apparmor.d/pkg/prebuild/builder/fsp.go
Alexandre Pujol 59ac54e2fc
build: reorganise build: abi4, fallback, prebuild cli
- ABI4 by default, fallback to abi 3.
- aa-prebuild cli that can be used by other project shipping profiles.
- --file option to cli to only build one dev profile.
- add abi version filter to only & exclude directives.
2024-10-02 16:22:46 +01:00

34 lines
704 B
Go

// apparmor.d - Full set of apparmor profiles
// Copyright (C) 2021-2024 Alexandre Pujol <alexandre@pujol.io>
// SPDX-License-Identifier: GPL-2.0-only
package builder
import (
"github.com/roddhjav/apparmor.d/pkg/prebuild"
"github.com/roddhjav/apparmor.d/pkg/util"
)
var (
regFullSystemPolicy = util.ToRegexRepl([]string{
`r(PU|U)x,`, `rPx,`,
})
)
type FullSystemPolicy struct {
prebuild.Base
}
func init() {
RegisterBuilder(&FullSystemPolicy{
Base: prebuild.Base{
Keyword: "fsp",
Msg: "Prevent unconfined transitions in profile rules",
},
})
}
func (b FullSystemPolicy) Apply(opt *Option, profile string) (string, error) {
return regFullSystemPolicy.Replace(profile), nil
}