mirror of
https://github.com/roddhjav/apparmor.d.git
synced 2025-01-30 06:45:10 +01:00
BUILD_DIR -> user_build_dirs.
This commit is contained in:
Alexandre Pujol
parent
b65955d055
commit
f922a5f8e8
30 changed files with 44 additions and 103 deletions
|
|
@ -6,8 +6,6 @@ abi <abi/3.0>,
|
|||
|
||||
include <tunables/global>
|
||||
|
||||
@{BUILD_DIR} = @{MOUNTS}/debuilder/
|
||||
|
||||
@{exec_path} = /{usr/,}bin/apt
|
||||
profile apt @{exec_path} flags=(complain) {
|
||||
include <abstractions/base>
|
||||
|
|
@ -119,7 +117,7 @@ profile apt @{exec_path} flags=(complain) {
|
|||
/var/cache/apt/** rwk,
|
||||
|
||||
# For package building
|
||||
@{BUILD_DIR}/** rwkl -> @{BUILD_DIR}/**,
|
||||
@{user_build_dirs}/** rwkl -> @{user_build_dirs}/**,
|
||||
|
||||
|
||||
profile editor flags=(complain) {
|
||||
|
|
@ -164,7 +162,7 @@ profile apt @{exec_path} flags=(complain) {
|
|||
|
||||
/etc/dpkg/origins/debian r,
|
||||
|
||||
owner @{BUILD_DIR}/** rwkl -> @{BUILD_DIR}/**,
|
||||
owner @{user_build_dirs}/** rwkl -> @{user_build_dirs}/**,
|
||||
owner @{HOME}/** rwkl -> @{HOME}/**,
|
||||
audit deny owner @{HOME}/.* mrwkl,
|
||||
audit deny owner @{HOME}/.*/ rw,
|
||||
|
|
|
|||
|
|
@ -6,8 +6,6 @@ abi <abi/3.0>,
|
|||
|
||||
include <tunables/global>
|
||||
|
||||
@{BUILD_DIR} = @{MOUNTS}/debuilder/
|
||||
|
||||
@{exec_path} = /{usr/,}bin/apt-extracttemplates
|
||||
profile apt-extracttemplates @{exec_path} {
|
||||
include <abstractions/base>
|
||||
|
|
@ -26,7 +24,7 @@ profile apt-extracttemplates @{exec_path} {
|
|||
owner /tmp/*.{config,template}.?????? rw,
|
||||
|
||||
# For package building
|
||||
@{BUILD_DIR}/** rwkl -> @{BUILD_DIR}/**,
|
||||
@{user_build_dirs}/** rwkl -> @{user_build_dirs}/**,
|
||||
|
||||
include if exists <local/apt-extracttemplates>
|
||||
}
|
||||
|
|
|
|||
|
|
@ -6,8 +6,6 @@ abi <abi/3.0>,
|
|||
|
||||
include <tunables/global>
|
||||
|
||||
@{BUILD_DIR} = @{MOUNTS}/debuilder/
|
||||
|
||||
@{exec_path} = /{usr/,}bin/apt-ftparchive
|
||||
profile apt-ftparchive @{exec_path} {
|
||||
include <abstractions/base>
|
||||
|
|
@ -18,7 +16,7 @@ profile apt-ftparchive @{exec_path} {
|
|||
/etc/apt/apt.conf.d/{,*} r,
|
||||
|
||||
# For package building
|
||||
@{BUILD_DIR}/** rwkl -> @{BUILD_DIR}/**,
|
||||
@{user_build_dirs}/** rwkl -> @{user_build_dirs}/**,
|
||||
|
||||
include if exists <local/apt-ftparchive>
|
||||
}
|
||||
|
|
|
|||
|
|
@ -6,8 +6,6 @@ abi <abi/3.0>,
|
|||
|
||||
include <tunables/global>
|
||||
|
||||
@{BUILD_DIR} = @{MOUNTS}/debuilder/
|
||||
|
||||
