On Thu, Jan 30, 2020 at 8:06 AM Michal Privoznik <mpriv...@redhat.com> wrote:
> The profile name should reflect the path under which the binary > it describes is installed. > > Signed-off-by: Michal Privoznik <mpriv...@redhat.com> > --- > src/security/Makefile.inc.am | 10 +++++----- > ...bvirt.virt-aa-helper => usr.libexec.virt-aa-helper} | 4 ++-- > 2 files changed, 7 insertions(+), 7 deletions(-) > rename src/security/apparmor/{usr.lib.libvirt.virt-aa-helper => > usr.libexec.virt-aa-helper} (93%) > > diff --git a/src/security/Makefile.inc.am b/src/security/Makefile.inc.am > index 6fe9d50f29..02efefd6d6 100644 > --- a/src/security/Makefile.inc.am > +++ b/src/security/Makefile.inc.am > @@ -38,7 +38,7 @@ EXTRA_DIST += \ > security/apparmor/TEMPLATE.lxc \ > security/apparmor/libvirt-qemu \ > security/apparmor/libvirt-lxc \ > - security/apparmor/usr.lib.libvirt.virt-aa-helper \ > + security/apparmor/usr.libexec.virt-aa-helper \ > Again - probably better to make it dependent on --libexecdir configure option. The old path matches the real Ubuntu path, so "for me" that would be a regression making me carry a revert. > security/apparmor/usr.sbin.libvirtd \ > $(NULL) > > @@ -91,7 +91,7 @@ endif WITH_SECDRIVER_APPARMOR > if WITH_APPARMOR_PROFILES > apparmordir = $(sysconfdir)/apparmor.d/ > apparmor_DATA = \ > - security/apparmor/usr.lib.libvirt.virt-aa-helper \ > + security/apparmor/usr.libexec.virt-aa-helper \ > security/apparmor/usr.sbin.libvirtd \ > $(NULL) > > @@ -111,11 +111,11 @@ APPARMOR_LOCAL_DIR = "$(DESTDIR)$(apparmordir)/local" > install-apparmor-local: > $(MKDIR_P) "$(APPARMOR_LOCAL_DIR)" > echo "# Site-specific additions and overrides for \ > - 'usr.lib.libvirt.virt-aa-helper'" \ > - >"$(APPARMOR_LOCAL_DIR)/usr.lib.libvirt.virt-aa-helper" > + 'usr.libexec.virt-aa-helper'" \ > + >"$(APPARMOR_LOCAL_DIR)/usr.libexec.virt-aa-helper" > > uninstall-apparmor-local: > - rm -f "$(APPARMOR_LOCAL_DIR)/usr.lib.libvirt.virt-aa-helper" > + rm -f "$(APPARMOR_LOCAL_DIR)/usr.libexec.virt-aa-helper" > rmdir "$(APPARMOR_LOCAL_DIR)" || : > > INSTALL_DATA_LOCAL += install-apparmor-local > diff --git a/src/security/apparmor/usr.lib.libvirt.virt-aa-helper > b/src/security/apparmor/usr.libexec.virt-aa-helper > similarity index 93% > rename from src/security/apparmor/usr.lib.libvirt.virt-aa-helper > rename to src/security/apparmor/usr.libexec.virt-aa-helper > index ca1f6ca083..72a2fecebe 100644 > --- a/src/security/apparmor/usr.lib.libvirt.virt-aa-helper > +++ b/src/security/apparmor/usr.libexec.virt-aa-helper > @@ -1,7 +1,7 @@ > # Last Modified: Mon Apr 5 15:10:27 2010 > #include <tunables/global> > > -profile virt-aa-helper /usr/{lib,lib64}/libvirt/virt-aa-helper { > +profile virt-aa-helper /usr/{lib,lib64,libexec}/libvirt/virt-aa-helper { > #include <abstractions/base> > > # needed for searching directories > @@ -70,5 +70,5 @@ profile virt-aa-helper > /usr/{lib,lib64}/libvirt/virt-aa-helper { > /**.[iI][sS][oO] r, > /**/disk{,.*} r, > > - #include <local/usr.lib.libvirt.virt-aa-helper> > + #include <local/usr.libexec.virt-aa-helper> > } > -- > 2.24.1 > > -- Christian Ehrhardt Staff Engineer, Ubuntu Server Canonical Ltd