mirrors/apparmor.d
1
0
Fork 0
mirror of https://github.com/roddhjav/apparmor.d.git synced 2024-11-14 23:43:56 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

Fix openvpn integration with network manager.

Browse Source
This commit is contained in:
Alexandre Pujol 2021-04-08 22:41:05 +01:00
parent 604a95119d
commit a789d518b2
No known key found for this signature in database
GPG Key ID: C5469996F0DF68EC
2 changed files with 15 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
apparmor.d/groups/network/NetworkManager
View File

@ -22,11 +22,16 @@ profile NetworkManager @{exec_path} flags=(attach_disconnected) {
network netlink raw,
network packet dgram,
capability net_admin,
capability net_raw,
capability net_bind_service,
capability dac_override,
capability audit_write,
capability dac_override,
capability kill,
capability net_admin,
capability net_bind_service,
capability net_raw,
capability setgid,
capability setuid,
capability sys_chroot,
capability sys_module,
@{exec_path} mr,
@ -41,6 +46,8 @@ profile NetworkManager @{exec_path} flags=(attach_disconnected) {
/{usr/,}bin/systemctl rPx -> child-systemctl,
/{usr/,}bin/{,ba,da}sh rix,
/dev/rfkill rw,
/ r,
/etc/ r,
/etc/resolv.conf rw,

5
apparmor.d/groups/network/nm-openvpn-service
View File

@ -11,7 +11,10 @@ profile nm-openvpn-service @{exec_path} {
include <abstractions/base>
include <abstractions/nameservice-strict>
signal peer=openvpn,
capability kill,
capability net_admin,
signal (send) set=(term) peer=openvpn,
@{exec_path} mr,