[apparmor] [PATCH 2/2] Remove private mediation class types from apparmor.h
John Johansen
john.johansen at canonical.com
Fri Nov 22 03:30:11 UTC 2013
On 11/21/2013 05:59 PM, Tyler Hicks wrote:
> Currently, D-Bus rules are the only type of policy that we expect to be
> queried from userspace. Therefore, we do not need to export other
> mediation types at this time.
>
> This patch removes all AA_CLASS_* macros, except AA_CLASS_DBUS, from
> libapparmor's apparmor.h header. These macros are already defined in the
> parser's policydb.h header.
>
Hrmmm, so yes they shouldn't be in two places, and dbus is the only one
we are currently querying but we would like to get to where a generic
query is supported.
So I'm okay with committing this for now, with the understanding that these
are going to come back.
Acked-by: John Johansen <john.johansen at canonical.com>
> Signed-off-by: Tyler Hicks <tyhicks at canonical.com>
> ---
> libraries/libapparmor/src/apparmor.h | 15 +--------------
> 1 file changed, 1 insertion(+), 14 deletions(-)
>
> diff --git a/libraries/libapparmor/src/apparmor.h b/libraries/libapparmor/src/apparmor.h
> index 8c0476c..12a7691 100644
> --- a/libraries/libapparmor/src/apparmor.h
> +++ b/libraries/libapparmor/src/apparmor.h
> @@ -24,23 +24,10 @@
> __BEGIN_DECLS
>
> /*
> - * Class of mediation types in the AppArmor policy db
> + * Class of public mediation types in the AppArmor policy db
> */
> -#define AA_CLASS_COND 0
> -#define AA_CLASS_UNKNOWN 1
> -#define AA_CLASS_FILE 2
> -#define AA_CLASS_CAP 3
> -#define AA_CLASS_NET 4
> -#define AA_CLASS_RLIMITS 5
> -#define AA_CLASS_DOMAIN 6
> -#define AA_CLASS_MOUNT 7
> -#define AA_CLASS_NS_DOMAIN 8
> -#define AA_CLASS_PTRACE 9
> -
> -#define AA_CLASS_ENV 16
>
> #define AA_CLASS_DBUS 32
> -#define AA_CLASS_X 33
>
>
> /* Permission flags for the AA_CLASS_DBUS mediation class */
>
More information about the AppArmor
mailing list