apparmor.d/profiles/usr.sbin.apt-cacher-ng
2021-04-01 16:17:47 +01:00

40 lines
1 KiB
Text

# apparmor.d - Full set of apparmor profiles
# Copyright (C) Felix Geyer <debfx@ubuntu.com>
# SPDX-License-Identifier: GPL-2.0-only
@{APT_CACHER_NG_CACHE_DIR}=/var/cache/apt-cacher-ng
#include <tunables/global>
profile apt-cacher-ng /usr/sbin/apt-cacher-ng {
#include <abstractions/base>
#include <abstractions/nameservice>
#include <abstractions/openssl>
#include <abstractions/user-tmp>
/etc/apt-cacher-ng/ r,
/etc/apt-cacher-ng/** r,
/etc/hosts.{deny,allow} r,
/usr/sbin/apt-cacher-ng mr,
/var/lib/apt-cacher-ng/** r,
/{,var/}run/apt-cacher-ng/* rw,
@{APT_CACHER_NG_CACHE_DIR}/ r,
@{APT_CACHER_NG_CACHE_DIR}/** rw,
/var/log/apt-cacher-ng/ r,
/var/log/apt-cacher-ng/* rw,
/{,var/}run/systemd/notify w,
/{usr/,}bin/dash ixr,
/{usr/,}bin/ed ixr,
/{usr/,}bin/red ixr,
/{usr/,}bin/sed ixr,
/usr/lib/apt-cacher-ng/acngtool ixr,
# used by libevent
@{PROC}/sys/kernel/random/uuid r,
# Site-specific additions and overrides. See local/README for details.
#include <local/usr.sbin.apt-cacher-ng>
}