feat(aa): add some missing rule template.

pkg/aa/template.go

@@ -53,7 +53,9 @@ var (
 	// The order the apparmor rules should be sorted
 	ruleAlphabet = []string{
 		"include",
+		"all",
 		"rlimit",
+		"userns",
 		"capability",
 		"network",
 		"mount",
@@ -62,11 +64,10 @@ var (
 		"pivotroot",
 		"changeprofile",
 		"mqueue",
+		"iouring",
 		"signal",
 		"ptrace",
 		"unix",
-		"userns",
-		"iouring",
 		"dbus",
 		"file",
 		"profile",

pkg/aa/templates/rule/all.j2

@@ -0,0 +1,9 @@
+{{- /* apparmor.d - Full set of apparmor profiles */ -}}
+{{- /* Copyright (C) 2021-2024 Alexandre Pujol <alexandre@pujol.io> */ -}}
+{{- /* SPDX-License-Identifier: GPL-2.0-only */ -}}
+
+{{- define "all" -}}
+    {{- "all" -}}
+    {{- "," -}}
+    {{- template "comment" . -}}
+{{- end -}}

pkg/aa/templates/rule/io_uring.j2

@@ -0,0 +1,16 @@
+{{- /* apparmor.d - Full set of apparmor profiles */ -}}
+{{- /* Copyright (C) 2021-2024 Alexandre Pujol <alexandre@pujol.io> */ -}}
+{{- /* SPDX-License-Identifier: GPL-2.0-only */ -}}
+
+{{- define "io_uring" -}}
+    {{- template "qualifier" . -}}
+    {{- "io_uring" -}}
+    {{- range .Access -}}
+        {{ " " }}{{ . }}
+    {{- end -}}
+    {{- with .Label -}}
+        {{ " label=" }}{{ . }}
+    {{- end -}}
+    {{- "," -}}
+    {{- template "comment" . -}}
+{{- end -}}

pkg/aa/templates/rules.j2

@@ -22,6 +22,10 @@
             {{- template "include" . -}}
         {{- end -}}
 
+        {{- if eq $type "All" -}}
+            {{- template "all" . -}}
+        {{- end -}}
+
         {{- if eq $type "Rlimit" -}}
             {{- template "rlimit" . -}}
         {{- end -}}
@@ -62,6 +66,10 @@
             {{- template "mqueue" . -}}
         {{- end -}}
 
+        {{- if eq $type "IOUring" -}}
+            {{- template "io_uring" . -}}
+        {{- end -}}
+
         {{- if eq $type "Unix" -}}
             {{- template "unix" . -}}
         {{- end -}}