public inbox for passt-dev@passt.top
 help / color / mirror / code / Atom feed
0c072c7ce0dd11c1221a201b871887f9f20af0fe blob 652 bytes (raw)
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23

 
# SPDX-License-Identifier: GPL-2.0-or-later
#
# PESTO - Programmable Extensible Socket Translation Orchestrator
#  front-end for passt(1) and pasta(1) forwarding configuration
#
# contrib/apparmor/usr.bin.pesto - AppArmor profile for pesto(1)
#
# Copyright (c) 2026 Red Hat GmbH
# Author: Stefano Brivio <sbrivio@redhat.com>

abi <abi/4.0>,

#include <tunables/global>

profile pesto /usr/bin/pesto {
  #include <abstractions/base>
  /** rw,			# control socket might be anywhere
  unix (connect, receive, send) type=stream,

  capability dac_override,	# connect to passt's socket as root

  network unix stream,		# connect and use UNIX domain socket
}

debug log:
solving 0c072c7 ...
found 0c072c7 in https://archives.passt.top/passt-dev/20260506213155.1886983-21-sbrivio@redhat.com/ ||
	https://archives.passt.top/passt-dev/20260506132323.1751386-21-sbrivio@redhat.com/ ||
	https://archives.passt.top/passt-dev/20260506092241.1607480-21-sbrivio@redhat.com/

applying [1/3] https://archives.passt.top/passt-dev/20260506213155.1886983-21-sbrivio@redhat.com/
diff --git a/contrib/apparmor/usr.bin.pesto b/contrib/apparmor/usr.bin.pesto
new file mode 100644
index 0000000..0c072c7

Checking patch contrib/apparmor/usr.bin.pesto...
Applied patch contrib/apparmor/usr.bin.pesto cleanly.

skipping https://archives.passt.top/passt-dev/20260506132323.1751386-21-sbrivio@redhat.com/ for 0c072c7
skipping https://archives.passt.top/passt-dev/20260506092241.1607480-21-sbrivio@redhat.com/ for 0c072c7
index at:
100644 0c072c7ce0dd11c1221a201b871887f9f20af0fe	contrib/apparmor/usr.bin.pesto

Code repositories for project(s) associated with this public inbox

	https://passt.top/passt

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for IMAP folder(s).