On 12/18/2012 06:17 AM, Steve Beattie wrote:
> The apparmor_api abstractions make the mistake of including tunables
> directly, which is a no-no since the variable definitions in tunables
> need to occur in the preamble of a profile, not embedded within it.
> This patch removes those includes, and replaces them documentation of
> tunables are necessary, as some of the expected ones are not part of
> tunables/global.
>
> It also adjust the kernelvars tunable's definition of the @{pid}
> regex, as the current parser does not support nesting of {} groupings,
> which breaks any profile that attempts to use the tunable.
So I'll ack it if you don't object to me reverting it when I fix the
parser :)
--
AppArmor mailing list
AppArmor@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/apparmor
