[PATCH 08/10] apparmor: provide local override templates

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Local overrides is a feature Debian/Ubuntu libvirt provided for a while.
This allows the user to have a non-conffile that he can use to extend the
package delivered rules with extra content matching his special case.

This change provides override templates which the user can extend
and modifies the makefile template to include those when installing
the apparmor profiles.

Signed-off-by: Christian Ehrhardt <christian.ehrhardt@xxxxxxxxxxxxx>
Signed-off-by: Stefan Bader <stefan.bader@xxxxxxxxxxxxx>
---
 examples/Makefile.am                                   | 14 ++++++++++++++
 examples/apparmor/local-usr.lib.libvirt.virt-aa-helper |  2 ++
 examples/apparmor/local-usr.sbin.libvirtd              |  2 ++
 3 files changed, 18 insertions(+)
 create mode 100644 examples/apparmor/local-usr.lib.libvirt.virt-aa-helper
 create mode 100644 examples/apparmor/local-usr.sbin.libvirtd

diff --git a/examples/Makefile.am b/examples/Makefile.am
index 2956e14..16c7bf6 100644
--- a/examples/Makefile.am
+++ b/examples/Makefile.am
@@ -25,6 +25,8 @@ EXTRA_DIST = \
 	apparmor/libvirt-lxc \
 	apparmor/usr.lib.libvirt.virt-aa-helper \
 	apparmor/usr.sbin.libvirtd \
+	apparmor/local-usr.sbin.libvirtd \
+	apparmor/local-usr.lib.libvirt.virt-aa-helper \
 	lxcconvert/virt-lxc-convert \
 	polkit/libvirt-acl.rules \
 	$(wildcard $(srcdir)/systemtap/*.stp) \
@@ -74,6 +76,18 @@ apparmor_DATA = \
 	apparmor/usr.sbin.libvirtd \
 	$(NULL)
 
+localdir = $(apparmordir)/local
+local_DATA = \
+	apparmor/local-usr.sbin.libvirtd \
+	apparmor/local-usr.lib.libvirt.virt-aa-helper \
+	$(NULL)
+
+install-data-hook:
+	mv $(DESTDIR)$(localdir)/local-usr.sbin.libvirtd \
+	   $(DESTDIR)$(localdir)/usr.sbin.libvirtd
+	mv $(DESTDIR)$(localdir)/local-usr.lib.libvirt.virt-aa-helper \
+	   $(DESTDIR)$(localdir)/usr.lib.libvirt.virt-aa-helper
+
 abstractionsdir = $(apparmordir)/abstractions
 abstractions_DATA = \
 	apparmor/libvirt-qemu \
diff --git a/examples/apparmor/local-usr.lib.libvirt.virt-aa-helper b/examples/apparmor/local-usr.lib.libvirt.virt-aa-helper
new file mode 100644
index 0000000..82c9c39
--- /dev/null
+++ b/examples/apparmor/local-usr.lib.libvirt.virt-aa-helper
@@ -0,0 +1,2 @@
+# Site-specific additions and overrides for usr.lib.libvirt.virt-aa-helper.
+# For more details, please see /etc/apparmor.d/local/README.
diff --git a/examples/apparmor/local-usr.sbin.libvirtd b/examples/apparmor/local-usr.sbin.libvirtd
new file mode 100644
index 0000000..6e19f20
--- /dev/null
+++ b/examples/apparmor/local-usr.sbin.libvirtd
@@ -0,0 +1,2 @@
+# Site-specific additions and overrides for usr.sbin.libvirtd.
+# For more details, please see /etc/apparmor.d/local/README.
-- 
2.7.4

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list
[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]
  Powered by Linux