@{exec_path} = /{usr/,}bin/apt-get
|
||||
profile apt-get @{exec_path} flags=(complain) {
|
||||
include <abstractions/base>
|
||||
|
|
@ -122,7 +120,7 @@ profile apt-get @{exec_path} flags=(complain) {
|
|||
/var/cache/apt/** rwk,
|
||||
|
||||
# For package building
|
||||
@{BUILD_DIR}/** rwkl -> @{BUILD_DIR}/**,
|
||||
@{user_build_dirs}/** rwkl -> @{user_build_dirs}/**,
|
||||
|
||||
# file_inherit
|
||||
owner /var/log/cron-apt/temp w,
|
||||
|
|
@ -171,7 +169,7 @@ profile apt-get @{exec_path} flags=(complain) {
|
|||
|
||||
/etc/dpkg/origins/debian r,
|
||||
|
||||
owner @{BUILD_DIR}/** rwkl -> @{BUILD_DIR}/**,
|
||||
owner @{user_build_dirs}/** rwkl -> @{user_build_dirs}/**,
|
||||
owner @{HOME}/** rwkl -> @{HOME}/**,
|
||||
audit deny owner @{HOME}/.* mrwkl,
|
||||
audit deny owner @{HOME}/.*/ rw,
|
||||
|
|
|
|||
|
|
@ -6,8 +6,6 @@ abi <abi/3.0>,
|
|||
|
||||
include <tunables/global>
|
||||
|
||||
@{BUILD_DIR} = @{MOUNTS}/debuilder/
|
||||
|
||||
@{exec_path} = /{usr/,}lib/apt/methods/cdrom
|
||||
profile apt-methods-cdrom @{exec_path} {
|
||||
include <abstractions/base>
|
||||
|
|
@ -37,7 +35,7 @@ profile apt-methods-cdrom @{exec_path} {
|
|||
/root/ r,
|
||||
|
||||
# For package building
|
||||
@{BUILD_DIR}/** rwkl -> @{BUILD_DIR}/**,
|
||||
@{user_build_dirs}/** rwkl -> @{user_build_dirs}/**,
|
||||
|
||||
# file_inherit
|
||||
owner /dev/tty[0-9]* rw,
|
||||
|
|
|
|||
|
|
@ -6,8 +6,6 @@ abi <abi/3.0>,
|
|||
|
||||
include <tunables/global>
|
||||
|
||||
@{BUILD_DIR} = @{MOUNTS}/debuilder/
|
||||
|
||||
@{exec_path} = /{usr/,}lib/apt/methods/copy
|
||||
profile apt-methods-copy @{exec_path} {
|
||||
include <abstractions/base>
|
||||
|
|
@ -47,7 +45,7 @@ profile apt-methods-copy @{exec_path} {
|
|||
owner /var/lib/apt/lists/partial/* rw,
|
||||
|
||||
# For package building
|
||||
@{BUILD_DIR}/** rwkl -> @{BUILD_DIR}/**,
|
||||
@{user_build_dirs}/** rwkl -> @{user_build_dirs}/**,
|
||||
|
||||
# file_inherit
|
||||
owner /dev/tty[0-9]* rw,
|
||||
|
|
|
|||
|
|
@ -6,8 +6,6 @@ abi <abi/3.0>,
|
|||
|
||||
include <tunables/global>
|
||||
|
||||
@{BUILD_DIR} = @{MOUNTS}/debuilder/
|
||||
|
||||
@{exec_path} = /{usr/,}lib/apt/methods/file
|
||||
profile apt-methods-file @{exec_path} {
|
||||
include <abstractions/base>
|
||||
|
|
@ -47,7 +45,7 @@ profile apt-methods-file @{exec_path} {
|
|||
owner /var/lib/apt/lists/partial/* rw,
|
||||
|
||||
# For package building
|
||||
@{BUILD_DIR}/** rwkl -> @{BUILD_DIR}/**,
|
||||
@{user_build_dirs}/** rwkl -> @{user_build_dirs}/**,
|
||||
|
||||
# file_inherit
|
