fixes
This commit is contained in:
nobody43
Alex
parent
01714cc4f0
commit
8b4407ca02
6 changed files with 19 additions and 12 deletions
35
apparmor.d/groups/systemd/loginctl
Normal file
35
apparmor.d/groups/systemd/loginctl
Normal file
|
|
@ -0,0 +1,35 @@
|
|||
# apparmor.d - Full set of apparmor profiles
|
||||
# Copyright (C) 2023 Alexandre Pujol <alexandre@pujol.io>
|
||||
# SPDX-License-Identifier: GPL-2.0-only
|
||||
|
||||
abi <abi/3.0>,
|
||||
|
||||
include <tunables/global>
|
||||
|
||||
@{exec_path} = /{,usr/}bin/loginctl
|
||||
profile loginctl @{exec_path} {
|
||||
include <abstractions/base>
|
||||
include <abstractions/dbus-strict>
|
||||
include <abstractions/systemd-common>
|
||||
|
||||
capability sys_resource,
|
||||
capability net_admin,
|
||||
|
||||
@{exec_path} mr,
|
||||
|
||||
/{usr/,}bin/less rPx -> child-pager,
|
||||
/{usr/,}bin/more rPx -> child-pager,
|
||||
/{usr/,}bin/pager rPx -> child-pager,
|
||||
|
||||
dbus (send) bus=system path=/org/freedesktop/login[0-9]*
|
||||
interface=org.freedesktop.login[0-9]*.Manager
|
||||
member={ListSessions,GetSession}
|
||||
peer=(name=org.freedesktop.login[0-9]* label=systemd-logind),
|
||||
|
||||
dbus (send) bus=system path=/org/freedesktop/login[0-9]*/session/**
|
||||
interface=org.freedesktop.DBus.Properties
|
||||
member={Get,GetAll}
|
||||
peer=(name=org.freedesktop.login[0-9]* label=systemd-logind),
|
||||
|
||||
include if exists <local/loginctl>
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue