[lxc-devel] [PATCH 5/6] systemd: Load AppArmor profiles if necessary/supported

Serge Hallyn serge.hallyn at ubuntu.com
Thu Jul 31 17:57:36 UTC 2014 

Quoting Martin Pitt (martin.pitt at ubuntu.com):
> On Ubuntu we need to set up the AppArmor profiles also under systemd. Add a new
> helper "lxc-apparmor-load" and integrate it into lxc.service.
> ---
>  config/init/systemd/Makefile.am    | 5 +++--
>  config/init/systemd/lxc.service.in | 1 +
>  2 files changed, 4 insertions(+), 2 deletions(-)

Unfortunately you did not 'git add' the lxc-apparmor-load helper :)
> 
> diff --git a/config/init/systemd/Makefile.am b/config/init/systemd/Makefile.am
> index ed1e4ef..5959cd8 100644
> --- a/config/init/systemd/Makefile.am
> +++ b/config/init/systemd/Makefile.am
> @@ -1,5 +1,6 @@
>  EXTRA_DIST = \
>  	lxc-devsetup \
> +	lxc-apparmor-load \
>  	lxc.service.in \
>  	lxc-net.service.in \
>  	$(NULL)
> @@ -15,7 +16,7 @@ lxc-autostart-helper: ../sysvinit/lxc.in $(top_builddir)/config.status
>  	    mv $@-t $@
>  BUILT_SOURCES = lxc-autostart-helper lxc.service lxc-net.service
>  
> -install-systemd: lxc.service lxc-net.service lxc-devsetup lxc-autostart-helper
> +install-systemd: lxc.service lxc-net.service lxc-devsetup lxc-apparmor-load lxc-autostart-helper
>  	$(MKDIR_P) $(DESTDIR)$(SYSTEMD_UNIT_DIR)
>  	$(INSTALL_DATA) lxc.service lxc-net.service $(DESTDIR)$(SYSTEMD_UNIT_DIR)/
>  
> @@ -24,7 +25,7 @@ uninstall-systemd:
>  	rm -f $(DESTDIR)$(SYSTEMD_UNIT_DIR)/lxc-net.service
>  	rmdir $(DESTDIR)$(SYSTEMD_UNIT_DIR) || :
>  
> -pkglibexec_SCRIPTS = lxc-devsetup lxc-autostart-helper
> +pkglibexec_SCRIPTS = lxc-devsetup lxc-apparmor-load lxc-autostart-helper
>  
>  install-data-local: install-systemd
>  uninstall-local: uninstall-systemd
> diff --git a/config/init/systemd/lxc.service.in b/config/init/systemd/lxc.service.in
> index c7f2813..f64610f 100644
> --- a/config/init/systemd/lxc.service.in
> +++ b/config/init/systemd/lxc.service.in
> @@ -7,6 +7,7 @@ Wants=lxc-net.service
>  Type=oneshot
>  RemainAfterExit=yes
>  ExecStartPre=@LIBEXECDIR@/lxc/lxc-devsetup
> +ExecStartPre=@LIBEXECDIR@/lxc/lxc-apparmor-load
>  ExecStart=@LIBEXECDIR@/lxc/lxc-autostart-helper start
>  ExecStop=@LIBEXECDIR@/lxc/lxc-autostart-helper stop
>  # Environment=BOOTUP=serial
> -- 
> 2.0.1
> 
> _______________________________________________
> lxc-devel mailing list
> lxc-devel at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-devel

More information about the lxc-devel mailing list