mirrors/apparmor.d
1
0
Fork 0
mirror of https://github.com/roddhjav/apparmor.d.git synced 2024-11-15 16:03:51 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

/proc/sys/kernel/random/boot_id is part of nameservice-strict.

Browse Source
This commit is contained in:
Alexandre Pujol 2022-03-02 18:19:25 +00:00
parent 28ee94c4a5
commit 683da55bb9
No known key found for this signature in database
GPG Key ID: C5469996F0DF68EC
19 changed files with 0 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
apparmor.d/groups/bus/dbus-daemon
View File

@ -54,7 +54,6 @@ profile dbus-daemon @{exec_path} flags=(attach_disconnected) {
@{PROC}/1/environ r, @{PROC}/1/environ r,
@{PROC}/cmdline r, @{PROC}/cmdline r,
@{PROC}/sys/kernel/osrelease r, @{PROC}/sys/kernel/osrelease r,
@{PROC}/sys/kernel/random/boot_id r,
@{sys}/module/apparmor/parameters/enabled r, @{sys}/module/apparmor/parameters/enabled r,

1
apparmor.d/groups/gnome/gdm
View File

@ -54,7 +54,6 @@ profile gdm @{exec_path} flags=(attach_disconnected) {
@{PROC}/1/environ r, @{PROC}/1/environ r,
@{PROC}/cmdline r, @{PROC}/cmdline r,
@{PROC}/sys/kernel/osrelease r, @{PROC}/sys/kernel/osrelease r,
@{PROC}/sys/kernel/random/boot_id r,
include if exists <local/gdm> include if exists <local/gdm>
} }

1
apparmor.d/groups/gnome/gdm-session-worker
View File

@ -65,7 +65,6 @@ profile gdm-session-worker @{exec_path} flags=(attach_disconnected) {
owner @{PROC}/@{pid}/fd/ r, owner @{PROC}/@{pid}/fd/ r,
owner @{PROC}/@{pid}/loginuid rw, owner @{PROC}/@{pid}/loginuid rw,
owner @{PROC}/@{pid}/uid_map r, owner @{PROC}/@{pid}/uid_map r,
owner @{PROC}/sys/kernel/random/boot_id r,
/dev/tty rw, /dev/tty rw,
/dev/tty[0-9]* rw, /dev/tty[0-9]* rw,

1
apparmor.d/groups/gnome/nautilus
View File

@ -46,7 +46,6 @@ profile nautilus @{exec_path} flags=(attach_disconnected) {
owner @{PROC}/@{pid}/fd/ r, owner @{PROC}/@{pid}/fd/ r,
owner @{PROC}/@{pid}/mountinfo r, owner @{PROC}/@{pid}/mountinfo r,
owner @{PROC}/@{pid}/net/wireless r, owner @{PROC}/@{pid}/net/wireless r,
@{PROC}/sys/kernel/random/boot_id r,
@{run}/mount/utab r, @{run}/mount/utab r,
@{run}/systemd/userdb/ r, @{run}/systemd/userdb/ r,

1
apparmor.d/groups/gvfs/gvfsd-recent
View File

@ -30,7 +30,6 @@ profile gvfsd-recent @{exec_path} {
owner @{run}/user/@{uid}/gvfsd/socket-[a-zA-z0-9]* rw, owner @{run}/user/@{uid}/gvfsd/socket-[a-zA-z0-9]* rw,
owner @{PROC}/@{pid}/mountinfo r, owner @{PROC}/@{pid}/mountinfo r,
@{PROC}/sys/kernel/random/boot_id r,
@{run}/systemd/userdb/ r, @{run}/systemd/userdb/ r,
@{run}/mount/utab r, @{run}/mount/utab r,

1
apparmor.d/groups/network/NetworkManager
View File

@ -84,7 +84,6 @@ profile NetworkManager @{exec_path} flags=(attach_disconnected) {
@{PROC}/1/environ r, @{PROC}/1/environ r,
@{PROC}/cmdline r, @{PROC}/cmdline r,
@{PROC}/sys/kernel/osrelease r, @{PROC}/sys/kernel/osrelease r,
@{PROC}/sys/kernel/random/boot_id r,
@{PROC}/sys/net/** rw, @{PROC}/sys/net/** rw,
include if exists <local/NetworkManager> include if exists <local/NetworkManager>

1
apparmor.d/groups/network/nm-openvpn-service
View File

@ -31,7 +31,6 @@ profile nm-openvpn-service @{exec_path} {
/dev/tty rw, /dev/tty rw,
owner @{PROC}/@{pid}/fd/ r, owner @{PROC}/@{pid}/fd/ r,
@{PROC}/sys/kernel/random/boot_id r,
include if exists <local/nm-openvpn-service> include if exists <local/nm-openvpn-service>
} }

2
apparmor.d/groups/systemd/hostnamectl
View File

@ -14,7 +14,5 @@ profile hostnamectl @{exec_path} {
/etc/machine-id r, /etc/machine-id r,
@{PROC}/sys/kernel/random/boot_id r,
include if exists <local/hostnamectl> include if exists <local/hostnamectl>
} }

1
apparmor.d/groups/systemd/systemd-journald
View File

@ -67,7 +67,6 @@ profile systemd-journald @{exec_path} {
@{PROC}/@{pids}/sessionid r, @{PROC}/@{pids}/sessionid r,
@{PROC}/@{pids}/loginuid r, @{PROC}/@{pids}/loginuid r,
@{PROC}/@{pids}/cgroup r, @{PROC}/@{pids}/cgroup r,
@{PROC}/sys/kernel/random/boot_id r,
@{PROC}/sys/kernel/hostname r, @{PROC}/sys/kernel/hostname r,
/dev/kmsg rw, /dev/kmsg rw,