||||
owner /dev/tty[0-9]* rw,
|
||||
|
|
|
|||
|
|
@ -6,8 +6,6 @@ abi <abi/3.0>,
|
|||
|
||||
include <tunables/global>
|
||||
|
||||
@{BUILD_DIR} = @{MOUNTS}/debuilder/
|
||||
|
||||
@{exec_path} = /{usr/,}lib/apt/methods/ftp
|
||||
profile apt-methods-ftp @{exec_path} {
|
||||
include <abstractions/base>
|
||||
|
|
@ -37,7 +35,7 @@ profile apt-methods-ftp @{exec_path} {
|
|||
/root/ r,
|
||||
|
||||
# For package building
|
||||
@{BUILD_DIR}/** rwkl -> @{BUILD_DIR}/**,
|
||||
@{user_build_dirs}/** rwkl -> @{user_build_dirs}/**,
|
||||
|
||||
# file_inherit
|
||||
owner /dev/tty[0-9]* rw,
|
||||
|
|
|
|||
|
|
@ -6,8 +6,6 @@ abi <abi/3.0>,
|
|||
|
||||
include <tunables/global>
|
||||
|
||||
@{BUILD_DIR} = @{MOUNTS}/debuilder/
|
||||
|
||||
@{exec_path} = /{usr/,}lib/apt/methods/gpgv
|
||||
profile apt-methods-gpgv @{exec_path} {
|
||||
include <abstractions/base>
|
||||
|
|
@ -83,7 +81,7 @@ profile apt-methods-gpgv @{exec_path} {
|
|||
/etc/keyrings/*.gpg r,
|
||||
|
||||
# For package building
|
||||
@{BUILD_DIR}/** rwkl -> @{BUILD_DIR}/**,
|
||||
@{user_build_dirs}/** rwkl -> @{user_build_dirs}/**,
|
||||
|
||||
# file_inherit
|
||||
owner /dev/tty[0-9]* rw,
|
||||
|
|
|
|||
|
|
@ -6,8 +6,6 @@ abi <abi/3.0>,
|
|||
|
||||
include <tunables/global>
|
||||
|
||||
@{BUILD_DIR} = @{MOUNTS}/debuilder/
|
||||
|
||||
@{exec_path} = /{usr/,}lib/apt/methods/http{,s}
|
||||
profile apt-methods-http @{exec_path} {
|
||||
include <abstractions/base>
|
||||
|
|
@ -67,7 +65,7 @@ profile apt-methods-http @{exec_path} {
|
|||
@{PROC}/@{pid}/cgroup r,
|
||||
|
||||
# For package building
|
||||
@{BUILD_DIR}/** rwkl -> @{BUILD_DIR}/**,
|
||||
@{user_build_dirs}/** rwkl -> @{user_build_dirs}/**,
|
||||
|
||||
# file_inherit
|
||||
owner /dev/tty[0-9]* rw,
|
||||
|
|
|
|||
|
|
@ -6,8 +6,6 @@ abi <abi/3.0>,
|
|||
|
||||
include <tunables/global>
|
||||
|
||||
@{BUILD_DIR} = @{MOUNTS}/debuilder/
|
||||
|
||||
@{exec_path} = /{usr/,}lib/apt/methods/mirror{,+*}
|
||||
profile apt-methods-mirror @{exec_path} {
|
||||
include <abstractions/base>
|
||||
|
|
@ -37,7 +35,7 @@ profile apt-methods-mirror @{exec_path} {
|
|||
/root/ r,
|
||||
|
||||
# For package building
|
||||
@{BUILD_DIR}/** rwkl -> @{BUILD_DIR}/**,
|
||||
@{user_build_dirs}/** rwkl -> @{user_build_dirs}/**,
|
||||
|
||||
# file_inherit
|
||||
owner /dev/tty[0-9]* rw,
|
||||
|
|
|
|||
|
|
@ -6,8 +6,6 @@ abi <abi/3.0>,
|
|||
|
||||
include <tunables/global>
|
||||
|
||||
@{BUILD_DIR} = @{MOUNTS}/debuilder/
|
||||
|
||||
@{exec_path} = /{usr/,}lib/apt/methods/rred
