mirror of
https://github.com/trailofbits/algo
synced 2024-11-13 19:12:06 +00:00
27 lines
517 B
Django/Jinja
27 lines
517 B
Django/Jinja
#include <tunables/global>
|
|
|
|
/usr/sbin/dnsmasq {
|
|
#include <abstractions/base>
|
|
#include <abstractions/nameservice>
|
|
|
|
capability net_bind_service,
|
|
capability setgid,
|
|
capability setuid,
|
|
capability dac_override,
|
|
network inet raw,
|
|
|
|
/etc/dnsmasq.conf r,
|
|
/etc/dnsmasq.d/ r,
|
|
/etc/dnsmasq.d/* r,
|
|
/var/lib/dnsmasq/ r,
|
|
/var/lib/dnsmasq/block.hosts r,
|
|
|
|
/usr/sbin/dnsmasq mr,
|
|
|
|
/{,var/}run/*dnsmasq*.pid w,
|
|
/{,var/}run/dnsmasq-forwarders.conf r,
|
|
/{,var/}run/dnsmasq/ r,
|
|
/{,var/}run/dnsmasq/* rw,
|
|
|
|
}
|