felipe/apparmor.d
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Profile update.

Browse source
This commit is contained in:
Alexandre Pujol 2022-03-27 14:25:29 +01:00
parent 20c3b0575c
commit a59387ac9e
No known key found for this signature in database
GPG key ID: C5469996F0DF68EC
13 changed files with 49 additions and 42 deletions
Download patch file Download diff file Expand all files Collapse all files

4
apparmor.d/groups/systemd/systemd-binfmt
View file

@ -7,7 +7,7 @@ abi <abi/3.0>,
include <tunables/global>
@{exec_path} = /{usr/,}lib/systemd/systemd-binfmt
profile systemd-binfmt @{exec_path} {
profile systemd-binfmt @{exec_path} flags=(attach_disconnected) {
include <abstractions/base>
capability net_admin,
@ -28,5 +28,7 @@ profile systemd-binfmt @{exec_path} {
@{PROC}/sys/fs/binfmt_misc/register w,
@{PROC}/sys/kernel/osrelease r,
deny /apparmor/.null rw,
include if exists <local/systemd-binfmt>
}

1
apparmor.d/groups/systemd/systemd-modules-load
View file

@ -11,6 +11,7 @@ profile systemd-modules-load @{exec_path} {
include <abstractions/base>
include <abstractions/systemd-common>
capability net_admin,
capability sys_module,
@{exec_path} mr,