system/apparmor: Added (Mandatory Access Control mechanism).

Signed-off-by: Willy Sudiarto Raharjo <willysr@slackbuilds.org>
author: pyllyukko <pyllyukko AT maimed dot org> 2018-07-06 23:02:05 +0700
committer: Willy Sudiarto Raharjo <willysr@slackbuilds.org> 2018-07-07 06:54:18 +0700
commit: a754bbc792ecca91d7e951bd10e46ff715bec958 (patch)
tree: 68628ef9aa56f7f95e652b4e1d4030c518a955e2 /system/apparmor/doinst.sh
parent: a274538685d16c0f4e6a6e05121a2600f010bc11 (diff)
1 files changed, 31 insertions, 0 deletions
diff --git a/system/apparmor/doinst.sh b/system/apparmor/doinst.sh
new file mode 100644
index 0000000000000..7715ef2c3adbb
--- /dev/null
+++ b/system/apparmor/doinst.sh
@@ -0,0 +1,31 @@
+config() {
+  NEW="$1"
+  OLD="$(dirname $NEW)/$(basename $NEW .new)"
+  # If there's no config file by that name, mv it over:
+  if [ ! -r $OLD ]; then
+    mv $NEW $OLD
+  elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then
+    # toss the redundant copy
+    rm $NEW
+  fi
+  # Otherwise, we leave the .new copy for the admin to consider...
+}
+
+preserve_perms() {
+  NEW="$1"
+  OLD="$(dirname $NEW)/$(basename $NEW .new)"
+  if [ -e $OLD ]; then
+    cp -a $OLD ${NEW}.incoming
+    cat $NEW > ${NEW}.incoming
+    mv ${NEW}.incoming $NEW
+  fi
+  config $NEW
+}
+
+preserve_perms etc/rc.d/rc.apparmor.new
+config etc/apparmor/easyprof.conf.new
+config etc/apparmor/logprof.conf.new
+config etc/apparmor/notify.conf.new
+config etc/apparmor/parser.conf.new
+config etc/apparmor/subdomain.conf.new
+config etc/apparmor/severity.db.new
author	pyllyukko <pyllyukko AT maimed dot org>	2018-07-06 23:02:05 +0700
committer	Willy Sudiarto Raharjo <willysr@slackbuilds.org>	2018-07-07 06:54:18 +0700
commit	a754bbc792ecca91d7e951bd10e46ff715bec958 (patch)
tree	68628ef9aa56f7f95e652b4e1d4030c518a955e2 /system/apparmor/doinst.sh
parent	a274538685d16c0f4e6a6e05121a2600f010bc11 (diff)