felipe/apparmor.d
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

build: add RBAC filter to the only/exclude directive.

Browse source
This commit is contained in:
Alexandre Pujol 2025-05-26 01:00:08 +02:00
parent 780ca65953
commit c07c5838e4
No known key found for this signature in database
GPG key ID: C5469996F0DF68EC
3 changed files with 8 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

1
pkg/prebuild/cli/cli.go
View file

@ -80,6 +80,7 @@ func Configure() {
if full && paths.New("apparmor.d/groups/_full").Exist() { if full && paths.New("apparmor.d/groups/_full").Exist() {
prepare.Register("fsp") prepare.Register("fsp")
builder.Register("fsp") builder.Register("fsp")
prebuild.RBAC = true
} else if prebuild.SystemdDir.Exist() { } else if prebuild.SystemdDir.Exist() {
prepare.Register("systemd-early") prepare.Register("systemd-early")
} }

4
pkg/prebuild/directive/filter.go
View file

@ -39,6 +39,10 @@ func init() {
} }
func filterRuleForUs(opt *Option) bool { func filterRuleForUs(opt *Option) bool {
if prebuild.RBAC && slices.Contains(opt.ArgList, "RBAC") {
return true
}
abiStr := fmt.Sprintf("abi%d", prebuild.ABI) abiStr := fmt.Sprintf("abi%d", prebuild.ABI)
if slices.Contains(opt.ArgList, abiStr) { if slices.Contains(opt.ArgList, abiStr) {
return true return true

3
pkg/prebuild/directories.go
View file

@ -13,6 +13,9 @@ var (
// AppArmor version // AppArmor version
Version = 4.0 Version = 4.0
// Either or not RBAC is enabled
RBAC = false
// Pkgname is the name of the package // Pkgname is the name of the package
Pkgname = "apparmor.d" Pkgname = "apparmor.d"