diff options
| author | Sascha Grunert <sgrunert@suse.com> | 2019-07-18 10:01:45 +0200 |
|---|---|---|
| committer | Sascha Grunert <sgrunert@suse.com> | 2019-07-18 13:14:02 +0200 |
| commit | 27ebd7d6f074620992be2fe3046cc188701d439f (patch) | |
| tree | 1752abc11c31b49ebb102a0fb1967d4c66738d38 /pkg/apparmor/apparmor_linux.go | |
| parent | 7488ed6d9a619d86333dc1880d4df034fbb371b9 (diff) | |
| download | podman-27ebd7d6f074620992be2fe3046cc188701d439f.tar.gz podman-27ebd7d6f074620992be2fe3046cc188701d439f.tar.bz2 podman-27ebd7d6f074620992be2fe3046cc188701d439f.zip | |
Add DefaultContent API to retrieve apparmor profile content
The default apparmor profile is not stored on disk which causes
confusion when debugging the content of the profile. To solve this, we
now add an additional API which returns the profile as byte slice.
Signed-off-by: Sascha Grunert <sgrunert@suse.com>
Diffstat (limited to 'pkg/apparmor/apparmor_linux.go')
| -rw-r--r-- | pkg/apparmor/apparmor_linux.go | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/pkg/apparmor/apparmor_linux.go b/pkg/apparmor/apparmor_linux.go index 0d01f41e9..479600408 100644 --- a/pkg/apparmor/apparmor_linux.go +++ b/pkg/apparmor/apparmor_linux.go @@ -4,6 +4,7 @@ package apparmor import ( "bufio" + "bytes" "fmt" "io" "os" @@ -104,6 +105,18 @@ func InstallDefault(name string) error { return cmd.Wait() } +// DefaultContent returns the default profile content as byte slice. The +// profile is named as the provided `name`. The function errors if the profile +// generation fails. +func DefaultContent(name string) ([]byte, error) { + p := profileData{Name: name} + var bytes bytes.Buffer + if err := p.generateDefault(&bytes); err != nil { + return nil, err + } + return bytes.Bytes(), nil +} + // IsLoaded checks if a profile with the given name has been loaded into the // kernel. func IsLoaded(name string) (bool, error) { |