felipe/apparmor.d
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

ssh: allow ssh to write to the kerberos CC when it picks up a ticket

Browse source
This commit is contained in:
doublez13 2025-09-12 12:25:55 -06:00 committed by GitHub
parent 66d59937c0
commit 804b0bbba3
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 2 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

2
apparmor.d/groups/ssh/ssh
View file

@ -44,6 +44,8 @@ profile ssh @{exec_path} {
owner @{user_projects_dirs}/**/ssh/{,*} r,
owner @{user_projects_dirs}/**/config r,
owner @{tmp}/krb5cc_* rwk,
audit owner @{tmp}/ssh-*/{,agent.@{int}} rwkl,
owner @{run}/user/@{uid}/gvfsd-sftp/@{hex} rwl -> @{run}/user/@{uid}/gvfsd-sftp/@{hex}.@{rand},