diff options
author | Julien Morvan <julien.morvan@outlook.com> | 2015-08-17 09:23:39 +0000 |
---|---|---|
committer | Julien Morvan <julien.morvan@outlook.com> | 2015-08-17 09:23:39 +0000 |
commit | c36169b334c725ab3e626cf32617da7b87ee6594 (patch) | |
tree | edf22a77d248b54a2b6584e6c41d01a66090392d | |
parent | 01d39499bb3af0674917c7dabb3b202427273ba8 (diff) | |
download | gnunet-c36169b334c725ab3e626cf32617da7b87ee6594.tar.gz gnunet-c36169b334c725ab3e626cf32617da7b87ee6594.zip |
112 files changed, 1326 insertions, 735 deletions
diff --git a/contrib/apparmor/abstractions/gnunet-common b/contrib/apparmor/abstractions/gnunet-common index 7d7515d80..3bf6806f5 100644 --- a/contrib/apparmor/abstractions/gnunet-common +++ b/contrib/apparmor/abstractions/gnunet-common | |||
@@ -1,34 +1,12 @@ | |||
1 | # This files contains common permissions for gnunet | 1 | # This files contains common permissions for gnunet |
2 | 2 | ||
3 | /usr/share/zoneinfo/ r, | 3 | #GNUnet configuration file |
4 | /usr/share/zoneinfo/** r, | 4 | @{GNUNET_PREFIX}/share/gnunet/config.d/ r, |
5 | @{GNUNET_PREFIX}/share/gnunet/config.d/*.conf r, | ||
5 | 6 | ||
6 | /dev/urandom r, | 7 | /etc/gnunet.conf r, |
7 | 8 | @{HOME}/.config/gnunet.conf r, | |
8 | /etc/ld.so.cache r, | 9 | owner @{GNUNET_USER}/.config/gnunet.conf r, |
9 | |||
10 | @{PROC}/@{pid}/maps r, | ||
11 | |||
12 | #Gnunet configuration file | ||
13 | /usr/local/share/gnunet/config.d/ r, | ||
14 | /usr/local/share/gnunet/config.d/*.conf r, | ||
15 | |||
16 | /etc/gnunet.conf r, | ||
17 | owner @{HOME}/.config/gnunet.conf r, | ||
18 | |||
19 | #Librairies | ||
20 | /usr/lib/libc-*.so mr, | ||
21 | /usr/lib/libdl-*.so mr, | ||
22 | /usr/lib/libgcrypt.so.* mr, | ||
23 | /usr/lib/libltdl.so.* mr, | ||
24 | /usr/lib/libgpg-error.so.* mr, | ||
25 | /usr/lib/libm-*.so mr, | ||
26 | /usr/lib/libunistring.so.* mr, | ||
27 | /usr/lib/libz.so.* mr, | ||
28 | 10 | ||
29 | #Gnunet librairies | 11 | #GNUnet librairies |
30 | /usr/local/lib/libgnunetutil.so.* mr, | 12 | @{GNUNET_PREFIX}/lib/libgnunet*.so.* mr, |
31 | |||
32 | #For testbed (if the /tmp directory is used) | ||
33 | /tmp/testbed*/ rw, | ||
34 | /tmp/testbed*/** rwk, | ||
diff --git a/contrib/apparmor/abstractions/gnunet-db b/contrib/apparmor/abstractions/gnunet-db new file mode 100644 index 000000000..73b869dca --- /dev/null +++ b/contrib/apparmor/abstractions/gnunet-db | |||
@@ -0,0 +1,8 @@ | |||
1 | # gnunet-db | ||
2 | @{GNUNET_USER}/.local/share/gnunet/namestore/ ra, | ||
3 | @{GNUNET_USER}/.local/share/gnunet/namestore/sqlite.db rwk, | ||
4 | @{GNUNET_USER}/.local/share/gnunet/namestore/sqlite.db-journal rw, | ||
5 | |||
6 | @{HOME}/.local/share/gnunet/namestore/ r, | ||
7 | @{HOME}/.local/share/gnunet/namestore/sqlite.db rwk, | ||
