Re: [apparmor] Apparmor: Query on adding many capabilities in the custom header file

Seth Arnold Thu, 22 Apr 2021 11:46:34 -0700

On Thu, Apr 22, 2021 at 09:15:27PM +0530, Murali Selvaraj wrote:
> @{default_caps}=chown,dac_override,dac_read_search,fowner,fsetid,kill,ipc_lock,sys_nice,setpcap,pc_owner,sys_ptrace,sys_chroot


Variables don't work for the capabilities. They aren't like files.

Make a new abstraction file with:

capability chown dac_override dac_read_search fowner fsetid kill ipc_lock 
sys_nice setpcap pc_owner sys_ptrace sys_chroot,


as the only contents, and use that. instead.

Thanks

signature.asc
Description: PGP signature

-- 
AppArmor mailing list
AppArmor@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/apparmor

Re: [apparmor] Apparmor: Query on adding many capabilities in the custom header file

Reply via email to