[Apparmor-dev] [RFC 5/5] initscript: subdomain -> apparmor
Steve Beattie
sbeattie at suse.de
Wed Apr 4 12:31:48 MDT 2007
This patch converts some of the internal references from subdomain to
apparmor (and s/sd/aa/ as well). Variables referenced in
/etc/apparmor/subdomain.conf (which also needs to be renamed) are not
renamed.
---
parser/rc.apparmor.debian | 28 ++++++------
parser/rc.apparmor.functions | 99 +++++++++++++++++++++----------------------
parser/rc.apparmor.redhat | 24 +++++-----
parser/rc.apparmor.slackware | 28 ++++++------
parser/rc.apparmor.suse | 25 +++++-----
5 files changed, 102 insertions(+), 102 deletions(-)
Index: b/parser/rc.apparmor.functions
===================================================================
--- a/parser/rc.apparmor.functions
+++ b/parser/rc.apparmor.functions
@@ -17,14 +17,15 @@
# You should have received a copy of the GNU General Public License
# along with this program; if not, contact Novell, Inc.
# ----------------------------------------------------------------------
-# rc.subdomain.functions by Steve Beattie
+# rc.apparmor.functions by Steve Beattie
#
-# NOTE: rc.subdomain initscripts that source this file need to implement
+# NOTE: rc.apparmor initscripts that source this file need to implement
# the following set of functions:
-# sd_action
-# sd_log_success_msg
-# sd_log_warning_msg
-# sd_log_failure_msg
+# aa_action
+# aa_log_success_msg
+# aa_log_warning_msg
+# aa_log_failure_msg
+# aa_log_skipped_msg
# Some nice defines that we use
@@ -36,13 +37,13 @@ if [ -f "${CONFIG_DIR}/${MODULE}.conf" ]
elif [ -f "${CONFIG_DIR}/${OLD_MODULE}.conf" ] ; then
APPARMOR_CONF="${CONFIG_DIR}/${OLD_MODULE}.conf"
elif [ -f "/etc/immunix/subdomain.conf" ] ; then
- sd_log_warning_msg "/etc/immunix/subdomain.conf is deprecated, use ${CONFIG_DIR}/subdomain.conf instead"
+ aa_log_warning_msg "/etc/immunix/subdomain.conf is deprecated, use ${CONFIG_DIR}/subdomain.conf instead"
APPARMOR_CONF="/etc/immunix/subdomain.conf"
elif [ -f "/etc/subdomain.conf" ] ; then
- sd_log_warning_msg "/etc/subdomain.conf is deprecated, use ${CONFIG_DIR}/subdomain.conf instead"
+ aa_log_warning_msg "/etc/subdomain.conf is deprecated, use ${CONFIG_DIR}/subdomain.conf instead"
APPARMOR_CONF="/etc/subdomain.conf"
else
- sd_log_warning_msg "Unable to find config file in ${CONFIG_DIR}, installation problem?"
+ aa_log_warning_msg "Unable to find config file in ${CONFIG_DIR}, installation problem?"
fi
# Read configuration options from /etc/subdomain.conf, default is to
@@ -61,7 +62,7 @@ if [ -f /sbin/apparmor_parser ] ; then
elif [ -f /sbin/subdomain_parser -o -h /sbin/subdomain_parser ] ; then
PARSER=/sbin/subdomain_parser
else
- sd_log_failure_msg "Unable to find apparmor_parser, installation problem?"
+ aa_log_failure_msg "Unable to find apparmor_parser, installation problem?"
exit 1
fi
@@ -129,17 +130,17 @@ parse_profiles() {
echo -n "$PARSER_MSG"
# run the parser on all of the apparmor profiles
if [ ! -f "$PARSER" ]; then
- sd_log_failure_msg "- AppArmor parser not found"
+ aa_log_failure_msg "- AppArmor parser not found"
exit 1
fi
if [ ! -d "$PROFILE_DIR" ]; then
- sd_log_skipped_msg "- Profile directory not found\nNo AppArmor policy loaded."
+ aa_log_skipped_msg "- Profile directory not found\nNo AppArmor policy loaded."
return 1
fi
if [ -z "$(ls $PROFILE_DIR/)" ]; then
- sd_log_skipped_msg "- No profiles found\nNo AppArmor policy loaded."