|
||||
profile apt-methods-rred @{exec_path} {
|
||||
include <abstractions/base>
|
||||
|
|
@ -47,7 +45,7 @@ profile apt-methods-rred @{exec_path} {
|
|||
owner /var/lib/apt/lists/partial/* rw,
|
||||
|
||||
# For package building
|
||||
@{BUILD_DIR}/** rwkl -> @{BUILD_DIR}/**,
|
||||
@{user_build_dirs}/** rwkl -> @{user_build_dirs}/**,
|
||||
|
||||
# file_inherit
|
||||
owner /dev/tty[0-9]* rw,
|
||||
|
|
|
|||
|
|
@ -6,8 +6,6 @@ abi <abi/3.0>,
|
|||
|
||||
include <tunables/global>
|
||||
|
||||
@{BUILD_DIR} = @{MOUNTS}/debuilder/
|
||||
|
||||
@{exec_path} = /{usr/,}lib/apt/methods/{r,s}sh
|
||||
profile apt-methods-rsh @{exec_path} {
|
||||
include <abstractions/base>
|
||||
|
|
@ -37,7 +35,7 @@ profile apt-methods-rsh @{exec_path} {
|
|||
/root/ r,
|
||||
|
||||
# For package building
|
||||
@{BUILD_DIR}/** rwkl -> @{BUILD_DIR}/**,
|
||||
@{user_build_dirs}/** rwkl -> @{user_build_dirs}/**,
|
||||
|
||||
# file_inherit
|
||||
owner /dev/tty[0-9]* rw,
|
||||
|
|
|
|||
|
|
@ -6,8 +6,6 @@ abi <abi/3.0>,
|
|||
|
||||
include <tunables/global>
|
||||
|
||||
@{BUILD_DIR} = @{MOUNTS}/debuilder/
|
||||
|
||||
@{exec_path} = /{usr/,}lib/apt/methods/store
|
||||
profile apt-methods-store @{exec_path} {
|
||||
include <abstractions/base>
|
||||
|
|
@ -52,7 +50,7 @@ profile apt-methods-store @{exec_path} {
|
|||
owner /tmp/apt-changelog-*/*.changelog{,.*} rw,
|
||||
|
||||
# For package building
|
||||
@{BUILD_DIR}/** rwkl -> @{BUILD_DIR}/**,
|
||||
@{user_build_dirs}/** rwkl -> @{user_build_dirs}/**,
|
||||
|
||||
# file_inherit
|
||||
owner /dev/tty[0-9]* rw,
|
||||
|
|
|
|||
|
|
@ -6,8 +6,6 @@ abi <abi/3.0>,
|
|||
|
||||
include <tunables/global>
|
||||
|
||||
@{BUILD_DIR} = @{MOUNTS}/debuilder/
|
||||
|
||||
@{exec_path} = /{usr/,}bin/apt-show-versions
|
||||
profile apt-show-versions @{exec_path} {
|
||||
include <abstractions/base>
|
||||
|
|
@ -31,7 +29,7 @@ profile apt-show-versions @{exec_path} {
|
|||
/var/lib/dbus/machine-id r,
|
||||
/etc/machine-id r,
|
||||
|
||||
@{BUILD_DIR}/** rwkl -> @{BUILD_DIR}/**,
|
||||
@{user_build_dirs}/** rwkl -> @{user_build_dirs}/**,
|
||||
|
||||
# file_inherit
|
||||
owner /dev/tty[0-9]* rw,
|
||||
|
|
|
|||
|
|
@ -6,8 +6,6 @@ abi <abi/3.0>,
|
|||
|
||||
include <tunables/global>
|
||||
|
||||
@{BUILD_DIR} = @{MOUNTS}/debuilder/
|
||||
|
||||
@{exec_path} = /{usr/,}bin/aptitude{,-curses}
|
||||
profile aptitude @{exec_path} flags=(complain) {
|
||||
include <abstractions/base>
|
||||
|
|
@ -162,7 +160,7 @@ profile aptitude @{exec_path} flags=(complain) {
