felipe/apparmor.d
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat(aa): modify the apparmor struct to support multiple profiles and subprofile.

Browse source
This commit is contained in:
Alexandre Pujol 2024-04-15 14:09:04 +01:00
parent 507002c660
commit 4b753210e7
No known key found for this signature in database
GPG key ID: C5469996F0DF68EC
12 changed files with 467 additions and 394 deletions
Download patch file Download diff file Expand all files Collapse all files

10
pkg/prebuild/directive/dbus.go
View file

@ -97,7 +97,8 @@ func (d Dbus) sanityCheck(opt *Option) string {
func (d Dbus) own(rules map[string]string) *aa.AppArmorProfile {
interfaces := setInterfaces(rules)
p := &aa.AppArmorProfile{}
profile := &aa.AppArmorProfile{}
p := profile.GetDefaultProfile()
p.Rules = append(p.Rules, &aa.Dbus{
Access: "bind", Bus: rules["bus"], Name: rules["name"],
})
@ -127,12 +128,13 @@ func (d Dbus) own(rules map[string]string) *aa.AppArmorProfile {
Member: "Introspect",
PeerName: `":1.@{int}"`,
})
return p
return profile
}
func (d Dbus) talk(rules map[string]string) *aa.AppArmorProfile {
interfaces := setInterfaces(rules)
p := &aa.AppArmorProfile{}
profile := &aa.AppArmorProfile{}
p := profile.GetDefaultProfile()
for _, iface := range interfaces {
p.Rules = append(p.Rules, &aa.Dbus{
Access: "send",
@ -153,5 +155,5 @@ func (d Dbus) talk(rules map[string]string) *aa.AppArmorProfile {
PeerLabel: rules["label"],
})
}
return p
return profile
}