Imported using git-ubuntu import.
Changelog parent: d0bcbdc422
New changelog entries:
* live-build/ubuntu-core/hooks/21-snappy-security-policy-stamp.chroot:
- create a /usr/share/snappy/security-policy-version so that
snappy can re-generate the security profiles if any of the versions
of apparmor or ubuntu-core-security-* changes
impish
2.351
parent
d0bcbdc422
commit
9ac850741c
@ -0,0 +1,18 @@
|
|||||||
|
#!/bin/sh
|
||||||
|
#
|
||||||
|
# Create the security policy version file. Its important that the file
|
||||||
|
# content changes every time an of the "apparmor" or "seccomp" policies
|
||||||
|
# (or its generators) get updated.
|
||||||
|
#
|
||||||
|
# snappy will use this file for its "snappy policygen --regenerate-all"
|
||||||
|
# systemd unit. It will store the security-policy-version file on each
|
||||||
|
# --regenerate-all call. On each boot it will compare the stored version
|
||||||
|
# with the version on the image and if they are different regenerate the
|
||||||
|
# policies
|
||||||
|
|
||||||
|
set -e
|
||||||
|
|
||||||
|
|
||||||
|
echo "create security policy version" >&2
|
||||||
|
mkdir -p /usr/share/snappy/
|
||||||
|
apt list --installed apparmor ubuntu-core-security-* > /usr/share/snappy/security-policy-version
|
Loading…
Reference in new issue