mirrors/apparmor.d
1
0
Fork 0
mirror of https://github.com/roddhjav/apparmor.d.git synced 2024-11-15 16:03:51 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

feat(abs): cleanup sudo abs.

Browse Source
This commit is contained in:
Alexandre Pujol 2024-04-05 23:48:03 +01:00
parent 2324da2fa7
commit 5c6f9c51b5
No known key found for this signature in database
GPG Key ID: C5469996F0DF68EC
2 changed files with 9 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
apparmor.d/abstractions/app/sudo
View File

@ -40,23 +40,25 @@
/ r,
@{PROC}/@{pid}/limits r,
@{PROC}/@{pid}/loginuid r,
@{PROC}/@{pid}/stat r,
@{PROC}/sys/kernel/cap_last_cap r,
@{PROC}/sys/kernel/ngroups_max r,
@{PROC}/sys/kernel/seccomp/actions_avail r,
owner /var/lib/sudo/ts/ rw,
owner /var/lib/sudo/ts/@{uid} rwk,
owner /var/log/sudo.log wk,
owner @{HOME}/.sudo_as_admin_successful rw,
@{run}/faillock/{,*} rwk,
owner @{run}/sudo/ rw,
owner @{run}/sudo/ts/ rw,
owner @{run}/sudo/ts/@{uid} rwk,
@{PROC}/@{pid}/limits r,
@{PROC}/@{pid}/loginuid r,
@{PROC}/@{pid}/stat r,
@{PROC}/sys/kernel/cap_last_cap r,
@{PROC}/sys/kernel/ngroups_max r,
@{PROC}/sys/kernel/seccomp/actions_avail r,
/dev/ r,
/dev/ptmx rwk,
/dev/tty rwk,

2
apparmor.d/profiles-s-z/sudo
View File

@ -41,8 +41,6 @@ profile sudo @{exec_path} flags=(attach_disconnected) {
/var/lib/sudo/lectured/ r,
owner /var/lib/sudo/lectured/@{uid} rw,
owner @{HOME}/.sudo_as_admin_successful rw,
@{run}/ r,
@{run}/systemd/sessions/* r,