felipe/apparmor.d
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat(abs): deny apparmor/.null in the base abstraction.

Browse source
This commit is contained in:
Alexandre Pujol 2024-03-03 11:51:39 +00:00
parent ba6172bb8c
commit 7e8f854b16
No known key found for this signature in database
GPG key ID: C5469996F0DF68EC
23 changed files with 2 additions and 41 deletions
Download patch file Download diff file Expand all files Collapse all files

1
apparmor.d/groups/pacman/mkinitcpio
View file

@ -116,7 +116,6 @@ profile mkinitcpio @{exec_path} flags=(attach_disconnected) {
# Inherit silencer
deny @{HOME}/** r,
deny /apparmor/.null rw,
deny network inet stream,
deny network inet6 stream,

3
apparmor.d/groups/pacman/pacdiff
View file

@ -44,8 +44,5 @@ profile pacdiff @{exec_path} flags=(attach_disconnected) {
/dev/tty rw,
/dev/pts/@{int} rw,
# Inherit Silencer
deny /apparmor/.null rw,
include if exists <local/pacdiff>
}

1
apparmor.d/groups/pacman/pacman-conf
View file

@ -22,7 +22,6 @@ profile pacman-conf @{exec_path} flags=(attach_disconnected) {
# Inherit Silencer
deny network inet6 stream,
deny network inet stream,
deny /apparmor/.null rw,
include if exists <local/pacman-conf>
}

1
apparmor.d/groups/pacman/pacman-hook-dkms
View file

@ -29,7 +29,6 @@ profile pacman-hook-dkms @{exec_path} flags=(attach_disconnected) {
/dev/tty rw,
# Inherit Silencer
deny /apparmor/.null rw,
deny network inet stream,
deny network inet6 stream,
deny unix (receive) type=stream,

1
apparmor.d/groups/pacman/pacman-hook-mkinitcpio
View file

@ -46,7 +46,6 @@ profile pacman-hook-mkinitcpio @{exec_path} flags=(attach_disconnected) {
# # Inherit Silencer
deny network inet6 stream,
deny network inet stream,
# deny /apparmor/.null rw,
include if exists <local/pacman-hook-mkinitcpio>
}