felipe/apparmor.d
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat(profile): improve integration with ubuntu.

Browse source
This commit is contained in:
Alexandre Pujol 2025-08-10 19:00:42 +02:00
parent 526a7e704c
commit 67c9e86d83
No known key found for this signature in database
GPG key ID: C5469996F0DF68EC
20 changed files with 48 additions and 22 deletions
Download patch file Download diff file Expand all files Collapse all files

7
apparmor.d/groups/apt/dpkg-script-apparmor
View file

@ -11,6 +11,8 @@ profile dpkg-script-apparmor @{exec_path} {
include <abstractions/base>
include <abstractions/common/debconf>
capability dac_read_search,
@{exec_path} mrix,
@{bin}/{,e}grep ix,
@ -43,11 +45,16 @@ profile dpkg-script-apparmor @{exec_path} {
capability net_admin,
capability sys_resource,
capability dac_override,
capability dac_read_search,
signal send set=(cont term) peer=systemd-tty-ask-password-agent,
@{bin}/systemd-tty-ask-password-agent rix,
@{run}/user/@{uid}/systemd/ask-password/ rw,
@{run}/user/@{uid}/systemd/ask-password-block/{,*} rw,
owner @{run}/systemd/ask-password/ rw,
owner @{run}/systemd/ask-password-block/{,*} rw,