felipe/apparmor.d
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Update profiles.

Browse source
This commit is contained in:
Alexandre Pujol 2022-03-23 19:56:11 +00:00
parent 2cdd954613
commit d7be27411b
No known key found for this signature in database
GPG key ID: C5469996F0DF68EC
15 changed files with 49 additions and 89 deletions
Download patch file Download diff file Expand all files Collapse all files

2
apparmor.d/profiles-m-r/mandb
View file

@ -13,6 +13,8 @@ profile mandb @{exec_path} flags=(complain) {
include <abstractions/consoles>
include <abstractions/nameservice-strict>
capability dac_read_search,
@{exec_path} mr,
/etc/man_db.conf r,

2
apparmor.d/profiles-m-r/nvtop
View file

@ -13,6 +13,8 @@ profile nvtop @{exec_path} {
include <abstractions/nameservice-strict>
include <abstractions/opencl-nvidia>
capability sys_ptrace,
ptrace (read),
@{exec_path} mr,

5
apparmor.d/profiles-m-r/resize2fs
View file

@ -12,8 +12,13 @@ profile resize2fs @{exec_path} {
include <abstractions/disks-write>
include <abstractions/user-download-strict>
capability sys_resource,
@{exec_path} mr,
/ r,
/.ismount-test-file rw,
@{PROC}/swaps r,
owner @{PROC}/@{pid}/mounts r,

3
apparmor.d/profiles-m-r/resolvconf
View file

@ -27,10 +27,13 @@ profile resolvconf @{exec_path} {
/usr/lib/resolvconf/{,**} r,
/etc/resolv.conf rw,
/etc/resolvconf/{,**} r,
/etc/resolvconf/update.d/libc rix,
owner @{run}/resolvconf/{,**} rw,
owner @{run}/resolvconf/run-lock wk,
/dev/tty rw,
include if exists <local/resolvconf>
}