| Apache/2.4.7 (Ubuntu) Linux sman1baleendah 3.13.0-24-generic #46-Ubuntu SMP Thu Apr 10 19:11:08 UTC 2014 x86_64 uid=33(www-data) gid=33(www-data) groups=33(www-data) safemode : OFF MySQL: ON | Perl: ON | cURL: OFF | WGet: ON > / lib / apparmor / | server ip : 104.21.89.46 your ip : 172.69.130.147 H O M E |
| Filename | /lib/apparmor/functions |
| Size | 3.49 kb |
| Permission | rw-r--r-- |
| Owner | root : root |
| Create time | 27-Apr-2025 09:55 |
| Last modified | 28-Mar-2014 00:03 |
| Last accessed | 05-Jul-2025 11:25 |
| Actions | edit | rename | delete | download (gzip) |
| View | text | code | image |
# /lib/apparmor/functions for Debian -*- shell-script -*-
# ----------------------------------------------------------------------
# Copyright (c) 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007
# NOVELL (All rights reserved)
# Copyright (c) 2008-2010 Canonical, Ltd.
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of version 2 of the GNU General Public
# License published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, contact Novell, Inc.
# ----------------------------------------------------------------------
# Authors:
# Kees Cook <[email protected]>
PROFILES="/etc/apparmor.d"
PROFILES_CACHE="$PROFILES/cache"
PROFILES_VAR="/var/lib/apparmor/profiles"
PROFILES_CACHE_VAR="/var/cache/apparmor"
PARSER="/sbin/apparmor_parser"
SECURITYFS="/sys/kernel/security"
export AA_SFS="$SECURITYFS/apparmor"
# Suppress warnings when booting in quiet mode
quiet_arg=""
[ "${QUIET:-no}" = yes ] && quiet_arg="-q"
[ "${quiet:-n}" = y ] && quiet_arg="-q"
foreach_configured_profile() {
for pdir in "$PROFILES" "$PROFILES_VAR" ; do
if [ ! -d "$pdir" ]; then
continue
fi
num=`find "$pdir" -type f ! -name '*.md5sums' | wc -l`
if [ "$num" = "0" ]; then
continue
fi
cache_args="--cache-loc=$PROFILES_CACHE"
if [ "$pdir" = "$PROFILES_VAR" ] && [ -d "$PROFILES_CACHE_VAR" ]; then
cache_args="--cache-loc=$PROFILES_CACHE_VAR"
fi
(ls -1 "$pdir" | egrep -v '(\.dpkg-(new|old|dist|bak)|~)$' | \
while read profile; do
if [ -f "$pdir"/"$profile" ]; then
echo "$pdir"/"$profile"
fi
done) | \
xargs -n1 -d"\n" -P$(getconf _NPROCESSORS_ONLN) "$PARSER" "$@" "$cache_args" --
done
}
load_configured_profiles() {
clear_cache_if_outdated
foreach_configured_profile $quiet_arg --write-cache --replace
}
load_configured_profiles_without_caching() {
foreach_configured_profile $quiet_arg --replace
}
recache_profiles() {
clear_cache
foreach_configured_profile $quiet_arg --write-cache --skip-kernel-load
}
configured_profile_names() {
foreach_configured_profile $quiet_arg -N 2>/dev/null | LC_COLLATE=C sort | grep -v '//'
}
running_profile_names() {
# Output a sorted list of loaded profiles, skipping libvirt's
# dynamically generated files
cat "$AA_SFS"/profiles | sed -e "s/ (\(enforce\|complain\))$//" | egrep -v '^libvirt-[0-9a-f\-]+$' | LC_COLLATE=C sort | grep -v '//'
}
unload_profile() {
echo -n "$1" > "$AA_SFS"/.remove
}
clear_cache() {
find "$PROFILES_CACHE" -maxdepth 1 -type f -print0 | xargs -0 rm -f --
find "$PROFILES_CACHE_VAR" -maxdepth 1 -type f -print0 | xargs -0 rm -f --
}
read_features_dir()
{
for f in `ls -AU "$1"` ; do
if [ -f "$1/$f" ] ; then
read -r KF < "$1/$f" || true
echo -n "$f {$KF } "
elif [ -d "$1/$f" ] ; then
echo -n "$f {"
KF=`read_features_dir "$1/$f"` || true
echo -n "$KF} "
