felipe/apparmor.d
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat(profiles): better integration with openSUSE.

Browse source 
See #134
This commit is contained in:
Alexandre Pujol 2023-03-27 22:22:36 +01:00
parent 4ca3ced1a5
commit 41766ebd2a
No known key found for this signature in database
GPG key ID: C5469996F0DF68EC
20 changed files with 82 additions and 30 deletions
Download patch file Download diff file Expand all files Collapse all files

7
apparmor.d/profiles-s-z/su
View file

@ -47,11 +47,14 @@ profile su @{exec_path} {
/{usr/,}bin/{c,k,tc,z}sh rUx,
/{usr/,}{s,}bin/nologin rPx,
/etc/default/locale r,
@{etc_ro}/default/su r,
@{etc_ro}/environment r,
@{etc_ro}/security/limits.d/ r,
@{etc_ro}/security/limits.d/{,*.conf} r,
/etc/default/locale r,
/etc/shells r,
owner@{HOME}/.xauth?????? rw,
owner @{PROC}/@{pids}/loginuid r,
owner @{PROC}/@{pids}/cgroup r,
owner @{PROC}/@{pids}/mountinfo r,

8
apparmor.d/profiles-s-z/xauth
View file

@ -16,6 +16,11 @@ profile xauth @{exec_path} {
/Xauthority-c w,
owner @{HOME}/.xauth?????? rw,
owner @{HOME}/.xauth??????-c w,
owner @{HOME}/.xauth??????-l wl,
owner @{HOME}/.xauth??????-n rw,
owner @{HOME}/.Xauthority-c w,
owner @{HOME}/.Xauthority-l wl -> @{HOME}/.Xauthority-c,
owner @{HOME}/.Xauthority-n rw,
@ -26,5 +31,8 @@ profile xauth @{exec_path} {
owner /tmp/serverauth.*-n rw,
owner /tmp/serverauth.* rwl -> /tmp/serverauth.*-n,
owner @{run}/run/user/@{uid}/xauth_?????? r,
owner /tmp/runtime-cb/xauth_?????? r,
include if exists <local/xauth>
}