mirror of
https://github.com/roddhjav/apparmor.d.git
synced 2024-11-15 07:54:17 +01:00
parent
7033a13bc2
commit
b96362d915
@ -24,6 +24,7 @@ profile mkinitcpio @{exec_path} flags=(attach_disconnected) {
|
|||||||
|
|
||||||
@{sh_path} rix,
|
@{sh_path} rix,
|
||||||
@{coreutils_path} rix,
|
@{coreutils_path} rix,
|
||||||
|
@{bin}/{m,g,}awk rix,
|
||||||
@{bin}/bsdtar rix,
|
@{bin}/bsdtar rix,
|
||||||
@{bin}/fc-match rix,
|
@{bin}/fc-match rix,
|
||||||
@{bin}/findmnt rPx,
|
@{bin}/findmnt rPx,
|
||||||
@ -34,6 +35,8 @@ profile mkinitcpio @{exec_path} flags=(attach_disconnected) {
|
|||||||
@{bin}/ldconfig rix,
|
@{bin}/ldconfig rix,
|
||||||
@{bin}/ldd rix,
|
@{bin}/ldd rix,
|
||||||
@{bin}/loadkeys rix,
|
@{bin}/loadkeys rix,
|
||||||
|
@{bin}/objcopy rix,
|
||||||
|
@{bin}/objdump rix,
|
||||||
@{bin}/tput rix,
|
@{bin}/tput rix,
|
||||||
@{bin}/xz rix,
|
@{bin}/xz rix,
|
||||||
@{bin}/zcat rix,
|
@{bin}/zcat rix,
|
||||||
@ -45,8 +48,10 @@ profile mkinitcpio @{exec_path} flags=(attach_disconnected) {
|
|||||||
@{bin}/modprobe rPx,
|
@{bin}/modprobe rPx,
|
||||||
@{bin}/plymouth rPx,
|
@{bin}/plymouth rPx,
|
||||||
@{bin}/plymouth-set-default-theme rPx,
|
@{bin}/plymouth-set-default-theme rPx,
|
||||||
|
@{bin}/sbctl rPx,
|
||||||
|
|
||||||
@{lib}/initcpio/busybox rix,
|
@{lib}/initcpio/busybox rix,
|
||||||
|
@{lib}/initcpio/post/** rix,
|
||||||
@{lib}/ld-*.so* rix,
|
@{lib}/ld-*.so* rix,
|
||||||
|
|
||||||
/etc/fstab r,
|
/etc/fstab r,
|
||||||
@ -82,15 +87,22 @@ profile mkinitcpio @{exec_path} flags=(attach_disconnected) {
|
|||||||
/boot/initramfs-*.img* rw,
|
/boot/initramfs-*.img* rw,
|
||||||
/boot/vmlinuz-* r,
|
/boot/vmlinuz-* r,
|
||||||
|
|
||||||
# Temp files
|
/usr/share/systemd/bootctl/** r,
|
||||||
owner @{run}/initramfs/{,**} rw,
|
|
||||||
owner @{run}/mkinitcpio.@{rand6}/{,**} rwl,
|
/etc/kernel/** r,
|
||||||
|
|
||||||
|
/tmp/mkinitcpio.@{rand6} rw,
|
||||||
|
/tmp/mkinitcpio.@{rand6}.tmp rw,
|
||||||
owner @{tmp}/mkinitcpio.@{rand6} rw,
|
owner @{tmp}/mkinitcpio.@{rand6} rw,
|
||||||
owner @{tmp}/mkinitcpio.@{rand6}/{,**} rwl,
|
owner @{tmp}/mkinitcpio.@{rand6}/{,**} rwl,
|
||||||
|
|
||||||
owner @{run}/initcpio-tmp/mkinitcpio.@{rand6}/{,**} rwl,
|
owner @{run}/initcpio-tmp/mkinitcpio.@{rand6}/{,**} rwl,
|
||||||
|
owner @{run}/initramfs/{,**} rw,
|
||||||
|
owner @{run}/mkinitcpio.@{rand6}/{,**} rwl,
|
||||||
|
|
||||||
@{sys}/class/block/ r,
|
@{sys}/class/block/ r,
|
||||||
@{sys}/devices/{,**} r,
|
@{sys}/devices/{,**} r,
|
||||||
|
@{sys}/firmware/efi/fw_platform_size r,
|
||||||
|
|
||||||
owner @{PROC}/@{pid}/mountinfo r,
|
owner @{PROC}/@{pid}/mountinfo r,
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user