felipe/apparmor.d
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Update profiles.

Browse source
This commit is contained in:
Alexandre Pujol 2021-08-22 15:32:42 +01:00
parent f922a5f8e8
commit b2d3af8bca
No known key found for this signature in database
GPG key ID: C5469996F0DF68EC
26 changed files with 57 additions and 37 deletions
Download patch file Download diff file Expand all files Collapse all files

5
apparmor.d/groups/systemd/systemd-tmpfiles
View file

@ -13,6 +13,7 @@ profile systemd-tmpfiles @{exec_path} {
include <abstractions/nameservice-strict>
capability chown,
capability dac_override,
capability dac_read_search,
capability fowner,
capability fsetid,
@ -49,9 +50,5 @@ profile systemd-tmpfiles @{exec_path} {
@{PROC}/@{pid}/net/unix r,
# Silencer
deny network inet6 stream,
deny network inet stream,
include if exists <local/systemd-tmpfiles>
}