Gecko [ www.jdcpatala.org ]

Name	Size	Permission
apparmor.conf	3.62 KB	-rw-r--r--
cgmanager.conf	1.27 KB	-rw-r--r--
cgproxy.conf	956 B	-rw-r--r--
cloud-config.conf	236 B	-rw-r--r--
cloud-final.conf	297 B	-rw-r--r--
cloud-init-blocknet.conf	2.5 KB	-rw-r--r--
cloud-init-container.conf	1.98 KB	-rw-r--r--
cloud-init-local.conf	379 B	-rw-r--r--
cloud-init-nonet.conf	1.86 KB	-rw-r--r--
cloud-init.conf	202 B	-rw-r--r--
cloud-log-shutdown.conf	562 B	-rw-r--r--
console-font.conf	250 B	-rw-r--r--
console-setup.conf	509 B	-rw-r--r--
cron.conf	297 B	-rw-r--r--
dbus.conf	482 B	-rw-r--r--
hostname.conf	284 B	-rw-r--r--
hostname.sh.conf	300 B	-rw-r--r--
hwclock-save.conf	561 B	-rw-r--r--
hwclock.conf	674 B	-rw-r--r--
hwclock.sh.conf	109 B	-rw-r--r--
kmod.conf	689 B	-rw-r--r--
network-interface-container.co...	530 B	-rw-r--r--
network-interface-security.con...	1.71 KB	-rw-r--r--
network-interface.conf	933 B	-rw-r--r--
networking.conf	2.43 KB	-rw-r--r--
passwd.conf	568 B	-rw-r--r--
procps-instance.conf	363 B	-rw-r--r--
procps.conf	119 B	-rw-r--r--
resolvconf.conf	457 B	-rw-r--r--
rfkill-restore.conf	365 B	-rw-r--r--
rfkill-store.conf	357 B	-rw-r--r--
rsyslog.conf	426 B	-rw-r--r--
setvtrgb.conf	230 B	-rw-r--r--
ssh.conf	641 B	-rw-r--r--
ubuntu-fan.conf	239 B	-rw-r--r--
udev.conf	337 B	-rw-r--r--
udevmonitor.conf	360 B	-rw-r--r--
udevtrigger.conf	352 B	-rw-r--r--

Code Editor : apparmor.conf

description "Pre-cache and pre-load apparmor profiles"
author "Dimitri John Ledkov <xnox@ubuntu.com> and Jamie Strandboge <jamie@ubuntu.com>"

task

start on starting rc-sysinit

script
    [ -d /rofs/etc/apparmor.d ]  && exit 0 # do not load on liveCD
    [ -d /sys/module/apparmor ]  || exit 0 # do not load without AppArmor
    [ -x /sbin/apparmor_parser ] || exit 0 # do not load without parser

. /lib/apparmor/functions

systemd-detect-virt --quiet --container && ! is_container_with_internal_policy && exit 0 || true

# Need securityfs for any mode
    if [ ! -d /sys/kernel/security/apparmor ]; then
        if cut -d" " -f2,3 /proc/mounts | grep -q "^/sys/kernel/security securityfs"'$' ; then
            exit 0
        else
            mount -t securityfs none /sys/kernel/security || exit 0
        fi
    fi

[ -w /sys/kernel/security/apparmor/.load ] || exit 0

apparmor_was_updated=0
    if ! compare_previous_version ; then
        # On snappy flavors, if the current and previous versions are
        # different then clear the system cache. snappy will handle
        # "$PROFILES_CACHE_VAR" itself  (on Touch flavors
        # compare_previous_version  always returns '0' since snappy
        # isn't available).
        clear_cache_system
        apparmor_was_updated=1
    elif ! compare_and_save_debsums apparmor ; then
        # If the system policy has been updated since the last time we
        # ran, clear the cache to prevent potentially stale binary
        # cache files after an Ubuntu image based upgrade (LP:
        # #1350673). This can be removed once all system image flavors
        # move to snappy (on snappy systems compare_and_save_debsums
        # always returns '0' since /var/lib/dpkg doesn't exist).
        clear_cache
        apparmor_was_updated=1
    fi

if [ -x /usr/bin/aa-clickhook ] || [ -x /usr/bin/aa-profile-hook ] ; then
        # If packages for system policy that affect click packages have
        # been updated since the last time we ran, run aa-clickhook -f
        force_clickhook=0
        force_profile_hook=0
        if ! compare_and_save_debsums apparmor-easyprof-ubuntu ; then
            force_clickhook=1
        fi
        if ! compare_and_save_debsums apparmor-easyprof-ubuntu-snappy ; then
            force_clickhook=1
        fi
        if ! compare_and_save_debsums click-apparmor ; then
            force_clickhook=1
            force_profile_hook=1
        fi
        if [ -x /usr/bin/aa-clickhook ] && ([ $force_clickhook -eq 1 ] || [ $apparmor_was_updated -eq 1 ]) ; then
            aa-clickhook -f
        fi
        if [ -x /usr/bin/aa-profile-hook ] && ([ $force_profile_hook -eq 1 ] || [ $apparmor_was_updated -eq 1 ]) ; then
            aa-profile-hook -f
        fi
    fi

if [ "$ACTION" = "teardown" ]; then
        running_profile_names | while read profile; do
            unload_profile "$profile"
        done
        exit 0
    fi

if [ "$ACTION" = "clear" ]; then
        clear_cache
        exit 0
    fi

if [ "$ACTION" = "reload" ] || [ "$ACTION" = "force-reload" ]; then
        clear_cache
        load_configured_profiles
        exit 0
    fi

# Note: if apparmor-easyprof-ubuntu md5sums didn't match up above,
    # aa-clickhook will have already compiled the policy, generated the cache
    # files and loaded them into the kernel by this point, so reloading click
    # policy from cache, while fairly fast (<2 seconds for 250 profiles on
    # armhf), is redundant. Fixing this would complicate the logic quite a bit
    # and it wouldn't improve the (by far) common case (ie, when
    # 'aa-clickhook -f' is not run).
    load_configured_profiles
end script

${this.title}

Code Editor : apparmor.conf