feat(profiles): general update.

2023-11-11 22:02:47 +00:00 · 2023-11-11 22:02:47 +00:00 · f0a2cb3897
commit f0a2cb3897
parent 02115a194b
9 changed files with 26 additions and 21 deletions
--- a/apparmor.d/profiles-a-f/augenrules
+++ b/apparmor.d/profiles-a-f/augenrules
@ -7,22 +7,23 @@ abi <abi/3.0>,
 include <tunables/global>

@{exec_path} = @{bin}/augenrules
-profile augenrules @{exec_path} {
+profile augenrules @{exec_path} flags=(attach_disconnected) {
  include <abstractions/base>
  include <abstractions/nameservice-strict>

  @{exec_path} mr,

-  @{bin}/auditctl  rPx,
-  @{bin}/cat       rix,
-  @{bin}/chmod     rix,
-  @{bin}/cmp       rix,
-  @{bin}/cp        rix,
-  @{bin}/{,g,m}awk rix,
-  @{bin}/{,e,f}grep rix,
-  @{bin}/ls        rix,
-  @{bin}/mktemp    rix,
-  @{bin}/rm        rix,
+  @{bin}/{,ba,da}sh  rix,
+  @{bin}/{,e,f}grep  rix,
+  @{bin}/{,g,m}awk   rix,
+  @{bin}/auditctl    rPx,
+  @{bin}/cat         rix,
+  @{bin}/chmod       rix,
+  @{bin}/cmp         rix,
+  @{bin}/cp          rix,
+  @{bin}/ls          rix,
+  @{bin}/mktemp      rix,
+  @{bin}/rm          rix,

  /etc/audit/audit.rules rw,
  /etc/audit/rules.d/{,*} r,