This patch adds a variable AA_PARSER_ARGS to subdomain.conf, and passes
those arguments to relevant invocations of apparmor_parser.
---
 parser/rc.apparmor.functions |    9 +++++----
 parser/subdomain.conf        |    6 ++++++
 2 files changed, 11 insertions(+), 4 deletions(-)

Index: trunk-forge/parser/rc.apparmor.functions
===================================================================
--- trunk-forge.orig/parser/rc.apparmor.functions
+++ trunk-forge/parser/rc.apparmor.functions
@@ -50,6 +50,7 @@ fi
 SUBDOMAIN_MODULE_PANIC="warn"
 SUBDOMAIN_ENABLE_OWLSM="no"
 APPARMOR_ENABLE_AAEVENTD="no"
+AA_PARSER_ARGS=
 
 if [ -f "${APPARMOR_CONF}" ] ; then
 	#parse the conf file to see what we should do
@@ -106,11 +107,11 @@ parse_profiles() {
 	# get parser arg
 	case "$1" in
 		load)
-			PARSER_ARGS="--add"
+			PARSER_ACTION="--add"
 			PARSER_MSG="Loading AppArmor profiles "
 			;;
 		reload)
-			PARSER_ARGS="--replace"
+			PARSER_ACTION="--replace"
 			PARSER_MSG="Reloading AppArmor profiles "
 			;;
 		*)
@@ -151,7 +152,7 @@ parse_profiles() {
 			logger -t "AppArmor(init)" -p daemon.warn "Skipping profile $profile"
 			STATUS=2
 		elif [ -f "${profile}" ] ; then
-			$PARSER $ABSTRACTIONS $PARSER_ARGS "$profile" > /dev/null
+			$PARSER $ABSTRACTIONS $PARSER_ACTION ${AA_PARSER_ARGS} "$profile" > /dev/null
 			if [ $? -ne 0 ]; then
 				echo " Profile $profile failed to load"
 				STATUS=1
@@ -183,7 +184,7 @@ profiles_names_list() {
 
 	for profile in $PROFILE_DIR/*; do
 	        if ! skip_profile "${profile}" && [ -f "${profile}" ] ; then
-			LIST_ADD=$($PARSER $ABSTRACTIONS -N "$profile" | grep -v '\^')
+			LIST_ADD=$($PARSER $ABSTRACTIONS ${AA_PARSER_ARGS} -N "$profile" | grep -v '\^')
 			if [ $? -eq 0 ]; then
 				echo "$LIST_ADD" >>$TMPFILE
 			fi
Index: trunk-forge/parser/subdomain.conf
===================================================================
--- trunk-forge.orig/parser/subdomain.conf
+++ trunk-forge/parser/subdomain.conf
@@ -25,6 +25,12 @@ SUBDOMAIN_ENABLE_OWLSM="no"
 # Enable the AppArmor event daemon for reporting?
 APPARMOR_ENABLE_AAEVENTD="no"
 
+## Path: System/AppArmor
+## Description: Add arguments to the apparmor_parser binary
+## Type: String
+#
+AA_PARSER_ARGS=""
+
 #SUBDOMAIN_MODULE_PANIC=XXX
 #This option controls how subdomain behaves when the init script attempts
 #to load the SubDomain module and fails.  There are 4 options