diff options
| author | David Lönnhager <david.l@mullvad.net> | 2024-04-30 09:56:06 +0200 |
|---|---|---|
| committer | David Lönnhager <david.l@mullvad.net> | 2024-04-30 09:56:06 +0200 |
| commit | 8404765b55ebbcdf1208c0557597f3d00db419de (patch) | |
| tree | 0f437c72c3c78ed1b22f3839a2abde031615e770 | |
| parent | 78c9b38e937dbaa3390e69753b0f667a1bb049b6 (diff) | |
| download | mullvadvpn-8404765b55ebbcdf1208c0557597f3d00db419de.tar.xz mullvadvpn-8404765b55ebbcdf1208c0557597f3d00db419de.zip | |
Move apparmor profile to file
| -rw-r--r-- | dist-assets/linux/after-install.sh | 12 | ||||
| -rw-r--r-- | dist-assets/linux/apparmor_mullvad | 8 | ||||
| -rw-r--r-- | gui/tasks/distribution.js | 1 |
3 files changed, 10 insertions, 11 deletions
diff --git a/dist-assets/linux/after-install.sh b/dist-assets/linux/after-install.sh index 3cd40e81d2..7701202b46 100644 --- a/dist-assets/linux/after-install.sh +++ b/dist-assets/linux/after-install.sh @@ -20,16 +20,6 @@ version=$(grep -oP '^VERSION_ID=\K.+' /etc/os-release | tr -d '"') if [[ "$os" == "ubuntu" ]] && version_is_ge "$version" "24.04"; then echo "Creating apparmor profile" - - cat <<EOF > /etc/apparmor.d/mullvad -abi <abi/4.0>, -include <tunables/global> - -profile mullvad /opt/Mullvad\ VPN/mullvad-gui flags=(unconfined) { - userns, - # Site-specific additions and overrides. See local/README for details. - include if exists <local/mullvad> -} -EOF + cp /opt/Mullvad\ VPN/resources/apparmor_mullvad /etc/apparmor.d/mullvad apparmor_parser -r /etc/apparmor.d/mullvad || echo "Failed to reload apparmor profile" fi diff --git a/dist-assets/linux/apparmor_mullvad b/dist-assets/linux/apparmor_mullvad new file mode 100644 index 0000000000..ac06ebd9fc --- /dev/null +++ b/dist-assets/linux/apparmor_mullvad @@ -0,0 +1,8 @@ +abi <abi/4.0>, +include <tunables/global> + +profile mullvad /opt/Mullvad\ VPN/mullvad-gui flags=(unconfined) { + userns, + # Site-specific additions and overrides. See local/README for details. + include if exists <local/mullvad> +}
\ No newline at end of file diff --git a/gui/tasks/distribution.js b/gui/tasks/distribution.js index ada829057b..6cae17885a 100644 --- a/gui/tasks/distribution.js +++ b/gui/tasks/distribution.js @@ -175,6 +175,7 @@ const config = { { from: distAssets(path.join(getLinuxTargetSubdir(), 'mullvad-problem-report')), to: '.' }, { from: distAssets(path.join(getLinuxTargetSubdir(), 'mullvad-setup')), to: '.' }, { from: distAssets(path.join(getLinuxTargetSubdir(), 'libtalpid_openvpn_plugin.so')), to: '.' }, + { from: distAssets(path.join('linux', 'apparmor_mullvad')), to: '.' }, { from: distAssets(path.join('binaries', '${env.TARGET_TRIPLE}', 'openvpn')), to: '.' }, ], }, |