diff options
| -rw-r--r-- | pcr/apparmor-openrc/PKGBUILD | 2 | ||||
| -rw-r--r-- | pcr/apparmor-openrc/apparmor-init | 91 |
2 files changed, 92 insertions, 1 deletions
diff --git a/pcr/apparmor-openrc/PKGBUILD b/pcr/apparmor-openrc/PKGBUILD index c58914aff..ccf78fa01 100644 --- a/pcr/apparmor-openrc/PKGBUILD +++ b/pcr/apparmor-openrc/PKGBUILD @@ -11,7 +11,7 @@ depends=('apparmor' 'openrc') install='apparmor.install' _filename='apparmor-init' source=("https://gitweb.gentoo.org/repo/gentoo.git/plain/sys-apps/apparmor/files/$_filename") -sha256sums=('f1c9ef2737012475f7fe7b943533b5d9345df1814a16a5c8d1929d835482f802') +sha256sums=('6357f9645587de19c46d824215ca4c3be99c488e8da9bd0e403b69e33ba8ed07') pkgver() { date +%Y%m%d diff --git a/pcr/apparmor-openrc/apparmor-init b/pcr/apparmor-openrc/apparmor-init new file mode 100644 index 000000000..48877e4b6 --- /dev/null +++ b/pcr/apparmor-openrc/apparmor-init @@ -0,0 +1,91 @@ +#!/sbin/openrc-run +# Copyright 1999-2013 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +description="Load all configured profiles for the AppArmor security module." +description_reload="Reload all profiles" + +extra_started_commands="reload" + +aa_action() { + local arg=$1 + local return + + shift + $* + return=$? + + if [ ${return} -eq 0 ]; then + aa_log_success_msg $arg + else + aa_log_failure_msg arg + fi + + return $return +} + +aa_log_action_start() { + ebegin $1 +} + +aa_log_action_end() { + eend $1 +} + +aa_log_success_msg() { + einfo $1 +} + +aa_log_warning_msg() { + ewarn $1 +} + +aa_log_failure_msg() { + eerror $1 +} + +aa_log_skipped_msg() { + einfo $1 +} + +aa_log_daemon_msg() { + einfo $1 +} + +aa_log_end_msg() { + eend $1 +} + +. /usr/libexec/rc.apparmor.functions + +start() { + ebegin "Starting AppArmor" + eindent + + if ! is_apparmor_loaded ; then + load_module + if [ $? -ne 0 ]; then + eerror "AppArmor kernel support is not present" + eend 1 + return 1 + fi + fi + + parse_profiles load + + eoutdent +} + +stop() { + ebegin "Stopping AppArmor" + eindent + apparmor_stop + eoutdent +} + +reload() { + # todo: split out clean_profiles into its own function upstream + # so we can do parse_profiles reload && clean_profiles + # and do a proper reload instead of restart + apparmor_restart +} |