mirrors/apparmor.d
1
0
Fork 0
mirror of https://github.com/roddhjav/apparmor.d.git synced 2025-01-27 13:28:09 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

chore(profile): add abi and local include when missing.

Browse source
This commit is contained in:
Alexandre Pujol 2024-10-06 15:57:47 +01:00
parent 105a9b4def
commit 7ccaab8234
Failed to generate hash of commit
61 changed files with 84 additions and 28 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
apparmor.d/groups/apt/apt-key
View file

@ -102,7 +102,7 @@ profile apt-key @{exec_path} {
owner @{PROC}/@{pid}/fd/ r,
owner @{PROC}/@{pid}/task/@{tid}/comm rw,
include if exists <local/apt-key_pgp>
include if exists <local/apt-key_gpg>
}
include if exists <local/apt-key>

1
apparmor.d/groups/apt/debconf-apt-progress
View file

@ -46,6 +46,7 @@ profile debconf-apt-progress @{exec_path} flags=(complain) {
/etc/shadow r,
include if exists <local/debconf-apt-progress_frontend>
}
include if exists <local/debconf-apt-progress>

1
apparmor.d/groups/apt/dpkg-architecture
View file

@ -45,6 +45,7 @@ profile dpkg-architecture @{exec_path} {
/etc/debian_version r,
include if exists <local/dpkg-architecture_ccache>
}
include if exists <local/dpkg-architecture>

2
apparmor.d/groups/cron/cron
View file

@ -74,7 +74,7 @@ profile cron @{exec_path} flags=(attach_disconnected) {
owner @{tmp}/#@{int} rw,
include if exists <local/cron_run_parts>
include if exists <local/cron_run-parts>
}
include if exists <local/cron>

1
apparmor.d/groups/cron/cron-apt-listbugs
View file

@ -33,6 +33,7 @@ profile cron-apt-listbugs @{exec_path} {
/var/spool/apt-listbugs/lastprefclean rw,
include if exists <local/cron-apt-listbugs_prefclean>
}
include if exists <local/cron-apt-listbugs>

1
apparmor.d/groups/cron/cron-debsums
View file

@ -43,6 +43,7 @@ profile cron-debsums @{exec_path} {
owner @{PROC}/@{pid}/fd/3 rw,
include if exists <local/cron-debsums_tee>
}
include if exists <local/cron-debsums>

2
apparmor.d/groups/cron/cron-popularity-contest
View file

@ -152,7 +152,7 @@ profile cron-popularity-contest @{exec_path} {
owner @{tmp}/#@{int} rw, # file_inherit
include if exists <local/cron-popularity-contest_/popcon-upload>
include if exists <local/cron-popularity-contest_popcon-upload>
}
include if exists <local/cron-popularity-contest>

2
apparmor.d/groups/freedesktop/xdg-desktop-icon
View file

@ -39,7 +39,7 @@ profile xdg-desktop-icon @{exec_path} {
include <abstractions/base>
include <abstractions/app/bus>
include <abstractions/bus-session>
include if exists <local/xdg-settings_bus>
include if exists <local/xdg-desktop-icon_bus>
}
include if exists <local/xdg-desktop-icon>

2
apparmor.d/groups/gnome/gdm-prime-defaut
View file

@ -7,7 +7,7 @@ abi <abi/4.0>,
include <tunables/global>
@{exec_path} = /etc/gdm{3,}/{Init,Prime}/Default
profile gdm-defaut @{exec_path} flags=(complain) {
profile gdm-prime-defaut @{exec_path} flags=(complain) {
include <abstractions/base>
@{exec_path} mr,

2
apparmor.d/groups/network/openvpn
View file

@ -90,6 +90,7 @@ profile openvpn @{exec_path} flags=(attach_disconnected) {
/etc/iproute2/rt_tables r,
/etc/iproute2/rt_tables.d/ r,
include if exists <local/openvpn_update-resolv>
}
profile force-user-traffic-via-vpn {
@ -121,6 +122,7 @@ profile openvpn @{exec_path} flags=(attach_disconnected) {
owner @{PROC}/sys/net/ipv{4,}/route/flush w,
include if exists <local/openvpn_force-user-traffic-via-vpn>
}
include if exists <local/openvpn>

