apparmor/profiles/apparmor.d/hostname

#------------------------------------------------------------------
#    Copyright (C) 2025 Canonical Ltd.
#
#    This program is free software; you can redistribute it and/or
#    modify it under the terms of version 2 of the GNU General Public
#    License published by the Free Software Foundation.
#------------------------------------------------------------------
# vim: ft=apparmor
#

abi <abi/4.0>,

include <tunables/global>

@{bin}={/usr,}/bin
@{exec}={hostname,domainname,ypdomainname,nisdomainname,dnsdomainname}

profile hostname @{bin}/@{exec} {
  include <abstractions/base>
  include <abstractions/nameservice-strict>

  # set hostname, -F
  capability sys_admin,
  
  @{bin}/@{exec} mr,

  network netlink raw,
  network inet dgram,
  network inet6 dgram,

  file r /etc/hostname,

  # Site-specific additions and overrides. See local/README for details.
  include if exists <local/hostname>
}
profiles: add profile for hostname 2025-05-12 12:35:27 +00:00			`#------------------------------------------------------------------`
			`# Copyright (C) 2025 Canonical Ltd.`
			`#`
			`# This program is free software; you can redistribute it and/or`
			`# modify it under the terms of version 2 of the GNU General Public`
			`# License published by the Free Software Foundation.`
			`#------------------------------------------------------------------`
			`# vim: ft=apparmor`
			`#`

			`abi <abi/4.0>,`

			`include <tunables/global>`

			`@{bin}={/usr,}/bin`
			`@{exec}={hostname,domainname,ypdomainname,nisdomainname,dnsdomainname}`

			`profile hostname @{bin}/@{exec} {`
			`include <abstractions/base>`
			`include <abstractions/nameservice-strict>`

			`# set hostname, -F`
			`capability sys_admin,`

			`@{bin}/@{exec} mr,`

			`network netlink raw,`
			`network inet dgram,`
			`network inet6 dgram,`

			`file r /etc/hostname,`

			`# Site-specific additions and overrides. See local/README for details.`
			`include if exists <local/hostname>`
			`}`