sys-apps/apparmor: Avoid bashisms in initscript. Thanks to mgorny for the report...

svn path=/sunrise/; revision=12528

diff --git a/sys-apps/apparmor/ChangeLog b/sys-apps/apparmor/ChangeLog
index 21a426b32e4d31bb61eba9d4d09751da9a14df23..366b545d65ac426e6d9d92a9d2b36ae8dd052f90 100644 (file)
--- a/sys-apps/apparmor/ChangeLog
+++ b/sys-apps/apparmor/ChangeLog
@@ -2,6 +2,11 @@
 # Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2
 # $Header: $
 
+  24 Nov 2011; Michael Palimaka (kensington) <kensington@astralcloak.net>
+  files/apparmor-confd, files/apparmor-init:
+  Avoid bashisms in initscript. Thanks to mgorny for the report, and Tommy[D]
+  for the review.
+
   13 Nov 2011; Michael Palimaka (kensington) <kensington@astralcloak.net>
   +apparmor-2.6.1.ebuild, +files/apparmor-2.6.1-makefile.patch,
   +files/apparmor-confd, +files/apparmor-init, +metadata.xml:

diff --git a/sys-apps/apparmor/Manifest b/sys-apps/apparmor/Manifest
index e6c91322f24ef71ec99798eae9efbfd0fba92a20..3c594cbd8634df49de675b7617c6b78850d52331 100644 (file)
--- a/sys-apps/apparmor/Manifest
+++ b/sys-apps/apparmor/Manifest
@@ -1,7 +1,7 @@
 AUX apparmor-2.6.1-makefile.patch 2556 RMD160 614eab68a68a847325ef43b1d92330d41ef7eb55 SHA1 95efd84a6b675f78d4a8bb982c331a57f8f186b5 SHA256 ff98a5a9e3593e959e578d07b89956476f79a1a0e139f4e12a2ae1e665b02881
-AUX apparmor-confd 336 RMD160 c1814e81038e4bf01a1f0570b77bc6a1cf10aacb SHA1 60089f51a68da6638a43ed823ac7460f606fe9e1 SHA256 d477eb288c1fbe00ea9714e9d16ba8cba658628aed3a1c4d6a1dc9cb32f005c5
-AUX apparmor-init 3776 RMD160 4a7f850d3e5c98f36aa8cab1191ba3633ef42353 SHA1 1fe748225a58d17bd5e7ebbf3e4ffb711ded4e1b SHA256 09f8daa692c7a07305ffea0e79b2815b655d69b618e2abb825a0857ab6009560
+AUX apparmor-confd 324 RMD160 4f06f3491dce4c245332a5ee7f351638b9384bba SHA1 224d0ab3b504ceff522d470311dc5e86b51d83c1 SHA256 f6a6fb9897a492d9f53aad447324f006e5242c3e78f534bc55087bd564c287f0
+AUX apparmor-init 3892 RMD160 714b9533ba76ed25010aea1323132e7a893ee5c7 SHA1 a3271eeecdc223e373f62f3b6f5a86dfaac70746 SHA256 efb8adfc3a192ab429773828276745246da84cd0351a271655faf975c24abaad
 DIST apparmor-2.6.1.tar.gz 1612637 RMD160 241f0ba363b7f7c2d7e25cba4f6d7f6eb2c6f3f9 SHA1 c8837b1e0c4bd90858579cb9758af203122889aa SHA256 9cb015d8c1023d7549621d1caeea0cd92a33c48dba0762d75385f9ff7a11e2f4
 EBUILD apparmor-2.6.1.ebuild 1003 RMD160 dfcbd71afb56902dd956fa72d0f6d17d029b3670 SHA1 9b81fd3103a9b5cac044c883c233ed7651183de1 SHA256 cd2ec215bf6b6876074aea94bf2939d9212005add15061d5317e81b0ef19fb15
-MISC ChangeLog 392 RMD160 5e557eae96c0947f0ee9b0d17538d9e64508df6b SHA1 2f5b34a77e17aafd7d9e5318b6fefbaeecc07cb6 SHA256 8e3882f501cb96109bb43f90e44ef1f131394aa59401083c7000330c1c5861a2
+MISC ChangeLog 608 RMD160 0f81f098550e8af50437715e32478a860060f401 SHA1 f386264b8b8e44178eb945da0d46da51a2788178 SHA256 a0fd0562fdb4a07e0f33ef3e8447aa8b1755aa1144f8e2a7addecdb08b44852a
 MISC metadata.xml 209 RMD160 184537d7a401571abe0e5cbf9258ba3947d19382 SHA1 f2ea13baedca19e24be6ed7c3e6b765f7ff67cba SHA256 b0f0595f625235a62d9d40753827ae160e42156371fd9568bd2779042517f5e8

