John Johansen 562eb63964 expand automated profile generation to to allow profile generation from stdin ... This extends the auto-profile generation so that it can take profiles formated in standard profile language augemented by a few special variables for the automatically generated rules. This will all extended the regression tests in ways that are not currently supported, because mkprofile format does not match of the profile language. the special apparmorish variables are @{gen_elf name} - generate rules for elf binaries @{gen_bin name} - generate rules for a binary @{gen_def} - generate default rules @{gen name} - do @{gen_def} @{gen_bin name} To generate a profile you do genprofile --stdin <<EOF /profile/name { @{gen /profile/name} } EOF eg. to generate the equivalent of genprofile you would do genprofile --stdin <<EOF $test { @{gen $test} } EOF and the equiv of genprofile $file:rw would be genprofile --stdin <<EOF $test { @{gen $test} $file rw, } while it takes a little more to generate a base profile than the old syntax, it use the actual profile language (augmented with the special variables), it is a lot more flexible, and a lot easier to expand when new rule types are added. eg. of something not possible with the current auto generation Generate a profile with a child profile and hat and a trailing profile genprofile --stdin <<EOF $test { @{gen $test} profile $bin/open { @{gen $bin/open} } ^hatfoo { $file rw, } } profile $bin/exec { @{gen $bin/exec} } EOF Signed-off-by: John Johansen <john.johansen@canonical.com> Acked-By: Steve Beattie <sbeattie@ubuntu.com>		2012-04-11 15:55:54 -07:00
..
apparmor	expand automated profile generation to to allow profile generation from stdin	2012-04-11 15:55:54 -07:00
distro	Import the rest of the core functionality of the internal apparmor	2006-04-11 21:52:54 +00:00
Makefile	This patch fixes up a bit that leaked into kees' commit rev 1727	2011-05-23 16:05:10 -07:00