felipe/apparmor.d
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat(profiles): better integration with openSUSE.

Browse source 
See #134
This commit is contained in:
Alexandre Pujol 2023-03-27 22:22:36 +01:00
parent 4ca3ced1a5
commit 41766ebd2a
No known key found for this signature in database
GPG key ID: C5469996F0DF68EC
20 changed files with 82 additions and 30 deletions
Download patch file Download diff file Expand all files Collapse all files

4
apparmor.d/groups/cron/cron
View file

@ -17,6 +17,7 @@ profile cron @{exec_path} {
capability audit_write,
capability dac_read_search,
capability net_admin,
capability setgid,
capability setuid,
capability sys_resource,
@ -35,7 +36,6 @@ profile cron @{exec_path} {
/{usr/,}lib/@{multiarch}/e2fsprogs/e2scrub_all_cron rPUx,
/{usr/,}lib/sysstat/debian-sa1 rPUx,
/usr/share/rsync/scripts/rrsync rPUx,
/usr/local/lib/pki/pki-realm rPUx, # TODO: FIXME: NO COMMIT ZENFRA ONLY
/etc/cron.d/{,*} r,
/etc/crontab r,
@ -54,5 +54,7 @@ profile cron @{exec_path} {
owner @{PROC}/@{pid}/loginuid rw,
@{PROC}/1/limits r,
/dev/tty rw,
include if exists <local/cron>
}