8 | @{HOME}/.local/share/gnunet/namestore/sqlite.db-journal rw, | ||
diff --git a/contrib/apparmor/abstractions/gnunet-gtk b/contrib/apparmor/abstractions/gnunet-gtk new file mode 100644 index 000000000..bf47adc0c --- /dev/null +++ b/contrib/apparmor/abstractions/gnunet-gtk | |||
@@ -0,0 +1,10 @@ | |||
1 | # gnunet-gtk | ||
2 | |||
3 | #include <abstractions/gnunet-common> | ||
4 | |||
5 | @{PROC}/@{pid}/cmdline r, | ||
6 | |||
7 | /usr/share/gtk-*/settings.ini r, | ||
8 | |||
9 | @{GNUNET_PREFIX}/share/gnunet-gtk/config.d/ r, | ||
10 | @{GNUNET_PREFIX}/share/gnunet-gtk/config.d/gnunet-*-gtk.conf r, | ||
diff --git a/contrib/apparmor/abstractions/gnunet-libaudio b/contrib/apparmor/abstractions/gnunet-libaudio deleted file mode 100644 index 6dda03573..000000000 --- a/contrib/apparmor/abstractions/gnunet-libaudio +++ /dev/null | |||
@@ -1,23 +0,0 @@ | |||
1 | /usr/lib/libFLAC.so.* mr, | ||
2 | /usr/lib/libXau.so.* mr, | ||
3 | /usr/lib/libXdmcp.so.* mr, | ||
4 | /usr/lib/libasyncns.so.* mr, | ||
5 | /usr/lib/libattr.so.* mr, | ||
6 | /usr/lib/libcap.so.* mr, | ||
7 | /usr/lib/libdbus-1.so.* mr, | ||
8 | /usr/lib/libjson-c.so.* mr, | ||
9 | /usr/lib/liblz4.so.* mr, | ||
10 | /usr/lib/liblzma.so.* mr, | ||
11 | /usr/lib/libnsl-*.so mr, | ||
12 | /usr/lib/libogg.so.* mr, | ||
13 | /usr/lib/libopus.so.* mr, | ||
14 | /usr/lib/libpthread-*.so mr, | ||
15 | /usr/lib/libpulse.so.* mr, | ||
16 | /usr/lib/libresolv-*.so mr, | ||
17 | /usr/lib/librt-*.so mr, | ||
18 | /usr/lib/libsndfile.so.* mr, | ||
19 | /usr/lib/libsystemd.so.* mr, | ||
20 | /usr/lib/libvorbis.so.* mr, | ||
21 | /usr/lib/libvorbisenc.so.* mr, | ||
22 | /usr/lib/libxcb.so.* mr, | ||
23 | /usr/lib/pulseaudio/libpulsecommon-*.so mr, | ||
diff --git a/contrib/apparmor/abstractions/gnunet-sgid b/contrib/apparmor/abstractions/gnunet-sgid new file mode 100644 index 000000000..b1a7655b1 --- /dev/null +++ b/contrib/apparmor/abstractions/gnunet-sgid | |||
@@ -0,0 +1 @@ | |||
# gnunet-sgid | |||
diff --git a/contrib/apparmor/abstractions/gnunet-suid b/contrib/apparmor/abstractions/gnunet-suid new file mode 100644 index 000000000..a9310734c --- /dev/null +++ b/contrib/apparmor/abstractions/gnunet-suid | |||
@@ -0,0 +1,15 @@ | |||
1 | # gnunet-suid | ||
2 | |||
3 | /etc/ld.so.cache mr, | ||
4 | /lib{,32,64}/ld{,32,64}-*.so mrix, | ||
5 | /lib{,32,64}/**/ld{,32,64}-*.so mrix, | ||
6 | /lib/@{multiarch}/ld{,32,64}-*.so mrix, | ||
7 | /lib/tls/i686/{cmov,nosegneg}/ld-*.so mrix, | ||
8 | /lib/i386-linux-gnu/tls/i686/{cmov,nosegneg}/ld-*.so mrix, | ||
9 | /opt/*-linux-uclibc/lib/ld-uClibc*so* mrix, | ||
10 | |||
11 | @{LIBPRE}@{LIBDIRS}/** r, | ||
12 | @{LIBPRE}@{LIBDIRS}/@{LIBS}.so* mr, | ||
13 | @{LIBPRE}@{LIBDIRS}/**/@{LIBS}.so* mr, | ||
