academy/mq-container
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Make AppArmor message applicabel to SELinux too

Browse Source
This commit is contained in:
Arthur Barr
2018-06-26 11:07:03 +01:00
parent 9624d7eeb0
commit 4ad8f269ee
1 changed files with 13 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
cmd/runmqserver/mqconfig.go
View File

@@ -95,9 +95,18 @@ func logSeccomp() error {
return nil return nil
} }
func logAppArmor() error { // logSecurityAttributes logs the security attributes of the current process.
s := container.AppArmorProfile() // The security attributes indicate whether AppArmor or SELinux are being used,
log.Printf("AppArmor profile: %v", s) // and what the level of confinement is.
func logSecurityAttributes() error {
a, err := readProc("/proc/self/attr/current")
// On some systems, if AppArmor or SELinux are not installed, you get an
// error when you try and read `/proc/self/attr/current`, even though the
// file exists.
if err != nil || a == "" {
a = "none"
}
log.Printf("Process security attributes: %v", a)
return nil return nil
} }
@@ -156,7 +165,7 @@ func logConfig() error {
logUser() logUser()
logCapabilities() logCapabilities()
logSeccomp() logSeccomp()
logAppArmor() logSecurityAttributes()
err = readMounts() err = readMounts()
if err != nil { if err != nil {
return err return err