[apparmor] [PATCH v2 13/14] libapparmor: Create a man page for aa_kernel_interface

John Johansen john.johansen at canonical.com
Fri Jun 5 10:12:51 UTC 2015


On 04/02/2015 08:17 AM, Tyler Hicks wrote:
> Create a section 3 man page for the aa_kernel_interface family of
> functions. Additionally, update the in-code descriptions to match the
> descriptions in the man page.
> 
> Signed-off-by: Tyler Hicks <tyhicks at canonical.com>
> ---
>  libraries/libapparmor/doc/Makefile.am             |   2 +-
>  libraries/libapparmor/doc/aa_kernel_interface.pod | 162 ++++++++++++++++++++++
>  libraries/libapparmor/src/kernel_interface.c      |  18 +--
>  3 files changed, 172 insertions(+), 10 deletions(-)
>  create mode 100644 libraries/libapparmor/doc/aa_kernel_interface.pod
> 
> diff --git a/libraries/libapparmor/doc/Makefile.am b/libraries/libapparmor/doc/Makefile.am
> index d7aae8a..6a48d99 100644
> --- a/libraries/libapparmor/doc/Makefile.am
> +++ b/libraries/libapparmor/doc/Makefile.am
> @@ -5,7 +5,7 @@ PODCHECKER = podchecker

<< snip >>

> +
> +The aa_kernel_interface_new() function creates an I<aa_kernel_interface> object
> +based on an optional I<aa_features> object and an optional path to the apparmor
> +directory of securityfs, which is typically found at
> +"/sys/kernel/security/apparmor/". If I<kernel_features> is NULL, then the
> +features of the current kernel are used. When specifying a valid
> +I<kernel_features> object, it must be the features of the currently running
> +kernel. If I<apparmorfs> is NULL, then the default location is used. The

do we want to specify "must be the features of the currently running kernel"?
While this is currently true because of userspace implementation, it isn't
required and may not always be true.  I think we could get away with something
a little more ambiguous like "must be compatible with the features of the
currently running kernel"

other than that it looks good

Acked-by: John Johansen <john.johansen at canonical.com>




More information about the AppArmor mailing list