mirrors/apparmor
1
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor.git synced 2025-03-04 16:35:02 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
apparmor/profiles/extras
History
Seth Arnold 087c48b35e r3527@dhcp-81: root | 2006-08-02 15:33:07 -0700 
Fix up the m, U, and P stuff, and other misc fixes
2006-08-04 18:13:59 +00:00
..
etc.cron.daily.logrotate r3527@dhcp-81: root | 2006-08-02 15:33:07 -0700 2006-08-04 18:13:59 +00:00
etc.cron.daily.slocate.cron r3527@dhcp-81: root | 2006-08-02 15:33:07 -0700 2006-08-04 18:13:59 +00:00
etc.cron.daily.tmpwatch r3527@dhcp-81: root | 2006-08-02 15:33:07 -0700 2006-08-04 18:13:59 +00:00
opt.gnome.bin.evolution-2.4 r3527@dhcp-81: root | 2006-08-02 15:33:07 -0700 2006-08-04 18:13:59 +00:00
opt.gnome.bin.gaim r3527@dhcp-81: root | 2006-08-02 15:33:07 -0700 2006-08-04 18:13:59 +00:00
opt.gnome.lib.bonobo.bonobo-activation-server r3527@dhcp-81: root | 2006-08-02 15:33:07 -0700 2006-08-04 18:13:59 +00:00
opt.gnome.lib.evolution-data-server-1.2.evolution-data-server-1.4 r3527@dhcp-81: root | 2006-08-02 15:33:07 -0700 2006-08-04 18:13:59 +00:00
opt.gnome.lib.GConf.2.gconfd-2 r3527@dhcp-81: root | 2006-08-02 15:33:07 -0700 2006-08-04 18:13:59 +00:00
README r3527@dhcp-81: root | 2006-08-02 15:33:07 -0700 2006-08-04 18:13:59 +00:00
sbin.dhclient r3527@dhcp-81: root | 2006-08-02 15:33:07 -0700 2006-08-04 18:13:59 +00:00
sbin.dhcpcd r3527@dhcp-81: root | 2006-08-02 15:33:07 -0700 2006-08-04 18:13:59 +00:00
sbin.portmap r3527@dhcp-81: root | 2006-08-02 15:33:07 -0700 2006-08-04 18:13:59 +00:00
sbin.resmgrd Update svn:keywords properties. 2006-04-12 20:35:41 +00:00
sbin.rpc.lockd r3527@dhcp-81: root | 2006-08-02 15:33:07 -0700 2006-08-04 18:13:59 +00:00
sbin.rpc.statd r3527@dhcp-81: root | 2006-08-02 15:33:07 -0700 2006-08-04 18:13:59 +00:00
usr.bin.apropos r3527@dhcp-81: root | 2006-08-02 15:33:07 -0700 2006-08-04 18:13:59 +00:00
usr.bin.fam r3527@dhcp-81: root | 2006-08-02 15:33:07 -0700 2006-08-04 18:13:59 +00:00
usr.bin.man r3527@dhcp-81: root | 2006-08-02 15:33:07 -0700 2006-08-04 18:13:59 +00:00
usr.bin.mlmmj-bounce r3527@dhcp-81: root | 2006-08-02 15:33:07 -0700 2006-08-04 18:13:59 +00:00
usr.bin.mlmmj-maintd r3527@dhcp-81: root | 2006-08-02 15:33:07 -0700 2006-08-04 18:13:59 +00:00
usr.bin.mlmmj-make-ml.sh r3527@dhcp-81: root | 2006-08-02 15:33:07 -0700 2006-08-04 18:13:59 +00:00
usr.bin.mlmmj-process r3527@dhcp-81: root | 2006-08-02 15:33:07 -0700 2006-08-04 18:13:59 +00:00
usr.bin.mlmmj-recieve r3527@dhcp-81: root | 2006-08-02 15:33:07 -0700 2006-08-04 18:13:59 +00:00
usr.bin.mlmmj-send darix noticed I had forgotten the svn:keywords property on all my new files and cut-n-waste was blaming steve for all these files 2006-05-02 21:41:28 +00:00
usr.bin.mlmmj-sub r3527@dhcp-81: root | 2006-08-02 15:33:07 -0700 2006-08-04 18:13:59 +00:00
usr.bin.mlmmj-unsub r3527@dhcp-81: root | 2006-08-02 15:33:07 -0700 2006-08-04 18:13:59 +00:00
usr.bin.opera r3527@dhcp-81: root | 2006-08-02 15:33:07 -0700 2006-08-04 18:13:59 +00:00
usr.bin.procmail r3527@dhcp-81: root | 2006-08-02 15:33:07 -0700 2006-08-04 18:13:59 +00:00