|
|||
/etc/machine-id r,
|
||||
|
||||
# For package building
|
||||
@{BUILD_DIR}/** rwkl -> @{BUILD_DIR}/**,
|
||||
@{user_build_dirs}/** rwkl -> @{user_build_dirs}/**,
|
||||
|
||||
# file_inherit
|
||||
/var/log/cron-apt/temp w,
|
||||
|
|
|
|||
|
|
@ -6,8 +6,6 @@ abi <abi/3.0>,
|
|||
|
||||
include <tunables/global>
|
||||
|
||||
@{BUILD_DIR} = @{MOUNTS}/debuilder/
|
||||
|
||||
@{exec_path} = /{usr/,}bin/debsign
|
||||
profile debsign @{exec_path} {
|
||||
include <abstractions/base>
|
||||
|
|
@ -40,7 +38,7 @@ profile debsign @{exec_path} {
|
|||
owner @{HOME}/.devscripts r,
|
||||
|
||||
# For package building
|
||||
owner @{BUILD_DIR}/** rwkl -> @{BUILD_DIR}/**,
|
||||
owner @{user_build_dirs}/** rwkl -> @{user_build_dirs}/**,
|
||||
|
||||
owner /tmp/debsign.*/ rw,
|
||||
owner /tmp/debsign.*/*.{dsc,changes,buildinfo}{,.asc} rw,
|
||||
|
|
|
|||
|
|
@ -6,8 +6,6 @@ abi <abi/3.0>,
|
|||
|
||||
include <tunables/global>
|
||||
|
||||
@{BUILD_DIR} = @{MOUNTS}/debuilder/
|
||||
|
||||
@{exec_path} = /{usr/,}bin/debtags
|
||||
profile debtags @{exec_path} {
|
||||
include <abstractions/base>
|
||||
|
|
@ -36,7 +34,7 @@ profile debtags @{exec_path} {
|
|||
/var/lib/dbus/machine-id r,
|
||||
/etc/machine-id r,
|
||||
|
||||
@{BUILD_DIR}/** rwkl -> @{BUILD_DIR}/**,
|
||||
@{user_build_dirs}/** rwkl -> @{user_build_dirs}/**,
|
||||
|
||||
# file_inherit
|
||||
/var/log/cron-apt/temp w ,
|
||||
|
|
|
|||
|
|
@ -6,8 +6,6 @@ abi <abi/3.0>,
|
|||
|
||||
include <tunables/global>
|
||||
|
||||
@{BUILD_DIR} = @{MOUNTS}/debuilder/
|
||||
|
||||
@{exec_path} = /{usr/,}bin/dpkg-checkbuilddeps
|
||||
profile dpkg-checkbuilddeps @{exec_path} flags=(complain) {
|
||||
include <abstractions/base>
|
||||
|
|
@ -24,7 +22,7 @@ profile dpkg-checkbuilddeps @{exec_path} flags=(complain) {
|
|||
/usr/share/dpkg/tupletable r,
|
||||
|
||||
# For package building
|
||||
owner @{BUILD_DIR}/**/debian/control r,
|
||||
owner @{user_build_dirs}/**/debian/control r,
|
||||
|
||||
include if exists <local/dpkg-checkbuilddeps>
|
||||
}
|
||||
|
|
|
|||
|
|
@ -6,8 +6,6 @@ abi <abi/3.0>,
|
|||
|
||||
include <tunables/global>
|
||||
|
||||
@{BUILD_DIR} = @{MOUNTS}/debuilder/
|
||||
|
||||
@{exec_path} = /{usr/,}bin/dpkg-deb
|
||||
profile dpkg-deb @{exec_path} {
|
||||
include <abstractions/base>
|
||||
|
|
@ -36,7 +34,7 @@ profile dpkg-deb @{exec_path} {
|
|||
/var/cache/apt/archives/*.deb r,
|
||||
|
||||
# For package building
|
||||
@{BUILD_DIR}/** rwkl -> @{BUILD_DIR}/**,
|
||||
@{user_build_dirs}/** rwkl -> @{user_build_dirs}/**,
