Skip to content

Add AppArmor custom rules#237

Open
jorbaum wants to merge 2 commits intocloudfoundry:mainfrom
jorbaum:add-apparmor-custom-rules
Open

Add AppArmor custom rules#237
jorbaum wants to merge 2 commits intocloudfoundry:mainfrom
jorbaum:add-apparmor-custom-rules

Conversation

@jorbaum
Copy link
Copy Markdown

@jorbaum jorbaum commented Apr 16, 2026
edited
Loading

Description

Starting from Ubuntu Noble a new AppArmor profile for RSyslogd is used which is enforced. This might cause some access permisson problems for some plugins like imfile in Syslog. On the other hand, if someone adds some custom rules and want to include some log files which are located in directories that are not covered with the current rules, they might need a way how to extend the AppArmor rules.

This change makes this configuration possible.

Type of change

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to not work as expected)
  • This change requires a documentation update

Testing performed?

  • Unit tests
  • Integration tests
  • Acceptance tests
  • Manually generated manifest and deployed on a landscape

Checklist:

  • This PR is being made against the main branch, or relevant version branch
  • I have made corresponding changes to the documentation
  • I have added testing for my changes

chombium and others added 2 commits April 16, 2026 13:10
@chombium @jorbaum
Add AppArmor custom rules
06be034 
Starting from Ubuntu Noble a new AppArmor profile for RSyslogd is used
which is enforced. This might cause some access permisson problems for
some plugins like imfile in Syslog. On the other hand, if someone adds
some custom rules and want to include some log files which are located
in directories that are not covered with the current rules, they might
need a way how to extend the AppArmor rules.

This change makes this configuration possible.
@jorbaum
Document custom AppArmor rules property
ccd8b15 
Add documentation for the new syslog.custom_apparmor_rules property
introduced in the previous commit, covering the README and example
custom rules file.
@jorbaum jorbaum marked this pull request as ready for review April 16, 2026 11:52
@jorbaum
Copy link
Copy Markdown
Author

jorbaum commented Apr 16, 2026

Also played around with acceptance tests, but I am not sure if it makes sense for this small change: jorbaum@8dbffda

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

Foundational Infrastructure Working Group
Status: Inbox

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@jorbaum @chombium