-
John Johansen authored
with unix rules we output a downgraded rule compatible with network rules so that policy will work on kernels that support network socket controls but not the extended af_unix rules however this is currently broken if the socket type is left unspecified (initialized to -1), resulting in denials for kernels that don't support the extended af_unix rules. cherry-pick: lp:apparmor r3700 Signed-off-by: John Johansen <john.johansen@canonical.com> Acked-by: timeout
878ebd4b