mirrors/apparmor.d
1
0
Fork 0
mirror of https://github.com/roddhjav/apparmor.d.git synced 2025-01-18 17:08:09 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat(fsp): update the default profile.

Browse source 
Note: it is still not usable.
This commit is contained in:
Alexandre Pujol 2024-03-29 19:33:55 +00:00
parent 3a7b9a2c4e
commit 1f8507548f
Failed to generate hash of commit
1 changed files with 2 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
apparmor.d/groups/_full/default
View file

@ -11,8 +11,7 @@ include <tunables/global>
@{exec_path} = /**
profile default @{exec_path} flags=(attach_disconnected,mediate_deleted) {
include <abstractions/base>
include <abstractions/audio>
include <abstractions/bash>
include <abstractions/audio-client>
include <abstractions/consoles>
include <abstractions/dbus-session>
include <abstractions/dconf-write>
@ -21,9 +20,9 @@ profile default @{exec_path} flags=(attach_disconnected,mediate_deleted) {
include <abstractions/graphics>
include <abstractions/nameservice-strict>
include <abstractions/p11-kit>
include <abstractions/shells>
include <abstractions/ssl_certs>
include <abstractions/video>
include <abstractions/zsh>
capability dac_override,
capability dac_read_search,
@ -77,7 +76,6 @@ profile default @{exec_path} flags=(attach_disconnected,mediate_deleted) {
owner @{run}/user/@{uid}/{,**} rw,
@{run}/systemd/userdb/ r,
@{run}/motd.dynamic.new rw,
@{run}/udev/data/+input:input@{int} r, # for mouse, keyboard, touchpad
@ -102,7 +100,6 @@ profile default @{exec_path} flags=(attach_disconnected,mediate_deleted) {
@{PROC}/cmdline r,
@{PROC}/sys/kernel/core_pattern r,
@{PROC}/sys/kernel/random/boot_id r,
@{PROC}/sys/kernel/seccomp/actions_avail r,
@{PROC}/zoneinfo r,
owner @{PROC}/@{pid}/cgroup r,