File: parser.conf

package info (click to toggle)
apparmor 4.1.0-1
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid, trixie
  • size: 34,800 kB
  • sloc: ansic: 24,940; python: 24,595; sh: 12,524; cpp: 9,024; yacc: 2,061; makefile: 1,921; lex: 1,215; pascal: 1,145; perl: 1,033; ruby: 365; lisp: 282; exp: 250; java: 212; xml: 159
file content (83 lines) | stat: -rw-r--r-- 2,398 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
 
# parser.conf is a global AppArmor config file for the apparmor_parser
#
# It can be used to specify the default options for the parser, which
# can then be overridden by options passed on the command line.
#
# Leading whitespace is ignored and lines that begin with # are treated
# as comments.
#
# Config options are specified one per line using the same format as the
# longform command line options (without the preceding --).
#
# If a value is specified twice the last version to appear is used.

## Suppress Warnings
#quiet

## Be verbose
#verbose

## Set additional include path
#Include /etc/apparmor.d/
# or
#Include /usr/share/apparmor


## Set location of apparmor filesystem
#subdomainfs /sys/kernel/security/apparmor

## Set match-string to use - for forcing compiler to treat different kernels
## the same
# match-string "pattern=aadfa audit perms=crwxamlk/ user::other"

## Turn creating/updating of the cache on by default
#write-cache

## Show cache hits
#show-cache

## skip cached policy
#skip-cache

## skip reading cache but allow updating
#skip-read-cache


#### Set Optimizations.  Multiple Optimizations can be set, one per line ####
# For supported optimizations see
#   apparmor_parser --help=O

## Turn on equivalence classes
#equiv

## Turn off expr tree simplification
#Optimize=no-expr-simplify

## Turn off DFA minimization
#Optimize=no-minimize

## Adjust compression
#Optimize=compress-small
#Optimize=compress-fast

### The policy-features abi rule pins policy that does not have an abi
### rule to a given feature ABI. This enables apparmor 2.x developed
### policy to be used in AppArmor 3.x without the warning
###    Warning from stdin (stdin line 1): apparmor_parser: File 'example'
###    missing feature abi, falling back to default policy feature abi.
### For more info please see
### https://gitlab.com/apparmor/apparmor/-/wikis/AppArmorpolicyfeaturesabi

### Turn off abi rule warnings without pinning the abi
#warn=no-abi

### Only a single feature ABI rule should be used at a time.
## Pin older policy to the 5.4 kernel abi
#policy-features=/etc/apparmor.d/abi/kernel-5.4-vanilla

## Pin older policy to the 5.4 kernel abi + out of tree network and af_unix
#policy-features=/etc/apparmor.d/abi/kernel-5.4-vanilla

## Pin feature set (avoid regressions when policy is lagging behind
## the kernel)
policy-features=/usr/share/apparmor-features/features