mirrors/apparmor
1
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor.git synced 2025-03-04 00:14:44 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Proofreading of libapparmor manpages to fix a few nits

Browse source 
Signed-off-by: Ryan Lee <ryan.lee@canonical.com>
This commit is contained in:
Ryan Lee 2024-10-02 17:01:17 -07:00
parent 6c8a5bedff
commit ffc46247ad
3 changed files with 6 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
libraries/libapparmor/doc/aa_change_hat.pod
View file

@ -22,7 +22,7 @@
=head1 NAME =head1 NAME
aa_change_hat - change to or from a "hat" within a AppArmor profile aa_change_hat - change to or from a "hat" within a AppArmor profile
=head1 SYNOPSIS =head1 SYNOPSIS

6
libraries/libapparmor/doc/aa_change_profile.pod
View file

@ -22,7 +22,7 @@
=head1 NAME =head1 NAME
aa_change_profile, aa_change_onexec - change a tasks profile aa_change_profile, aa_change_onexec - change a task's profile
=head1 SYNOPSIS =head1 SYNOPSIS
@ -58,8 +58,8 @@ The aa_change_onexec() function is like the aa_change_profile() function
except it specifies that the profile transition should take place on the except it specifies that the profile transition should take place on the
next exec instead of immediately. The delayed profile change takes next exec instead of immediately. The delayed profile change takes
precedence over any exec transition rules within the confining profile. precedence over any exec transition rules within the confining profile.
Delaying the profile boundary has a couple of advantages, it removes the Delaying the profile boundary has a couple of advantages: it removes the
need for stub transition profiles and the exec boundary is a natural security need for stub transition profiles, and the exec boundary is a natural security
layer where potentially sensitive memory is unmapped. layer where potentially sensitive memory is unmapped.
=head1 RETURN VALUE =head1 RETURN VALUE

4
libraries/libapparmor/doc/aa_stack_profile.pod
View file

@ -41,7 +41,7 @@ result is an intersection of all profiles which are stacked. Stacking profiles
together is desirable when wanting to ensure that confinement will never become together is desirable when wanting to ensure that confinement will never become
more permissive. When changing between two profiles, as performed with more permissive. When changing between two profiles, as performed with
aa_change_profile(2), there is always the possibility that the new profile is aa_change_profile(2), there is always the possibility that the new profile is
more permissive than the old profile but that possibility is eliminated when more permissive than the old profile, but that possibility is eliminated when
using aa_stack_profile(). using aa_stack_profile().
To stack a profile with the current confinement context, a task can use the To stack a profile with the current confinement context, a task can use the
@ -68,7 +68,7 @@ The aa_stack_onexec() function is like the aa_stack_profile() function
except it specifies that the stacking should take place on the next exec except it specifies that the stacking should take place on the next exec
instead of immediately. The delayed profile change takes precedence over any instead of immediately. The delayed profile change takes precedence over any
exec transition rules within the confining profile. Delaying the stacking exec transition rules within the confining profile. Delaying the stacking
boundary has a couple of advantages, it removes the need for stub transition boundary has a couple of advantages: it removes the need for stub transition
profiles and the exec boundary is a natural security layer where potentially profiles and the exec boundary is a natural security layer where potentially
sensitive memory is unmapped. sensitive memory is unmapped.