+ aa_log_skipped_msg "- No profiles found\nNo AppArmor policy loaded."
return 1
fi
@@ -157,11 +158,11 @@ parse_profiles() {
fi
done
if [ $STATUS -eq 0 ]; then
- sd_log_success_msg
+ aa_log_success_msg
elif [ $STATUS -eq 2 ]; then
- sd_log_warning_msg
+ aa_log_warning_msg
else
- sd_log_failure_msg
+ aa_log_failure_msg
exit $STATUS
fi
}
@@ -170,12 +171,12 @@ profiles_names_list() {
# run the parser on all of the apparmor profiles
TMPFILE=$1
if [ ! -f "$PARSER" ]; then
- sd_log_failure_msg "- AppArmor parser not found"
+ aa_log_failure_msg "- AppArmor parser not found"
exit 1
fi
if [ ! -d "$PROFILE_DIR" ]; then
- sd_log_failure_msg "- Profile directory not found"
+ aa_log_failure_msg "- Profile directory not found"
exit 1
fi
@@ -192,11 +193,11 @@ profiles_names_list() {
failstop_system() {
level=$(runlevel | cut -d" " -f2)
if [ $level -ne "1" ] ; then
- sd_log_failure_msg "- could not start AppArmor. Changing to runlevel 1"
+ aa_log_failure_msg "- could not start AppArmor. Changing to runlevel 1"
telinit 1;
return -1;
fi
- sd_log_failure_msg "- could not start AppArmor."
+ aa_log_failure_msg "- could not start AppArmor."
return -1
}
@@ -209,7 +210,7 @@ module_panic() {
"panic"|"PANIC") failstop_system
rc=$?
return $rc ;;
- *) sd_log_failure_msg "- invalid AppArmor module fail option"
+ *) aa_log_failure_msg "- invalid AppArmor module fail option"
return -1 ;;
esac
}
@@ -248,7 +249,7 @@ is_securityfs_mounted() {
mount_securityfs() {
if grep -q securityfs /proc/filesystems ; then
- sd_action "Mounting securityfs on ${SECURITYFS}" \
+ aa_action "Mounting securityfs on ${SECURITYFS}" \
mount -t securityfs securityfs "${SECURITYFS}"
return $?
fi
@@ -261,7 +262,7 @@ mount_subdomainfs() {
if grep -q subdomainfs /proc/filesystems && ! grep -q subdomainfs /proc/mounts; then
if [ -n "${SUBDOMAINFS_MOUNTPOINT}" ]; then
SFS_MOUNTPOINT=${SUBDOMAINFS_MOUNTPOINT}
- sd_action "Mounting subdomainfs on ${SFS_MOUNTPOINT}" mount "${SFS_MOUNTPOINT}"
+ aa_action "Mounting subdomainfs on ${SFS_MOUNTPOINT}" mount "${SFS_MOUNTPOINT}"
return $?
fi
fi
@@ -271,7 +272,7 @@ mount_subdomainfs() {
unmount_subdomainfs() {
SUBDOMAINFS=$(grep subdomainfs /proc/mounts | cut -d" " -f2 2> /dev/null)
if [ -n "${SUBDOMAINFS}" ]; then
- sd_action "Unmounting subdomainfs" umount ${SUBDOMAINFS}
+ aa_action "Unmounting subdomainfs" umount ${SUBDOMAINFS}
fi
}
@@ -284,7 +285,7 @@ load_module() {
fi
if ! grep -qE "^(subdomain|apparmor)[[:space:]]" /proc/modules ; then
- sd_action "Loading AppArmor module" /sbin/modprobe -q $MODULE $1
+ aa_action "Loading AppArmor module" /sbin/modprobe -q $MODULE $1
rc=$?
if [ $rc -ne 0 ] ; then
module_panic
@@ -302,7 +303,7 @@ load_module() {
return $rc
}
-subdomain_start() {
+apparmor_start() {
if ! is_apparmor_loaded ; then
load_module
rc=$?
@@ -312,7 +313,7 @@ subdomain_start() {
fi
if [ ! -w "$SFS_MOUNTPOINT/.load" ] ; then
- sd_log_failure_msg "Loading AppArmor profiles - failed, Do you have the correct privileges?"
