Browse code
Fix apparmor profile installation
Fixes #26823
Fixes an issue where apparmor was not loaded into the kernel, because
apparmor_parser was being called incorrectly.
Signed-off-by: Christopher Jones <tophj@linux.vnet.ibm.com>
Christopher Jones authored on 2016/09/30 06:05:31Showing 2 changed files
| ... | ... |
@@ -26,7 +26,7 @@ func GetVersion() (int, error) {
|
| 26 | 26 |
// LoadProfile runs `apparmor_parser -r` on a specified apparmor profile to |
| 27 | 27 |
// replace the profile. |
| 28 | 28 |
func LoadProfile(profilePath string) error {
|
| 29 |
- _, err := cmd("-r", filepath.Dir(profilePath))
|
|
| 29 |
+ _, err := cmd("", "-r", filepath.Dir(profilePath))
|
|
| 30 | 30 |
if err != nil {
|
| 31 | 31 |
return err |
| 32 | 32 |
} |
| ... | ... |
@@ -66,8 +66,8 @@ func macroExists(m string) bool {
|
| 66 | 66 |
return err == nil |
| 67 | 67 |
} |
| 68 | 68 |
|
| 69 |
-// InstallDefault generates a default profile and installs it in the |
|
| 70 |
-// ProfileDirectory with `apparmor_parser`. |
|
| 69 |
+// InstallDefault generates a default profile in a temp directory determined by |
|
| 70 |
+// os.TempDir(), then loads the profile into the kernel using 'apparmor_parser'. |
|
| 71 | 71 |
func InstallDefault(name string) error {
|
| 72 | 72 |
p := profileData{
|
| 73 | 73 |
Name: name, |