mirrors/apparmor
1
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor.git synced 2025-03-04 08:24:42 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

don't var/ alternation with systemd

Browse source
This commit is contained in:
Jamie Strandboge 2017-05-03 16:04:05 -05:00
parent 0699034db4
commit 4b3888751a
1 changed files with 3 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
profiles/apparmor.d/abstractions/base
View file

@ -33,13 +33,13 @@
/usr/share/zoneinfo/ r,
/usr/share/zoneinfo/** r,
/usr/share/X11/locale/** r,
/{,var/}run/systemd/journal/dev-log w,
/run/systemd/journal/dev-log w,
# systemd native journal API (see sd_journal_print(4))
/{,var/}run/systemd/journal/socket w,
/run/systemd/journal/socket w,
# Nested containers and anything using systemd-cat need this. 'r' shouldn't
# be required but applications fail without it. journald doesn't leak
# anything when reading so this is ok.
/{,var/}run/systemd/journal/stdout rw,
/run/systemd/journal/stdout rw,
/usr/lib{,32,64}/locale/** mr,
/usr/lib{,32,64}/gconv/*.so mr,