The new option --show-matching-path shows a path that matches in the host
filesystem, to prove that the profile is indeed used.
Also, profiles' xattrs are now parsed into a dict and are taken in
consideration when looking for matching profiles.
Signed-off-by: Maxime Bélair <maxime.belair@canonical.com>
Introduce aa-show-usage, a new helper allowing to determine which
profiles on the system are used and which are not. A profile is marked as
used when at least one file installed in the machine matches the attach point
specified in the profile.
This tool supports filtering options, allowing users to, for example,
display only unconfined profiles that are currently in use. This can
notably help sysadmins to evaluate the security of their systems.
Signed-off-by: Maxime Bélair <maxime.belair@canonical.com>
