mir/apparmor
2
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor synced 2025-08-22 10:07:12 +00:00
Code Issues Releases Wiki Activity

backport nscd profile additions from 2.9 branch

Browse Source 
The most important change is /proc/[0-9]*/cmdline to allow paranoid mode.


Acked-by: Seth Arnold <seth.arnold@canonical.com>
This commit is contained in:
Christian Boltz 2016-04-15 23:05:27 +02:00
parent d8a6681b2e
commit 6e4fa53b79
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
profiles/apparmor.d/usr.sbin.nscd
View File

@ -34,9 +34,10 @@
/{,var/}run/nscd/ rw, /{,var/}run/nscd/ rw,
/{,var/}run/nscd/db* rwl, /{,var/}run/nscd/db* rwl,
/{,var/}run/nscd/socket wl, /{,var/}run/nscd/socket wl,
/var/{cache,run}/nscd/{passwd,group,services,hosts,netgroup} rw, /{var/cache,var/run,run}/nscd/{passwd,group,services,hosts,netgroup} rw,
/{,var/}run/{nscd/,}nscd.pid rwl, /{,var/}run/{nscd/,}nscd.pid rwl,
/var/log/nscd.log rw, /var/log/nscd.log rw,
@{PROC}/[0-9]*/cmdline r,
@{PROC}/[0-9]*/fd/ r, @{PROC}/[0-9]*/fd/ r,
@{PROC}/[0-9]*/fd/* r, @{PROC}/[0-9]*/fd/* r,
@{PROC}/[0-9]*/maps r, @{PROC}/[0-9]*/maps r,