Hello, Am Samstag, 7. März 2015 schrieb Steve Beattie: > On Sat, Feb 28, 2015 at 02:09:30AM +0100, Christian Boltz wrote:
> > BTW: Will this also override --Include (which might have > > /etc/apparmor.d/abstractions as default if I get parser.conf right) > > or will the parser still search there if the file doesn't exist in > > the --base directory? > > No, it will honor passed --Include as well as Include entries listed > in parser.conf. That's slightly surprising, but it's documented and therefore ok ;-) > And uh we should fix parser.conf to point the example include path at > /etc/apparmor.d/ or some other location, as trying > /etc/apparmor.d/abstractions ... is likely to leave someone unhappy. > Maybe like so? > --- > parser/parser.conf | 5 ++++- > 1 file changed, 4 insertions(+), 1 deletion(-) > > Index: b/parser/parser.conf > =================================================================== > --- a/parser/parser.conf > +++ b/parser/parser.conf > @@ -18,7 +18,10 @@ > #verbose > > ## Set include path > -#Include /etc/apparmor.d/abstractions > +#Include /etc/apparmor.d/ > +# or > +#Include /usr/share/apparmor > + > > ## Set location of apparmor filesystem > #subdomainfs /sys/kernel/security/apparmor IMHO /etc/apparmor.d/ is enough, but if Ubuntu ships abstractions in /usr/share/apparmor, I'm fine with listing both. Hmm, maybe you should also change ## Set include path to ## Set additional include path ? Acked-by: Christian Boltz <appar...@cboltz.de> with or without the proposed changes ;-) (trunk only please - I don't want to produce a *.rpmnew for a comment change in the next maintenance update ;-) Regards, Christian Boltz -- >> vielleicht sollte man die anonymen 9.1er gründen? > Handelt es sich hier um eine Sucht oder um eine Krankheit? Also, mich macht die 9.1 nicht suechtig. Eher krank... [>>Carl A. Schreiber, > Sibylle Koczian & Thomas Hertweck in suse-linux] -- AppArmor mailing list AppArmor@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor