build: generalise the use of apparmor version during the build.

cmd/prebuild/main.go

@@ -18,6 +18,9 @@ func init() {
 	// Define the default ABI
 	prebuild.ABI = 4
 
+	// Define the default version
+	prebuild.Version = 4.0
+
 	// Define the tasks applied by default
 	prepare.Register(
 		"synchronise",     // Initialize a new clean apparmor.d build directory
@@ -40,15 +43,31 @@ func init() {
 	case "arch":
 
 	case "ubuntu":
-		if !slices.Contains([]string{"noble"}, prebuild.Release["VERSION_CODENAME"]) {
+		switch prebuild.Release["VERSION_CODENAME"] {
+		case "jammy":
 			prebuild.ABI = 3
+			prebuild.Version = 3.0
+		case "noble", "oracular":
+			prebuild.ABI = 4
+			prebuild.Version = 4.0
+		case "plucky":
+			prebuild.ABI = 4
+			prebuild.Version = 4.1
 		}
 
 	case "debian":
+		switch prebuild.Release["VERSION_CODENAME"] {
+		case "bookworm":
 			prebuild.ABI = 3
+			prebuild.Version = 3.0
+		case "trixie", "sid":
+			prebuild.ABI = 4
+			prebuild.Version = 4.1
+		}
 
 	case "whonix":
 		prebuild.ABI = 3
+		prebuild.Version = 3.0
 
 		// Hide rewrittem Whonix profiles
 		prebuild.Hide += `/etc/apparmor.d/abstractions/base.d/kicksecure

pkg/prebuild/cli/cli.go

@@ -19,7 +19,7 @@ import (
 
 const (
 	nilABI uint    = 0
-	nilVer      = "4.0"
+	nilVer float64 = 0.0
 	usage          = `aa-prebuild [-h] [--complain | --enforce] [--full] [--abi 3|4] [--version V] [--file FILE]
 
     Prebuild apparmor.d profiles for a given distribution and apply
@@ -42,7 +42,7 @@ var (
 	enforce  bool
 	full     bool
 	abi      uint
-	version  string
+	version  float64
 	file     string
 )
 
@@ -57,8 +57,8 @@ func init() {
 	flag.BoolVar(&enforce, "enforce", false, "Set enforce flag on all profiles.")
 	flag.UintVar(&abi, "a", nilABI, "Target apparmor ABI.")
 	flag.UintVar(&abi, "abi", nilABI, "Target apparmor ABI.")
-	flag.StringVar(&version, "v", nilVer, "Target apparmor version.")
+	flag.Float64Var(&version, "v", nilVer, "Target apparmor version.")
-	flag.StringVar(&version, "version", nilVer, "Target apparmor version.")
+	flag.Float64Var(&version, "version", nilVer, "Target apparmor version.")
 	flag.StringVar(&file, "F", "", "Only prebuild a given file.")
 	flag.StringVar(&file, "file", "", "Only prebuild a given file.")
 }
@@ -115,6 +115,9 @@ func Configure() {
 
 func Prebuild() {
 	logging.Step("Building apparmor.d profiles for %s on ABI%d.", prebuild.Distribution, prebuild.ABI)
+	if prebuild.Version != nilVer {
+		logging.Success("AppArmor version targeted: %.1f", prebuild.Version)
+	}
 	if err := Prepare(); err != nil {
 		logging.Fatal("%s", err.Error())
 	}

pkg/prebuild/directive/filter.go

@@ -43,7 +43,7 @@ func filterRuleForUs(opt *Option) bool {
 	if slices.Contains(opt.ArgList, abiStr) {
 		return true
 	}
-	versionStr := fmt.Sprintf("apparmor%s", prebuild.Version)
+	versionStr := fmt.Sprintf("apparmor%.1f", prebuild.Version)
 	if slices.Contains(opt.ArgList, versionStr) {
 		return true
 	}

pkg/prebuild/directories.go

@@ -11,7 +11,7 @@ var (
 	ABI uint = 0
 
 	// AppArmor version
-	Version string = "4.0"
+	Version float64 = 4.0
 
 	// Pkgname is the name of the package
 	Pkgname string = "apparmor.d"

pkg/prebuild/prepare/configure.go

@@ -35,7 +35,7 @@ func (p Configure) Apply() ([]string, error) {
 			return res, err
 		}
 
-		if prebuild.ABI == 3 {
+		if prebuild.Version < 3.0 {
 			if err := paths.CopyTo(prebuild.DistDir.Join("ubuntu"), prebuild.RootApparmord); err != nil {
 				return res, err
 			}
@@ -46,17 +46,19 @@ func (p Configure) Apply() ([]string, error) {
 			return res, err
 		}
 
+		if prebuild.Version < 4.1 {
 			// Copy Debian specific abstractions
 			if err := paths.CopyTo(prebuild.DistDir.Join("ubuntu"), prebuild.RootApparmord); err != nil {
 				return res, err
 			}
+		}
 
 	default:
 		return []string{}, fmt.Errorf("%s is not a supported distribution", prebuild.Distribution)
 
 	}
 
-	if prebuild.Version == "4.1" {
+	if prebuild.Version == 4.1 {
 		// Remove files upstreamed in 4.1
 		remove := []string{
 			"abstractions/devices-usb-read",