This reverts commit 460c3d5b59.
The 4.0 ABI was pinned for the development cycle but it can cause
in-tree uses of parser/parser.conf to fail if it cannot find the 4.0
file in /etc/apparmor.d/abi/.
Signed-off-by: Georgia Garcia <georgia.garcia@canonical.com>
With the exception of the documentation fixes, these should all be
invisible to users.
Signed-off-by: Steve Beattie <steve.beattie@canonical.com>
Acked-by: Christian Boltz <apparmor@cboltz.de>
MR: https://gitlab.com/apparmor/apparmor/-/merge_requests/687
The comments describing the example rules to pin the abi are wrong.
The comments of the two example rules are swapped resulting in confusion.
While we are at it. Add a reference to the wiki doc on abi, and
how to disable abi warnings without pinning.
MR: https://gitlab.com/apparmor/apparmor/-/merge_requests/648
Signed-off-by: John Johansen <john.johansen@canonical.com>
Acked-by: Seth Arnold <seth.arnold@canonical.com>
Provide example rules in parser.conf to pin pre 3.0 policy and
appropriate abi files.
abis for vanilla upstream kernels and outoftree network patched
kernels are provided. With both ABIs dropping v8 support from
advertised by the kernel as 2.x policy/userspace did not support it.
MR: https://gitlab.com/apparmor/apparmor/-/merge_requests/598
Acked-by: Steve Beattie <steve.beattie@canonical.com>
Signed-off-by: John Johansen <john.johansen@canonical.com>
The parser.conf example statement for Include statements used
/etc/apparmor.d/abstractions which is unlikely to make anyone enabling
it happy as our shipped and example policies all include the
'abstractions/' directory in the relative paths. This patch adjusts the
example and provides a second example, based on an enabled entry as
shipped in Ubuntu.
Signed-off-by: Steve Beattie <steve@nxnw.org>
Acked-by: Christian Boltz <apparmor@cboltz.de>
