felipe/apparmor.d
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat(profile): use @{sbin} for all program inside /usr/sbin.

Browse source
This commit is contained in:
Alexandre Pujol 2025-04-28 21:27:57 +02:00
parent b8f2f38c72
commit fd17a77b17
No known key found for this signature in database
GPG key ID: C5469996F0DF68EC
270 changed files with 475 additions and 475 deletions
Download patch file Download diff file Expand all files Collapse all files

2
apparmor.d/profiles-s-z/zsysd
View file

@ -20,7 +20,7 @@ profile zsysd @{exec_path} flags=(complain) {
/{usr/,}{local/,}{s,}bin/zfs rPx,
/{usr/,}{local/,}{s,}bin/zpool rPx,
# ALLOWED zsysd exec /usr/sbin/update-grub info="no new privs" comm=zsysd requested_mask=x denied_mask=x error=-1
@{bin}/update-grub rPx,
@{sbin}/update-grub rPx,
/etc/hostid r,
/etc/zsys.conf r,