felipe/apparmor.d
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat(profiles): general update.

Browse source
This commit is contained in:
Alexandre Pujol 2022-12-09 19:14:56 +00:00
parent 19d005bf59
commit ee83e1c33c
No known key found for this signature in database
GPG key ID: C5469996F0DF68EC
11 changed files with 39 additions and 13 deletions
Download patch file Download diff file Expand all files Collapse all files

12
apparmor.d/profiles-s-z/snapd
View file

@ -94,12 +94,13 @@ profile snapd @{exec_path} {
/etc/systemd/system/{,**/} r,
/etc/systemd/system/snap* rw,
/etc/systemd/user/{,**/} r,
/etc/systemd/user/snap* rw,
/etc/systemd/user/**/*snap* rw,
/etc/systemd/user/*snap* rw,
/etc/udev/rules.d/{,*snap*} rw,
/snap/{,**} rw,
/var/cache/snapd/{,**} rwk,
/var/lib/snapd/{,**} rwk,
/var/cache/snapd/{,**} rwlk,
/var/lib/snapd/{,**} rwlk,
/var/snap/{,**} rw,
/var/cache/apparmor/{,*/} r,
@ -119,7 +120,8 @@ profile snapd @{exec_path} {
owner @{run}/mount/utab{,.*} rw,
owner @{run}/mount/utab.lock wk,
owner @{run}/user/{,@{uid}/} r,
owner @{run}/user/@{uid}/ r,
owner @{run}/user/@{uid}/snapd-session-agent.socket rw,
owner @{run}/user/snap.*/{,**} rw,
@{run}/snapd*.socket rw,
@ -136,6 +138,8 @@ profile snapd @{exec_path} {
@{sys}/kernel/security/apparmor/features/ r,
@{sys}/kernel/security/apparmor/profiles r,
@{sys}/fs/cgroup/user.slice/user-@{uid}.slice/user@@{uid}.service/app.slice/snap*.service/cgroup.procs r,
@{PROC}/@{pids}/cgroup r,
@{PROC}/@{pids}/stat r,
@{PROC}/cgroups r,