mirrors/apparmor.d
1
0
Fork 0
mirror of https://github.com/roddhjav/apparmor.d.git synced 2024-11-14 23:43:56 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

add ssh-sk-helper

Browse Source
This commit is contained in:
valoq 2024-09-15 13:22:12 +02:00 committed by Alex
parent 0d5a3405d8
commit 4660b7d49c
2 changed files with 28 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
apparmor.d/groups/ssh/ssh
View File

@ -25,6 +25,8 @@ profile ssh @{exec_path} {
@{bin}/@{shells} rUx,
@{lib}/ssh/ssh-sk-helper rix -> ssh//null-@{lib}/ssh/ssh-sk-helper,
@{etc_ro}/ssh/ssh_config r,
@{etc_ro}/ssh/ssh_config.d/{,*} r,
@{etc_ro}/ssh/sshd_config r,

26
apparmor.d/groups/ssh/ssh-sk-helper Normal file
View File

@ -0,0 +1,26 @@
# apparmor.d - Full set of apparmor profiles
# Copyright (C) 2024 valoq <valoq@mailbox.org>
# SPDX-License-Identifier: GPL-2.0-only
profile ssh//null-@{lib}/ssh/ssh-sk-helper {
/ r,
@{lib}/ssh/ssh-sk-helper r,
/etc/ssl/openssl.cnf r,
@{sys}/ r,
@{sys}/bus/ r,
@{sys}/class/ r,
@{sys}/class/hidraw/ r,
@{sys}/class/hidraw/hidraw@{int} r,
@{sys}/devices/ r,
@{sys}/devices/@{pci_bus}/ r,
@{sys}/devices/@{pci_bus}/{,**} r,
/dev/hidraw@{int} rwk,
include if exists <local/ssh-sk-helper>
}
# vim:syntax=apparmor