|
||||
|
||||
include if exists <local/dpkg-deb>
|
||||
}
|
||||
|
|
|
|||
|
|
@ -6,8 +6,6 @@ abi <abi/3.0>,
|
|||
|
||||
include <tunables/global>
|
||||
|
||||
@{BUILD_DIR} = @{MOUNTS}/debuilder/
|
||||
|
||||
@{exec_path} = /{usr/,}bin/dpkg-genbuildinfo
|
||||
profile dpkg-genbuildinfo @{exec_path} flags=(complain) {
|
||||
include <abstractions/base>
|
||||
|
|
@ -19,7 +17,7 @@ profile dpkg-genbuildinfo @{exec_path} flags=(complain) {
|
|||
/etc/dpkg/origins/debian r,
|
||||
|
||||
# For package building
|
||||
owner @{BUILD_DIR}/** rwkl -> @{BUILD_DIR}/**,
|
||||
owner @{user_build_dirs}/** rwkl -> @{user_build_dirs}/**,
|
||||
|
||||
/var/lib/dpkg/status r,
|
||||
|
||||
|
|
|
|||
|
|
@ -6,8 +6,6 @@ abi <abi/3.0>,
|
|||
|
||||
include <tunables/global>
|
||||
|
||||
@{BUILD_DIR} = @{MOUNTS}/debuilder/
|
||||
|
||||
@{exec_path} = /{usr/,}bin/dpkg-genchanges
|
||||
profile dpkg-genchanges @{exec_path} flags=(complain) {
|
||||
include <abstractions/base>
|
||||
|
|
@ -22,7 +20,7 @@ profile dpkg-genchanges @{exec_path} flags=(complain) {
|
|||
/usr/share/dpkg/tupletable r,
|
||||
|
||||
# For package building
|
||||
owner @{BUILD_DIR}/** r,
|
||||
owner @{user_build_dirs}/** r,
|
||||
|
||||
include if exists <local/dpkg-genchanges>
|
||||
}
|
||||
|
|
|
|||
|
|
@ -6,8 +6,6 @@ abi <abi/3.0>,
|
|||
|
||||
include <tunables/global>
|
||||
|
||||
@{BUILD_DIR} = @{MOUNTS}/debuilder/
|
||||
|
||||
@{exec_path} = /{usr/,}bin/dpkg-split
|
||||
profile dpkg-split @{exec_path} {
|
||||
include <abstractions/base>
|
||||
|
|
@ -26,7 +24,7 @@ profile dpkg-split @{exec_path} {
|
|||
/var/cache/apt/archives/*.deb r,
|
||||
|
||||
# For package building
|
||||
@{BUILD_DIR}/** rwkl -> @{BUILD_DIR}/**,
|
||||
@{user_build_dirs}/** rwkl -> @{user_build_dirs}/**,
|
||||
|
||||
include if exists <local/dpkg-split>
|
||||
}
|
||||
|
|
|
|||
|
|
@ -4,8 +4,6 @@
|
|||
|
||||
abi <abi/3.0>,
|
||||
|
||||
@{BUILD_DIR} = @{MOUNTS}/debuilder/
|
||||
|
||||
include <tunables/global>
|
||||
|
||||
@{exec_path} = /{usr/,}sbin/synaptic /{usr/,}bin/synaptic-pkexec
|
||||
|
|
@ -158,7 +156,7 @@ profile synaptic @{exec_path} {
|
|||
@{HOME}/.Xauthority r,
|
||||
|
||||
# For package building
|
||||
@{BUILD_DIR}/** rwkl -> @{BUILD_DIR}/**,
|
||||
@{user_build_dirs}/** rwkl -> @{user_build_dirs}/**,
|
||||
|
||||
# file_inherit
|
||||
owner /dev/tty[0-9]* rw,
|
||||
|
|
|
|||
|
|
@ -6,8 +6,6 @@ abi <abi/3.0>,
|
|||
|
||||
include <tunables/global>
|
||||
|
||||
@{BUILD_DIR} = @{MOUNTS}/debuilder/
|
||||
|
||||
