2020-07-10 00:58:55 +02:00
|
|
|
---
|
|
|
|
{%- from "apparmor/map.jinja" import apparmor with context %}
|
2023-06-27 11:45:14 +02:00
|
|
|
{%- if not salt['grains.get']('container') %}
|
2020-07-10 00:58:55 +02:00
|
|
|
{%- if apparmor.enabled is defined and apparmor.enabled %}
|
2021-09-25 16:03:23 +02:00
|
|
|
{%- for cfg in apparmor.configs %}
|
|
|
|
apparmor-{{ cfg }}:
|
2020-07-10 00:58:55 +02:00
|
|
|
file.managed:
|
2023-03-10 00:07:59 +01:00
|
|
|
- name: /etc/apparmor.d/{{ cfg }}
|
|
|
|
- source: salt://apparmor/templates/{{ cfg }}.j2
|
2020-07-10 00:58:55 +02:00
|
|
|
- user: root
|
|
|
|
- group: root
|
2022-06-10 00:13:19 +02:00
|
|
|
- mode: "0644"
|
2020-07-10 00:58:55 +02:00
|
|
|
- template: jinja
|
|
|
|
- watch_in:
|
|
|
|
- service: apparmor-reload
|
|
|
|
{%- endfor %}
|
|
|
|
|
|
|
|
apparmor-reload:
|
|
|
|
service.running:
|
|
|
|
- name: apparmor
|
|
|
|
- enable: true
|
2023-03-10 00:07:59 +01:00
|
|
|
{%- endif %}
|
2023-06-27 11:45:14 +02:00
|
|
|
{%- endif %}
|