[apparmor] Documentation and/or Tutorials for python-libapparmor
John Johansen
john.johansen at canonical.com
Fri Jul 13 00:52:53 UTC 2012
On 07/12/2012 08:06 AM, André Herrmann wrote:
> Hi there,
>
> after being not successful to build a package from /opt/ for the
> Appshowdown (gksu does not work, so I implemented a thousand asks for
> password :-( ), I tried to understand dbus/policykit integration, but
> this seems to be really hard to understand ( plus scant python
> documentation available ) and as far as I know apparmor hasn't a dbus
> service yet.
>
right, there are questions if we want to go there or not, its been
discussed but nothing is happening this cycle
> Now I discovered python-libapparmor and it seems that it will be the
> solution dealing with apparmor-profiles without the need of dbus.
>
hrmmm, yes and and no. It depends on what you mean. Its a raw backend
for interfacing with apparmor. The python library is actually a swig
generated front end (there are also perl and ruby versions) for the C
library. Currently its set of fns is really sparse though we do plan on
extending it greatly.
Currently it is mostly limited to fns for introspecting loaded policy
and changing a tasks current profile (if allowed).
We have plans to move in the fns to load, replace, and remove policy,
as well as compile policy from the apparmor parser. But there just
haven't been the resources to do that yet.
> Is there any kind of tutorial, documentation to see how to use the
> provided methods?
>
hrmmm, none at the moment, the manpages are the best there is at the
moment.
However if you have questions just ask, and we will do our best to
answer them, and hopefully take those answers and start making a howto/
tutorial from them.
> Would be very happy if someone could lead me the right way of using this
> module.
>
module as in apparmor or the interface library libapparmor?
A quick overview of apparmor can be found here
http://wiki.apparmor.net/index.php/Documentation
the documentation is admittedly in dire need of updating and expansion. Its
the same as most open source projects in that regard.
> It's for my project:
>
> https://launchpad.net/~andre-herrmann/+archive/armorforge
>
More information about the AppArmor
mailing list