From 019f565c5c8795cd9a870e6a84c5e7e85935c3b3 Mon Sep 17 00:00:00 2001
From: Simon McVittie <simon.mcvittie@collabora.co.uk>
Date: Mon, 28 Nov 2016 12:20:47 +0000
Subject: [PATCH 7/7] Don't test AppArmor mediation of activation if
 libapparmor < 2.10

We need libapparmor 2.10 for the test, but not for the actual
functionality, for which 2.8.95 is enough. In particular this lets
us compile with AppArmor enabled on Ubuntu 14.04, which is still
the newest host platform available on travis-ci.

Signed-off-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
---
 configure.ac         |  7 ++++++-
 test/sd-activation.c | 10 +++++-----
 2 files changed, 11 insertions(+), 6 deletions(-)

diff --git a/configure.ac b/configure.ac
index cdcad36..3b10ced 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1066,8 +1066,10 @@ fi
 AS_IF([test x$enable_apparmor = xno],
   [have_apparmor=no],
   [
-  PKG_CHECK_MODULES([APPARMOR], [libapparmor >= 2.10],
+  PKG_CHECK_MODULES([APPARMOR], [libapparmor >= 2.8.95],
                     [have_apparmor=yes], [have_apparmor=no])
+  PKG_CHECK_MODULES([APPARMOR_2_10], [libapparmor >= 2.10],
+                    [have_apparmor_2_10=yes], [have_apparmor_2_10=no])
 
   AS_IF([test x$enable_apparmor = xauto && test x$have_apparmor = xno],
         [AC_MSG_WARN([Sufficiently new AppArmor library not found])])
@@ -1077,6 +1079,9 @@ AS_IF([test x$enable_apparmor = xno],
 
 AS_IF([test x$have_apparmor = xyes],
       [AC_DEFINE([HAVE_APPARMOR], [1], [AppArmor Support])])
+AS_IF([test x$have_apparmor_2_10 = xyes],
+      [AC_DEFINE([HAVE_APPARMOR_2_10], [1],
+                 [Define if libapparmor is version 2.10 or later])])
 
 # inotify checks
 if test x$enable_inotify = xno ; then
diff --git a/test/sd-activation.c b/test/sd-activation.c
index 24ac210..058a247 100644
--- a/test/sd-activation.c
+++ b/test/sd-activation.c
@@ -34,7 +34,7 @@
 #include <string.h>
 #include <sys/types.h>
 
-#if defined(HAVE_APPARMOR) && defined(DBUS_TEST_APPARMOR_ACTIVATION)
+#if defined(HAVE_APPARMOR_2_10) && defined(DBUS_TEST_APPARMOR_ACTIVATION)
 #include <sys/apparmor.h>
 #endif
 
@@ -206,9 +206,9 @@ static void
 setup (Fixture *f,
     gconstpointer context G_GNUC_UNUSED)
 {
-#if defined(DBUS_TEST_APPARMOR_ACTIVATION) && !defined(HAVE_APPARMOR)
+#if defined(DBUS_TEST_APPARMOR_ACTIVATION) && !defined(HAVE_APPARMOR_2_10)
 
-  g_test_skip ("AppArmor support not compiled");
+  g_test_skip ("AppArmor support not compiled or AppArmor 2.10 unavailable");
   return;
 
 #else
@@ -714,7 +714,7 @@ test_deny_receive (Fixture *f,
 
   /* systemd starts the activatable service. */
 
-#if defined(DBUS_TEST_APPARMOR_ACTIVATION) && defined(HAVE_APPARMOR)
+#if defined(DBUS_TEST_APPARMOR_ACTIVATION) && defined(HAVE_APPARMOR_2_10)
   /* The use of 42 here is arbitrary, see setup(). */
   if (aa_change_hat (bus_name, 42) != 0)
     g_error ("Unable to change profile to ...//^%s: %s",
@@ -729,7 +729,7 @@ test_deny_receive (Fixture *f,
   f->activated_name = dbus_bus_get_unique_name (f->activated);
   take_well_known_name (f, f->activated, bus_name);
 
-#if defined(DBUS_TEST_APPARMOR_ACTIVATION) && defined(HAVE_APPARMOR)
+#if defined(DBUS_TEST_APPARMOR_ACTIVATION) && defined(HAVE_APPARMOR_2_10)
   if (aa_change_hat (NULL, 42) != 0)
     g_error ("Unable to change back to initial profile: %s",
              g_strerror (errno));
-- 
2.10.2