felipe/apparmor.d
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat(profile): simplify ssh home path.

Browse source
This commit is contained in:
Alexandre Pujol 2025-08-15 17:21:24 +02:00
parent 3d329fdef8
commit aafcd1c861
No known key found for this signature in database
GPG key ID: C5469996F0DF68EC
2 changed files with 5 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

4
apparmor.d/groups/ssh/ssh
View file

@ -36,9 +36,7 @@ profile ssh @{exec_path} {
@{etc_ro}/ssh/sshd_config.d/{,*} r,
/etc/machine-id r,
owner @{HOME}/@{XDG_SSH_DIR}/ r,
owner @{HOME}/@{XDG_SSH_DIR}/*_*{,.pub} r,
owner @{HOME}/@{XDG_SSH_DIR}/config r,
owner @{HOME}/@{XDG_SSH_DIR}/{,*} r,
owner @{HOME}/@{XDG_SSH_DIR}/known_hosts{,.*} rwl,
owner @{HOME}/@{XDG_SSH_DIR}/ssh_control_*_*_* wl,

8
apparmor.d/groups/ssh/ssh-keygen
View file

@ -15,13 +15,13 @@ profile ssh-keygen @{exec_path} {
@{exec_path} mr,
/etc/ssh/moduli rw,
/etc/ssh/ssh_host_*_key* rw,
owner @{HOME}/@{XDG_SSH_DIR}/ w,
owner @{HOME}/@{XDG_SSH_DIR}/*_*{,.pub} rw,
owner @{HOME}/@{XDG_SSH_DIR}/{,*} rw,
/tmp/snapd@{int}/*_*{,.pub} w,
/tmp/snapd@{int}/*.key{,.pub} w,
owner /tmp/snapd@{int}/*_*{,.pub} w,
owner /tmp/snapd@{int}/*.key{,.pub} w,
/dev/tty@{int} rw,
/dev/ttyS@{int} rw,