[apparmor] Regarding header file for default capabilities
swarna latha
sswarnas at gmail.com
Thu Apr 22 02:53:43 UTC 2021
Hi Seth,
Thank you for your immediate response. I have followed as per your
suggestion.
My header file name is common_caps
cat common_caps:
capability chown dac_override dac_read_search fowner fsetid kill ipc_lock
sys_nice setpcap ipc_owner sys_ptrace sys_chroot,
profile Test /usr/bin/ping flags=(attach_disconnected) {
#include "common_caps"
capability sys_tty_config,
capability sys_rawio,
}
we have removed the python user space utils, due to the space constraint in
our device.
so loading this profile with sh -x /etc/apparmor/apparmor_parse.sh, and
getting below error.
AppArmor parser error for usr.bin.test at line 1: syntax error, unexpected
TOK_CAPABILITY, expecting $end
Can you please let me know if i am missing anything here.
Thanks,
Swarna
On Wed, Apr 21, 2021 at 6:53 PM Seth Arnold <seth.arnold at canonical.com>
wrote:
> On Wed, Apr 21, 2021 at 09:41:23AM -0400, swarna latha wrote:
> > Can someone throw lights on how to implement a set of default
> > capabilities to be added in all profiles (preferably in header file)
>
> Hello Swarna, I gave advice to someone else recently that's probably
> applicable to your case, too:
>
> https://lists.ubuntu.com/archives/apparmor/2021-April/012264.html
>
> Thanks
> --
> AppArmor mailing list
> AppArmor at lists.ubuntu.com
> Modify settings or unsubscribe at:
> https://lists.ubuntu.com/mailman/listinfo/apparmor
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20210421/15821c7a/attachment.html>
More information about the AppArmor
mailing list