felipe/apparmor.d
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat(profile): general update.

Browse source
This commit is contained in:
Alexandre Pujol 2023-12-01 13:22:45 +00:00
parent 952ef478c0
commit 7f38dd255e
No known key found for this signature in database
GPG key ID: C5469996F0DF68EC
17 changed files with 93 additions and 186 deletions
Download patch file Download diff file Expand all files Collapse all files

5
apparmor.d/groups/systemd/coredumpctl
View file

@ -12,7 +12,9 @@ profile coredumpctl @{exec_path} flags=(complain) {
include <abstractions/base>
include <abstractions/nameservice-strict>
capability dac_read_search,
capability net_admin,
capability sys_resource,
signal (send) peer=child-pager,
@ -40,6 +42,7 @@ profile coredumpctl @{exec_path} flags=(complain) {
owner /var/tmp/coredump-* rw,
@{PROC}/1/cgroup r,
@{PROC}/sys/fs/nr_open r,
owner @{PROC}/@{pid}/cgroup r,
profile gdb {
@ -67,7 +70,7 @@ profile coredumpctl @{exec_path} flags=(complain) {
@{PROC}/@{pids}/fd/ r,
include if exists <local/coredumpctl_gdb>
}
include if exists <local/coredumpctl>

1
apparmor.d/groups/systemd/systemd-generator-fstab
View file

@ -12,6 +12,7 @@ profile systemd-generator-fstab @{exec_path} {
include <abstractions/systemd-common>
capability dac_override,
capability dac_read_search,
@{exec_path} mr,