felipe/apparmor.d
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

update apparmor profiles

Browse source
This commit is contained in:
Mikhail Morfikov 2020-12-09 10:30:52 +01:00
parent f73da4a046
commit 503cf496bf
No known key found for this signature in database
GPG key ID: 32D9CB634796CCA1
218 changed files with 1445 additions and 1502 deletions
Download patch file Download diff file Expand all files Collapse all files

14
apparmor.d/cron-apt
View file

@ -23,7 +23,7 @@ profile cron-apt @{exec_path} {
@{exec_path} r,
/{usr/,}bin/dash rix,
/{usr/,}bin/{,ba,da}sh rix,
/{usr/,}bin/dotlockfile rix,
/{usr/,}bin/sed rix,
/{usr/,}bin/mktemp rix,
@ -61,10 +61,13 @@ profile cron-apt @{exec_path} {
/etc/cron-apt/refrain r,
/etc/cron-apt/action.d/[0-9]-* r,
/var/lib/cron-apt/{,**/} w,
/var/lib/cron-apt/.lk@{pid}* rw,
/var/lib/cron-apt/lockfile rwl -> /var/lib/cron-apt/.lk@{pid}*,
/var/lib/cron-apt/_-_etc_-_cron-apt_-_config/mailchanges/[0-9]-*-[0-9a-f]* rw,
# For shell pwd
/ r,
/etc/ r,
/root/ r,
/var/lib/cron-apt/ rw,
/var/lib/cron-apt/** rwl -> /var/lib/cron-apt/**,
# Logs
/var/log/cron-apt/ r,
@ -77,6 +80,7 @@ profile cron-apt @{exec_path} {
/{usr/,}lib/locale/locale-archive r,
# TMP
/tmp/ r,
owner /tmp/cron-apt.*/ rw,
owner /tmp/cron-apt.*/difftemp rw,
owner /tmp/cron-apt.*/lockfile rw,