2
apparmor.d/groups/pacman/yay
View file

@ -60,7 +60,7 @@ profile yay @{exec_path} {
owner @{user_cache_dirs}/yay/** rwlk -> @{user_cache_dirs}/yay/**,
owner @{user_config_dirs}/git/{,*} r,
include if exists <local/pass_git>
include if exists <local/yay_git>
}
profile editor {

2
apparmor.d/groups/ssh/ssh-sk-helper
View file

@ -2,6 +2,8 @@
# Copyright (C) 2024 valoq <valoq@mailbox.org>
# SPDX-License-Identifier: GPL-2.0-only
abi <abi/4.0>,
include <tunables/global>
@{exec_path} = @{lib}/ssh/ssh-sk-helper

2
apparmor.d/groups/systemd/journalctl
View file

@ -55,7 +55,7 @@ profile journalctl @{exec_path} flags=(attach_disconnected) {
deny network inet stream,
deny network inet6 stream,
include if exists <local/systemd-journalctl>
include if exists <local/journalctl>
}
# vim:syntax=apparmor

2
apparmor.d/groups/systemd/systemd-resolved
View file

@ -50,7 +50,7 @@ profile systemd-resolved @{exec_path} flags=(attach_disconnected) {
@{PROC}/sys/kernel/hostname r,
@{PROC}/sys/net/ipv{4,6}/conf/all/disable_ipv{4,6} r,
include if exists <local/systemd-timesyncd>
include if exists <local/systemd-resolved>
}
# vim:syntax=apparmor

0
apparmor.d/groups/systemd/systemd-sleep-grub2 → apparmor.d/groups/systemd/systemd-sleep-grub
View file

1
apparmor.d/groups/ubuntu/subiquity-console-conf
View file

@ -109,6 +109,7 @@ profile subiquity-console-conf @{exec_path} {
/var/lib/dbus/machine-id r,
/etc/machine-id r,
include if exists <local/subiquity-console-conf_journalctl>
}
include if exists <local/subiquity-console-conf>

1
apparmor.d/groups/ubuntu/ubuntu-advantage
View file

@ -87,6 +87,7 @@ profile ubuntu-advantage @{exec_path} {
/dev/kmsg w,
include if exists <local/ubuntu-advantage_systemctl>
}
include if exists <local/ubuntu-advantage>

1
apparmor.d/groups/ubuntu/update-motd-fsck-at-reboot
View file

@ -45,6 +45,7 @@ profile update-motd-fsck-at-reboot @{exec_path} {
/dev/tty@{int} rw,
include if exists <local/update-motd-fsck-at-reboot_mount>
}
include if exists <local/update-motd-fsck-at-reboot>

2
apparmor.d/groups/virt/libvirtd
View file

@ -290,6 +290,8 @@ profile libvirtd @{exec_path} flags=(attach_disconnected) {
owner @{PROC}/@{pids}/status r,
/dev/net/tun rw,
include if exists <local/libvirtd_qemu_bridge_helper>
}
include if exists <usr/libvirtd>

4
apparmor.d/groups/whonix/whonix-firewalld
View file

@ -7,7 +7,7 @@ abi <abi/4.0>,
include <tunables/global>
@{exec_path} = @{bin}/whonix_firewall @{lib}/whonix-firewall/reloadfirewall
profile whonix-firewall @{exec_path} {
profile whonix-firewalld @{exec_path} {
include <abstractions/base>
include <abstractions/consoles>
include <abstractions/nameservice-strict>
@ -45,7 +45,7 @@ profile whonix-firewall @{exec_path} {
owner @{run}/updatesproxycheck/{,**} rw,
owner @{run}/whonix_firewall/{,**} rw,
include if exists <local/whonix-firewall>
include if exists <local/whonix-firewalld>
}
# vim:syntax=apparmor

2
apparmor.d/groups/xfce/xfce-panel
View file

@ -48,7 +48,7 @@ profile xfce-panel @{exec_path} {
@{bin}/lsblk rPx,
include if exists <local/xfce-panel-wrapper_root>
include if exists <local/xfce-panel_root>
}
include if exists <local/xfce-panel>

2
apparmor.d/profiles-a-f/acpi-powerbtn
View file

@ -43,6 +43,8 @@ profile acpi-powerbtn flags=(attach_disconnected) {
/dev/tty rw,
owner /dev/tty@{int} rw,
include if exists <local/acpi-powerbtn_fgconsole>
}
profile bus flags=(complain) {