+ aa_log_failure_msg "Loading AppArmor profiles - failed, Do you have the correct privileges?"
return 1
fi
@@ -321,7 +322,7 @@ subdomain_start() {
if [ $(wc -l "$SFS_MOUNTPOINT/profiles" | awk '{print $1}') -eq 0 ] ; then
parse_profiles load
else
- sd_log_skipped_msg "Loading AppArmor profiles - AppArmor already loaded with profiles."
+ aa_log_skipped_msg "Loading AppArmor profiles - AppArmor already loaded with profiles."
fi
}
@@ -332,17 +333,17 @@ remove_profiles() {
# our position. Lets hope there are never enough profiles to
# overflow the variable
if ! is_apparmor_loaded ; then
- sd_log_failure_msg "- failed, is AppArmor loaded?"
+ aa_log_failure_msg "- failed, is AppArmor loaded?"
return 1
fi
if [ ! -w "$SFS_MOUNTPOINT/.remove" ] ; then
- sd_log_failure_msg "- failed, Do you have the correct privileges?"
+ aa_log_failure_msg "- failed, Do you have the correct privileges?"
return 1
fi
if [ ! -x "${PARSER}" ] ; then
- sd_log_failure_msg "- failed, unable to execute subdomain parser"
+ aa_log_failure_msg "- failed, unable to execute AppArmor parser"
return 1
fi
@@ -355,22 +356,22 @@ remove_profiles() {
fi
done
if [ ${retval} -eq 0 ] ; then
- sd_log_success_msg
+ aa_log_success_msg
else
- sd_log_failure_msg
+ aa_log_failure_msg
fi
return ${retval}
}
-subdomain_stop() {
+apparmor_stop() {
echo -n "Unloading AppArmor profiles "
remove_profiles
return $?
}
-subdomain_kill() {
+apparmor_kill() {
if ! is_apparmor_loaded ; then
- sd_log_failure_msg "Killing AppArmor module - failed, AppArmor is not loaded."
+ aa_log_failure_msg "Killing AppArmor module - failed, AppArmor is not loaded."
return 1
fi
@@ -380,16 +381,16 @@ subdomain_kill() {
elif grep -qE "^subdomain[[:space:]]" /proc/modules ; then
MODULE=subdomain
else
- sd_log_failure_msg "Killing AppArmor module - failed, AppArmor is builtin"
+ aa_log_failure_msg "Killing AppArmor module - failed, AppArmor is builtin"
return 1
fi
- sd_action "Unloading AppArmor modules" /sbin/modprobe -qr $MODULE
+ aa_action "Unloading AppArmor modules" /sbin/modprobe -qr $MODULE
return $?
}
-__subdomain_restart() {
+__apparmor_restart() {
if [ ! -w "$SFS_MOUNTPOINT/.load" ] ; then
- sd_log_failure_msg "Loading AppArmor profiles - failed, Do you have the correct privileges?"
+ aa_log_failure_msg "Loading AppArmor profiles - failed, Do you have the correct privileges?"
return 4
fi
@@ -407,39 +408,39 @@ __subdomain_restart() {
return 0
}
-subdomain_restart() {
+apparmor_restart() {
if ! is_apparmor_loaded ; then
- subdomain_start
+ apparmor_start
rc=$?
return $rc
fi
- __subdomain_restart
+ __apparmor_restart
return $?
}
-subdomain_try_restart() {
+apparmor_try_restart() {
if ! is_apparmor_loaded ; then
return 1
fi
- __subdomain_restart
+ __apparmor_restart
return $?
