve at nxnw.org>
(I could *maybe* see adding a flag to have it create the symlink
instead, for use in packaging situations.)
> === modified file 'utils/apparmor/aa.py'
> --- utils/apparmor/aa.py 2014-02-24 19:56:28 +0000
> +++ utils/apparmor/aa.py 2014-02-24 23:11:32 +0000
> @@ -257,7 +257,8 @@
> def set_complain(filename, program):
> """Sets the profile to complain mode"""
> aaui.UI_Info(_('Setting %s to complain mode.') % program)
> - create_symlink('force-complain', filename)
> + # a force-complain symlink is more packaging-friendly, but breaks caching
> + # create_symlink('force-complain', filename)
> change_profile_flags(filename, program, 'complain', True)
>
> def set_enforce(filename, program):
>
--
Steve Beattie
<sbeattie at ubuntu.com>
http://NxNW.org/~steve/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20140224/e7afbe31/attachment-0001.pgp>
More information about the AppArmor
mailing list