On 2019-01-10 15:58, Christian Boltz wrote:
The proper solution / fix is to expand variables and to work on their
content, but I'm afraind that isn't something I can do quickly.
Right, it is unfortunate that we can't really use variables. If we could, I would start (and
suggest) using @{foo_prefix} all other the place, to make local build software attached to the same
"upstream" profile, by, for example, creating `/etc/apparmor.d/tunables/usr.bin.foo.d/local` file
with contents:
```
# it's only /usr by default
@{foo_prefix} += /usr/local @{HOME}/opt/foo_from_github
```
And profile would just work:
```
profile foo @{foo_prefix}/bin/foo {
...
@{foo_prefix}/share/foo/resource r,
...
}
```
--
AppArmor mailing list
[email protected]
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/apparmor