usr.bin.spamc Import the rest of the core functionality of the internal apparmor 2006-04-11 21:52:54 +00:00
usr.bin.svnserve Update svn:keywords properties. 2006-04-12 20:35:41 +00:00
usr.lib.firefox.firefox-bin r3527@dhcp-81: root | 2006-08-02 15:33:07 -0700 2006-08-04 18:13:59 +00:00
usr.lib.firefox.firefox.sh r3527@dhcp-81: root | 2006-08-02 15:33:07 -0700 2006-08-04 18:13:59 +00:00
usr.lib.firefox.mozilla-xremote-client r3527@dhcp-81: root | 2006-08-02 15:33:07 -0700 2006-08-04 18:13:59 +00:00
usr.lib.man-db.man r3527@dhcp-81: root | 2006-08-02 15:33:07 -0700 2006-08-04 18:13:59 +00:00
usr.lib.openldap.slapd r3527@dhcp-81: root | 2006-08-02 15:33:07 -0700 2006-08-04 18:13:59 +00:00
usr.lib.postfix.anvil r3527@dhcp-81: root | 2006-08-02 15:33:07 -0700 2006-08-04 18:13:59 +00:00
usr.lib.postfix.bounce r3527@dhcp-81: root | 2006-08-02 15:33:07 -0700 2006-08-04 18:13:59 +00:00
usr.lib.postfix.cleanup r3527@dhcp-81: root | 2006-08-02 15:33:07 -0700 2006-08-04 18:13:59 +00:00
usr.lib.postfix.discard r3527@dhcp-81: root | 2006-08-02 15:33:07 -0700 2006-08-04 18:13:59 +00:00
usr.lib.postfix.error r3527@dhcp-81: root | 2006-08-02 15:33:07 -0700 2006-08-04 18:13:59 +00:00
usr.lib.postfix.flush r3527@dhcp-81: root | 2006-08-02 15:33:07 -0700 2006-08-04 18:13:59 +00:00
usr.lib.postfix.lmtp r3527@dhcp-81: root | 2006-08-02 15:33:07 -0700 2006-08-04 18:13:59 +00:00
usr.lib.postfix.local r3527@dhcp-81: root | 2006-08-02 15:33:07 -0700 2006-08-04 18:13:59 +00:00
usr.lib.postfix.master r3527@dhcp-81: root | 2006-08-02 15:33:07 -0700 2006-08-04 18:13:59 +00:00
usr.lib.postfix.nqmgr r3527@dhcp-81: root | 2006-08-02 15:33:07 -0700 2006-08-04 18:13:59 +00:00
usr.lib.postfix.oqmgr r3527@dhcp-81: root | 2006-08-02 15:33:07 -0700 2006-08-04 18:13:59 +00:00
usr.lib.postfix.pickup r3527@dhcp-81: root | 2006-08-02 15:33:07 -0700 2006-08-04 18:13:59 +00:00
usr.lib.postfix.pipe r3527@dhcp-81: root | 2006-08-02 15:33:07 -0700 2006-08-04 18:13:59 +00:00
usr.lib.postfix.proxymap r3527@dhcp-81: root | 2006-08-02 15:33:07 -0700 2006-08-04 18:13:59 +00:00
usr.lib.postfix.qmgr r3527@dhcp-81: root | 2006-08-02 15:33:07 -0700 2006-08-04 18:13:59 +00:00
usr.lib.postfix.qmqpd r3527@dhcp-81: root | 2006-08-02 15:33:07 -0700 2006-08-04 18:13:59 +00:00
usr.lib.postfix.scache r3527@dhcp-81: root | 2006-08-02 15:33:07 -0700 2006-08-04 18:13:59 +00:00
usr.lib.postfix.showq r3527@dhcp-81: root | 2006-08-02 15:33:07 -0700 2006-08-04 18:13:59 +00:00
usr.lib.postfix.smtp r3527@dhcp-81: root | 2006-08-02 15:33:07 -0700 2006-08-04 18:13:59 +00:00
usr.lib.postfix.smtpd r3527@dhcp-81: root | 2006-08-02 15:33:07 -0700 2006-08-04 18:13:59 +00:00
usr.lib.postfix.spawn r3527@dhcp-81: root | 2006-08-02 15:33:07 -0700 2006-08-04 18:13:59 +00:00
usr.lib.postfix.tlsmgr r3527@dhcp-81: root | 2006-08-02 15:33:07 -0700 2006-08-04 18:13:59 +00:00
usr.lib.postfix.trivial-rewrite r3527@dhcp-81: root | 2006-08-02 15:33:07 -0700 2006-08-04 18:13:59 +00:00
usr.lib.postfix.verify r3527@dhcp-81: root | 2006-08-02 15:33:07 -0700 2006-08-04 18:13:59 +00:00
