felipe/apparmor.d
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

update profiles for apparmor3

Browse source
This commit is contained in:
Mikhail Morfikov 2020-12-10 22:33:39 +01:00
parent 503cf496bf
commit 7067edcf70
No known key found for this signature in database
GPG key ID: 32D9CB634796CCA1
776 changed files with 6867 additions and 5199 deletions
Download patch file Download diff file Expand all files Collapse all files

14
apparmor.d/pam/mappings
View file

@ -20,8 +20,8 @@
# necessary to transition to the user's login shell. All other permissions have
# been moved into the default_user profile.
^DEFAULT {
#include <abstractions/authentication>
#include <abstractions/nameservice>
include <abstractions/authentication>
include <abstractions/nameservice>
capability dac_override,
capability setgid,
capability setuid,
@ -36,8 +36,8 @@
# to transition to gray's login shell. All other permissions have been
# moved into the confined_user profile.
^morfik {
#include <abstractions/authentication>
#include <abstractions/nameservice>
include <abstractions/authentication>
include <abstractions/nameservice>
capability dac_override,
capability audit_write,
@ -57,9 +57,9 @@
# confined. Systems without this special primary group may want to define an
# unconfined 'root' hat in this manner (depending on site policy).
^root {
#include <abstractions/authentication>
#include <abstractions/nameservice>
#include <abstractions/wutmp>
include <abstractions/authentication>
include <abstractions/nameservice>
include <abstractions/wutmp>
capability dac_override,
capability audit_write,