mirrors/apparmor.d
1
0
Fork 0
mirror of https://github.com/roddhjav/apparmor.d.git synced 2025-02-22 01:45:36 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Adding capability net_admin (#130)

Browse source 
capability net_admin is needed to prevent breaking the boot process on Arch Linux with KDE.
This commit is contained in:
curiosityseeker 2023-03-03 12:54:49 +01:00 committed by GitHub
parent 3619065c5a
commit 4bcfcb25c6
Failed to generate hash of commit
1 changed files with 5 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
apparmor.d/profiles-s-z/sddm
View file

@ -53,9 +53,11 @@ profile sddm @{exec_path} {
# To read the /var/lib/sddm/state.conf file # To read the /var/lib/sddm/state.conf file
capability dac_read_search, capability dac_read_search,
# To prevent breaking the boot process
capability net_admin,
# Needed? # Needed?
#capability sys_tty_config, #capability sys_tty_config,
deny capability net_admin,
ptrace (trace) peer=@{profile_name}, ptrace (trace) peer=@{profile_name},
@ -144,6 +146,7 @@ profile sddm @{exec_path} {
owner @{HOME}/.Xauthority rw, owner @{HOME}/.Xauthority rw,
/etc/default/locale r, /etc/default/locale r,
/etc/locale.conf
@{etc_ro}/environment r, @{etc_ro}/environment r,
owner @{PROC}/@{pid}/loginuid rw, owner @{PROC}/@{pid}/loginuid rw,