usr.lib.postfix.virtual r3527@dhcp-81: root | 2006-08-02 15:33:07 -0700 2006-08-04 18:13:59 +00:00
usr.lib.RealPlayer10.realplay r3527@dhcp-81: root | 2006-08-02 15:33:07 -0700 2006-08-04 18:13:59 +00:00
usr.NX.bin.nxclient r3527@dhcp-81: root | 2006-08-02 15:33:07 -0700 2006-08-04 18:13:59 +00:00
usr.sbin.dhcpd r3527@dhcp-81: root | 2006-08-02 15:33:07 -0700 2006-08-04 18:13:59 +00:00
usr.sbin.httpd2-prefork r3527@dhcp-81: root | 2006-08-02 15:33:07 -0700 2006-08-04 18:13:59 +00:00
usr.sbin.imapd Update svn:keywords properties. 2006-04-12 20:35:41 +00:00
usr.sbin.in.fingerd r3527@dhcp-81: root | 2006-08-02 15:33:07 -0700 2006-08-04 18:13:59 +00:00
usr.sbin.in.ftpd Update svn:keywords properties. 2006-04-12 20:35:41 +00:00
usr.sbin.in.ntalkd Update svn:keywords properties. 2006-04-12 20:35:41 +00:00
usr.sbin.ipop2d r3527@dhcp-81: root | 2006-08-02 15:33:07 -0700 2006-08-04 18:13:59 +00:00
usr.sbin.ipop3d r3527@dhcp-81: root | 2006-08-02 15:33:07 -0700 2006-08-04 18:13:59 +00:00
usr.sbin.lighttpd r3527@dhcp-81: root | 2006-08-02 15:33:07 -0700 2006-08-04 18:13:59 +00:00
usr.sbin.mysqld Import the rest of the core functionality of the internal apparmor 2006-04-11 21:52:54 +00:00
usr.sbin.nmbd Update svn:keywords properties. 2006-04-12 20:35:41 +00:00
usr.sbin.oidentd darix noticed I had forgotten the svn:keywords property on all my new files and cut-n-waste was blaming steve for all these files 2006-05-02 21:41:28 +00:00
usr.sbin.postalias r3527@dhcp-81: root | 2006-08-02 15:33:07 -0700 2006-08-04 18:13:59 +00:00
usr.sbin.postdrop r3527@dhcp-81: root | 2006-08-02 15:33:07 -0700 2006-08-04 18:13:59 +00:00
usr.sbin.postmap r3527@dhcp-81: root | 2006-08-02 15:33:07 -0700 2006-08-04 18:13:59 +00:00
usr.sbin.postqueue r3527@dhcp-81: root | 2006-08-02 15:33:07 -0700 2006-08-04 18:13:59 +00:00
usr.sbin.sendmail r3527@dhcp-81: root | 2006-08-02 15:33:07 -0700 2006-08-04 18:13:59 +00:00
usr.sbin.sendmail.postfix r3527@dhcp-81: root | 2006-08-02 15:33:07 -0700 2006-08-04 18:13:59 +00:00
usr.sbin.sendmail.sendmail r3527@dhcp-81: root | 2006-08-02 15:33:07 -0700 2006-08-04 18:13:59 +00:00
usr.sbin.smbd Update svn:keywords properties. 2006-04-12 20:35:41 +00:00
usr.sbin.spamd r3527@dhcp-81: root | 2006-08-02 15:33:07 -0700 2006-08-04 18:13:59 +00:00
usr.sbin.squid r3527@dhcp-81: root | 2006-08-02 15:33:07 -0700 2006-08-04 18:13:59 +00:00
usr.sbin.sshd r3527@dhcp-81: root | 2006-08-02 15:33:07 -0700 2006-08-04 18:13:59 +00:00
usr.sbin.useradd r3527@dhcp-81: root | 2006-08-02 15:33:07 -0700 2006-08-04 18:13:59 +00:00
usr.sbin.userdel r3527@dhcp-81: root | 2006-08-02 15:33:07 -0700 2006-08-04 18:13:59 +00:00
usr.sbin.vsftpd r3527@dhcp-81: root | 2006-08-02 15:33:07 -0700 2006-08-04 18:13:59 +00:00
usr.sbin.xinetd r3527@dhcp-81: root | 2006-08-02 15:33:07 -0700 2006-08-04 18:13:59 +00:00
usr.X11R6.bin.acroread r3527@dhcp-81: root | 2006-08-02 15:33:07 -0700 2006-08-04 18:13:59 +00:00
usr.X11R6.bin.ethereal r3527@dhcp-81: root | 2006-08-02 15:33:07 -0700 2006-08-04 18:13:59 +00:00
usr.X11R6.bin.xfs r3527@dhcp-81: root | 2006-08-02 15:33:07 -0700 2006-08-04 18:13:59 +00:00

