Re: [libvirt] [PATCH] Move load of AppArmor profile to GenLabel()
On 06/24/2011 08:51 AM, Jamie Strandboge wrote:
This patch addresses the change by making GenLabel() load the
AppArmor
profile into the kernel after the label (profile name) is generated.
SetAllLabel() is then adjusted to only reload_profile() and append stdin_fn to
the profile when it is specified. This also makes the AppArmor driver work
like its SELinux counterpart with regard to SetAllLabel() and stdin_fn.
ACK and pushed.
I realized I could simply load the profile in GenLabel() and still
use
SetAllLabel() to reload the profile when stdin_path was specified. The
current fix is implemented wholly within the AppArmor driver and I think
much cleaner.
Indeed :)
--
Eric Blake eblake(a)redhat.com +1-801-349-2682
Libvirt virtualization library http://libvirt.org
Attachments:
- signature.asc (application/pgp-signature — 619 bytes)