felipe/apparmor.d
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix(aa-log): ensure unix logs generate unix rule.

Browse source 
It may break some rule generation on old apparmor version (<3.1). But I don't have the time to support all apparmor version anyway...

fix #225
This commit is contained in:
Alexandre Pujol 2023-09-29 20:01:30 +01:00
parent 70dc9b7844
commit 13de4182c8
No known key found for this signature in database
GPG key ID: C5469996F0DF68EC
2 changed files with 2 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

6
pkg/aa/profile.go
View file

@ -92,11 +92,7 @@ func (p *AppArmorProfile) AddRule(log map[string]string) {
case "cap":
p.Rules = append(p.Rules, CapabilityFromLog(log, noNewPrivs, fileInherit))
case "net":
if log["family"] == "unix" {
p.Rules = append(p.Rules, UnixFromLog(log, noNewPrivs, fileInherit))
} else {
p.Rules = append(p.Rules, NetworkFromLog(log, noNewPrivs, fileInherit))
}
p.Rules = append(p.Rules, NetworkFromLog(log, noNewPrivs, fileInherit))
case "mount":
p.Rules = append(p.Rules, MountFromLog(log, noNewPrivs, fileInherit))
case "remount":