felipe/apparmor.d
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat(profile): cleanup some rules already included in abs.

Browse source
This commit is contained in:
Alexandre Pujol 2024-03-16 21:40:35 +00:00
parent b15aaae553
commit 0c5e71f971
No known key found for this signature in database
GPG key ID: C5469996F0DF68EC
36 changed files with 20 additions and 72 deletions
Download patch file Download diff file Expand all files Collapse all files

2
apparmor.d/groups/systemd/systemd-machined
View file

@ -10,6 +10,7 @@ include <tunables/global>
profile systemd-machined @{exec_path} {
include <abstractions/base>
include <abstractions/bus-system>
include <abstractions/nameservice-strict>
include <abstractions/systemd-common>
capability chown,
@ -40,7 +41,6 @@ profile systemd-machined @{exec_path} {
/etc/machine-id r,
@{run}/systemd/machines/{,**} rw,
@{run}/systemd/userdb/io.systemd.Machine rw,
@{run}/systemd/notify w,
@{PROC}/@{pid}/cgroup r,