-
Tyler Hicks authored
When an AppArmor confined process wants to become a monitor, a check is performed to see if eavesdropping should be allowed. The check is based on the connection's label and the bus type. This patch reuses the bus_apparmor_allows_eavesdropping() hook. An example AppArmor rule that would allow a process to become a monitor on the system bus would be: dbus eavesdrop bus=system, Bug: https://bugs.freedesktop.org/show_bug.cgi?id=75113 Signed-off-by: Tyler Hicks <tyhicks@canonical.com> Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
43972361