mirror of
https://gitlab.com/apparmor/apparmor
synced 2025-08-28 21:07:56 +00:00
de13aa5126
Now that the parser links against libapparmor, it makes sense to move
all public permission types and flags to libapparmor's apparmor.h. This
prevents duplication across header files for the parser and libapparmor.
Additionally, this patch breaks the connection between
AA_DBUS_{SEND,RECEIVE,BIND} and AA_MAY_{WRITE,READ,BIND} by using raw
values when defining the AA_DBUS_{SEND,RECEIVE,BIND} macros. This makes
sense because the two sets of permission flags are from two distinctly
different mediation types (AA_CLASS_DBUS and AA_CLASS_FILE). While it is
nice that they share some of the same values, the macros don't need to
be linked together. In other words, when you're creating a D-Bus rule,
it would be incorrect to use permission flags from the AA_CLASS_FILE
type.
The change mentioned above allows the AA_MAY_{WRITE,READ,BIND} macros
to be removed from public-facing apparmor.h header.
Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
Acked-by: Seth Arnold <seth.arnold@canonical.com>
The apparmor_parser allows you to add, replace, and remove AppArmor policy through the use of command line options. The default is to add. `apparmor_parser --help` shows what the command line options are. You can also find more information at http://wiki.apparmor.net Please send all complaints, feature requests, rants about the software, and questions to the apparmor@lists.ubuntu.com mailing list. Bug reports can be filed against the AppArmor project on launchpad.net at https://launchpad.net/apparmor or reported to the mailing list directly for those who wish not to register for an account on launchpad. Security issues can be filed as security bugs on launchpad or directed to security@ubuntu.com. We will attempt to conform to the RFP vulnerability disclosure protocol: http://www.wiretrip.net/rfp/policy.html Thanks. -- The AppArmor development team