Remove complain flags

2025-01-18 08:58:15 +01:00 · 2022-07-23 15:41:40 +02:00 · 2022-07-23 15:41:40 +02:00 · fcea04c69b
commit fcea04c69b
parent e724d835ed
7 changed files with 7 additions and 7 deletions
--- a/apparmor.d/groups/virt/cni-xtables-nft
+++ b/apparmor.d/groups/virt/cni-xtables-nft
@ -7,7 +7,7 @@ abi <abi/3.0>,
 include <tunables/global>

@{exec_path} = /{usr/,}{s,}bin/xtables-nft-multi
-profile cni-xtables-nft flags=(complain) {
+profile cni-xtables-nft {
    include <abstractions/base>
    include <abstractions/nameservice-strict>

--- a/apparmor.d/groups/virt/containerd-shim-runc-v2
+++ b/apparmor.d/groups/virt/containerd-shim-runc-v2
@ -8,7 +8,7 @@ abi <abi/3.0>,
 include <tunables/global>

@{exec_path} = /{usr/,}bin/containerd-shim-runc-v2
-profile containerd-shim-runc-v2 @{exec_path} flags=(complain,attach_disconnected) {
+profile containerd-shim-runc-v2 @{exec_path} flags=(attach_disconnected) {
  include <abstractions/base>
  include <abstractions/consoles>

--- a/apparmor.d/groups/virt/k3s
+++ b/apparmor.d/groups/virt/k3s
@ -7,7 +7,7 @@ abi <abi/3.0>,
 include <tunables/global>

@{exec_path} = /{usr/,}{local/,}bin/k3s
-profile k3s @{exec_path} flags=(complain) {
+profile k3s @{exec_path} {
  include <abstractions/base>
  include <abstractions/disks-read>
  include <abstractions/nameservice-strict>
--- a/apparmor.d/groups/virt/kubernetes-pause
+++ b/apparmor.d/groups/virt/kubernetes-pause
@ -7,7 +7,7 @@ abi <abi/3.0>,
 include <tunables/global>

@{exec_path} = /pause
-profile kubernetes-pause @{exec_path} flags=(complain,attach_disconnected) {
+profile kubernetes-pause @{exec_path} flags=(attach_disconnected) {
  include <abstractions/base>

  signal (receive) set=kill,
--- a/apparmor.d/profiles-s-z/zed
+++ b/apparmor.d/profiles-s-z/zed
@ -7,7 +7,7 @@ abi <abi/3.0>,
 include <tunables/global>

@{exec_path} = /{usr/,}{local/,}{s,}bin/zed
-profile zed @{exec_path} flags=(complain) {
+profile zed @{exec_path} {
  include <abstractions/base>
  include <abstractions/disks-read>
  
--- a/apparmor.d/profiles-s-z/zfs
+++ b/apparmor.d/profiles-s-z/zfs
@ -7,7 +7,7 @@ abi <abi/3.0>,
 include <tunables/global>

@{exec_path} = /{usr/,}{local/,}{s,}bin/zfs
-profile zfs @{exec_path} flags=(complain) {
+profile zfs @{exec_path} {
  include <abstractions/base>
  
  capability sys_admin,
--- a/apparmor.d/profiles-s-z/zpool
+++ b/apparmor.d/profiles-s-z/zpool
@ -7,7 +7,7 @@ abi <abi/3.0>,
 include <tunables/global>

@{exec_path} = /{usr/,}{local/,}{s,}bin/zpool
-profile zpool @{exec_path} flags=(complain) {
+profile zpool @{exec_path} {
  include <abstractions/base>
  include <abstractions/disks-read>