mirrors/apparmor.d
1
0
Fork 0
mirror of https://github.com/roddhjav/apparmor.d.git synced 2025-02-03 08:45:06 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

fix(profile): minor fixes.

Browse source
This commit is contained in:
Alexandre Pujol 2024-11-13 13:31:06 +00:00
parent 194d18191e
commit b4bcb2f16e
Failed to generate hash of commit
2 changed files with 6 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
apparmor.d/profiles-g-l/ip
View file

@ -20,11 +20,13 @@ profile ip @{exec_path} flags=(attach_disconnected) {
network netlink raw, network netlink raw,
mount options=(rw, rshared) -> @{run}/netns/, mount fstype=sysfs -> /sys/,
mount options=(rw, rslave) -> /, mount options=(rw bind) / -> @{run}/netns/*,
mount options=(rw rbind) @{run}/netns/ -> @{run}/netns/,
mount options=(rw, bind) @{att}/ -> @{run}/netns/*, mount options=(rw, bind) @{att}/ -> @{run}/netns/*,
mount options=(rw, bind) /etc/netns/*/resolv.conf -> /etc/resolv.conf, mount options=(rw, bind) /etc/netns/*/resolv.conf -> /etc/resolv.conf,
mount fstype=sysfs -> /sys/, mount options=(rw, rshared) -> @{run}/netns/,
mount options=(rw, rslave) -> /,
umount @{run}/netns/*, umount @{run}/netns/*,
umount /sys/, umount /sys/,

2
apparmor.d/profiles-s-z/sync
View file

@ -14,7 +14,7 @@ profile sync @{exec_path} {
@{exec_path} mr, @{exec_path} mr,
# All paths where sync can be used to flush all write operations on a single file to disk # All paths where sync can be used to flush all write operations on a single file to disk
/** rw, /{,**} rw,
include if exists <local/sync> include if exists <local/sync>
} }