diff --git a/sys-apps/apparmor/files/apparmor-confd b/sys-apps/apparmor/files/apparmor-confd
index 11058073c631fde39ce15706016b2134401a25d4..1490ca728297f022f866b26a0dad3a303fde0983 100644 (file)
--- a/sys-apps/apparmor/files/apparmor-confd
+++ b/sys-apps/apparmor/files/apparmor-confd
@@ -4,11 +4,10 @@
 PARSER=/sbin/apparmor_parser
 
 # Directory in which profiles are stored
+# Note, subdirectories can be ignored by placing
+# an empty ".ignore" file within
 PROFILE_DIR=/etc/apparmor.d/
 
-# Directories within PROFILE_DIR to be ignored
-IGNORE_PROFILES=( "abstractions" "tunables" )
-
 # Where securityfs is/will be mounted
 SECURITYFS=/sys/kernel/security/apparmor
 

diff --git a/sys-apps/apparmor/files/apparmor-init b/sys-apps/apparmor/files/apparmor-init
index 6fac7b1aca9fded6948e6b313b33fce07e433c0f..f0e4cc5b290c00cbf739d8e81c4fdcfba6e7e713 100755 (executable)
--- a/sys-apps/apparmor/files/apparmor-init
+++ b/sys-apps/apparmor/files/apparmor-init
@@ -76,18 +76,17 @@ check_config() {
 }
 
 get_profile_files() {
-       if [[ "$PROFILE_DIR" != */ ]]; then
-               PROFILE_DIR="${PROFILE_DIR}/"
-       fi
-
        ARGS=""
-       LENGTH=${#IGNORE_PROFILES[@]}
+       IGNORES="$( find ${PROFILE_DIR} -name .ignore )"
+       LENGTH=$( echo "$IGNORES" | wc -l )
 
-       for ((I=1; I <= $LENGTH; I++)); do
-               ARGS="${ARGS} -path ${PROFILE_DIR}${IGNORE_PROFILES[$(($I-1))]} -prune"
+       I=1;
+       for IGNORE in $IGNORES; do
+               ARGS="${ARGS} -path $( dirname ${IGNORE} ) -prune"
                if [ $LENGTH -gt 1 -a $I -lt $LENGTH ]; then
                        ARGS="${ARGS} -o"
                fi
+               I=$(($I+1))
        done
 
        if [ -z "$ARGS" ]; then
@@ -132,10 +131,11 @@ load_profiles() {
        fi
 
        PROFILES="$(get_profile_files)"
+
        for PROFILE in $PROFILES; do
                $PARSER $PARSER_ARGS $PROFILE
                if [ $? -ne 0 ]; then
-                       if [ "${PARSER_ARGS}" == "replace" ]; then
+                       if [ "${PARSER_ARGS}" = "replace" ]; then
                                ewarn "Error loading '${PROFILE}', continuing"
                        else
                                eerror "Error loading '${PROFILE}', aborting"
@@ -151,7 +151,8 @@ load_profiles() {
 remove_profiles() {
        PROFILES=$(get_active_profiles)
        for PROFILE in $PROFILES; do
-               echo -n "$PROFILE" > "${SECURITYFS}/.remove"
+               #use printf instead of echo -n for POSIX compatibility
+               printf "$PROFILE" > "${SECURITYFS}/.remove"
        done
        return 0
 }
@@ -201,8 +202,11 @@ unload_obsolete_profiles() {
                echo $(${PARSER} -N "$PROFILE") >> new
        done
 
-       for PROFILE in $(comm -2 -3 old new); do
-               echo -n "$PROFILE" > "${SECURITYFS}/.remove"
+       sort new > new_sorted
+
+       for PROFILE in $(comm -2 -3 old new_sorted); do
+               #use printf instead of echo -n for POSIX compatibility
+               printf "$PROFILE" > "${SECURITYFS}/.remove"
        done
 
        rm -rf "${TEMPDIR}"