Allow local amendments to the AppArmor policy

author Азалия Смарагдова <charming.flurry@yandex.ru>

Mon, 11 Sep 2023 14:54:37 +0000 (19:54 +0500)

committer Alessandro Astone <ales.astone@gmail.com>

Mon, 11 Sep 2023 15:39:14 +0000 (17:39 +0200)
author Азалия Смарагдова <charming.flurry@yandex.ru>
Mon, 11 Sep 2023 14:54:37 +0000 (19:54 +0500)
committer Alessandro Astone <ales.astone@gmail.com>
Mon, 11 Sep 2023 15:39:14 +0000 (17:39 +0200)
diff --git a/Makefile b/Makefile

index dc54740d8d6ccace9f2b47f47c679506ad66e7fe..b58aebea3bedcfbe2d9337dc8f52d303b124f1a1 100644 (file)
--- a/Makefile
+++ b/Makefile
@@ -51,6 +51,10 @@ install:
  
  install_apparmor:
         install -d $(INSTALL_APPARMOR_DIR) $(INSTALL_APPARMOR_DIR)/lxc
  
  install_apparmor:
         install -d $(INSTALL_APPARMOR_DIR) $(INSTALL_APPARMOR_DIR)/lxc
+       mkdir -p $(INSTALL_APPARMOR_DIR)/local/
+       touch $(INSTALL_APPARMOR_DIR)/local/adbd
+       touch $(INSTALL_APPARMOR_DIR)/local/android_app
+       touch $(INSTALL_APPARMOR_DIR)/local/lxc-waydroid
         cp -f data/configs/apparmor_profiles/adbd $(INSTALL_APPARMOR_DIR)/adbd
         cp -f data/configs/apparmor_profiles/android_app $(INSTALL_APPARMOR_DIR)/android_app
         cp -f data/configs/apparmor_profiles/lxc-waydroid $(INSTALL_APPARMOR_DIR)/lxc/lxc-waydroid
         cp -f data/configs/apparmor_profiles/adbd $(INSTALL_APPARMOR_DIR)/adbd
         cp -f data/configs/apparmor_profiles/android_app $(INSTALL_APPARMOR_DIR)/android_app
         cp -f data/configs/apparmor_profiles/lxc-waydroid $(INSTALL_APPARMOR_DIR)/lxc/lxc-waydroid
diff --git a/data/configs/apparmor_profiles/adbd b/data/configs/apparmor_profiles/adbd

index 19c660d0e34fec88fe0dfbd6d7d11b181c8987fc..2ce14e6741f9ebe160325ee123ab65142f93fd4e 100644 (file)
--- a/data/configs/apparmor_profiles/adbd
+++ b/data/configs/apparmor_profiles/adbd
@@ -1,4 +1,5 @@
  profile adbd flags=(attach_disconnected,mediate_deleted,complain) {
  profile adbd flags=(attach_disconnected,mediate_deleted,complain) {
+  #include <local/adbd>
    /** ix,
    /dev** rw,
    network,
    /** ix,
    /dev** rw,
    network,
diff --git a/data/configs/apparmor_profiles/android_app b/data/configs/apparmor_profiles/android_app

index e55fc015ceb7ef7a320a96cede22ea2e3f6da214..2f4e35e287e482148970e60feca01c7642dfbbd1 100644 (file)
--- a/data/configs/apparmor_profiles/android_app
+++ b/data/configs/apparmor_profiles/android_app
@@ -1,4 +1,5 @@
  profile android_app flags=(attach_disconnected, complain, mediate_deleted) {
  profile android_app flags=(attach_disconnected, complain, mediate_deleted) {
+  #include <local/android_app>
    /** ix,
    /dev** rw,
    network,
    /** ix,
    /dev** rw,
    network,
diff --git a/data/configs/apparmor_profiles/lxc-waydroid b/data/configs/apparmor_profiles/lxc-waydroid

index 5a1f5b2a0ca132f79dd4d67640b6b0f4c2883fa4..e17d709b280156e97442a9a4a28fd2a8cdf2122e 100644 (file)
--- a/data/configs/apparmor_profiles/lxc-waydroid
+++ b/data/configs/apparmor_profiles/lxc-waydroid
@@ -1,4 +1,5 @@
  profile lxc-waydroid flags=(attach_disconnected, complain, mediate_deleted) {
  profile lxc-waydroid flags=(attach_disconnected, complain, mediate_deleted) {
+  #include <local/lxc-waydroid>
    /** ix,
    /system/bin/app_process Pix -> lxc-waydroid//&android_app,
    /system/bin/app_process32 Pix -> lxc-waydroid//&android_app,
    /** ix,
    /system/bin/app_process Pix -> lxc-waydroid//&android_app,
    /system/bin/app_process32 Pix -> lxc-waydroid//&android_app,
author	Азалия Смарагдова <charming.flurry@yandex.ru>
	Mon, 11 Sep 2023 14:54:37 +0000 (19:54 +0500)
committer	Alessandro Astone <ales.astone@gmail.com>
	Mon, 11 Sep 2023 15:39:14 +0000 (17:39 +0200)
Makefile		patch \| blob \| blame \| history
data/configs/apparmor_profiles/adbd		patch \| blob \| blame \| history
data/configs/apparmor_profiles/android_app		patch \| blob \| blame \| history
data/configs/apparmor_profiles/lxc-waydroid		patch \| blob \| blame \| history