}
configure_owlsm () {
if [ "${SUBDOMAIN_ENABLE_OWLSM}" = "yes" -a -f ${SFS_MOUNTPOINT}/control/owlsm ] ; then
- # Sigh, the "sh -c" is necessary for the SuSE sd_action
+ # Sigh, the "sh -c" is necessary for the SuSE aa_action
# and it can't be abstracted out as a seperate function, as
# that breaks under RedHat's action, which needs a
# binary to invoke.
- sd_action "Enabling OWLSM extension" sh -c "echo -n \"1\" > \"${SFS_MOUNTPOINT}/control/owlsm\""
+ aa_action "Enabling OWLSM extension" sh -c "echo -n \"1\" > \"${SFS_MOUNTPOINT}/control/owlsm\""
elif [ -f "${SFS_MOUNTPOINT}/control/owlsm" ] ; then
- sd_action "Disabling OWLSM extension" sh -c "echo -n \"0\" > \"${SFS_MOUNTPOINT}/control/owlsm\""
+ aa_action "Disabling OWLSM extension" sh -c "echo -n \"0\" > \"${SFS_MOUNTPOINT}/control/owlsm\""
fi
}
-subdomain_status () {
+apparmor_status () {
if test -x ${AA_STATUS} ; then
${AA_STATUS} --verbose
return $?
Index: b/parser/rc.apparmor.debian
===================================================================
--- a/parser/rc.apparmor.debian
+++ b/parser/rc.apparmor.debian
@@ -40,35 +40,35 @@
### END INIT INFO
APPARMOR_FUNCTIONS=/lib/apparmor/rc.apparmor.functions
-sd_action() {
+aa_action() {
STRING=$1
shift
$*
rc=$?
if [ $rc -eq 0 ] ; then
- sd_log_success_msg $"$STRING "
+ aa_log_success_msg $"$STRING "
else
- sd_log_failure_msg $"$STRING "
+ aa_log_failure_msg $"$STRING "
fi
return $rc
}
-sd_log_success_msg() {
+aa_log_success_msg() {
[ -n "$1" ] && echo -n $1
echo ": done."
}
-sd_log_warning_msg() {
+aa_log_warning_msg() {
[ -n "$1" ] && echo -n $1
echo ": Warning."
}
-sd_log_failure_msg() {
+aa_log_failure_msg() {
[ -n "$1" ] && echo -n $1
echo ": Failed."
}
-sd_log_skipped_msg() {
+aa_log_skipped_msg() {
[ -n "$1" ] && echo -n $1
echo ": Skipped."
}
@@ -81,7 +81,7 @@ usage() {
if [ -f "${APPARMOR_FUNCTIONS}" ]; then
. ${APPARMOR_FUNCTIONS}
else
- sd_log_failure_msg "Unable to find AppArmor initscript functions"
+ aa_log_failure_msg "Unable to find AppArmor initscript functions"
exit 1
fi
@@ -89,22 +89,22 @@ test -x ${PARSER} || exit 0 # by debian
case "$1" in
start)
- subdomain_start
+ apparmor_start
;;
stop)
- subdomain_stop
+ apparmor_stop
;;
restart|reload|force-reload)
- subdomain_restart
+ apparmor_restart
;;
try-restart)
- subdomain_try_restart
+ apparmor_try_restart
;;
kill)
- subdomain_kill
+ apparmor_kill
;;
status)
- subdomain_status
+ apparmor_status
;;
*)
usage
Index: b/parser/rc.apparmor.redhat
===================================================================
--- a/parser/rc.apparmor.redhat
+++ b/parser/rc.apparmor.redhat
@@ -55,31 +55,31 @@ usage() {
echo "Usage: $0 {start|stop|restart|try-restart|reload|force-reload|status|kill}"
}
-sd_log_success_msg() {
+aa_log_success_msg() {
echo -n "$*"
success
echo
}
-sd_log_warning_msg() {
+aa_log_warning_msg() {
echo -n "$*"
warning
echo
}
-sd_log_skipped_msg() {
+aa_log_skipped_msg() {
echo -n "$*"
warning
echo
}
-sd_log_failure_msg() {
+aa_log_failure_msg() {
echo -n "$*"
failure
echo
}
-sd_action() {
+aa_action() {
STRING=$1
shift
action "${STRING} " "$@"
@@ -90,28 +90,28 @@ sd_action() {
if [ -f "${APPARMOR_FUNCTIONS}" ]; then
. ${APPARMOR_FUNCTIONS}
else
- sd_log_failure_msg "Unable to find AppArmor initscript functions"
+ aa_log_failure_msg "Unable to find AppArmor initscript functions"
exit 1
fi
case "$1" in
start)
- subdomain_start
+ apparmor_start
;;
stop)
- subdomain_stop
+ apparmor_stop
;;
restart|reload|force-reload)
- subdomain_restart
+ apparmor_restart
;;
try-restart)
- subdomain_try_restart
+ apparmor_try_restart
;;
kill)
- subdomain_kill
+ apparmor_kill
;;
status)
- subdomain_status
+ apparmor_status
;;
*)
usage
Index: b/parser/rc.apparmor.slackware
===================================================================
--- a/parser/rc.apparmor.slackware
+++ b/parser/rc.apparmor.slackware
@@ -23,35 +23,35 @@
# /etc/rc.d/rc.apparmor
APPARMOR_FUNCTIONS=/lib/apparmor/rc.apparmor.functions
-sd_action() {
+aa_action() {
STRING=$1
shift
$*
rc=$?
