Lubuntu/livecd-rootfs
3
0
Fork 0
mirror of https://git.launchpad.net/livecd-rootfs synced 2025-05-30 04:01:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

apparmor: mount more up-to-date apparmor features in the chroot.

Browse Source 
(cherry picked from commit a14a31b7514e3f602f29f9af61e6b7bc97662dc2)
This commit is contained in:
Dimitri John Ledkov 2020-07-17 23:43:19 +01:00
parent d724069fab
commit acc7e97f38
No known key found for this signature in database
GPG Key ID: 9B8EC849D5EF70ED
2 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
live-build/auto/build
View File

@ -121,6 +121,8 @@ preinstall_snaps() {
mount --rbind /dev chroot/dev mount --rbind /dev chroot/dev
mount --rbind /sys chroot/sys mount --rbind /sys chroot/sys
mount --bind /proc chroot/proc mount --bind /proc chroot/proc
# Provide more up to date apparmor features, matching target kernel
mount -o bind /usr/share/livecd-rootfs/live-build/apparmor/generic chroot/sys/kernel/security/apparmor/features
snap_validate_seed chroot snap_validate_seed chroot

2
live-build/functions
View File

@ -105,6 +105,8 @@ setup_mountpoint() {
mount proc-live -t proc "$mountpoint/proc" mount proc-live -t proc "$mountpoint/proc"
mount sysfs-live -t sysfs "$mountpoint/sys" mount sysfs-live -t sysfs "$mountpoint/sys"
mount securityfs -t securityfs "$mountpoint/sys/kernel/security" mount securityfs -t securityfs "$mountpoint/sys/kernel/security"
# Provide more up to date apparmor features, matching target kernel
mount -o bind /usr/share/livecd-rootfs/live-build/apparmor/generic "$mountpoint/sys/kernel/security/apparmor/features/"
mount -t tmpfs none "$mountpoint/tmp" mount -t tmpfs none "$mountpoint/tmp"
mount -t tmpfs none "$mountpoint/var/lib/apt" mount -t tmpfs none "$mountpoint/var/lib/apt"
mount -t tmpfs none "$mountpoint/var/cache/apt" mount -t tmpfs none "$mountpoint/var/cache/apt"