From: Guido Günther Date: Mon, 6 Jan 2014 17:27:31 +0000 (+0100) Subject: Allow to install apparmor profiles X-Git-Url: http://xenbits.xensource.com/gitweb?a=commitdiff_plain;h=37705c12be3368e0e488829f6eee3b66f0ccdd6f;p=libvirt.git Allow to install apparmor profiles Make it easy to install the shipped examples. The aim is to have reasonably working templates so that distros only need to minimally patch these and can feed things upstream more easily. This was prompted by http://bugs.debian.org/725144 --- diff --git a/configure.ac b/configure.ac index 2622dfd530..97752f4e54 100644 --- a/configure.ac +++ b/configure.ac @@ -1418,6 +1418,16 @@ elif test "with_secdriver_apparmor" != "no" ; then fi AM_CONDITIONAL([WITH_SECDRIVER_APPARMOR], [test "$with_secdriver_apparmor" != "no"]) +if test "$with_apparmor" != "no"; then +AC_ARG_WITH([apparmor-profiles], + [AS_HELP_STRING([--with-apparmor-profiles], + [install apparmor profiles @<:@default=no@:>@])], + [with_apparmor_profiles=yes], + [with_apparmor_profiles=no]) +else + with_apparmor_profiles="no" +fi +AM_CONDITIONAL([WITH_APPARMOR_PROFILES], [test "$with_apparmor_profiles" != "no"]) dnl DTrace static probes AC_ARG_WITH([dtrace], @@ -2607,7 +2617,7 @@ AC_MSG_NOTICE([]) AC_MSG_NOTICE([Security Drivers]) AC_MSG_NOTICE([]) AC_MSG_NOTICE([ SELinux: $with_secdriver_selinux ($SELINUX_MOUNT)]) -AC_MSG_NOTICE([AppArmor: $with_secdriver_apparmor]) +AC_MSG_NOTICE([AppArmor: $with_secdriver_apparmor (install profiles: $with_apparmor_profiles)]) AC_MSG_NOTICE([]) AC_MSG_NOTICE([Driver Loadable Modules]) AC_MSG_NOTICE([]) diff --git a/examples/apparmor/Makefile.am b/examples/apparmor/Makefile.am index 79cf5c92ab..6e69440448 100644 --- a/examples/apparmor/Makefile.am +++ b/examples/apparmor/Makefile.am @@ -19,3 +19,21 @@ EXTRA_DIST= \ libvirt-qemu \ usr.lib.libvirt.virt-aa-helper \ usr.sbin.libvirtd + +if WITH_APPARMOR_PROFILES +apparmordir = $(sysconfdir)/apparmor.d/ +apparmor_DATA = \ + usr.lib.libvirt.virt-aa-helper \ + usr.sbin.libvirtd \ + $(NULL) + +abstractionsdir = $(apparmordir)/abstractions +abstractions_DATA = \ + libvirt-qemu \ + $(NULL) + +templatesdir = $(apparmordir)/libvirtd +templates_DATA = \ + TEMPLATE \ + $(NULL) +endif WITH_APPARMOR_PROFILES