contrib/apparmor: remove remaining version-conditionals (< 2.9) from template

thaJeztah · thaJeztah · commit f445ee1e6cba · 2023-05-08T13:17:59.000+02:00
Commit 2e19a4d removed all other version- conditional statements from the AppArmor template, but left this one in place. These conditions were added in 8cf8924 to account for old versions of debian/ubuntu (apparmor_parser < 2.9) that lacked some options; > This allows us to use the apparmor profile we have in contrib/apparmor/ > and solves the problems where certain functions are not apparent on older > versions of apparmor_parser on debian/ubuntu. Those patches were from 2015/2016, and all currently supported distro versions should now have more current versions than that. Looking at the oldest supported versions; Ubuntu 18.04 "Bionic": apparmor_parser --version AppArmor parser version 2.12 Copyright (C) 1999-2008 Novell Inc. Copyright 2009-2012 Canonical Ltd. Debian 10 "Buster" apparmor_parser --version AppArmor parser version 2.13.2 Copyright (C) 1999-2008 Novell Inc. Copyright 2009-2018 Canonical Ltd. This patch removes the remaining conditionals. Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
diff --git a/contrib/apparmor/main.go b/contrib/apparmor/main.go
@@ -6,13 +6,9 @@ import (
 	"os"
 	"path"
 	"text/template"
-
-	"github.com/docker/docker/pkg/aaparser"
 )
 
-type profileData struct {
-	Version int
-}
+type profileData struct{}
 
 func main() {
 	if len(os.Args) < 2 {
@@ -22,15 +18,6 @@ func main() {
 	// parse the arg
 	apparmorProfilePath := os.Args[1]
 
-	version, err := aaparser.GetVersion()
-	if err != nil {
-		log.Fatal(err)
-	}
-	data := profileData{
-		Version: version,
-	}
-	fmt.Printf("apparmor_parser is of version %+v\n", data)
-
 	// parse the template
 	compiled, err := template.New("apparmor_profile").Parse(dockerProfileTemplate)
 	if err != nil {
@@ -48,6 +35,7 @@ func main() {
 	}
 	defer f.Close()
 
+	data := profileData{}
 	if err := compiled.Execute(f, data); err != nil {
 		log.Fatalf("executing template failed: %v", err)
 	}
diff --git a/contrib/apparmor/template.go b/contrib/apparmor/template.go
@@ -149,9 +149,7 @@ profile /usr/bin/docker (attach_disconnected, complain) {
   }
   # xz works via pipes, so we do not need access to the filesystem.
   profile /usr/bin/xz (complain) {
-{{if ge .Version 209000}}
     signal (receive) peer=/usr/bin/docker,
-{{end}}
     /etc/ld.so.cache r,
     /lib/** rm,
     /usr/bin/xz rm,