14 | /lib/tls/i686/{cmov,nosegneg}/@{LIBS}.so* mr, | ||
15 | /lib/i386-linux-gnu/tls/i686/{cmov,nosegneg}/@{LIBS}.so* mr, | ||
diff --git a/contrib/apparmor/abstractions/gnunet-test b/contrib/apparmor/abstractions/gnunet-test new file mode 100644 index 000000000..8daf3ea9c --- /dev/null +++ b/contrib/apparmor/abstractions/gnunet-test | |||
@@ -0,0 +1,13 @@ | |||
1 | |||
2 | #testbed (if the /tmp directory is used) | ||
3 | /tmp/testbed*/ rw, | ||
4 | /tmp/testbed*/** rwk, | ||
5 | |||
6 | #testbed helper | ||
7 | /tmp/testbed-helper*/ rw, | ||
8 | |||
9 | #gnunet-testing | ||
10 | /tmp/gnunet-testing* rw, | ||
11 | /tmp/gnunet_service_test*/ rw, | ||
12 | /tmp/gnunet_service_test*/** rw, | ||
13 | |||
diff --git a/contrib/apparmor/gnunet-arm b/contrib/apparmor/gnunet-arm index d969f6af1..8e2fdd426 100644 --- a/contrib/apparmor/gnunet-arm +++ b/contrib/apparmor/gnunet-arm | |||
@@ -3,26 +3,19 @@ | |||
3 | #include <tunables/gnunet> | 3 | #include <tunables/gnunet> |
4 | 4 | ||
5 | profile @{GNUNET_PREFIX}/bin/gnunet-arm { | 5 | profile @{GNUNET_PREFIX}/bin/gnunet-arm { |
6 | #include <abstractions/base> | ||
6 | #include <abstractions/gnunet-common> | 7 | #include <abstractions/gnunet-common> |
7 | 8 | ||
8 | @{GNUNET_PREFIX}/bin/gnunet-arm mr, | 9 | @{GNUNET_PREFIX}/bin/gnunet-arm mr, |
9 | 10 | ||
10 | /usr/lib/gconv/gconv-modules r, | ||
11 | |||
12 | @{GNUNET_PREFIX}/lib/libgnunetarm.so.* mr, | 11 | @{GNUNET_PREFIX}/lib/libgnunetarm.so.* mr, |
13 | 12 | ||
14 | /dev/null ra, | 13 | #GNUnet service |
15 | |||
16 | /usr/lib/locale/locale-archive r, | ||
17 | |||
18 | /usr/share/locale/locale.alias r, | ||
19 | /usr/share/locale/fr/LC_MESSAGES/libc.mo r, | ||
20 | |||
21 | #Gnunet service | ||
22 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-arm Px , | 14 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-arm Px , |
23 | 15 | ||
24 | /tmp/gnunet-*-runtime/ rw, | 16 | /tmp/gnunet-*-runtime/ rw, |
25 | /tmp/gnunet-*-runtime/gnunet-service-arm.sock rw, | 17 | /tmp/gnunet-*-runtime/gnunet-service-arm.sock rw, |
26 | 18 | ||
27 | #/tmp/gnunet-gnunet-runtime/* rw, | 19 | # Site-specific additions and overrides. See local/README for details. |
20 | #include <local/gnunet> | ||
28 | } | 21 | } |
diff --git a/contrib/apparmor/gnunet-ats b/contrib/apparmor/gnunet-ats new file mode 100644 index 000000000..2c69b4ec0 --- /dev/null +++ b/contrib/apparmor/gnunet-ats | |||
@@ -0,0 +1,15 @@ | |||
1 | # Last Modified: Wed Aug 5 15:08:43 2015 | ||
2 | #include <tunables/global> | ||
3 | #include <tunables/gnunet> | ||
4 | |||
5 | profile @{GNUNET_PREFIX}/bin/gnunet-ats { | ||
6 | #include <abstractions/base> | ||
7 | #include <abstractions/gnunet-common> | ||
8 | |||
9 | @{HOME}/.config/gnunet.conf r, | ||
10 | |||
