[apparmor] [PATCH 2/2] Add an example parser.conf file

John Johansen john.johansen at canonical.com
Fri Oct 7 09:54:56 UTC 2011 

Signed-off-by: John Johansen <john.johansen at canonical.com>
---
 parser/Makefile                |    1 +
 parser/apparmor-parser.spec.in |    1 +
 parser/parser.conf             |   58 ++++++++++++++++++++++++++++++++++++++++
 3 files changed, 60 insertions(+), 0 deletions(-)
 create mode 100644 parser/parser.conf

diff --git a/parser/Makefile b/parser/Makefile
index a98fba8..92fe862 100644
--- a/parser/Makefile
+++ b/parser/Makefile
@@ -288,6 +288,7 @@ install-arch: $(INSTALLDEPS)
 install-indep:
 	install -m 755 -d $(INSTALL_CONFDIR)
 	install -m 644 subdomain.conf $(INSTALL_CONFDIR)
+	install -m 644 parser.conf $(INSTALL_CONFDIR)
 	install -m 755 -d ${DESTDIR}/var/lib/apparmor
 	install -m 755 -d $(APPARMOR_BIN_PREFIX)
 	install -m 755 rc.apparmor.functions $(APPARMOR_BIN_PREFIX)
diff --git a/parser/apparmor-parser.spec.in b/parser/apparmor-parser.spec.in
index d16174f..59986bb 100644
--- a/parser/apparmor-parser.spec.in
+++ b/parser/apparmor-parser.spec.in
@@ -103,6 +103,7 @@ make install DESTDIR=${RPM_BUILD_ROOT} \
   /etc/init.d/aaeventd
 %endif
 %config(noreplace) /etc/apparmor/subdomain.conf
+%config(noreplace) /etc/apparmor/parser.conf
 /var/lib/apparmor
 %dir %attr(-, root, root) %{apparmor_bin_prefix}
 %{apparmor_bin_prefix}/rc.apparmor.functions
diff --git a/parser/parser.conf b/parser/parser.conf
new file mode 100644
index 0000000..9cd2db7
--- /dev/null
+++ b/parser/parser.conf
@@ -0,0 +1,58 @@
+# parser.conf is a global AppArmor config file for the apparmor_parser
+#
+# It can be used to specify the default options for the parser, which
+# can then be overriden by options passed on the command line.
+#
+# Leading whitespace is ignored and lines that begin with # are treated
+# as comments.
+#
+# Config options are specified one per line using the same format as the
+# longform command line options (without the preceding --).
+#
+# If a value is specified twice the last version to appear is used.
+
+## Suppress Warnings
+#quiet
+
+## Be verbose
+#verbose
+
+## Set include path
+#Include /etc/apparmor.d/abstractions
+
+## Set location of apparmor filesystem
+#subdomainfs /sys/kernel/security/apparmor
+
+## Set match-string to use - for forcing compiler to treat different kernels
+## the same
+# match-string "pattern=aadfa audit perms=crwxamlk/ user::other"
+
+## Turn creating/updating of the cache on by default
+#write-cache
+
+## Show cache hits
+#show-cache
+
+## skip cached policy
+#skip-cache
+
+## skip reading cache but allow updating
+#skip-read-cache
+
+
+#### Set Optimizaions.  Multiple Optimizations can be set, one per line ####
+# For supported optimizations see
+#   apparmor_parser --help=O
+
+## Turn on equivalence classes
+#equiv
+
+## Turn off expr tree simplification
+#Optimize=no-expr-simplify
+
+## Turn off DFA minimization
+#Optimize=no-minimize
+
+## Adjust compression
+#Optimize=compress-small
+#Optimize=compress-fast
-- 
1.7.5.4

More information about the AppArmor mailing list