fi
done
}
clear_cache_if_outdated() {
if [ -r "$PROFILES_CACHE"/.features ]; then
if [ -d "$AA_SFS"/features ]; then
KERN_FEATURES=`read_features_dir "$AA_SFS"/features`
else
read -r KERN_FEATURES < "$AA_SFS"/features
fi
CACHE_FEATURES=`tr '\n' ' ' < "$PROFILES_CACHE"/.features`
if [ "$KERN_FEATURES" != "$CACHE_FEATURES" ]; then
clear_cache
fi
fi
}
# ----------------------------------------------------------------------
# Copyright (c) 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007
# NOVELL (All rights reserved)
# Copyright (c) 2008-2010 Canonical, Ltd.
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of version 2 of the GNU General Public
# License published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, contact Novell, Inc.
# ----------------------------------------------------------------------
# Authors:
# Kees Cook <[email protected]>
PROFILES="/etc/apparmor.d"
PROFILES_CACHE="$PROFILES/cache"
PROFILES_VAR="/var/lib/apparmor/profiles"
PROFILES_CACHE_VAR="/var/cache/apparmor"
PARSER="/sbin/apparmor_parser"
SECURITYFS="/sys/kernel/security"
export AA_SFS="$SECURITYFS/apparmor"
# Suppress warnings when booting in quiet mode
quiet_arg=""
[ "${QUIET:-no}" = yes ] && quiet_arg="-q"
[ "${quiet:-n}" = y ] && quiet_arg="-q"
foreach_configured_profile() {
for pdir in "$PROFILES" "$PROFILES_VAR" ; do
if [ ! -d "$pdir" ]; then
continue
fi
num=`find "$pdir" -type f ! -name '*.md5sums' | wc -l`
if [ "$num" = "0" ]; then
continue
fi
cache_args="--cache-loc=$PROFILES_CACHE"
if [ "$pdir" = "$PROFILES_VAR" ] && [ -d "$PROFILES_CACHE_VAR" ]; then
cache_args="--cache-loc=$PROFILES_CACHE_VAR"
fi
(ls -1 "$pdir" | egrep -v '(\.dpkg-(new|old|dist|bak)|~)$' | \
while read profile; do
if [ -f "$pdir"/"$profile" ]; then
echo "$pdir"/"$profile"
fi
done) | \
xargs -n1 -d"\n" -P$(getconf _NPROCESSORS_ONLN) "$PARSER" "$@" "$cache_args" --
done
}
load_configured_profiles() {
clear_cache_if_outdated
foreach_configured_profile $quiet_arg --write-cache --replace
}
load_configured_profiles_without_caching() {
foreach_configured_profile $quiet_arg --replace
}
recache_profiles() {
clear_cache
foreach_configured_profile $quiet_arg --write-cache --skip-kernel-load
}
configured_profile_names() {
foreach_configured_profile $quiet_arg -N 2>/dev/null | LC_COLLATE=C sort | grep -v '//'
}
running_profile_names() {
# Output a sorted list of loaded profiles, skipping libvirt's
# dynamically generated files
cat "$AA_SFS"/profiles | sed -e "s/ (\(enforce\|complain\))$//" | egrep -v '^libvirt-[0-9a-f\-]+$' | LC_COLLATE=C sort | grep -v '//'
}
unload_profile() {
echo -n "$1" > "$AA_SFS"/.remove
}
clear_cache() {
find "$PROFILES_CACHE" -maxdepth 1 -type f -print0 | xargs -0 rm -f --
find "$PROFILES_CACHE_VAR" -maxdepth 1 -type f -print0 | xargs -0 rm -f --
}
read_features_dir()
{
for f in `ls -AU "$1"` ; do
if [ -f "$1/$f" ] ; then
read -r KF < "$1/$f" || true
echo -n "$f {$KF } "
elif [ -d "$1/$f" ] ; then
echo -n "$f {"
KF=`read_features_dir "$1/$f"` || true
echo -n "$KF} "
fi
done
}
clear_cache_if_outdated() {
if [ -r "$PROFILES_CACHE"/.features ]; then
if [ -d "$AA_SFS"/features ]; then
KERN_FEATURES=`read_features_dir "$AA_SFS"/features`
else
read -r KERN_FEATURES < "$AA_SFS"/features
fi
CACHE_FEATURES=`tr '\n' ' ' < "$PROFILES_CACHE"/.features`
if [ "$KERN_FEATURES" != "$CACHE_FEATURES" ]; then
clear_cache
fi
fi
}