[25711] in Source-Commits
Re: /svn/athena r25184 -
daemon@ATHENA.MIT.EDU (Geoffrey Thomas)
Wed Jun 29 12:59:40 2011
Date: Wed, 29 Jun 2011 12:59:34 -0400 (EDT)
From: Geoffrey Thomas <geofft@MIT.EDU>
To: Jonathan Reed <jdreed@mit.edu>
cc: source-commits@mit.edu
In-Reply-To: <2419A77B-F9A8-40B4-8C3C-783EB771080C@mit.edu>
Message-ID: <alpine.DEB.2.00.1106291258040.13891@tyger.mit.edu>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
Possibly? Is there a screw case where apparmor itself isn't yet installed,
or something?
Honestly, what you _really_ want to test for is whether the apparmor files
we just installed (and generated with DEB_TRANSFORM_FILES) reference
/etc/apparmor.d/local. That seems like an easy enough "grep
/etc/apparmor.d/local /etc/apparmor.d/profiles/*.debathena" or somesuch.
--
Geoffrey Thomas
geofft@mit.edu
On Wed, 29 Jun 2011, Jonathan Reed wrote:
> Can I forget about dh_apparmor and just test for /etc/apparmor.d/local?
>
>
> On Jun 29, 2011, at 12:52 PM, Geoffrey Thomas wrote:
>
>> No, not quite. dh_apparmor is a development tool, so you need to test this (if at all) in the build chroot, where debhelper is installed, not at install time. The minimal installs that are the problem here are almost certainly not going to have debhelper installed.
>>
>> --
>> Geoffrey Thomas
>> geofft@mit.edu
>>
>> On Wed, 29 Jun 2011, Jonathan D Reed wrote:
>>
>>> Author: jdreed
>>> Date: 2011-06-29 08:45:56 -0400 (Wed, 29 Jun 2011)
>>> New Revision: 25184
>>>
>>> Modified:
>>> trunk/debathena/config/apparmor-config/debian/debathena-apparmor-config.postinst
>>> Log:
>>> * Ensure local directory exists
>>> * Only do this on releases with dh_apparmor
>>>
>>>
>>> Modified: trunk/debathena/config/apparmor-config/debian/debathena-apparmor-config.postinst
>>> ===================================================================
>>> --- trunk/debathena/config/apparmor-config/debian/debathena-apparmor-config.postinst 2011-06-29 06:58:59 UTC (rev 25183)
>>> +++ trunk/debathena/config/apparmor-config/debian/debathena-apparmor-config.postinst 2011-06-29 12:45:56 UTC (rev 25184)
>>> @@ -85,9 +85,12 @@
>>> fi
>>>
>>> # Ensure local files exist
>>> - for f in usr.sbin.cupsd usr.sbin.ntpd; do
>>> - [ -f "/etc/apparmor.d/local/$f" ] || touch "/etc/apparmor.d/local/$f"
>>> - done
>>> + if [ -x /usr/bin/dh_apparmor ]; then
>>> + mkdir -p /etc/apparmor.d/local
>>> + for f in usr.sbin.cupsd usr.sbin.ntpd; do
>>> + [ -f "/etc/apparmor.d/local/$f" ] || touch "/etc/apparmor.d/local/$f"
>>> + done
>>> + fi
>>>
>>> if hash apparmor_status 2>/dev/null && apparmor_status --enabled; then
>>> if hash invoke-rc.d 2>/dev/null; then
>>>
>>>
>
>