aa-unconfined: Improve fallback handling to attr/current (!801) · Merge requests · AppArmor / apparmor

Christian Boltz requested to merge cboltz/apparmor:cboltz-aa-unconfined-fallback into master Sep 18, 2021

If /proc//attr/apparmor/current exists, only read that - instead of falling back to /proc//attr/current if a process is for example unconfined so that read_proc_current returns None.

Fixes: #199 (closed)

I propose this patch for 3.0 and master.

2.13 and older only check /proc/*/attr/current. If we want to change that, we'll need to backport some more commits, or maybe just copy over the latest aa-unconfined.

Edited Sep 18, 2021 by Christian Boltz

aa-unconfined: Improve fallback handling to attr/current

Merge request reports