Commit 33f2eada authored by John Johansen's avatar John Johansen

apparmor: export that basic profile namespaces are supported

Allow userspace to detect that basic profile policy namespaces are
available.
Signed-off-by: default avatarJohn Johansen <john.johansen@canonical.com>
parent 6c5fc8f1
...@@ -2151,6 +2151,12 @@ static struct aa_sfs_entry aa_sfs_entry_policy[] = { ...@@ -2151,6 +2151,12 @@ static struct aa_sfs_entry aa_sfs_entry_policy[] = {
{ } { }
}; };
static struct aa_sfs_entry aa_sfs_entry_ns[] = {
AA_SFS_FILE_BOOLEAN("profile", 1),
AA_SFS_FILE_BOOLEAN("pivot_root", 1),
{ }
};
static struct aa_sfs_entry aa_sfs_entry_query_label[] = { static struct aa_sfs_entry aa_sfs_entry_query_label[] = {
AA_SFS_FILE_STRING("perms", "allow deny audit quiet"), AA_SFS_FILE_STRING("perms", "allow deny audit quiet"),
AA_SFS_FILE_BOOLEAN("data", 1), AA_SFS_FILE_BOOLEAN("data", 1),
...@@ -2166,6 +2172,7 @@ static struct aa_sfs_entry aa_sfs_entry_features[] = { ...@@ -2166,6 +2172,7 @@ static struct aa_sfs_entry aa_sfs_entry_features[] = {
AA_SFS_DIR("policy", aa_sfs_entry_policy), AA_SFS_DIR("policy", aa_sfs_entry_policy),
AA_SFS_DIR("domain", aa_sfs_entry_domain), AA_SFS_DIR("domain", aa_sfs_entry_domain),
AA_SFS_DIR("file", aa_sfs_entry_file), AA_SFS_DIR("file", aa_sfs_entry_file),
AA_SFS_DIR("namespaces", aa_sfs_entry_ns),
AA_SFS_FILE_U64("capability", VFS_CAP_FLAGS_MASK), AA_SFS_FILE_U64("capability", VFS_CAP_FLAGS_MASK),
AA_SFS_DIR("rlimit", aa_sfs_entry_rlimit), AA_SFS_DIR("rlimit", aa_sfs_entry_rlimit),
AA_SFS_DIR("caps", aa_sfs_entry_caps), AA_SFS_DIR("caps", aa_sfs_entry_caps),
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment