[apparmor] [patch] Document aliases for dbus send and receive in apparmor.d
Tyler Hicks
tyhicks at canonical.com
Wed Jun 1 20:51:33 UTC 2016
On 06/01/2016 03:35 PM, Christian Boltz wrote:
> Hello,
>
> $subject.
>
>
> [ apparmor.d.pod-dbus-aliases.diff ]
Acked-by: Tyler Hicks <tyhicks at canonical.com>
Thanks!
>
> --- parser/apparmor.d.pod 2016-06-01 22:32:13.886365414 +0200
> +++ parser/apparmor.d.pod 2016-06-01 22:32:49.758121352 +0200
> @@ -195,7 +195,7 @@
>
> B<DBUS ACCESS LIST> = Comma separated list of I<DBUS ACCESS>
>
> -B<DBUS ACCESS> = ( 'send' | 'receive' | 'bind' | 'eavesdrop' )
> +B<DBUS ACCESS> = ( 'send' | 'receive' | 'bind' | 'eavesdrop' | 'r' | 'read' | 'w' | 'write' | 'rw' )
> Some accesses are incompatible with some rules; see below.
>
> B<AARE> = B<?*[]{}^>
> @@ -1010,6 +1010,9 @@
> permissions cannot be used in service rules. The 'eavesdrop' permission cannot
> be used in rules containing any conditionals outside of the 'bus' conditional.
>
> +'r' and 'read' are synonyms for 'receive'. 'w' and 'write' are synonyms for
> +'send'. 'rw' is a synonym for both 'send' and 'receive'.
> +
> AppArmor DBus permissions are implied when a rule does not explicitly state an
> access list. By default, all DBus permissions are implied. Only message
> permissions are implied for message rules and only service permissions are
>
>
> Regards,
>
> Christian Boltz
>
>
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20160601/3bbd7262/attachment.pgp>
More information about the AppArmor
mailing list