On Wed, Jan 09, 2019 at 11:48:44PM +0100, Mikhail Morfikov wrote: > @{exec_path} = /usr/bin/keepassxc > profile keepassxc @{exec_path} { > }
> # aa-complain usr.bin.keepassxc > ERROR: Profile for @{exec_path} exists in /etc/apparmor.d/some-app and > /etc/apparmor.d/some-other-app > Should this happen? Should I avoid using the code > snipped to make profiles and use regular paths instead? I guess you'll have to decide if your abstraction to make it easy to change the location of binaries saves you enough trouble that it's worth no longer being able to use the python-based utilities. If you've built enough infrastructure around your tooling it might be easy to extend it to do whatever the python-based tooling does and you're missing. If you've not yet built much infrastructure around your abstraction, this might not be quite as compelling. Thanks
signature.asc
Description: PGP signature
-- AppArmor mailing list AppArmor@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor