libapparmor: Add aa_splitcon() public function

Create a new libapparmor public function that allows external code to split an AppArmor confinement context. This is immediately useful for code that retrieves a D-Bus peer's AppArmor confinement context using the org.freedesktop.DBus.GetConnectionCredentials bus method. https://launchpad.net/bugs/1430532 Signed-off-by: Tyler Hicks <tyhicks@canonical.com> Acked-by: Seth Arnold <seth.arnold@canonical.com>
2025-09-03 15:55:46 +00:00 · 2015-05-19 21:28:47 -05:00
parent 4879b46b13
commit 014093dedc
6 changed files with 97 additions and 4 deletions
--- a/libraries/libapparmor/include/sys/apparmor.h
+++ b/libraries/libapparmor/include/sys/apparmor.h
@@ -58,6 +58,7 @@ extern int aa_change_onexec(const char *profile);
 extern int aa_change_hatv(const char *subprofiles[], unsigned long token);
 extern int (aa_change_hat_vargs)(unsigned long token, int count, ...);

+extern char *aa_splitcon(char *con, char **mode);
 /* Protypes for introspecting task confinement
 * Please see the aa_getcon(2) manpage for information
 */