feat(aa-log): ensure unix rule are not confused with network unix rule.

Both are technically the same, we simply prioritize `unix` to `network unix`.
2025-01-18 08:58:15 +01:00 · 2024-02-29 00:20:37 +00:00 · 2024-02-29 00:20:37 +00:00 · e616b9b3fc
commit e616b9b3fc
parent e3daaf3d4c
1 changed files with 5 additions and 1 deletions
--- a/pkg/aa/profile.go
+++ b/pkg/aa/profile.go
@ -85,7 +85,11 @@ func (p *AppArmorProfile) AddRule(log map[string]string) {
 	case "cap":
 		p.Rules = append(p.Rules, CapabilityFromLog(log))
 	case "net":
-		p.Rules = append(p.Rules, NetworkFromLog(log))
+		if log["family"] == "unix" {
+			p.Rules = append(p.Rules, UnixFromLog(log))
+		} else {
+			p.Rules = append(p.Rules, NetworkFromLog(log))
+		}
 	case "mount":
 		switch log["operation"] {
 		case "mount":