[apparmor] [PATCH 7/7] Add basic documentation of apparmor rlimit controls
Christian Boltz
apparmor at cboltz.de
Sat Mar 21 20:08:42 UTC 2015
Hello,
Am Samstag, 21. März 2015 schrieb John Johansen:
> buglink: https://launchpad.net/bugs/1429202
>
> Signed-off-by: John Johansen <john.johansen at canonical.com>
> ---
> parser/apparmor.d.pod | 35 ++++++++++++++++++++++++++++++++++-
> 1 file changed, 34 insertions(+), 1 deletion(-)
>
> diff --git a/parser/apparmor.d.pod b/parser/apparmor.d.pod
> index a6fdb9a..7c65e5d 100644
> --- a/parser/apparmor.d.pod
> +++ b/parser/apparmor.d.pod
...
> +If a profile does not have an rlimit rule associated with a given
> +rlimit then the rlimit is left alone and regular access, including
> +changing the limit, is allowed. However if the profile sets an rlimit
> +then the current limit if checked and if greater than the limit
... _is_ checked ...
> specified +in the rule it will be changed to the specified limit.
> +
> +AppArmor rlimit rules control the hard limit of an application and
> +ensure that if the hard limit is lowered that the soft limit does not
> +exceed the hard limit value.
Some example rules (with different value type) would be nice ;-)
With the above typo fixed and some examples added,
Acked-by: Christian Boltz <apparmor at cboltz.de>
My Acks in this patch series are also valid for 2.9, even if not
mentioned in every mail.
Regards,
Christian Boltz
--
Mein Spamassassin läuft überhaupt nicht. Trotzdem wurden in evolution
beachtliche Mengen Spam gefiltert - weil anscheinend diverse zuliefernde
Mailserver Spamassassin verwenden und den X-Spam Header setzen. Mein
eigener Spamassassin steht seit einem Jahr in der Ecke, dreht Däumchen
und lacht sich 'nen Ast. [Ratti in suse-linux]
More information about the AppArmor
mailing list