mirrors/apparmor.d
1
0
Fork 0
mirror of https://github.com/roddhjav/apparmor.d.git synced 2025-01-29 14:25:12 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

fix(aa-log): ensure unix logs generate unix rule.

Browse source 
It may break some rule generation on old apparmor version (<3.1). But I don't have the time to support all apparmor version anyway...

fix #225
This commit is contained in:
Alexandre Pujol 2023-09-29 20:01:30 +01:00
parent 70dc9b7844
commit 13de4182c8
Failed to generate hash of commit
2 changed files with 2 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
pkg/aa/data_test.go
View file

@ -159,7 +159,7 @@ var (
// Unix
unix1Log = map[string]string{
"apparmor": "ALLOWED",
"class": "net",
"class": "unix",
"family": "unix",
"operation": "file_perm",
"profile": "gsettings",

6
pkg/aa/profile.go
View file

@ -92,11 +92,7 @@ func (p *AppArmorProfile) AddRule(log map[string]string) {
case "cap":
p.Rules = append(p.Rules, CapabilityFromLog(log, noNewPrivs, fileInherit))
case "net":
if log["family"] == "unix" {
p.Rules = append(p.Rules, UnixFromLog(log, noNewPrivs, fileInherit))
} else {
p.Rules = append(p.Rules, NetworkFromLog(log, noNewPrivs, fileInherit))
}
p.Rules = append(p.Rules, NetworkFromLog(log, noNewPrivs, fileInherit))
case "mount":
p.Rules = append(p.Rules, MountFromLog(log, noNewPrivs, fileInherit))
case "remount":