mirrors/apparmor.d
1
0
Fork 0
mirror of https://github.com/roddhjav/apparmor.d.git synced 2025-01-18 00:48:10 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Update spectre-meltdown-checker

Browse source 
- since this script is not from a package it should, optionally, reside in `local` PATH
- allow to confine it with original name and without renaming
- use marco instead of repeating the path
This commit is contained in:
nobodysu 2021-12-01 01:38:51 +00:00 committed by GitHub
parent 27be52f9ae
commit 7336b914cb
Failed to generate hash of commit
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
apparmor.d/profiles-s-z/spectre-meltdown-checker
View file

@ -6,7 +6,7 @@ abi <abi/3.0>,
include <tunables/global> include <tunables/global>
@{exec_path} = /{usr/,}bin/spectre-meltdown-checker @{exec_path} = /{,usr/}{,local/}bin/spectre-meltdown-checker{,.sh}
profile spectre-meltdown-checker @{exec_path} { profile spectre-meltdown-checker @{exec_path} {
include <abstractions/base> include <abstractions/base>
@ -77,7 +77,7 @@ profile spectre-meltdown-checker @{exec_path} {
owner /tmp/intelfw-*/Intel-Linux-Processor-Microcode-Data-Files-master/** rw, owner /tmp/intelfw-*/Intel-Linux-Processor-Microcode-Data-Files-master/** rw,
owner @{HOME}/.mcedb rw, owner @{HOME}/.mcedb rw,
owner /{usr/,}bin/spectre-meltdown-checker w, owner @{exec_path} w,
/tmp/ r, /tmp/ r,
owner /tmp/{config,kernel}-* rw, owner /tmp/{config,kernel}-* rw,