feat(profiles): general update.

2023-05-07 20:34:00 +01:00 · 2023-05-07 20:34:00 +01:00 · 526dcc3252
commit 526dcc3252
parent b740a1c3e6
14 changed files with 29 additions and 9 deletions
--- a/apparmor.d/profiles-g-l/kmod
+++ b/apparmor.d/profiles-g-l/kmod
@ -55,6 +55,7 @@ profile kmod @{exec_path} flags=(attach_disconnected) {
  owner @{user_build_dirs}/**/lib/modules/*/kernel/{,**/} r,
  owner @{user_build_dirs}/**/lib/modules/*/kernel/**/*.ko r,

+        @{run}/xtables.lock r,
  owner @{run}/tmpfiles.d/ w,
  owner @{run}/tmpfiles.d/static-nodes.conf w,

--- a/apparmor.d/profiles-g-l/logrotate
+++ b/apparmor.d/profiles-g-l/logrotate
@ -19,6 +19,7 @@ profile logrotate @{exec_path} flags=(attach_disconnected) {
  capability fsetid,
  capability setgid,
  capability setuid,
+  capability net_admin,

  audit deny capability net_admin,