mirrors/apparmor.d
1
0
Fork 0
mirror of https://github.com/roddhjav/apparmor.d.git synced 2025-01-18 08:58:15 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

update

Browse source
This commit is contained in:
nobodysu 2022-02-21 21:46:55 +03:00
parent a3a6a0fa1a
commit 53ee5d0c83
2 changed files with 5 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
apparmor.d/profiles-s-z/su
View file

@ -28,6 +28,7 @@ profile su @{exec_path} {
signal (receive) set=(int,quit,term), signal (receive) set=(int,quit,term),
signal (receive) set=(cont,hup) peer=sudo, signal (receive) set=(cont,hup) peer=sudo,
# unknown, needs to be cleared up; TODO
network netlink raw, network netlink raw,
@{exec_path} mr, @{exec_path} mr,
@ -59,8 +60,6 @@ profile su @{exec_path} {
/dev/{,pts/}ptmx rw, /dev/{,pts/}ptmx rw,
/var/log/btmp wk,
@{run}/dbus/system_bus_socket rw, @{run}/dbus/system_bus_socket rw,
@{run}/systemd/userdb/ r, @{run}/systemd/userdb/ r,
@{run}/systemd/userdb/io.systemd.Machine rw, @{run}/systemd/userdb/io.systemd.Machine rw,

6
apparmor.d/profiles-s-z/sudo
View file

@ -29,8 +29,8 @@ profile sudo @{exec_path} {
capability sys_ptrace, capability sys_ptrace,
capability sys_resource, capability sys_resource,
network netlink raw, network netlink raw, # PAM
# dns query? # DNS query?
# network inet dgram, # network inet dgram,
# network inet6 dgram, # network inet6 dgram,
@ -72,7 +72,7 @@ profile sudo @{exec_path} {
owner /dev/tty[0-9]* rw, owner /dev/tty[0-9]* rw,
owner @{HOME}/.xsession-errors w, owner @{HOME}/.xsession-errors w,
/var/lib/sudo/lectured/user rw, owner /var/lib/sudo/lectured/* rw,
owner @{HOME}/.sudo_as_admin_successful rw, owner @{HOME}/.sudo_as_admin_successful rw,