1
apparmor.d/groups/systemd/systemd-resolved
View File

@ -41,7 +41,6 @@ profile systemd-resolved @{exec_path} {
@{PROC}/cmdline r, @{PROC}/cmdline r,
@{PROC}/sys/kernel/hostname r, @{PROC}/sys/kernel/hostname r,
@{PROC}/sys/kernel/osrelease r, @{PROC}/sys/kernel/osrelease r,
@{PROC}/sys/kernel/random/boot_id r,
# System access # System access
@{sys}/firmware/efi/efivars/SecureBoot-@{uuid} r, @{sys}/firmware/efi/efivars/SecureBoot-@{uuid} r,

1
apparmor.d/groups/systemd/systemd-udevd
View File

@ -93,7 +93,6 @@ profile systemd-udevd @{exec_path} flags=(attach_disconnected complain) {
owner @{PROC}/@{pid}/fd/ r, owner @{PROC}/@{pid}/fd/ r,
@{PROC}/@{pids}/cgroup r, @{PROC}/@{pids}/cgroup r,
@{PROC}/devices r, @{PROC}/devices r,
@{PROC}/sys/kernel/random/boot_id r,
# file_inherit # file_inherit
owner @{HOME}/.xsession-errors w, owner @{HOME}/.xsession-errors w,

1
apparmor.d/groups/systemd/userdbctl
View File

@ -25,7 +25,6 @@ profile userdbctl @{exec_path} {
@{run}/systemd/userdb/ r, @{run}/systemd/userdb/ r,
@{PROC}/@{pid}/cgroup r, @{PROC}/@{pid}/cgroup r,
@{PROC}/sys/kernel/random/boot_id r,
include if exists <local/userdbctl> include if exists <local/userdbctl>
} }

1
apparmor.d/groups/virt/cockpit-bridge
View File

@ -50,7 +50,6 @@ profile cockpit-bridge @{exec_path} {
@{PROC}/1/cgroup r, @{PROC}/1/cgroup r,
@{PROC}/cmdline r, @{PROC}/cmdline r,
@{PROC}/diskstats r, @{PROC}/diskstats r,
@{PROC}/sys/kernel/random/boot_id r,
@{PROC}/uptime r, @{PROC}/uptime r,
/dev/ptmx rw, /dev/ptmx rw,

1
apparmor.d/groups/virt/cockpit-session
View File

@ -43,7 +43,6 @@ profile cockpit-session @{exec_path} flags=(attach_disconnected) {
owner @{PROC}/@{pid}/loginuid rw, owner @{PROC}/@{pid}/loginuid rw,
owner @{PROC}/@{pid}/uid_map r, owner @{PROC}/@{pid}/uid_map r,
@{PROC}/@{pids}/fd/ r, @{PROC}/@{pids}/fd/ r,
@{PROC}/sys/kernel/random/boot_id r,
include if exists <local/cockpit-session> include if exists <local/cockpit-session>
} }

1
apparmor.d/profiles-g-l/kwalletd5
View File

@ -48,7 +48,6 @@ profile kwalletd5 @{exec_path} {
owner @{PROC}/@{pid}/cmdline r, owner @{PROC}/@{pid}/cmdline r,
owner @{PROC}/@{pid}/fd/ r, owner @{PROC}/@{pid}/fd/ r,
@{PROC}/sys/kernel/random/boot_id r,
@{PROC}/sys/kernel/core_pattern r, @{PROC}/sys/kernel/core_pattern r,
owner /tmp/kwalletd5.* rw, owner /tmp/kwalletd5.* rw,

2
apparmor.d/profiles-m-r/pwck
View File

@ -26,7 +26,5 @@ profile pwck @{exec_path} {
@{run}/systemd/userdb/ r, @{run}/systemd/userdb/ r,
@{PROC}/sys/kernel/random/boot_id r,
include if exists <local/pwck> include if exists <local/pwck>
} }

1
apparmor.d/profiles-m-r/qtox
View File

@ -54,7 +54,6 @@ profile qtox @{exec_path} {
owner @{PROC}/@{pid}/cmdline r, owner @{PROC}/@{pid}/cmdline r,
@{PROC}/sys/kernel/core_pattern r, # for KCrash::initialize() @{PROC}/sys/kernel/core_pattern r, # for KCrash::initialize()
@{PROC}/sys/kernel/random/boot_id r, # for QSysInfo::bootUniqueId(), mvoe to qt5 abstraction?
/usr/share/hwdata/pnp.ids r, /usr/share/hwdata/pnp.ids r,

1
apparmor.d/profiles-s-z/su
View File

@ -46,7 +46,6 @@ profile su @{exec_path} {
/etc/shells r, /etc/shells r,
@{PROC}/1/limits r, @{PROC}/1/limits r,
@{PROC}/sys/kernel/random/boot_id r,
owner @{PROC}/@{pids}/loginuid r, owner @{PROC}/@{pids}/loginuid r,
owner @{PROC}/@{pids}/cgroup r, owner @{PROC}/@{pids}/cgroup r,
owner @{PROC}/@{pids}/mountinfo r, owner @{PROC}/@{pids}/mountinfo r,

2
apparmor.d/profiles-s-z/sudo
View File

@ -79,8 +79,6 @@ profile sudo @{exec_path} {
@{run}/systemd/userdb/ r, @{run}/systemd/userdb/ r,
@{run}/systemd/userdb/io.systemd.DynamicUser rw, @{run}/systemd/userdb/io.systemd.DynamicUser rw,
@{PROC}/sys/kernel/random/boot_id r,
/dev/ r, # interactive login /dev/ r, # interactive login
/dev/ptmx rw, /dev/ptmx rw,