Merge pull request #96034 from saschagrunert/apparmor

apparmor: add apparmor_parser config file
NixOS · Aug 28, 2020 · 18c52da · 18c52da
2 parents 4ef92a3 + 2259fbd
commit 18c52da
Showing 1 changed file with 6 additions and 0 deletions.
diff --git a/nixos/modules/security/apparmor.nix b/nixos/modules/security/apparmor.nix
@@ -23,11 +23,17 @@ in
          default = [];
          description = "List of packages to be added to apparmor's include path";
        };
+       parserConfig = mkOption {
+         type = types.str;
+         default = "";
+         description = "AppArmor parser configuration file content";
+       };
      };
    };
 
    config = mkIf cfg.enable {
      environment.systemPackages = [ pkgs.apparmor-utils ];
+     environment.etc."apparmor/parser.conf".text = cfg.parserConfig;
 
      boot.kernelParams = [ "apparmor=1" "security=apparmor" ];