3
apparmor.d/profiles-a-f/adequate
View file

@ -64,6 +64,7 @@ profile adequate @{exec_path} flags=(complain) {
@{lib}/@{multiarch}/ld-*.so rix,
@{lib}{,x}32/ld-*.so rix,
include if exists <local/adequate_ldd>
}
profile frontend flags=(complain) {
@ -98,6 +99,7 @@ profile adequate @{exec_path} flags=(complain) {
/etc/shadow r,
include if exists <local/adequate_frontend>
}
profile pkg-config flags=(complain) {
@ -105,6 +107,7 @@ profile adequate @{exec_path} flags=(complain) {
@{bin}/pkg-config mr,
include if exists <local/adequate_pkg-config>
}
include if exists <local/adequate>

2
apparmor.d/profiles-a-f/anacron
View file

@ -39,7 +39,7 @@ profile anacron @{exec_path} {
owner @{tmp}/#@{int} rw,
owner @{tmp}/file@{rand6} rw,
include if exists <local/anacron_run_parts>
include if exists <local/anacron_run-parts>
}
include if exists <local/anacron>

2
apparmor.d/profiles-a-f/archivemount
View file

@ -29,7 +29,6 @@ profile archivemount @{exec_path} {
/dev/fuse rw,
profile fusermount {
include <abstractions/base>
include <abstractions/nameservice-strict>
@ -52,6 +51,7 @@ profile archivemount @{exec_path} {
@{PROC}/@{pid}/mounts r,
include if exists <local/archivemount_fusermount>
}
include if exists <local/archivemount>

1
apparmor.d/profiles-a-f/aspell-autobuildhash
View file

@ -69,6 +69,7 @@ profile aspell-autobuildhash @{exec_path} flags=(complain) {
owner @{PROC}/@{pid}/mounts r,
@{HOME}/.Xauthority r,
include if exists <local/aspell-autobuildhash_frontend>
}
include if exists <local/aspell-autobuildhash>

1
apparmor.d/profiles-a-f/changestool
View file

@ -33,6 +33,7 @@ profile changestool @{exec_path} {
owner @{HOME}/@{XDG_GPG_DIR}/ r,
owner @{HOME}/@{XDG_GPG_DIR}/** rwkl -> @{HOME}/@{XDG_GPG_DIR}/**,
include if exists <local/changestool_gpg>
}
include if exists <local/changestool>

2
apparmor.d/profiles-a-f/check-support-status
View file

@ -65,7 +65,6 @@ profile check-support-status @{exec_path} {
/usr/share/debian-security-support/ r,
/usr/share/debian-security-support/* r,
profile debconf-escape {
include <abstractions/base>
include <abstractions/perl>
@ -75,6 +74,7 @@ profile check-support-status @{exec_path} {
owner @{tmp}/debian-security-support.postinst.*/output r,
include if exists <local/check-support-status_debconf-escape>
}
include if exists <local/check-support-status>

4
apparmor.d/profiles-a-f/check-support-status-hook
View file

@ -58,6 +58,7 @@ profile check-support-status-hook @{exec_path} {
/tmp/ r,
owner @{tmp}/debian-security-support.postinst.*/output r,
include if exists <local/check-support-status-hook_debconf-escape>
}
profile frontend {
@ -90,6 +91,7 @@ profile check-support-status-hook @{exec_path} {
owner @{PROC}/@{pid}/mounts r,
@{HOME}/.Xauthority r,
include if exists <local/check-support-status-hook_frontend>
}
profile runuser {
@ -124,6 +126,8 @@ profile check-support-status-hook @{exec_path} {
/tmp/ r,
owner @{tmp}/debian-security-support.postinst.*/output w,
include if exists <local/check-support-status-hook_runuser>
}
include if exists <local/check-support-status-hook>

2
apparmor.d/profiles-a-f/chpasswd
View file

@ -2,6 +2,8 @@
# Copyright (C) 2023-2024 Alexandre Pujol <alexandre@pujol.io>
# SPDX-License-Identifier: GPL-2.0-only
abi <abi/4.0>,
include <tunables/global>
@{exec_path} = @{bin}/chpasswd

