felipe/apparmor.d
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat(profile): general update.

Browse source
This commit is contained in:
Alexandre Pujol 2024-05-11 17:38:43 +01:00
parent 533b7ac937
commit 1739c07ca1
No known key found for this signature in database
GPG key ID: C5469996F0DF68EC
36 changed files with 57 additions and 56 deletions
Download patch file Download diff file Expand all files Collapse all files

3
apparmor.d/profiles-m-r/mount
View file

@ -56,8 +56,7 @@ profile mount @{exec_path} flags=(attach_disconnected) {
@{run}/ r,
owner @{run}/mount/ rw,
owner @{run}/mount/utab{,.*} rw,
owner @{run}/mount/utab.lock wk,
owner @{run}/mount/utab{,.*} rwk,
/tmp/sanity-squashfs-@{int} rw,
/tmp/syscheck-squashfs-@{int} rw,

3
apparmor.d/profiles-m-r/pass
View file

@ -62,7 +62,10 @@ profile pass @{exec_path} {
owner @{user_password_store_dirs}/{,**} rw,
owner /dev/shm/pass.*/{,*} rw,
@{sys}/devices/system/node/ r,
@{PROC}/ r,
@{PROC}/@{pid}/stat r,
@{PROC}/@{pids}/cmdline r,
@{PROC}/sys/kernel/osrelease r,
@{PROC}/uptime r,

2
apparmor.d/profiles-m-r/pcscd
View file

@ -11,6 +11,7 @@ profile pcscd @{exec_path} {
include <abstractions/base>
include <abstractions/devices-usb>
capability net_admin,
capability sys_ptrace,
network netlink raw,
@ -29,6 +30,7 @@ profile pcscd @{exec_path} {
owner @{run}/pcscd/{,pcscd.pid} rw,
@{PROC}/@{pid}/fdinfo/@{int} r,
@{PROC}/@{pids}/stat r,
include if exists <local/pcscd>