// InstallDefault generates a default profile and installs it in the // ProfileDirectory with `apparmor_parser`. func InstallDefault(name string) error { // Make sure the path where they want to save the profile exists if err := os.MkdirAll(profileDirectory, 0755); err != nil { return err } p := profileData{ Name: name, } f, err := os.OpenFile(defaultProfilePath, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0644) if err != nil { return err } if err := p.generateDefault(f); err != nil { f.Close() return err } f.Close() if err := aaparser.LoadProfile(defaultProfilePath); err != nil { return err } return nil }
func installAppArmorProfile() error { if !apparmor.IsEnabled() { return nil } // Make sure /etc/apparmor.d exists if err := os.MkdirAll(path.Dir(apparmorProfilePath), 0755); err != nil { return err } f, err := os.OpenFile(apparmorProfilePath, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0644) if err != nil { return err } if err := generateProfile(f); err != nil { f.Close() return err } f.Close() if err := aaparser.LoadProfile(apparmorProfilePath); err != nil { return err } return nil }
// InstallDefault generates a default profile in a temp directory determined by // os.TempDir(), then loads the profile into the kernel using 'apparmor_parser'. func InstallDefault(name string) error { p := profileData{ Name: name, } // Install to a temporary directory. f, err := ioutil.TempFile("", name) if err != nil { return err } profilePath := f.Name() defer f.Close() defer os.Remove(profilePath) if err := p.generateDefault(f); err != nil { return err } if err := aaparser.LoadProfile(profilePath); err != nil { return err } return nil }