lxd: Provide apparmor_parser

Previously, lxd would complain about apparmor_parser being missing:

lxd[1037]: lvl=warn msg="AppArmor support has been disabled because 'apparmor_parser' couldn't be found" t=2018-11-19T18:32:47-0800

We need to provide a wrapped apparmor_parser that knows where to find
<tunables/global>, which is #included by lxd’s generated profiles.

Signed-off-by: Anders Kaseorg <andersk@mit.edu>
This commit is contained in:
Anders Kaseorg 2018-11-19 22:36:56 -08:00
parent 80738ed9dc
commit 291499d10e

View File

@ -2,6 +2,7 @@
, makeWrapper, acl, rsync, gnutar, xz, btrfs-progs, gzip, dnsmasq
, squashfsTools, iproute, iptables, ebtables, libcap, dqlite
, sqlite-replication
, writeShellScriptBin, apparmor-profiles, apparmor-parser
}:
buildGoPackage rec {
@ -31,6 +32,9 @@ buildGoPackage rec {
wrapProgram $bin/bin/lxd --prefix PATH ":" ${stdenv.lib.makeBinPath [
acl rsync gnutar xz btrfs-progs gzip dnsmasq squashfsTools iproute iptables ebtables
(writeShellScriptBin "apparmor_parser" ''
exec '${apparmor-parser}/bin/apparmor_parser' -I '${apparmor-profiles}/etc/apparmor.d' "$@"
'')
]}
'';