feat(profile): general update and fixes.

2024-10-22 22:04:04 +01:00 · 2024-10-22 22:04:04 +01:00 · d9208e0648
commit d9208e0648
parent 897302bc5b
21 changed files with 78 additions and 79 deletions
--- a/apparmor.d/abstractions/common/bwrap
+++ b/apparmor.d/abstractions/common/bwrap
@ -44,17 +44,16 @@
  owner /tmp/newroot/ w,
  owner /tmp/oldroot/ w,

+               @{PROC}/sys/kernel/overflowgid r,
+               @{PROC}/sys/kernel/overflowuid r,
        @{att}/@{PROC}/sys/user/max_user_namespaces rw,
  owner @{att}/@{PROC}/@{pid}/cgroup r,
+  owner @{att}/@{PROC}/@{pid}/fd/ r,
  owner @{att}/@{PROC}/@{pid}/gid_map rw,
  owner @{att}/@{PROC}/@{pid}/mountinfo r,
  owner @{att}/@{PROC}/@{pid}/setgroups rw,
  owner @{att}/@{PROC}/@{pid}/uid_map rw,

-        @{PROC}/sys/kernel/overflowgid r,
-        @{PROC}/sys/kernel/overflowuid r,
-  owner @{PROC}/@{pid}/fd/ r,
-
  include if exists <abstractions/common/bwrap.d>

 # vim:syntax=apparmor