felipe/apparmor.d
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat(aa): improve rule creation from log.

Browse source
This commit is contained in:
Alexandre Pujol 2023-09-29 20:07:29 +01:00
parent 13de4182c8
commit c7485326e8
No known key found for this signature in database
GPG key ID: C5469996F0DF68EC
15 changed files with 62 additions and 57 deletions
Download patch file Download diff file Expand all files Collapse all files

8
pkg/aa/file.go
View file

@ -11,13 +11,9 @@ type File struct {
Target string
}
func FileFromLog(log map[string]string, noNewPrivs, fileInherit bool) ApparmorRule {
owner := false
if log["fsuid"] == log["ouid"] && log["OUID"] != "root" {
owner = true
}
func FileFromLog(log map[string]string) ApparmorRule {
return &File{
Qualifier: NewQualifier(owner, noNewPrivs, fileInherit),
Qualifier: NewQualifierFromLog(log),
Path: log["name"],
Access: maskToAccess[log["requested_mask"]],
Target: log["target"],