@{exec_path} = /{usr/,}bin/changestool
|
||||
profile changestool @{exec_path} {
|
||||
include <abstractions/base>
|
||||
|
|
@ -21,7 +19,7 @@ profile changestool @{exec_path} {
|
|||
owner @{PROC}/@{pid}/fd/ r,
|
||||
|
||||
# For package building
|
||||
owner @{BUILD_DIR}/** rwkl -> @{BUILD_DIR}/**,
|
||||
owner @{user_build_dirs}/** rwkl -> @{user_build_dirs}/**,
|
||||
|
||||
|
||||
profile gpg {
|
||||
|
|
|
|||
|
|
@ -6,8 +6,6 @@ abi <abi/3.0>,
|
|||
|
||||
include <tunables/global>
|
||||
|
||||
@{BUILD_DIR} = @{MOUNTS}/debuilder/
|
||||
|
||||
@{exec_path} = /{usr/,}bin/dput /usr/share/dput/execute-dput
|
||||
profile execute-dput @{exec_path} flags=(complain) {
|
||||
include <abstractions/base>
|
||||
|
|
@ -34,10 +32,10 @@ profile execute-dput @{exec_path} flags=(complain) {
|
|||
owner @{PROC}/@{pid}/fd/ r,
|
||||
|
||||
# sources dir
|
||||
owner @{BUILD_DIR}/**.changes r,
|
||||
owner @{BUILD_DIR}/**.dsc r,
|
||||
owner @{BUILD_DIR}/**.buildinfo r,
|
||||
owner @{BUILD_DIR}/**.tar.xz r,
|
||||
owner @{user_build_dirs}/**.changes r,
|
||||
owner @{user_build_dirs}/**.dsc r,
|
||||
owner @{user_build_dirs}/**.buildinfo r,
|
||||
owner @{user_build_dirs}/**.tar.xz r,
|
||||
|
||||
|
||||
profile gpg {
|
||||
|
|
|
|||
|
|
@ -7,8 +7,6 @@ abi <abi/3.0>,
|
|||
|
||||
include <tunables/global>
|
||||
|
||||
@{BUILD_DIR} = @{MOUNTS}/debuilder/
|
||||
|
||||
@{exec_path} = /{usr/,}bin/{kmod,lsmod}
|
||||
@{exec_path} += /{usr/,}{s,}bin/{depmod,insmod,lsmod,rmmod,modinfo,modprobe}
|
||||
profile kmod @{exec_path} {
|
||||
|
|
@ -54,11 +52,11 @@ profile kmod @{exec_path} {
|
|||
# For local kernel build
|
||||
owner /tmp/depmod.*/lib/modules/*/ r,
|
||||
owner /tmp/depmod.*/lib/modules/*/modules.* rw,
|
||||
owner @{BUILD_DIR}/**/System.map r,
|
||||
owner @{BUILD_DIR}/**/debian/*/lib/modules/*/ r,
|
||||
owner @{BUILD_DIR}/**/debian/*/lib/modules/*/modules.* rw,
|
||||
owner @{BUILD_DIR}/**/debian/*/lib/modules/*/kernel/{,**/} r,
|
||||
owner @{BUILD_DIR}/**/debian/*/lib/modules/*/kernel/**/*.ko r,
|
||||
owner @{user_build_dirs}/**/System.map r,
|
||||
owner @{user_build_dirs}/**/debian/*/lib/modules/*/ r,
|
||||
owner @{user_build_dirs}/**/debian/*/lib/modules/*/modules.* rw,
|
||||
owner @{user_build_dirs}/**/debian/*/lib/modules/*/kernel/{,**/} r,
|
||||
owner @{user_build_dirs}/**/debian/*/lib/modules/*/kernel/**/*.ko r,
|
||||
|
||||
include if exists <local/kmod>
|
||||
}
|
||||
|
|
|
|||
|
|
@ -7,7 +7,6 @@ abi <abi/3.0>,
|
|||
include <tunables/global>
|
||||
|
||||
@{REPO_DIR} = @{MOUNTS}/debuilder/repo
