* live-build/ubuntu-core/hooks/21-snappy-security-policy-stamp.chroot:

- create a /usr/share/snappy/security-policy-version so that
    snappy can re-generate the security profiles if any of the versions
    of apparmor or ubuntu-core-security-* changes
ubuntu/yakkety
Michael Vogt 9 years ago
parent 82be50d338
commit 46d1138e5a

9
debian/changelog vendored

@ -1,3 +1,12 @@
livecd-rootfs (2.351) xenial; urgency=medium
* live-build/ubuntu-core/hooks/21-snappy-security-policy-stamp.chroot:
- create a /usr/share/snappy/security-policy-version so that
snappy can re-generate the security profiles if any of the versions
of apparmor or ubuntu-core-security-* changes
-- Michael Vogt <michael.vogt@ubuntu.com> Wed, 04 Nov 2015 08:45:49 +0100
livecd-rootfs (2.350) xenial; urgency=medium
[ Oliver Grawert ]

@ -0,0 +1,18 @@
#!/bin/sh
#
# Create the security policy version file. Its important that the file
# content changes every time an of the "apparmor" or "seccomp" policies
# (or its generators) get updated.
#
# snappy will use this file for its "snappy policygen --regenerate-all"
# systemd unit. It will store the security-policy-version file on each
# --regenerate-all call. On each boot it will compare the stored version
# with the version on the image and if they are different regenerate the
# policies
set -e
echo "create security policy version" >&2
mkdir -p /usr/share/snappy/
apt list --installed apparmor ubuntu-core-security-* > /usr/share/snappy/security-policy-version
Loading…
Cancel
Save