felipe/apparmor.d
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat: update profiles.

Browse source
This commit is contained in:
Alexandre Pujol 2022-04-07 20:53:35 +01:00
parent c8cda79b78
commit 10cdde9fb7
No known key found for this signature in database
GPG key ID: C5469996F0DF68EC
28 changed files with 90 additions and 43 deletions
Download patch file Download diff file Expand all files Collapse all files

15
apparmor.d/profiles-a-f/dhclient
View file

@ -1,5 +1,6 @@
# apparmor.d - Full set of apparmor profiles
# Copyright (C) 2018-2021 Mikhail Morfikov
# Copyright (C) 2018-2022 Mikhail Morfikov
# Copyright (C) 2022 Alexandre Pujol <alexandre@pujol.io>
# SPDX-License-Identifier: GPL-2.0-only
abi <abi/3.0>,
@ -12,17 +13,9 @@ profile dhclient @{exec_path} {
include <abstractions/nameservice-strict>
include <abstractions/openssl>
# To remove the following errors:
# dhclient[]: Open a socket for LPF: Operation not permitted
capability net_raw,
# To remove the following errors:
# dhclient[]: Can't bind to dhcp address: Permission denied
capability net_admin,
capability net_bind_service,
# Needed?
audit deny capability net_admin,
audit deny capability sys_module,
capability net_raw,
network inet dgram,
network inet6 dgram,