From ff0df5398f6f371289c261485b2553f3a61b5ae7 Mon Sep 17 00:00:00 2001
From: Craig Andrews <candrews@integralblue.com>
Date: Wed, 8 Mar 2023 15:36:15 -0500
Subject: [PATCH] apparmor: apply only to platform machine

The 'Ensure AppArmor is installed' rule should not apply to containers.

None of the apparmor rules should apply to containers, so set "machine: apparmor" for that group.

Cleanup instances of "platform: machine" for rules in that group that already have this restriction to eliminate redundancy.

Signed-off-by: Craig Andrews <candrews@integralblue.com>
---
 linux_os/guide/system/apparmor/apparmor_configured/rule.yml     | 2 --
 linux_os/guide/system/apparmor/group.yml                        | 2 ++
 .../system/apparmor/package_pam_apparmor_installed/rule.yml     | 2 --
 3 files changed, 2 insertions(+), 4 deletions(-)

diff --git a/linux_os/guide/system/apparmor/apparmor_configured/rule.yml b/linux_os/guide/system/apparmor/apparmor_configured/rule.yml
index c8c13e20d9b..6d2727584bc 100644
--- a/linux_os/guide/system/apparmor/apparmor_configured/rule.yml
+++ b/linux_os/guide/system/apparmor/apparmor_configured/rule.yml
@@ -62,5 +62,3 @@ template:
         packagename@ubuntu1604: apparmor
         packagename@ubuntu1804: apparmor
         packagename@ubuntu2004: apparmor
-
-platform: machine
diff --git a/linux_os/guide/system/apparmor/group.yml b/linux_os/guide/system/apparmor/group.yml
index 597b4fe5d8c..08097e1c085 100644
--- a/linux_os/guide/system/apparmor/group.yml
+++ b/linux_os/guide/system/apparmor/group.yml
@@ -21,3 +21,5 @@ description: |-
     For more information on using AppArmor, see
     {{{ weblink(link="https://www.suse.com/documentation/sles-12/book_security/data/cha_apparmor_intro.html") }}}.
     {{% endif %}}
+
+platform: machine
diff --git a/linux_os/guide/system/apparmor/package_pam_apparmor_installed/rule.yml b/linux_os/guide/system/apparmor/package_pam_apparmor_installed/rule.yml
index eca45784026..75ab0ad98f1 100644
--- a/linux_os/guide/system/apparmor/package_pam_apparmor_installed/rule.yml
+++ b/linux_os/guide/system/apparmor/package_pam_apparmor_installed/rule.yml
@@ -34,5 +34,3 @@ template:
     name: package_installed
     vars:
         pkgname: pam_apparmor
-
-platform: machine