1
apparmor.d/profiles-a-f/claws-mail
View file

@ -66,6 +66,7 @@ profile claws-mail @{exec_path} flags=(complain) {
owner @{HOME}/@{XDG_GPG_DIR}/ rw,
owner @{HOME}/@{XDG_GPG_DIR}/** rwkl -> @{HOME}/@{XDG_GPG_DIR}/**,
include if exists <local/claws-mail_gpg>
}
include if exists <local/claws-mail>

1
apparmor.d/profiles-a-f/conky
View file

@ -200,6 +200,7 @@ profile conky @{exec_path} {
deny @{PROC}/@{pid}/net/route r,
deny @{sys}/devices/**/hwmon/**/temp*_input r,
include if exists <local/conky_browse>
}
include if exists <local/conky>

2
apparmor.d/profiles-a-f/cupsd
View file

@ -2,6 +2,8 @@
# Copyright (C) 2022-2024 Alexandre Pujol <alexandre@pujol.io>
# SPDX-License-Identifier: GPL-2.0-only
abi <abi/4.0>,
include <tunables/global>
@{exec_path} = @{bin}/cupsd

1
apparmor.d/profiles-a-f/deluser
View file

@ -48,6 +48,7 @@ profile deluser @{exec_path} {
@{sys}/devices/virtual/block/**/name r,
include if exists <local/deluser_mount>
}
include if exists <local/deluser>

1
apparmor.d/profiles-a-f/dhclient-script
View file

@ -77,6 +77,7 @@ profile dhclient-script @{exec_path} {
# file_inherit
owner /var/lib/dhcp/dhclient.leases r,
include if exists <local/dhclient-script_run-parts>
}
include if exists <local/dhclient-script>

2
apparmor.d/profiles-a-f/dlocate
View file

@ -49,7 +49,6 @@ profile dlocate @{exec_path} {
/ r,
profile md5sum {
include <abstractions/base>
@ -59,6 +58,7 @@ profile dlocate @{exec_path} {
/boot/** r,
/usr/** r,
include if exists <local/dlocate_md5sum>
}
include if exists <local/dlocate>

1
apparmor.d/profiles-a-f/etckeeper
View file

@ -73,6 +73,7 @@ profile etckeeper @{exec_path} {
owner @{PROC}/@{pid}/fd/ r,
include if exists <local/etckeeper_gpg>
}
include if exists <local/etckeeper>

1
apparmor.d/profiles-a-f/execute-dput
View file

@ -46,6 +46,7 @@ profile execute-dput @{exec_path} flags=(complain) {
owner @{HOME}/@{XDG_GPG_DIR}/ rw,
owner @{HOME}/@{XDG_GPG_DIR}/** rwkl -> @{HOME}/@{XDG_GPG_DIR}/**,
include if exists <local/execute-dput_gpg>
}
include if exists <local/execute-dput>

1
apparmor.d/profiles-a-f/frontend
View file

@ -121,6 +121,7 @@ profile frontend @{exec_path} flags=(complain) {
/tmp/ r,
owner @{tmp}/** rw,
include if exists <local/frontend_scripts>
}
include if exists <local/frontend>

1
apparmor.d/profiles-a-f/fuseiso
View file

@ -58,6 +58,7 @@ profile fuseiso @{exec_path} {
/dev/fuse rw,
include if exists <local/fuseiso_fusermount>
}
include if exists <local/fuseiso>

2
apparmor.d/profiles-a-f/fwupdmgr
View file

@ -54,7 +54,7 @@ profile fwupdmgr @{exec_path} flags=(attach_disconnected) {
profile bus flags=(attach_disconnected) {
include <abstractions/base>
include <abstractions/app/bus>
include if exists <local/fwupdmgr_dbus>
include if exists <local/fwupdmgr_bus>
}
include if exists <local/fwupdmgr>

2
apparmor.d/profiles-g-l/gpartedbin
View file

@ -94,7 +94,7 @@ profile gpartedbin @{exec_path} {
@{bin}/mount mr,
include if exists <local/gpartedbin_umount>
include if exists <local/gpartedbin_mount>
}
profile umount {

1
apparmor.d/profiles-g-l/i3lock-fancy
View file

@ -67,6 +67,7 @@ profile i3lock-fancy @{exec_path} {
# file_inherit
owner /dev/tty@{int} rw,
include if exists <local/i3lock-fancy_imagemagic>
}
include if exists <local/i3lock-fancy>

1
apparmor.d/profiles-g-l/ifup
View file

@ -92,6 +92,7 @@ profile ifup @{exec_path} {
/etc/network/if-up.d/openvpn rPUx,
/etc/network/if-up.d/wpasupplicant rPUx,
include if exists <local/ifup_run-parts>
}
profile kmod {

2
apparmor.d/profiles-g-l/imv-wayland → apparmor.d/profiles-g-l/imv
View file

@ -25,7 +25,7 @@ profile imv @{exec_path} {
owner @{run}/user/@{uid}/imv-*.sock w,
include if exists <local/imv-wayland>
include if exists <local/imv>
}
# vim:syntax=apparmor

2
apparmor.d/profiles-g-l/initd-kexec-load
View file

@ -48,6 +48,7 @@ profile initd-kexec-load @{exec_path} {
/etc/default/kexec.d/ r,
include if exists <local/initd-kexec-load_run-parts>
}
profile systemctl {
@ -74,6 +75,7 @@ profile initd-kexec-load @{exec_path} {
owner @{run}/systemd/ask-password/ rw,
owner @{run}/systemd/ask-password-block/* rw,
include if exists <local/initd-kexec-load_systemctl>
}
include if exists <local/initd-kexec-load>

1
apparmor.d/profiles-g-l/jmtpfs
View file

@ -58,6 +58,7 @@ profile jmtpfs @{exec_path} {
@{PROC}/@{pid}/mounts r,
include if exists <local/jmtpfs_fusermount>
}
include if exists <local/jmtpfs>

1
apparmor.d/profiles-g-l/linux-check-removal
View file

@ -46,6 +46,7 @@ profile linux-check-removal @{exec_path} flags=(complain) {
owner /var/cache/debconf/{config,passwords,templates}.dat{,-new,-old} rwk,
/usr/share/debconf/templates/adequate.templates r,
include if exists <local/linux-check-removal_frontend>
}
include if exists <local/linux-check-removal>

2
apparmor.d/profiles-m-r/murmurd
View file

@ -2,6 +2,8 @@
# Copyright (C) 2023-2024 Alexandre Pujol <alexandre@pujol.io>
# SPDX-License-Identifier: GPL-2.0-only
abi <abi/4.0>,
include <tunables/global>
@{exec_path} = @{bin}/murmurd

1
apparmor.d/profiles-m-r/obexfs
View file

@ -48,6 +48,7 @@ profile obexfs @{exec_path} {
@{PROC}/@{pid}/mounts r,
include if exists <local/obexfs_fusermount>
}
include if exists <local/obexfs>

1
apparmor.d/profiles-m-r/pam-auth-update
View file

@ -60,6 +60,7 @@ profile pam-auth-update @{exec_path} flags=(complain) {
/etc/shadow r,
include if exists <local/pam-auth-update_frontend>
}
include if exists <local/pam-auth-update>

2
apparmor.d/profiles-m-r/reprepro
View file

@ -55,7 +55,6 @@ profile reprepro @{exec_path} {
owner @{user_build_dirs}/pbuilder/result/*.deb r,
owner @{user_build_dirs}/pbuilder/result/*.tar.* r,
profile gpg {
include <abstractions/base>
@ -66,6 +65,7 @@ profile reprepro @{exec_path} {
owner @{HOME}/@{XDG_GPG_DIR}/ rw,
owner @{HOME}/@{XDG_GPG_DIR}/** rwkl -> @{HOME}/@{XDG_GPG_DIR}/**,
include if exists <local/reprepro_gpg>
}
include if exists <local/reprepro>

3
apparmor.d/profiles-m-r/run-parts
View file

@ -191,6 +191,8 @@ profile run-parts @{exec_path} {
@{PROC}/@{pids}/mounts r,
/dev/tty@{int} rw,
include if exists <local/run-parts_motd>
}
profile kernel {
@ -248,6 +250,7 @@ profile run-parts @{exec_path} {
@{PROC}/devices r,
@{PROC}/cmdline r,
include if exists <local/run-parts_kernel>
}
include if exists <local/run-parts>

2
apparmor.d/profiles-s-z/sensors-detect
View file

@ -50,7 +50,7 @@ profile sensors-detect @{exec_path} {
include <abstractions/base>
include <abstractions/app/kmod>
include if exists <local/sensors-detect_udevadm>
include if exists <local/sensors-detect_kmod>
}
profile systemctl {

3
apparmor.d/profiles-s-z/tasksel
View file

@ -40,13 +40,13 @@ profile tasksel @{exec_path} flags=(complain) {
owner @{tmp}/file* w,
profile tasksel-tests flags=(complain) {
include <abstractions/base>
@{lib}/tasksel/tests/* r,
@{sh_path} rix,
include if exists <local/tasksel_tasksel-tests>
}
profile frontend flags=(complain) {
@ -76,6 +76,7 @@ profile tasksel @{exec_path} flags=(complain) {
/etc/shadow r,
include if exists <local/tasksel_frontend>
}
include if exists <local/tasksel>

1
apparmor.d/profiles-s-z/update-dlocatedb
View file

@ -58,6 +58,7 @@ profile update-dlocatedb @{exec_path} {
@{bin}/gzip rix,
/var/lib/dlocate/dlocatedb.gz rw,
include if exists <local/update-dlocatedb_updatedb>
}
include if exists <local/update-dlocatedb>

1
apparmor.d/profiles-s-z/update-pciids
View file

@ -62,6 +62,7 @@ profile update-pciids @{exec_path} {
/usr/share/misc/pci.ids.new w,
/usr/share/misc/pci.ids.gz.new w,
include if exists <local/update-pciids_browse>
}
include if exists <local/update-pciids>

2
apparmor.d/profiles-s-z/update-smart-drivedb
View file

@ -58,6 +58,7 @@ profile update-smart-drivedb @{exec_path} {
owner /var/lib/smartmontools/drivedb/.gnupg.@{int}.tmp/ rw,
owner /var/lib/smartmontools/drivedb/.gnupg.@{int}.tmp/** rwkl -> /var/lib/smartmontools/drivedb/.gnupg.@{int}.tmp/**,
include if exists <local/update-smart-drivedb_gpg>
}
profile browse {
@ -88,6 +89,7 @@ profile update-smart-drivedb @{exec_path} {
/var/lib/smartmontools/drivedb/drivedb.h.new{,.raw.asc} w,
include if exists <local/update-smart-drivedb_browse>
}
include if exists <local/update-smart-drivedb>

2
apparmor.d/profiles-s-z/uupdate
View file

@ -50,7 +50,7 @@ profile uupdate @{exec_path} flags=(complain) {
# For package building
owner @{user_build_dirs}/** rwkl -> @{user_build_dirs}/**,
include if exists <local/uupdates>
include if exists <local/uupdate>
}
# vim:syntax=apparmor

2
apparmor.d/profiles-s-z/yadifad
View file

@ -2,6 +2,8 @@
# Copyright (C) 2024 Alexandre Pujol <alexandre@pujol.io>
# SPDX-License-Identifier: GPL-2.0-only
abi <abi/4.0>,
include <tunables/global>
@{exec_path} = @{bin}/yadifad

12
apparmor.d/profiles-s-z/youtube-viewer
View file

@ -32,12 +32,6 @@ profile youtube-viewer @{exec_path} {
@{bin}/wget rCx -> wget,
owner @{user_config_dirs}/youtube-viewer/{,*} rw,
owner @{user_cache_dirs}/youtube-viewer/{,*} rw,
owner @{HOME}/Downloads/youtube-viewer/{,*} rw,
/etc/inputrc r,
# Players
@{bin}/mpv rPUx,
@{bin}/vlc rPUx,
@ -45,6 +39,11 @@ profile youtube-viewer @{exec_path} {
@{bin}/ffmpeg rPUx,
/etc/inputrc r,
owner @{user_config_dirs}/youtube-viewer/{,*} rw,
owner @{user_cache_dirs}/youtube-viewer/{,*} rw,
owner @{HOME}/Downloads/youtube-viewer/{,*} rw,
profile wget {
include <abstractions/base>
@ -62,6 +61,7 @@ profile youtube-viewer @{exec_path} {
owner @{HOME}/.wget-hsts r,
owner @{HOME}/wget-log{,.@{int}} rw,
include if exists <local/youtube-viewer_wget>
}
include if exists <local/youtube-viewer>