From 75ba7a9b32bc5904ef1b2751deff94283fce34a5 Mon Sep 17 00:00:00 2001
From: Tianon Gravi <admwiggin@gmail.com>
Date: Tue, 22 Jul 2014 10:08:41 -0600
Subject: [PATCH] Add "apparmor_parser" warning to check-config.sh

If AppArmor is enabled on the current system, but "apparmor_parser" isn't installed, it causes all kinds of issues.

Docker-DCO-1.1-Signed-off-by: Andrew Page <admwiggin@gmail.com> (github: tianon)
---
 contrib/check-config.sh | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

diff --git a/contrib/check-config.sh b/contrib/check-config.sh
index fe4b9f1b9b..cb6a4f2b50 100755
--- a/contrib/check-config.sh
+++ b/contrib/check-config.sh
@@ -113,6 +113,23 @@ else
 	echo "    $(wrap_color '(see https://github.com/tianon/cgroupfs-mount)' yellow)"
 fi
 
+if [ "$(cat /sys/module/apparmor/parameters/enabled 2>/dev/null)" = 'Y' ]; then
+	echo -n '- '
+	if command -v apparmor_parser &> /dev/null; then
+		echo "$(wrap_good 'apparmor' 'enabled and tools installed')"
+	else
+		echo "$(wrap_bad 'apparmor' 'enabled, but apparmor_parser missing')"
+		echo -n '    '
+		if command -v apt-get &> /dev/null; then
+			echo "$(wrap_color '(use "apt-get install apparmor" to fix this)')"
+		elif command -v yum &> /dev/null; then
+			echo "$(wrap_color '(your best bet is "yum install apparmor-parser")')"
+		else
+			echo "$(wrap_color '(look for an "apparmor" package for your distribution)')"
+		fi
+	fi
+fi
+
 flags=(
 	NAMESPACES {NET,PID,IPC,UTS}_NS
 	DEVPTS_MULTIPLE_INSTANCES