felipe/apparmor.d
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat(profiles): general update.

Browse source
This commit is contained in:
Alexandre Pujol 2023-02-05 00:03:20 +00:00
parent 53d1b7a3fd
commit a402200dbe
No known key found for this signature in database
GPG key ID: C5469996F0DF68EC
11 changed files with 31 additions and 32 deletions
Download patch file Download diff file Expand all files Collapse all files

9
apparmor.d/profiles-s-z/sudo
View file

@ -64,18 +64,19 @@ profile sudo @{exec_path} {
/var/db/sudo/lectured/ r,
/var/lib/sudo/lectured/ r,
/var/lib/sudo/ts/ rw,
/var/lib/sudo/ts/* rwk,
/var/log/sudo.log wk,
owner /var/lib/sudo/lectured/* rw,
owner @{HOME}/.sudo_as_admin_successful rw,
owner @{HOME}/.xsession-errors w,
# For timestampdir
@{run}/faillock/{,*} rwk,
@{run}/resolvconf/resolv.conf r,
owner @{run}/sudo/ rw,
owner @{run}/sudo/ts/ rw,
owner @{run}/sudo/ts/* rwk,
@{run}/faillock/{,*} rwk,
@{run}/resolvconf/resolv.conf r,
@{PROC}/@{pids}/cgroup r,
@{PROC}/@{pids}/fd/ r,
@ -83,9 +84,9 @@ profile sudo @{exec_path} {
@{PROC}/1/limits r,
@{PROC}/sys/kernel/seccomp/actions_avail r,
owner /dev/tty[0-9]* rw,
/dev/ r, # interactive login
/dev/ptmx rw,
owner /dev/tty[0-9]* rw,
deny @{user_share_dirs}/gvfs-metadata/* r,