if [ $rc -eq 0 ] ; then
- sd_log_success_msg $"$STRING "
+ aa_log_success_msg $"$STRING "
else
- sd_log_failure_msg $"$STRING "
+ aa_log_failure_msg $"$STRING "
fi
return $rc
}
-sd_log_warning_msg() {
+aa_log_warning_msg() {
[ -n "$1" ] && echo -n $1
echo ": Warning."
}
-sd_log_success_msg() {
+aa_log_success_msg() {
[ -n "$1" ] && echo -n $1
echo ": OK."
}
-sd_log_failure_msg() {
+aa_log_failure_msg() {
[ -n "$1" ] && echo -n $1
echo ": Failed."
}
-sd_log_skipped_msg() {
+aa_log_skipped_msg() {
[ -n "$1" ] && echo -n $1
echo ": Skipped."
}
@@ -64,28 +64,28 @@ usage() {
if [ -f "${APPARMOR_FUNCTIONS}" ] ; then
. ${APPARMOR_FUNCTIONS}
else
- sd_log_failure_msg "Unable to find AppArmor initscript functions"
+ aa_log_failure_msg "Unable to find AppArmor initscript functions"
exit 1
fi
case "$1" in
start)
- subdomain_start
+ apparmor_start
;;
stop)
- subdomain_stop
+ apparmor_stop
;;
restart|reload|force-reload)
- subdomain_restart
+ apparmor_restart
;;
try-restart)
- subdomain_try_restart
+ apparmor_try_restart
;;
kill)
- subdomain_kill
+ apparmor_kill
;;
status)
- subdomain_status
+ apparmor_status
;;
*)
usage
Index: b/parser/rc.apparmor.suse
===================================================================
--- a/parser/rc.apparmor.suse
+++ b/parser/rc.apparmor.suse
@@ -55,8 +55,7 @@ else
fi
# Ugh, SUSE doesn't implement action
-sd_action() {
- STRING=$1
+aa_action() { STRING=$1
shift
"$@"
rc=$?
@@ -68,19 +67,19 @@ sd_action() {
return $rc
}
-sd_log_success_msg() {
+aa_log_success_msg() {
log_success_msg $*
}
-sd_log_warning_msg() {
+aa_log_warning_msg() {
log_warning_msg $*
}
-sd_log_failure_msg() {
+aa_log_failure_msg() {
log_failure_msg $*
}
-sd_log_skipped_msg() {
+aa_log_skipped_msg() {
echo -en "$@"
echo -e "$rc_skipped"
}
@@ -93,28 +92,28 @@ usage() {
if [ -f "${APPARMOR_FUNCTIONS}" ]; then
. ${APPARMOR_FUNCTIONS}
else
- sd_log_failure_msg "Unable to find AppArmor initscript functions"
+ aa_log_failure_msg "Unable to find AppArmor initscript functions"
exit 1
fi
case "$1" in
start)
- subdomain_start
+ apparmor_start
;;
stop)
- subdomain_stop
+ apparmor_stop
;;
restart|reload|force-reload)
- subdomain_restart
+ apparmor_restart
;;
try-restart)
- subdomain_try_restart
+ apparmor_try_restart
;;
kill)
- subdomain_kill
+ apparmor_kill
;;
status)
- subdomain_status
+ apparmor_status
;;
*)
usage
--
Steve Beattie
SUSE Labs, Novell Inc.
<sbeattie at suse.de>
http://NxNW.org/~steve/
More information about the Apparmor-dev
mailing list