lokinet/contrib/apparmor/usr.bin.lokinet

28 lines
634 B
Plaintext
Raw Permalink Normal View History

# Last Modified: Fri 05 Feb 2021 08:13:58 PM UTC
2019-05-05 13:23:15 +00:00
#include <tunables/global>
profile lokinet /usr/bin/lokinet {
2019-05-05 13:23:15 +00:00
#include <abstractions/base>
#include <abstractions/nameservice>
2019-05-05 13:23:15 +00:00
capability net_admin,
capability net_bind_service,
network inet dgram,
network inet6 dgram,
network netlink raw,
/etc/loki/lokinet.ini r,
2019-05-05 13:23:15 +00:00
/dev/net/tun rw,
2019-05-05 18:03:09 +00:00
/usr/bin/lokinet mr,
owner /{var/,}lib/lokinet/ rw,
owner /{var/,}lib/lokinet/** rwk,
owner ${HOME}/.lokinet/ rw,
owner ${HOME}/.lokinet/** rwk,
owner @{PROC}/@{pid}/task/@{pid}/comm rw,
owner /tmp/lokinet.*/{**,} rw,
2019-05-05 13:23:15 +00:00
#include if exists <local/usr.bin.lokinet>
2019-05-05 13:23:15 +00:00
}