github.com/Lephar/snapd@v0.0.0-20210825215435-c7fba9cef4d2/data/systemd/snapd.apparmor.service.in

github.com/Lephar/snapd@v0.0.0-20210825215435-c7fba9cef4d2/data/systemd/snapd.apparmor.service.in (about)

     1  # This systemd unit is needed on distributions that use apparmor but don't have
     2  # special support for loading snapd apparmor profiles. Until upstream apparmor
     3  # user-space release contains a systemd unit that is actually shipped by
     4  # distributors and that contains the necessary extension points for snapd the
     5  # apparmor profiles for snap applications need to be loaded separately from
     6  # other applications.
     7  [Unit]
     8  Description=Load AppArmor profiles managed internally by snapd
     9  DefaultDependencies=no
    10  Before=sysinit.target
    11  # This dependency is meant to ensure that apparmor initialization (whatever that might entail) is complete.
    12  After=apparmor.service
    13  ConditionSecurity=apparmor
    14  RequiresMountsFor=/var/cache/apparmor /var/lib/snapd/apparmor/profiles
    15  
    16  [Service]
    17  Type=oneshot
    18  ExecStart=@libexecdir@/snapd/snapd-apparmor start
    19  RemainAfterExit=yes
    20  
    21  [Install]
    22  WantedBy=multi-user.target