Re-add custom security profiles in old-securitybugfix/old-security-unbreak

author: Michael Vogt <mvo@ubuntu.com> 2016-04-04 15:30:16 +0200
committer: Michael Vogt <mvo@ubuntu.com> 2016-04-04 15:30:16 +0200
commit: ce07730b790676a50d40e25800a033ea4a0e7ba5 (patch)
tree: 48039046464ded918080dabdd6378e1bf0c0e2db
parent: 591654d9cad263ab5cba3dfa020e9467bbf63e8d (diff)
1 files changed, 11 insertions, 0 deletions
diff --git a/snappy/security.go b/snappy/security.go
index 0730380f04..8bb7c688e4 100644
--- a/snappy/security.go
+++ b/snappy/security.go
@@ -652,6 +652,17 @@ func (sd *SecurityDefinitions) generatePolicyForServiceBinaryResult(m *snapYaml,
 
 	sd.mergeAppArmorSecurityOverrides(&hwaccessOverrides)
 	if sd.SecurityPolicy != nil {
+	res.aaPolicy, err = getAppArmorCustomPolicy(m, res.id, filepath.Join(baseDir, sd.SecurityPolicy.AppArmor), sd.SecurityOverride)
+	if err != nil {
+	logger.Noticef("Failed to generate custom AppArmor policy for %s: %v", m.Name, err)
+	return nil, err
+	}
+	res.scPolicy, err = getSeccompCustomPolicy(m, res.id, filepath.Join(baseDir, sd.SecurityPolicy.Seccomp))
+	if err != nil {
+	logger.Noticef("Failed to generate custom seccomp policy for %s: %v", m.Name, err)
+	return nil, err
+	}
+
 	} else {
 	res.aaPolicy, err = getAppArmorTemplatedPolicy(m, res.id, sd.SecurityTemplate, sd.SecurityCaps, sd.SecurityOverride)
 	if err != nil {
author	Michael Vogt <mvo@ubuntu.com>	2016-04-04 15:30:16 +0200
committer	Michael Vogt <mvo@ubuntu.com>	2016-04-04 15:30:16 +0200
commit	ce07730b790676a50d40e25800a033ea4a0e7ba5 (patch)
tree	48039046464ded918080dabdd6378e1bf0c0e2db
parent	591654d9cad263ab5cba3dfa020e9467bbf63e8d (diff)