diff --git a/cmd/aa/main.go b/cmd/aa/main.go index 9f407015..5f7dd639 100644 --- a/cmd/aa/main.go +++ b/cmd/aa/main.go @@ -135,7 +135,7 @@ func aaFormat(files paths.PathList) error { if !file.Exist() { return nil } - profile, err := util.ReadFile(file) + profile, err := file.ReadFileAsString() if err != nil { return err } diff --git a/pkg/aa/mount.go b/pkg/aa/mount.go index ad83801c..a9d8dbea 100644 --- a/pkg/aa/mount.go +++ b/pkg/aa/mount.go @@ -16,6 +16,15 @@ const ( func init() { requirements[MOUNT] = requirement{ + "flags_bind": { + "B", "bind", "R", "rbind", + }, + "flags_change": { + "remount", "unbindable", "shared", "private", "slave", "runbindable", + "rshared", "rprivate", "rslave", "make-unbindable", "make-shared", + "make-private", "make-slave", "make-runbindable", "make-rshared", + "make-rprivate", "make-rslave", + }, "flags": { "ro", "rw", "acl", "async", "atime", "bind", "dev", "diratime", "dirsync", "exec", "iversion", "loud", "mand", "move", "noacl", diff --git a/pkg/aa/template.go b/pkg/aa/template.go index 92c10b46..cb00d2f3 100644 --- a/pkg/aa/template.go +++ b/pkg/aa/template.go @@ -35,17 +35,10 @@ var ( // The apparmor templates tmpl = generateTemplates([]Kind{ // Global templates - "apparmor", - PROFILE, - HAT, - "rules", + "apparmor", PROFILE, HAT, "rules", // Preamble templates - ABI, - ALIAS, - INCLUDE, - VARIABLE, - COMMENT, + ABI, ALIAS, INCLUDE, VARIABLE, COMMENT, // Rules templates ALL, RLIMIT, USERNS, CAPABILITY, NETWORK,