[apparmor] Support binary that might be in different locations?
Seth Arnold
seth.arnold at canonical.com
Tue Jun 17 02:21:52 UTC 2014
On Tue, Jun 17, 2014 at 10:17:14AM +0800, Aaron Lewis wrote:
> What does the second keyword ("nginx" here) in "profile nginx
> /usr/{s,}bin/nginx" mean?
> Is it just the profile name, which acts like an ID of the profile perhaps?
Yes, that's it exactly; this is the name that will show in ps auxZ output
and the name that you use with Px -> profile_name, "directed transitions",
or an application can use with the aa_change_profile() and
aa_change_exec() APIs.
> > or perhaps even better when you use the profile keyword the profile name
> > does not have to be a path.
> >
> > profile nginx /usr/{s,}bin/nginx {
> >
> > }
Thanks
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20140616/03f9b1ba/attachment.pgp>
More information about the AppArmor
mailing list