Fix apparmor profile installation

Fixes #26823 Fixes an issue where apparmor was not loaded into the kernel, because apparmor_parser was being called incorrectly. Signed-off-by: Christopher Jones <tophj@linux.vnet.ibm.com>
2026-06-30 19:58:03 +00:00 · 2016-09-29 16:05:31 -05:00
parent 1d669d82c1
commit 1a702111c6
2 changed files with 3 additions and 3 deletions
--- a/pkg/aaparser/aaparser.go
+++ b/pkg/aaparser/aaparser.go
@@ -26,7 +26,7 @@ func GetVersion() (int, error) {
 // LoadProfile runs `apparmor_parser -r` on a specified apparmor profile to
 // replace the profile.
 func LoadProfile(profilePath string) error {
-	_, err := cmd("-r", filepath.Dir(profilePath))
+	_, err := cmd("", "-r", filepath.Dir(profilePath))
 	if err != nil {
 		return err
 	}
--- a/profiles/apparmor/apparmor.go
+++ b/profiles/apparmor/apparmor.go
@@ -66,8 +66,8 @@ func macroExists(m string) bool {
 	return err == nil
 }

-// InstallDefault generates a default profile and installs it in the
-// ProfileDirectory with `apparmor_parser`.
+// InstallDefault generates a default profile in a temp directory determined by
+// os.TempDir(), then loads the profile into the kernel using 'apparmor_parser'.
 func InstallDefault(name string) error {
 	p := profileData{
 		Name: name,