samwiseetc/apparmor/parser.conf

# parser.conf is a global AppArmor config file for the apparmor_parser
#
# It can be used to specify the default options for the parser, which
# can then be overriden by options passed on the command line.
#
# Leading whitespace is ignored and lines that begin with # are treated
# as comments.
#
# Config options are specified one per line using the same format as the
# longform command line options (without the preceding --).
#
# If a value is specified twice the last version to appear is used.

## Suppress Warnings
#quiet

## Be verbose
#verbose

## Set additional include path
#Include /etc/apparmor.d/
# or
#Include /usr/share/apparmor


## Set location of apparmor filesystem
#subdomainfs /sys/kernel/security/apparmor

## Set match-string to use - for forcing compiler to treat different kernels
## the same
# match-string "pattern=aadfa audit perms=crwxamlk/ user::other"

## Turn creating/updating of the cache on by default
#write-cache

## Show cache hits
#show-cache

## skip cached policy
#skip-cache

## skip reading cache but allow updating
#skip-read-cache


#### Set Optimizaions.  Multiple Optimizations can be set, one per line ####
# For supported optimizations see
#   apparmor_parser --help=O

## Turn on equivalence classes
#equiv

## Turn off expr tree simplification
#Optimize=no-expr-simplify

## Turn off DFA minimization
#Optimize=no-minimize

## Adjust compression
#Optimize=compress-small
#Optimize=compress-fast

## Pin the policy feature set (avoid regressions when policy is lagging behind
## the kernel)
compile-features=/usr/share/apparmor-features/features
Initial recommit 2 years ago			`# parser.conf is a global AppArmor config file for the apparmor_parser`
			`#`
			`# It can be used to specify the default options for the parser, which`
			`# can then be overriden by options passed on the command line.`
			`#`
			`# Leading whitespace is ignored and lines that begin with # are treated`
			`# as comments.`
			`#`
			`# Config options are specified one per line using the same format as the`
			`# longform command line options (without the preceding --).`
			`#`
			`# If a value is specified twice the last version to appear is used.`

			`## Suppress Warnings`
			`#quiet`

			`## Be verbose`
			`#verbose`

			`## Set additional include path`
			`#Include /etc/apparmor.d/`
			`# or`
			`#Include /usr/share/apparmor`


			`## Set location of apparmor filesystem`
			`#subdomainfs /sys/kernel/security/apparmor`

			`## Set match-string to use - for forcing compiler to treat different kernels`
			`## the same`
			`# match-string "pattern=aadfa audit perms=crwxamlk/ user::other"`

			`## Turn creating/updating of the cache on by default`
			`#write-cache`

			`## Show cache hits`
			`#show-cache`

			`## skip cached policy`
			`#skip-cache`

			`## skip reading cache but allow updating`
			`#skip-read-cache`


			`#### Set Optimizaions. Multiple Optimizations can be set, one per line ####`
			`# For supported optimizations see`
			`# apparmor_parser --help=O`

			`## Turn on equivalence classes`
			`#equiv`

			`## Turn off expr tree simplification`
			`#Optimize=no-expr-simplify`

			`## Turn off DFA minimization`
			`#Optimize=no-minimize`

			`## Adjust compression`
			`#Optimize=compress-small`
			`#Optimize=compress-fast`

			`## Pin the policy feature set (avoid regressions when policy is lagging behind`
			`## the kernel)`
			`compile-features=/usr/share/apparmor-features/features`