build: simplify full system policy generation.
This commit is contained in:
Alexandre Pujol
parent
cd1de59aad
commit
4b61abf7ce
1 changed files with 2 additions and 9 deletions
|
|
@ -180,16 +180,9 @@ func SetDefaultSystemd() error {
|
||||||
// See https://apparmor.pujol.io/development/structure/#full-system-policy
|
// See https://apparmor.pujol.io/development/structure/#full-system-policy
|
||||||
func SetFullSystemPolicy() error {
|
func SetFullSystemPolicy() error {
|
||||||
// Install full system policy profiles
|
// Install full system policy profiles
|
||||||
profiles := []string{
|
if err := copyTo(paths.New("apparmor.d/groups/_full/"), Root.Join("apparmor.d")); err != nil {
|
||||||
"systemd", "systemd-user",
|
|
||||||
"default", "default-bwrap", "default-sudo", "default-app",
|
|
||||||
}
|
|
||||||
for _, name := range profiles {
|
|
||||||
err := paths.New("apparmor.d/groups/_full/" + name).CopyTo(RootApparmord.Join(name))
|
|
||||||
if err != nil {
|
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
}
|
|
||||||
|
|
||||||
// Set systemd profile name
|
// Set systemd profile name
|
||||||
path := RootApparmord.Join("tunables/multiarch.d/apparmor.d")
|
path := RootApparmord.Join("tunables/multiarch.d/apparmor.d")
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue