From: Martin Pitt <martin.pitt@ubuntu.com>
Date: Thu, 7 May 2015 11:38:50 +0000 (+0200)
Subject: Call /lib/apparmor/profile-load directly instead of the wrapper
X-Git-Tag: lxc-2.1.1~1043^2
X-Git-Url: https://git.proxmox.com/?a=commitdiff_plain;h=580f58c79ba1a1ce18d7628991f7ed3ec6956772;p=mirror_lxc.git

Call /lib/apparmor/profile-load directly instead of the wrapper

AppArmor ships /lib/apparmor/profile-load. /lib/init/apparmor-profile-load is
merely a wrapper which calls the former, so just call it directly to avoid the
dependency on the wrapper.

LP: #1432683
---

diff --git a/config/init/systemd/lxc-apparmor-load b/config/init/systemd/lxc-apparmor-load
index 4ac9496cd..619cd5324 100755
--- a/config/init/systemd/lxc-apparmor-load
+++ b/config/init/systemd/lxc-apparmor-load
@@ -6,9 +6,9 @@ set -eu
 # don't load profiles if mount mediation is not supported
 SYSF=/sys/kernel/security/apparmor/features/mount/mask
 if [ -f $SYSF ]; then
-	if [ -x /lib/init/apparmor-profile-load ]; then
-		/lib/init/apparmor-profile-load usr.bin.lxc-start
-		/lib/init/apparmor-profile-load lxc-containers
+	if [ -x /lib/apparmor/profile-load ]; then
+		/lib/apparmor/profile-load usr.bin.lxc-start
+		/lib/apparmor/profile-load lxc-containers
 	fi
 fi
 
diff --git a/config/init/upstart/lxc.conf b/config/init/upstart/lxc.conf
index ab79aab04..ff21137b9 100644
--- a/config/init/upstart/lxc.conf
+++ b/config/init/upstart/lxc.conf
@@ -36,9 +36,9 @@ pre-start script
 	# don't load profiles if mount mediation is not supported
 	SYSF=/sys/kernel/security/apparmor/features/mount/mask
 	if [ -f $SYSF ]; then
-		if [ -x /lib/init/apparmor-profile-load ]; then
-			/lib/init/apparmor-profile-load usr.bin.lxc-start
-			/lib/init/apparmor-profile-load lxc-containers
+		if [ -x /lib/apparmor/profile-load ]; then
+			/lib/apparmor/profile-load usr.bin.lxc-start
+			/lib/apparmor/profile-load lxc-containers
 		fi
 	fi