[apparmor] Question about increasing the limit for profile transitions
Liu,An
liuan03 at baidu.com
Thu May 17 03:58:33 UTC 2018
I wrote the profile for init process which will transit to other profile as follows when system starts.
/system/bin/wpa_supplicant px -> wpa,
/system/bin/dhcpd -> dhcpd,
…
My purpose is to protect the whole system using AppArmor. Since init is the first process to start, there are so many transition rules (> 50) in init profile.
When I load the profile for init using apparmor-parser, I got the following error.
$ Profile init has too many specified profile transitions.
I think I need to increase following macro (it was 16) in immunix.h to make profile handle more transition rules.
#define AA_EXEC_COUNT 64
However, after increasing it and recompiling apparmor-parser. apparmor-parser got segmentation fault when I load the profile. Any idea what is the correct way to increase the limit of total number profile transition?
Thanks,
An
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20180517/a4528fc1/attachment.html>
More information about the AppArmor
mailing list