mirror of
https://gitlab.com/apparmor/apparmor
synced 2025-08-31 06:16:03 +00:00
398ef08bf4
by naming the directory (e.g. #include </etc/apparmor.d/abstractions>). It will skip over dotfiles and as well as subdirectories. It is intended to make scripting and packaging easier, as the including profile will not need to know explicitly all of the names to include. Long term, rather than hardcode that dotfiles will be skipped, it should be configurable via /etc/apparmor.d/subdomain what patterns of files should be skipped; genprof/logprof should also honor this setting. The code could be reused as I'd like to make the parser just take a directory on the command line rather than being fed profiles one at a time; again it would skip files based on these same patterns. This patch also eliminates some dead code in the include processing, as well as replaces a couple of undersized fixed-size buffer (PATH_MAX is 4095 on linux, buffer is not overflowable due to use of strncpy/snprintf) with dynamically allocated ones.