README 

The profiles in this directory are not turned on by default because they
are not as mature as the profiles in /etc/apparmor.d/.

In some cases, it is because the profile hasn't been updated to work
with newer code; in other cases, it because any benefit provided by the
profile is much less than the potential for causing problems.

In short, feel free to try these profiles if you wish, but be aware that
they may not work on default configurations, let alone your specific
configuration.

To use, for example, the postfix profiles, we recommend running commands
such as:

  # cd /etc/apparmor/profiles/extras
  # mv *postfix* usr.sbin.post* /etc/apparmor.d/
  # mv usr.bin.procmail usr.sbin.sendmail /etc/apparmor.d/
  # aa-complain /etc/apparmor.d/*postfix*
  # aa-complain /etc/apparmor.d/usr.sbin.post*
  # aa-complain /etc/apparmor.d/usr.bin.procmail
  # aa-complain /etc/apparmor.d/usr.sbin.sendmail
  # rcpostfix restart
  # rcapparmor restart
    <use postfix>
  # aa-logprof
    <answer some questions>

Once you've used the profiles enough to feel confident that they will
work for your situation, then run commands such as the following:

  # aa-enforce /etc/apparmor.d/*postfix*
  # aa-enforce /etc/apparmor.d/usr.sbin.post*
  # aa-enforce /etc/apparmor.d/usr.bin.procmail 
  # aa-enforce /etc/apparmor.d/usr.sbin.sendmail

You may use the aa-unconfined tool to make sure your profiles are
working as you expect.

Feedback on these unsupported profiles is welcomed; any
contributions for this directory should be clearly licensed
-- we recommend using the GPL. Please mail suggestions or
modifications to the apparmor-general@forge.novell.com mail list:
http://forge.novell.com/mailman/listinfo/apparmor-general

Thanks