mirror of
https://gitlab.com/apparmor/apparmor.git
synced 2025-03-04 00:14:44 +01:00
68 lines
1.7 KiB
Text
68 lines
1.7 KiB
Text
#------------------------------------------------------------------
|
|
# Copyright (C) 2024 Canonical Ltd.
|
|
#
|
|
# Author: Shishir Subedi (shishir.subedi@canonical.com)
|
|
#
|
|
# This program is free software; you can redistribute it and/or
|
|
# modify it under the terms of version 2 of the GNU General Public
|
|
# License published by the Free Software Foundation.
|
|
#------------------------------------------------------------------
|
|
# vim: ft=apparmor
|
|
#
|
|
|
|
abi <abi/4.0>,
|
|
|
|
include <tunables/global>
|
|
|
|
profile tshark /usr/bin/tshark {
|
|
include <abstractions/base>
|
|
include <abstractions/nameservice>
|
|
include <abstractions/user-tmp>
|
|
|
|
capability dac_read_search,
|
|
|
|
signal send peer=tshark//dumpcap,
|
|
|
|
file Cx /usr/bin/dumpcap -> dumpcap,
|
|
file mr /usr/bin/tshark,
|
|
file mrix /usr/lib/@{multiarch}/wireshark/extcap/{,*},
|
|
file r /usr/share/wireshark/{,**},
|
|
file r @{PROC}/@{pid}/fd/,
|
|
|
|
# for -i sdjournal
|
|
file r /{var,run}/log/journal/{,**},
|
|
|
|
# Site-specific additions and overrides. See local/README for details.
|
|
include if exists <local/tshark>
|
|
|
|
profile dumpcap {
|
|
include <abstractions/base>
|
|
include <abstractions/nameservice>
|
|
include <abstractions/private-files-strict>
|
|
include <abstractions/user-tmp>
|
|
include <abstractions/user-write>
|
|
|
|
capability net_admin,
|
|
capability net_raw,
|
|
|
|
network packet,
|
|
network raw,
|
|
network stream,
|
|
|
|
dbus (eavesdrop receive) bus=system,
|
|
|
|
signal receive peer=tshark,
|
|
|
|
file r /dev/,
|
|
file r @{PROC}/@{pid}/net/dev,
|
|
file r @{sys}/devices/{,**},
|
|
file rw @{sys}/devices/**/statistics/rx_*,
|
|
|
|
file r /**.pcap{,ng}{,.gz},
|
|
owner rw /**.pcap{,ng}{,.gz},
|
|
|
|
owner rw @{run}/dbus/system_bus_socket,
|
|
file mr /usr/bin/dumpcap,
|
|
|
|
}
|
|
}
|