If AppArmor is enabled, then we now check if the `apparmor_parser`
binary is either in `/sbin` or in `$PATH`.
Signed-off-by: Sascha Grunert <sgrunert@suse.com>
Mostly all AppArmor errors are now wrapped to provide additional context
to the user what actually went wrong. We now only use the spelling
`AppArmor` rather than `apparmor` to give the errors a uniform look.
Signed-off-by: Sascha Grunert <sgrunert@suse.com>
The `execAAParser()` function also takes `stderr` into account when
parsing the output. This function is right now only called by the
`getAAParserVersion()` function. Depending on the system configuration,
it might be possible that `apparmor_parser` prints a warning, for
example if `/etc/apparmor/parser.conf` does not exist on the system. To
thake this input not into account for the version parsing, we now just
use `stdout` as the returned result.
Signed-off-by: Sascha Grunert <sgrunert@suse.com>
The default AppArmor profile is now prefixed with
`container-default-$VERSION`, whereas the version is now part of a new
`version` package.
Signed-off-by: Sascha Grunert <sgrunert@suse.com>
Move pkg/sysinfo and pkg/apparmor out of libpod into containers/common.
This will allow other packages to use these libraries without requiring all of libpod.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Daniel J Walsh
Sascha Grunert