From 4ad8f269ee2559c37f908ab2269ae3dad351521d Mon Sep 17 00:00:00 2001
From: Arthur Barr <arthur.barr@uk.ibm.com>
Date: Tue, 26 Jun 2018 11:07:03 +0100
Subject: [PATCH] Make AppArmor message applicabel to SELinux too

---
 cmd/runmqserver/mqconfig.go | 17 +++++++++++++----
 1 file changed, 13 insertions(+), 4 deletions(-)

diff --git a/cmd/runmqserver/mqconfig.go b/cmd/runmqserver/mqconfig.go
index 05fcaa36..51c91791 100644
--- a/cmd/runmqserver/mqconfig.go
+++ b/cmd/runmqserver/mqconfig.go
@@ -95,9 +95,18 @@ func logSeccomp() error {
 	return nil
 }
 
-func logAppArmor() error {
-	s := container.AppArmorProfile()
-	log.Printf("AppArmor profile: %v", s)
+// logSecurityAttributes logs the security attributes of the current process.
+// The security attributes indicate whether AppArmor or SELinux are being used,
+// and what the level of confinement is.
+func logSecurityAttributes() error {
+	a, err := readProc("/proc/self/attr/current")
+	// On some systems, if AppArmor or SELinux are not installed, you get an
+	// error when you try and read `/proc/self/attr/current`, even though the
+	// file exists.
+	if err != nil || a == "" {
+		a = "none"
+	}
+	log.Printf("Process security attributes: %v", a)
 	return nil
 }
 
@@ -156,7 +165,7 @@ func logConfig() error {
 		logUser()
 		logCapabilities()
 		logSeccomp()
-		logAppArmor()
+		logSecurityAttributes()
 		err = readMounts()
 		if err != nil {
 			return err