From 9fb43325a3f0ab4b4c572c3bc0e8a64b8e42266a Mon Sep 17 00:00:00 2001 From: Jeroen Rijken Date: Sun, 10 Jul 2022 12:49:33 +0200 Subject: [PATCH] Add headers to new policies --- apparmor.d/groups/virt/calico | 6 +++++- apparmor.d/groups/virt/cni-bandwidth | 4 ++++ apparmor.d/groups/virt/cni-loopback | 4 ++++ apparmor.d/groups/virt/cni-portmap | 4 ++++ 4 files changed, 17 insertions(+), 1 deletion(-) diff --git a/apparmor.d/groups/virt/calico b/apparmor.d/groups/virt/calico index 313959fb..b68944be 100644 --- a/apparmor.d/groups/virt/calico +++ b/apparmor.d/groups/virt/calico @@ -1,3 +1,7 @@ +# apparmor.d - Full set of apparmor profiles +# Copyright (C) 2022 Jeroen Rijken +# SPDX-License-Identifier: GPL-2.0-only + abi , include @@ -9,7 +13,7 @@ profile calico @{exec_path} flags=(complain) { network inet, network inet6, - @{exec_path} rm, + @{exec_path} mr, @{exec_path}-ipam rix, /etc/cni/net.d/{,**} r, diff --git a/apparmor.d/groups/virt/cni-bandwidth b/apparmor.d/groups/virt/cni-bandwidth index 82e4792a..1de4dbf4 100644 --- a/apparmor.d/groups/virt/cni-bandwidth +++ b/apparmor.d/groups/virt/cni-bandwidth @@ -1,3 +1,7 @@ +# apparmor.d - Full set of apparmor profiles +# Copyright (C) 2022 Jeroen Rijken +# SPDX-License-Identifier: GPL-2.0-only + abi , include diff --git a/apparmor.d/groups/virt/cni-loopback b/apparmor.d/groups/virt/cni-loopback index 2e542dd0..a6ff7d6f 100644 --- a/apparmor.d/groups/virt/cni-loopback +++ b/apparmor.d/groups/virt/cni-loopback @@ -1,3 +1,7 @@ +# apparmor.d - Full set of apparmor profiles +# Copyright (C) 2022 Jeroen Rijken +# SPDX-License-Identifier: GPL-2.0-only + abi , include diff --git a/apparmor.d/groups/virt/cni-portmap b/apparmor.d/groups/virt/cni-portmap index efd2ae0d..02e24956 100644 --- a/apparmor.d/groups/virt/cni-portmap +++ b/apparmor.d/groups/virt/cni-portmap @@ -1,3 +1,7 @@ +# apparmor.d - Full set of apparmor profiles +# Copyright (C) 2022 Jeroen Rijken +# SPDX-License-Identifier: GPL-2.0-only + abi , include