felipe/apparmor.d
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat(profile): minor profile improvments.

Browse source
This commit is contained in:
Alexandre Pujol 2024-10-09 13:56:27 +01:00
parent 6afcfa85ec
commit e17b682e51
No known key found for this signature in database
GPG key ID: C5469996F0DF68EC
7 changed files with 11 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

2
apparmor.d/groups/systemd/systemd-inhibit
View file

@ -14,6 +14,8 @@ profile systemd-inhibit @{exec_path} flags=(attach_disconnected) {
capability net_admin,
capability sys_resource,
signal receive set=term peer=packagekitd,
@{exec_path} mr,
@{bin}/cat rix,

2
apparmor.d/groups/systemd/systemd-network-generator
View file

@ -17,6 +17,8 @@ profile systemd-network-generator @{exec_path} {
owner @{run}/systemd/network/{,**} rw,
@{run}/credentials/systemd-network-generator.service/ r,
include if exists <local/systemd-network-generator>
}

2
apparmor.d/groups/virt/dockerd
View file

@ -89,7 +89,7 @@ profile dockerd @{exec_path} flags=(attach_disconnected) {
owner @{lib}/containerd/** w,
owner @{lib}/docker/overlay2/*/work/{,**} rw,
owner /var/lib/containerd/** w,
owner /var/lib/containerd/** rw,
owner /var/lib/docker/{,**} rwk,
owner /var/lib/docker/tmp/qemu-check@{int}/check rix,