felipe/apparmor.d
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat(profile): general update.

Browse source
This commit is contained in:
Alexandre Pujol 2024-03-10 21:21:00 +00:00
parent ad8e5a9797
commit 68fbd81e17
No known key found for this signature in database
GPG key ID: C5469996F0DF68EC
18 changed files with 94 additions and 38 deletions
Download patch file Download diff file Expand all files Collapse all files

2
apparmor.d/profiles-a-f/adduser
View file

@ -21,7 +21,7 @@ profile adduser @{exec_path} {
capability fsetid,
capability setgid,
capability setuid,
capability sys_admin,
capability sys_admin, # For logger
@{exec_path} r,
@{bin}/perl r,

4
apparmor.d/profiles-a-f/atd
View file

@ -20,7 +20,7 @@ profile atd @{exec_path} {
capability setuid,
capability sys_resource,
signal (receive) set=hup,
signal (receive) set=hup peer=at,
ptrace (read) peer=unconfined,
@ -28,6 +28,8 @@ profile atd @{exec_path} {
@{sh_path} rix,
@{bin}/sendmail rPUx,
@{bin}/unix_chkpwd rPx,
@{bin}/exim4 rPx,
@{etc_ro}/environment r,
@{etc_ro}/security/limits.d/ r,

1
apparmor.d/profiles-a-f/borg
View file

@ -14,6 +14,7 @@ profile borg @{exec_path} {
include <abstractions/nameservice-strict>
include <abstractions/python>
capability dac_override,
capability dac_read_search,
capability fowner,
capability sys_admin,

2
apparmor.d/profiles-a-f/f3probe
View file

@ -10,7 +10,7 @@ include <tunables/global>
@{exec_path} = @{bin}/f3probe
profile f3probe @{exec_path} {
include <abstractions/base>
include <abstractions/disks-read>
include <abstractions/disks-write>
@{exec_path} mr,