mirrors/apparmor.d
1
0
Fork 0
mirror of https://github.com/roddhjav/apparmor.d.git synced 2025-01-18 00:48:10 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat(profiles): general update.

Browse source
This commit is contained in:
Alexandre Pujol 2022-11-05 17:25:27 +00:00
parent 18a8b42cbf
commit dd13de385e
Failed to generate hash of commit
3 changed files with 5 additions and 15 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
apparmor.d/abstractions/video.d/complete
View file

@ -1,13 +0,0 @@
# apparmor.d - Full set of apparmor profiles
# Copyright (C) 2020-2021 Mikhail Morfikov
# Copyright (C) 2021 Alexandre Pujol <alexandre@pujol.io>
# SPDX-License-Identifier: GPL-2.0-only
owner /dev/shm/libv4l-* rw,
/dev/video[0-9]* rw,
@{sys}/devices/pci[0-9]*/**/usb[0-9]/**/video4linux/video[0-9]*/dev r,
@{sys}/devices/pci[0-9]*/**/usb[0-9]/**/{modalias,speed} r,
@{sys}/devices/virtual/dmi/id/sys_vendor r,
@{sys}/devices/virtual/dmi/id/product_{name,version} r,
@{sys}/devices/virtual/dmi/id/board_{vendor,name,version} r,

4
apparmor.d/groups/pacman/mkinitcpio
View file

@ -34,6 +34,8 @@ profile mkinitcpio @{exec_path} flags=(attach_disconnected) {
/{usr/,}bin/hexdump rix,
/{usr/,}bin/install rix,
/{usr/,}bin/ldconfig rix,
/{usr/,}bin/mv rix,
/{usr/,}bin/sync rix,
/{usr/,}bin/ldd rix,
/{usr/,}bin/ln rix,
/{usr/,}bin/loadkeys rix,
@ -84,7 +86,7 @@ profile mkinitcpio @{exec_path} flags=(attach_disconnected) {
# Manage /boot
/ r,
/boot/initramfs-*.img rw,
/boot/initramfs-*.img* rw,
/boot/vmlinuz-* r,
@{sys}/class/block/ r,

3
apparmor.d/groups/pacman/pacman
View file

@ -73,6 +73,7 @@ profile pacman @{exec_path} {
/{usr/,}bin/sed rix,
/{usr/,}bin/setcap rix,
/{usr/,}bin/touch rix,
/{usr/,}bin/tput rix,
/{usr/,}bin/vercmp rix,
/{usr/,}bin/xmlcatalog rix,
/{usr/,}lib/ghc-*/bin/ghc-pkg rix,
@ -106,7 +107,7 @@ profile pacman @{exec_path} {
# Install/update packages
/ r,
/*/ rw,
/*{,/} rw,
/boot/** rwl -> /boot/**,
/etc/** rwl -> /etc/**,
/opt/** rwl -> /opt/**,