feat(full): add default fallback profile.

See #252
2023-11-22 20:12:20 +00:00 · 2023-11-22 20:12:20 +00:00 · 9ab0745e2d
commit 9ab0745e2d
parent da51cdba64
7 changed files with 230 additions and 3 deletions
--- a/pkg/prebuild/prepare.go
+++ b/pkg/prebuild/prepare.go
@ -180,7 +180,11 @@ func SetDefaultSystemd() error {
 // See https://apparmor.pujol.io/development/structure/#full-system-policy
 func SetFullSystemPolicy() error {
 	// Install full system policy profiles
-	for _, name := range []string{"systemd", "systemd-user"} {
+	profiles := []string{
+		"systemd", "systemd-user",
+		"default", "default-bwrap", "default-sudo", "default-app",
+	}
+	for _, name := range profiles {
 		err := paths.New("apparmor.d/groups/_full/" + name).CopyTo(RootApparmord.Join(name))
 		if err != nil {
 			return err