mirror of
https://gitlab.com/apparmor/apparmor.git
synced 2025-03-06 17:31:01 +01:00
80 lines
2.4 KiB
Text
80 lines
2.4 KiB
Text
# ------------------------------------------------------------------
|
|
#
|
|
# Copyright (C) 2002-2009 Novell/SUSE
|
|
# Copyright (C) 2009 Canonical Ltd.
|
|
#
|
|
# This program is free software; you can redistribute it and/or
|
|
# modify it under the terms of version 2 of the GNU General Public
|
|
# License published by the Free Software Foundation.
|
|
#
|
|
# ------------------------------------------------------------------
|
|
|
|
# Many programs wish to perform nameservice-like operations, such as
|
|
# looking up users by name or id, groups by name or id, hosts by name
|
|
# or IP, etc. These operations may be performed through files, dns,
|
|
# NIS, NIS+, LDAP, hesiod, wins, etc. Allow them all here.
|
|
/etc/group r,
|
|
/etc/host.conf r,
|
|
/etc/hosts r,
|
|
/etc/ldap.conf r,
|
|
/etc/ldap.secret r,
|
|
/etc/nsswitch.conf r,
|
|
/etc/gai.conf r,
|
|
/etc/passwd r,
|
|
/etc/protocols r,
|
|
|
|
/etc/resolv.conf r,
|
|
# on systems using resolvconf, /etc/resolv.conf is a symlink to
|
|
# /var/run/resolvconf/resolv.conf and a file sometimes referenced in
|
|
# /etc/resolvconf/run/resolv.conf
|
|
/var/run/resolvconf/resolv.conf r,
|
|
/etc/resolvconf/run/resolv.conf r,
|
|
|
|
/etc/samba/lmhosts r,
|
|
/etc/services r,
|
|
# all openldap config
|
|
/etc/openldap/* r,
|
|
/etc/ldap/** r,
|
|
# db backend
|
|
/var/lib/misc/*.db r,
|
|
# The Name Service Cache Daemon can cache lookups, sometimes leading
|
|
# to vast speed increases when working with network-based lookups.
|
|
/var/run/.nscd_socket rw,
|
|
/var/run/nscd/socket rw,
|
|
/var/{db,cache,run}/nscd/{passwd,group,services,host} r,
|
|
# nscd renames and unlinks files in it's operation that clients will
|
|
# have open
|
|
/var/run/nscd/db* rmix,
|
|
|
|
# The nss libraries are sometimes used in addition to PAM; make sure
|
|
# they are available
|
|
/lib{,32,64}/libnss_*.so* mr,
|
|
/usr/lib{,32,64}/libnss_*.so* mr,
|
|
/etc/default/nss r,
|
|
|
|
# avahi-daemon is used for mdns4 resolution
|
|
/var/run/avahi-daemon/socket w,
|
|
|
|
# nis
|
|
#include <abstractions/nis>
|
|
|
|
# winbind
|
|
#include <abstractions/winbind>
|
|
|
|
# likewise
|
|
#include <abstractions/likewise>
|
|
|
|
# mdnsd
|
|
#include <abstractions/mdns>
|
|
|
|
# kerberos
|
|
#include <abstractions/kerberosclient>
|
|
|
|
# TCP/UDP network access
|
|
network inet stream,
|
|
network inet6 stream,
|
|
network inet dgram,
|
|
network inet6 dgram,
|
|
|
|
# interface details
|
|
@{PROC}/*/net/route r,
|