OK. I'm convinced by your arguments about app IDs; I didn't realise that the profile name needed to be known outside just aa-exec-click (which does have the application path in hand as well as the app ID).
I like your proposal of putting all the possible database names in CLICK_DIR. Would it be reasonable to just add all the valid click databases there, regardless of whether a given package happens to be unpacked there at the moment? In that case, the necessary API for that already exists, albeit a little obscurely: >>> from gi.repository import Click >>> db = Click.DB() >>> db.read() >>> [db.get(i).props.root for i in range(db.props.size)] ['/usr/share/click/preinstalled', '/custom/click', '/opt/click.ubuntu.com'] It might then be unnecessary to change click at all, which is obviously fantastic from my point of view. ;-) But this does genuinely seem like a better technical solution, and would let us stop playing whack-a-mole with the precise ordering of various database operations. Given that click-apparmor is the only system-level hook in the phone stack right now, we could mandate this kind of thing as required behaviour for future system-level hooks. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1371574 Title: After installing clicks to /custom/click, /usr/share/click/preinstalled version are still preferred To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/click/+bug/1371574/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
