Merge pull request #96034 from saschagrunert/apparmor

apparmor: add apparmor_parser config file
2024-11-10 16:45:51 +03:00 · 2020-08-28 08:08:25 +00:00 · 2020-08-28 08:08:25 +00:00 · 18c52dadfe
commit 18c52dadfe
parent 4ef92a3033 2259fbdf4b
1 changed files with 6 additions and 0 deletions
--- a/nixos/modules/security/apparmor.nix
+++ b/nixos/modules/security/apparmor.nix
@ -23,11 +23,17 @@ in
         default = [];
         description = "List of packages to be added to apparmor's include path";
       };
+       parserConfig = mkOption {
+         type = types.str;
+         default = "";
+         description = "AppArmor parser configuration file content";
+       };
     };
   };

   config = mkIf cfg.enable {
     environment.systemPackages = [ pkgs.apparmor-utils ];
+     environment.etc."apparmor/parser.conf".text = cfg.parserConfig;

     boot.kernelParams = [ "apparmor=1" "security=apparmor" ];