mir/apparmor
2
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor synced 2025-08-22 10:07:12 +00:00
Code Issues Releases Wiki Activity

Merge doc(fix): Fix wrong syntax for profile stacking

Browse Source 
Add missing change_profile entry required for the example

Signed-off-by: Mostafa Emami <mustafaemami@gmail.com>

MR: https://gitlab.com/apparmor/apparmor/-/merge_requests/1141
Approved-by: John Johansen <john@jjmx.net>
Merged-by: John Johansen <john@jjmx.net>
This commit is contained in:
John Johansen 2024-01-30 09:45:36 +00:00
commit 3e28d0a254
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
libraries/libapparmor/doc/aa_stack_profile.pod
View File

@ -109,12 +109,12 @@ To immediately stack a profile named "profile_a", as performed with
aa_stack_profile("profile_a"), the equivalent of this shell command can be aa_stack_profile("profile_a"), the equivalent of this shell command can be
used: used:
$ echo -n "stackprofile profile_a" > /proc/self/attr/current $ echo -n "stack profile_a" > /proc/self/attr/current
To stack a profile named "profile_a" at the next exec, as performed with To stack a profile named "profile_a" at the next exec, as performed with
aa_stack_onexec("profile_a"), the equivalent of this shell command can be used: aa_stack_onexec("profile_a"), the equivalent of this shell command can be used:
$ echo -n "stackexec profile_a" > /proc/self/attr/exec $ echo -n "stack profile_a" > /proc/self/attr/exec
These raw AppArmor filesystem operations must only be used when using These raw AppArmor filesystem operations must only be used when using
libapparmor is not a viable option. libapparmor is not a viable option.
@ -184,6 +184,7 @@ with apparmor_parser(8):
/etc/passwd r, /etc/passwd r,
# Needed for aa_stack_profile() # Needed for aa_stack_profile()
change-profile -> &i_cant_be_trusted_anymore,
/usr/lib/libapparmor*.so* mr, /usr/lib/libapparmor*.so* mr,
/proc/[0-9]*/attr/current w, /proc/[0-9]*/attr/current w,
} }