parser: add ability to specify permission in network rules

Signed-off-by: Georgia Garcia <georgia.garcia@canonical.com>
2025-08-31 06:16:03 +00:00 · 2024-01-08 16:09:13 -03:00
parent 35f25a251b
commit 746f76d3e1
6 changed files with 63 additions and 25 deletions
--- a/parser/af_unix.cc
+++ b/parser/af_unix.cc
@@ -202,7 +202,7 @@ void unix_rule::downgrade_rule(Profile &prof) {
 		if (audit == AUDIT_FORCE)
 			prof.net.audit[AF_UNIX] |= mask;
 		const char *error;
-		network_rule *netv8 = new network_rule(AF_UNIX, sock_type_n);
+		network_rule *netv8 = new network_rule(perms, AF_UNIX, sock_type_n);
 		if(!netv8->add_prefix({audit, rule_mode, owner}, error))
 			yyerror(error);
 		prof.rule_ents.push_back(netv8);