This creates a Profile Modify page which allows the user to view and edit permissions that a Profile grants. This page uses the libappanvil library to parse a profile, read, and edit permissions.
This branch also contains commits to fix minor errors that were discovered during development. In particular, AppAnvil no longer crashes if aa-status returns invalid JSON. I also set C++20 as the language standard in CMake, which gives access to more language features.
Improvements needed
Specifically the page currently allows the user to read, edit, and delete either File Rules or Abstractions. Currently, there is no way to add permissions. Furthermore, many other rule types are not yet supported.
There is a bug, which shows DENY rules next to normal rules in the File Rule table. This is misleading, because it seems like these permissions are granted, when they are explicitly denied. More work needs to be done for showcasing AUDIT, DENY, OWNER flags on permissions.
We should allow the user to specify which locations profiles should be read from. Currently, profiles are read from /etc/apparmor.d and /var/lib/snapd/apparmor/profiles/ (for Snaps). We should allow users to add/edit possible profile locations in a settings menu.
This creates a Profile Modify page which allows the user to view and edit permissions that a Profile grants. This page uses the libappanvil library to parse a profile, read, and edit permissions.
This branch also contains commits to fix minor errors that were discovered during development. In particular, AppAnvil no longer crashes if aa-status returns invalid JSON. I also set C++20 as the language standard in CMake, which gives access to more language features.
Improvements needed
Specifically the page currently allows the user to read, edit, and delete either File Rules or Abstractions. Currently, there is no way to add permissions. Furthermore, many other rule types are not yet supported.
There is a bug, which shows DENY rules next to normal rules in the File Rule table. This is misleading, because it seems like these permissions are granted, when they are explicitly denied. More work needs to be done for showcasing AUDIT, DENY, OWNER flags on permissions.
We should allow the user to specify which locations profiles should be read from. Currently, profiles are read from
/etc/apparmor.d
and/var/lib/snapd/apparmor/profiles/
(for Snaps). We should allow users to add/edit possible profile locations in a settings menu.