[apparmor] [PATCH] apparmor: add a features/dbus dir to securityfs interface
John Johansen
john.johansen at canonical.com
Tue Mar 5 18:23:24 UTC 2013
On 03/05/2013 07:42 AM, Tyler Hicks wrote:
> Add a dbus directory to the apparmor securityfs features subdirectory to
> contain a mask file with the supported D-Bus mediation rules.
>
> Signed-off-by: Tyler Hicks <tyhicks at canonical.com>
Acked-by: John Johansen <john.johansen at canonical.com>
> ---
>
> I've previously sent this patch to JJ, but it never made it out to the list for
> review. It is a simple patch to let dbus-daemon know if AppArmor supports dbus
> rules.
>
> security/apparmor/apparmorfs.c | 6 ++++++
> 1 file changed, 6 insertions(+)
>
> diff --git a/security/apparmor/apparmorfs.c b/security/apparmor/apparmorfs.c
> index 48b15ee..3d8619d 100644
> --- a/security/apparmor/apparmorfs.c
> +++ b/security/apparmor/apparmorfs.c
> @@ -765,6 +765,11 @@ static struct aa_fs_entry aa_fs_entry_namespaces[] = {
> { }
> };
>
> +static struct aa_fs_entry aa_fs_entry_dbus[] = {
> + AA_FS_FILE_STRING("mask", "acquire send receive"),
> + { }
> +};
> +
> static struct aa_fs_entry aa_fs_entry_features[] = {
> AA_FS_DIR("policy", aa_fs_entry_policy),
> AA_FS_DIR("domain", aa_fs_entry_domain),
> @@ -774,6 +779,7 @@ static struct aa_fs_entry aa_fs_entry_features[] = {
> AA_FS_DIR("namespaces", aa_fs_entry_namespaces),
> AA_FS_FILE_U64("capability", VFS_CAP_FLAGS_MASK),
> AA_FS_DIR("rlimit", aa_fs_entry_rlimit),
> + AA_FS_DIR("dbus", aa_fs_entry_dbus),
> { }
> };
>
>
More information about the AppArmor
mailing list