|
||||
@{BUILD_DIR} = @{MOUNTS}/debuilder/
|
||||
|
||||
@{exec_path} = /{usr/,}bin/reprepro
|
||||
profile reprepro @{exec_path} {
|
||||
|
|
@ -51,9 +50,9 @@ profile reprepro @{exec_path} {
|
|||
owner @{REPO_DIR}/*.deb r,
|
||||
|
||||
# For package building
|
||||
owner @{BUILD_DIR}/pbuilder/result/*.{dsc,changes} r,
|
||||
owner @{BUILD_DIR}/pbuilder/result/*.deb r,
|
||||
owner @{BUILD_DIR}/pbuilder/result/*.tar.* r,
|
||||
owner @{user_build_dirs}/pbuilder/result/*.{dsc,changes} r,
|
||||
owner @{user_build_dirs}/pbuilder/result/*.deb r,
|
||||
owner @{user_build_dirs}/pbuilder/result/*.tar.* r,
|
||||
|
||||
profile gpg {
|
||||
include <abstractions/base>
|
||||
|
|
|
|||
|
|
@ -6,8 +6,6 @@ abi <abi/3.0>,
|
|||
|
||||
include <tunables/global>
|
||||
|
||||
@{BUILD_DIR} = @{MOUNTS}/debuilder/
|
||||
|
||||
@{exec_path} = /{usr/,}bin/uscan
|
||||
profile uscan @{exec_path} {
|
||||
include <abstractions/base>
|
||||
|
|
@ -38,7 +36,7 @@ profile uscan @{exec_path} {
|
|||
/{usr/,}bin/uupdate rPUx,
|
||||
|
||||
# To run custom maintainer scripts
|
||||
owner @{BUILD_DIR}/**/debian/* rPUx,
|
||||
owner @{user_build_dirs}/**/debian/* rPUx,
|
||||
|
||||
/{usr/,}bin/gpg rCx -> gpg,
|
||||
/{usr/,}bin/gpgv rCx -> gpg,
|
||||
|
|
@ -49,7 +47,7 @@ profile uscan @{exec_path} {
|
|||
/etc/magic r,
|
||||
|
||||
# For package building
|
||||
owner @{BUILD_DIR}/** rwkl -> @{BUILD_DIR}/**,
|
||||
owner @{user_build_dirs}/** rwkl -> @{user_build_dirs}/**,
|
||||
|
||||
|
||||
# For GPG keys
|
||||
|
|
@ -67,8 +65,8 @@ profile uscan @{exec_path} {
|
|||
|
||||
owner /tmp/*/trustedkeys.gpg rw,
|
||||
|
||||
owner @{BUILD_DIR}/**/debian/upstream/signing-key.asc r,
|
||||
owner @{BUILD_DIR}/**/*.tar.* r,
|
||||
owner @{user_build_dirs}/**/debian/upstream/signing-key.asc r,
|
||||
owner @{user_build_dirs}/**/*.tar.* r,
|
||||
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -6,8 +6,6 @@ abi <abi/3.0>,
|
|||
|
||||
include <tunables/global>
|
||||
|
||||
@{BUILD_DIR} = @{MOUNTS}/debuilder/
|
||||
|
||||
@{exec_path} = /{usr/,}bin/uupdate
|
||||
profile uupdate @{exec_path} flags=(complain) {
|
||||
include <abstractions/base>
|
||||
|
|
@ -49,7 +47,7 @@ profile uupdate @{exec_path} flags=(complain) {
|
|||
/etc/devscripts.conf r,
|
||||
|
||||
# For package building
|
||||
owner @{BUILD_DIR}/** rwkl -> @{BUILD_DIR}/**,
|
||||
owner @{user_build_dirs}/** rwkl -> @{user_build_dirs}/**,
|
||||
|
||||
include if exists <local/uupdates>
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in a new issue