pkg/aaparser: remove, and integrate into profiles/apparmor
This package provided utilities to obtain the apparmor_parser version, as well as loading a profile. Commite3e715666f(included in v24.0.0 throughbfffb0974e) deprecated GetVersion, as it was no longer used, which made LoadProfile the only utility remaining in this package. LoadProfile appears to have no external consumers, and the only use in our code is "profiles/apparmor". This patch moves the remaining code (LoadProfile) to profiles/apparmor as a non-exported function, and deletes the package. Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This commit is contained in:
Sebastiaan van Stijn
parent
53d405c37f
commit
6fae583dba
2 changed files with 18 additions and 25 deletions
|
|
@ -1,22 +0,0 @@
|
|||
// Package aaparser is a convenience package interacting with `apparmor_parser`.
|
||||
package aaparser // import "github.com/docker/docker/pkg/aaparser"
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"os/exec"
|
||||
"strings"
|
||||
)
|
||||
|
||||
// LoadProfile runs `apparmor_parser -Kr` on a specified apparmor profile to
|
||||
// replace the profile. The `-K` is necessary to make sure that apparmor_parser
|
||||
// doesn't try to write to a read-only filesystem.
|
||||
func LoadProfile(profilePath string) error {
|
||||
c := exec.Command("apparmor_parser", "-Kr", profilePath)
|
||||
c.Dir = ""
|
||||
|
||||
output, err := c.CombinedOutput()
|
||||
if err != nil {
|
||||
return fmt.Errorf("running `%s %s` failed with output: %s\nerror: %v", c.Path, strings.Join(c.Args, " "), output, err)
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
|
@ -4,13 +4,13 @@ package apparmor // import "github.com/docker/docker/profiles/apparmor"
|
|||
|
||||
import (
|
||||
"bufio"
|
||||
"fmt"
|
||||
"io"
|
||||
"os"
|
||||
"os/exec"
|
||||
"path"
|
||||
"strings"
|
||||
"text/template"
|
||||
|
||||
"github.com/docker/docker/pkg/aaparser"
|
||||
)
|
||||
|
||||
// profileDirectory is the file store for apparmor profiles and macros.
|
||||
|
|
@ -94,7 +94,7 @@ func InstallDefault(name string) error {
|
|||
return err
|
||||
}
|
||||
|
||||
return aaparser.LoadProfile(profilePath)
|
||||
return loadProfile(profilePath)
|
||||
}
|
||||
|
||||
// IsLoaded checks if a profile with the given name has been loaded into the
|
||||
|
|
@ -122,3 +122,18 @@ func IsLoaded(name string) (bool, error) {
|
|||
|
||||
return false, nil
|
||||
}
|
||||
|
||||
// loadProfile runs `apparmor_parser -Kr` on a specified apparmor profile to
|
||||
// replace the profile. The `-K` is necessary to make sure that apparmor_parser
|
||||
// doesn't try to write to a read-only filesystem.
|
||||
func loadProfile(profilePath string) error {
|
||||
c := exec.Command("apparmor_parser", "-Kr", profilePath)
|
||||
c.Dir = ""
|
||||
|
||||
output, err := c.CombinedOutput()
|
||||
if err != nil {
|
||||
return fmt.Errorf("running `%s %s` failed with output: %s\nerror: %v", c.Path, strings.Join(c.Args, " "), output, err)
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in a new issue