mirrors/apparmor.d
1
0
Fork 0
mirror of https://github.com/roddhjav/apparmor.d.git synced 2025-02-11 12:45:10 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat(profile): minor update.

Browse source
This commit is contained in:
Alexandre Pujol 2025-02-09 20:26:52 +01:00
parent da68c4f2d9
commit 77eb8c3c11
Failed to generate hash of commit
3 changed files with 5 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
apparmor.d/groups/virt/dockerd
View file

@ -85,7 +85,7 @@ profile dockerd @{exec_path} flags=(attach_disconnected) {
owner /var/lib/docker/tmp/qemu-check@{int}/check rix, owner /var/lib/docker/tmp/qemu-check@{int}/check rix,
/tmp/build/ w, /tmp/build/ w,
/tmp/containerd-mount@{int10}/{,**} rw, /tmp/containerd-mount@{int}/{,**} rw,
owner @{run}/docker/ rw, owner @{run}/docker/ rw,
owner @{run}/docker/** rwlk, owner @{run}/docker/** rwlk,

4
apparmor.d/profiles-a-f/fractal
View file

@ -33,11 +33,13 @@ profile fractal @{exec_path} flags=(attach_disconnected) {
owner @{tmp}/.@{rand6} rw, owner @{tmp}/.@{rand6} rw,
owner @{tmp}/.goutputstream-@{rand6} rw, owner @{tmp}/.goutputstream-@{rand6} rw,
owner @{tmp}/@{rand6} rw,
owner @{run}/user/@{uid}/fractal/{,**} rw,
@{PROC}/sys/net/ipv6/conf/all/disable_ipv6 r, @{PROC}/sys/net/ipv6/conf/all/disable_ipv6 r,
owner @{PROC}/@{pid}/cgroup r, owner @{PROC}/@{pid}/cgroup r,
owner @{PROC}/@{pid}/mountinfo r, owner @{PROC}/@{pid}/mountinfo r,
owner @{PROC}/@{pid}/stat r,
/dev/ r, /dev/ r,

1
apparmor.d/profiles-m-r/mount-cifs
View file

@ -40,6 +40,7 @@ profile mount-cifs @{exec_path} flags=(complain) {
@{bin}/systemd-ask-password rPUx, @{bin}/systemd-ask-password rPUx,
/etc/fstab r, /etc/fstab r,
/etc/sync-credentials r,
owner @{HOME}/.smbcredentials r, owner @{HOME}/.smbcredentials r,