felipe/apparmor.d
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Global profile update.

Browse source
This commit is contained in:
Alexandre Pujol 2021-04-05 13:15:52 +01:00
parent 6aa99d3ec5
commit 64d8379375
No known key found for this signature in database
GPG key ID: C5469996F0DF68EC
9 changed files with 22 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

3
apparmor.d/groups/systemd/systemd-tmpfiles
View file

@ -13,6 +13,7 @@ profile systemd-tmpfiles @{exec_path} {
include <abstractions/nameservice-strict>
capability dac_read_search,
capability net_admin,
capability fsetid,
capability mknod,
capability fowner,
@ -33,11 +34,13 @@ profile systemd-tmpfiles @{exec_path} {
# Where the tmpfiles can be created,
/{,*} rw,
/home/ rw,
/dev/{,**} rw,
/var/{,**} rwk,
/run/{,**} rw,
/tmp/{,**} rwk,
/srv/{,**} rw,
/etc/{,**} r,
@{run}/systemd/userdb/ r,
@{sys}/devices/system/cpu/microcode/reload w,