mir/apparmor
2
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor synced 2025-08-22 10:07:12 +00:00
Code Issues Releases Wiki Activity

aa-notify: Update config with use_local_profiles

Browse Source 
aa-notify configuration now supports use_local_profiles, and this option
is documented in the manual.

Signed-off-by: Maxime Bélair <maxime.belair@canonical.com>
This commit is contained in:
Maxime Bélair 2025-08-08 15:55:32 +02:00
parent df1a4c8782
commit 144d782ae8
2 changed files with 14 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
utils/aa-notify.pod
View File

@ -71,6 +71,14 @@ This has no effect when running under sudo.
wait NUM seconds before displaying notifications (for use with -p)
=item -L, --local [{yes,no,auto}]
add rules to a local profiles instead of the real profiles.
This simplify profiles' deployment by keeping local modifications self-contained.
- B<yes>: always use a local profile
- B<no>: never use a local profile
- B<auto>: use a local profile if the main profile already relies on a local profile
=item -v, --verbose
show messages with summaries.
@ -98,6 +106,9 @@ System-wide configuration for B<aa-notify> is done via
# Binaries for which we ignore userns-related capability denials
ignore_denied_capability="sudo,su"
# Write change to local profiles if enabled to preserve regular profiles and simplify upgrades
use_local_profiles
# OPTIONAL - kind of operations which display a popup prompt.
prompt_filter="userns"

3
utils/notify.conf
View File

@ -20,6 +20,9 @@ interface_theme="ubuntu"
# Binaries for which we ignore userns-related capability denials
ignore_denied_capability="sudo,su"
# OPTIONAL - Write changes to local profiles to preserve regular profiles and simplify upgrades (yes, no, auto)
# use_local_profiles="yes"
# OPTIONAL - kind of operations which display a popup prompt.
# prompt_filter="userns"