felipe/apparmor.d
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat(profile): initial integration with attached path.

Browse source 
The feature is not yet enabled.

See https://apparmor.pujol.io/development/internal/#re-attached-path
This commit is contained in:
Alexandre Pujol 2024-10-11 14:13:17 +01:00
parent 5bf8c6ef0f
commit 61a27bc336
No known key found for this signature in database
GPG key ID: C5469996F0DF68EC
85 changed files with 164 additions and 139 deletions
Download patch file Download diff file Expand all files Collapse all files

2
apparmor.d/groups/systemd/systemd-inhibit
View file

@ -20,7 +20,7 @@ profile systemd-inhibit @{exec_path} flags=(attach_disconnected) {
@{bin}/cat rix,
@{run}/systemd/inhibit/@{int}.ref rw,
@{att}/@{run}/systemd/inhibit/@{int}.ref rw,
include if exists <local/systemd-inhibit>
}

4
apparmor.d/groups/systemd/systemd-networkd
View file

@ -50,9 +50,9 @@ profile systemd-networkd @{exec_path} flags=(attach_disconnected) {
/etc/networkd-dispatcher/carrier.d/{,*} r,
/ r,
@{att}/ r,
owner /var/lib/systemd/network/ r,
owner @{att}/var/lib/systemd/network/ r,
@{run}/systemd/network/ r,
@{run}/systemd/network/*.network r,