mirror of
https://gitlab.com/apparmor/apparmor.git
synced 2025-03-06 17:31:01 +01:00
27 lines
695 B
Text
27 lines
695 B
Text
# vim:syntax=apparmor
|
|
|
|
# This file contains basic permissions for Apache and every vHost
|
|
|
|
#include <abstractions/nameservice>
|
|
|
|
# Allow unconfined processes to send us signals by default
|
|
signal (receive) peer=unconfined,
|
|
# Allow apache to send us signals by default
|
|
signal (receive) peer=/usr/sbin/apache2,
|
|
# Allow us to signal ourselves
|
|
signal peer=@{profile_name},
|
|
|
|
# Apache
|
|
network inet stream,
|
|
network inet6 stream,
|
|
# apache manual, error pages and icons
|
|
/usr/share/apache2/** r,
|
|
|
|
# changehat itself
|
|
@{PROC}/@{pid}/attr/current rw,
|
|
|
|
# htaccess files - for what ever it is worth
|
|
/**/.htaccess r,
|
|
|
|
/dev/urandom r,
|
|
|