Update profile from #25.
This commit is contained in:
Alexandre Pujol
parent
9ecc1aa240
commit
6294159d7a
28 changed files with 83 additions and 20 deletions
|
|
@ -28,6 +28,8 @@ profile child-systemctl flags=(attach_disconnected) {
|
|||
|
||||
/{usr/,}bin/systemctl mr,
|
||||
|
||||
/etc/systemd/user/{,**} rwl,
|
||||
|
||||
owner @{PROC}/@{pid}/stat r,
|
||||
@{PROC}/sys/kernel/osrelease r,
|
||||
@{PROC}/1/environ r,
|
||||
|
|
|
|||
|
|
@ -14,9 +14,10 @@ profile journalctl @{exec_path} {
|
|||
include <abstractions/nameservice-strict>
|
||||
include <abstractions/systemd-common>
|
||||
|
||||
capability sys_resource,
|
||||
capability dac_read_search,
|
||||
capability dac_override,
|
||||
capability dac_read_search,
|
||||
capability net_admin,
|
||||
capability sys_resource,
|
||||
|
||||
signal (send) peer=child-pager,
|
||||
|
||||
|
|
|
|||
|
|
@ -28,8 +28,9 @@ profile systemd-hostnamed @{exec_path} {
|
|||
@{run}/udev/data/+dmi:id r,
|
||||
@{sys}/firmware/dmi/entries/*/raw r,
|
||||
|
||||
/etc/hostname rw,
|
||||
/etc/.#hostname* rw,
|
||||
/etc/hostname rw,
|
||||
/etc/machine-info r,
|
||||
|
||||
@{run}/udev/data/+dmi:id r,
|
||||
|
||||
|
|
|
|||
|
|
@ -22,10 +22,11 @@ profile systemd-logind @{exec_path} flags=(complain) {
|
|||
|
||||
@{exec_path} mr,
|
||||
|
||||
/etc/systemd/sleep.conf r,
|
||||
/etc/systemd/logind.conf r,
|
||||
/etc/passwd r,
|
||||
/etc/machine-id r,
|
||||
/etc/nsswitch.conf r,
|
||||
/etc/passwd r,
|
||||
/etc/systemd/logind.conf r,
|
||||
/etc/systemd/sleep.conf r,
|
||||
|
||||
/boot/{,**} r,
|
||||
|
||||
|
|
|
|||
|
|
@ -16,6 +16,8 @@ profile zram-generator @{exec_path} {
|
|||
/{usr/,}lib/systemd/systemd-makefs rPx,
|
||||
/{usr/,}bin/systemd-detect-virt rPx,
|
||||
|
||||
/etc/systemd/zram-generator.conf r,
|
||||
|
||||
@{sys}/devices/virtual/block/zram[0-9]*/{disksize,reset} rw,
|
||||
@{sys}/block/zram[0-9]*/{disksize,reset} rw,
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue