mirror of
https://github.com/roddhjav/apparmor.d.git
synced 2025-01-18 08:58:15 +01:00
dpkg updates
Signed-off-by: Jeroen Rijken <jeroen.rijken@xs4all.nl>
This commit is contained in:
Jeroen Rijken
Alex
parent
a84f0b540c
commit
83bff808dc
1 changed files with 12 additions and 0 deletions
|
|
@ -16,6 +16,7 @@ include <tunables/global>
|
||||||
profile child-dpkg {
|
profile child-dpkg {
|
||||||
include <abstractions/base>
|
include <abstractions/base>
|
||||||
include <abstractions/consoles>
|
include <abstractions/consoles>
|
||||||
|
include <abstractions/nameservice-strict>
|
||||||
|
|
||||||
capability dac_read_search,
|
capability dac_read_search,
|
||||||
capability setgid,
|
capability setgid,
|
||||||
|
|
@ -26,11 +27,22 @@ profile child-dpkg {
|
||||||
# ERROR: ld.so: object 'libfakeroot-sysv.so' from LD_PRELOAD cannot be preloaded (cannot open
|
# ERROR: ld.so: object 'libfakeroot-sysv.so' from LD_PRELOAD cannot be preloaded (cannot open
|
||||||
# shared object file): ignored.
|
# shared object file): ignored.
|
||||||
/{usr/,}bin/dpkg-query rpx,
|
/{usr/,}bin/dpkg-query rpx,
|
||||||
|
/{usr/,}bin/dpkg-deb rPx,
|
||||||
|
/{usr/,}bin/dpkg-split rPx,
|
||||||
|
|
||||||
/etc/dpkg/dpkg.cfg.d/{,*} r,
|
/etc/dpkg/dpkg.cfg.d/{,*} r,
|
||||||
/etc/dpkg/dpkg.cfg r,
|
/etc/dpkg/dpkg.cfg r,
|
||||||
|
|
||||||
|
/usr/share/doc/perl-modules-*/{,**/}*.dpkg-{new,tmp} rwl,
|
||||||
|
/usr/share/perl/*/{,**/}*.dpkg-{new,tmp} rwl,
|
||||||
|
|
||||||
/var/lib/dpkg/** r,
|
/var/lib/dpkg/** r,
|
||||||
|
/var/lib/dpkg/lock rw,
|
||||||
|
/var/lib/dpkg/tmp.ci/control rw,
|
||||||
|
/var/lib/dpkg/tmp.ci/md5sums rw,
|
||||||
|
/var/lib/dpkg/triggers/Lock rw,
|
||||||
|
/var/lib/dpkg/updates/* rw,
|
||||||
|
/var/log/dpkg.log ra,
|
||||||
|
|
||||||
# file_inherit
|
# file_inherit
|
||||||
/tmp/#[0-9]*[0-9] rw,
|
/tmp/#[0-9]*[0-9] rw,
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue