[apparmor] Regarding header file for default capabilities
John Johansen
john.johansen at canonical.com
Thu Apr 22 05:14:55 UTC 2021
On 4/21/21 7:53 PM, swarna latha wrote:
> Hi Seth,
>
> Thank you for your immediate response. I have followed as per your suggestion.
>
> My header file name is common_caps
>
> cat common_caps:
> capability chown dac_override dac_read_search fowner fsetid kill ipc_lock sys_nice setpcap ipc_owner sys_ptrace sys_chroot,
>
> profile Test /usr/bin/ping flags=(attach_disconnected) {
> #include "common_caps"
> capability sys_tty_config,
> capability sys_rawio,
> }
> we have removed the python user space utils, due to the space constraint in our device.
> so loading this profile with sh -x /etc/apparmor/apparmor_parse.sh, and getting below error.
>
> AppArmor parser error for usr.bin.test at line 1: syntax error, unexpected TOK_CAPABILITY, expecting $end
>
> Can you please let me know if i am missing anything here.
>
Its hard to say from your output. The profile and common caps from above parse just fine for me. What is
the full contents of usr.bin.test?
More information about the AppArmor
mailing list