11 | @{GNUNET_PREFIX}/bin/gnunet-ats mr, | ||
12 | |||
13 | # Site-specific additions and overrides. See local/README for details. | ||
14 | #include <local/gnunet> | ||
15 | } | ||
diff --git a/contrib/apparmor/gnunet-auto-share b/contrib/apparmor/gnunet-auto-share new file mode 100644 index 000000000..0206acf39 --- /dev/null +++ b/contrib/apparmor/gnunet-auto-share | |||
@@ -0,0 +1,27 @@ | |||
1 | # Last Modified: Thu Aug 6 11:44:37 2015 | ||
2 | #include <tunables/global> | ||
3 | #include <tunables/gnunet> | ||
4 | |||
5 | profile @{GNUNET_PREFIX}/bin/gnunet-auto-share { | ||
6 | #include <abstractions/base> | ||
7 | #include <abstractions/gnunet-common> | ||
8 | |||
9 | @{HOME}/.config/gnunet.conf r, | ||
10 | |||
11 | #Directory access(?) | ||
12 | @{HOME}/gnunet-fs/ r, | ||
13 | @{HOME}/gnunet-fs/.auto-share rw, | ||
14 | |||
15 | @{GNUNET_PREFIX}/bin/gnunet-auto-share mr, | ||
16 | |||
17 | @{GNUNET_PREFIX}/bin/gnunet-publish Px, | ||
18 | |||
19 | @{GNUNET_PREFIX}/lib/libgnunetutil.so.* mr, | ||
20 | |||
21 | @{GNUNET_PREFIX}/share/gnunet/config.d/ r, | ||
22 | @{GNUNET_PREFIX}/share/gnunet/config.d/*.conf r, | ||
23 | |||
24 | # Site-specific additions and overrides. See local/README for details. | ||
25 | #include <local/gnunet> | ||
26 | |||
27 | } | ||
diff --git a/contrib/apparmor/gnunet-bcd b/contrib/apparmor/gnunet-bcd new file mode 100644 index 000000000..2173e03b5 --- /dev/null +++ b/contrib/apparmor/gnunet-bcd | |||
@@ -0,0 +1,14 @@ | |||
1 | # Last Modified: Thu Aug 6 11:50:51 2015 | ||
2 | #include <tunables/global> | ||
3 | #include <tunables/gnunet> | ||
4 | |||
5 | profile @{GNUNET_PREFIX}/bin/gnunet-bcd { | ||
6 | #include <abstractions/base> | ||
7 | #include <abstractions/gnunet-common> | ||
8 | |||
9 | @{GNUNET_PREFIX}/bin/gnunet-bcd mr, | ||
10 | |||
11 | # Site-specific additions and overrides. See local/README for details. | ||
12 | #include <local/gnunet> | ||
13 | |||
14 | } | ||
diff --git a/contrib/apparmor/gnunet-cadet b/contrib/apparmor/gnunet-cadet new file mode 100644 index 000000000..ef82d742a --- /dev/null +++ b/contrib/apparmor/gnunet-cadet | |||
@@ -0,0 +1,13 @@ | |||
1 | # Last Modified: Thu Aug 6 11:59:53 2015 | ||
2 | #include <tunables/global> | ||
3 | #include <tunables/gnunet> | ||
4 | |||
5 | profile @{GNUNET_PREFIX}/bin/gnunet-cadet { | ||
6 | #include <abstractions/base> | ||
7 | #include <abstractions/gnunet-common> | ||
8 | |||
9 | @{GNUNET_PREFIX}/bin/gnunet-cadet mr, | ||
10 | |||
11 | # Site-specific additions and overrides. See local/README for details. | ||
12 | #include <local/gnunet> | ||
13 | } | ||
diff --git a/contrib/apparmor/gnunet-config b/contrib/apparmor/gnunet-config new file mode 100644 index 000000000..28aef4259 --- /dev/null +++ b/contrib/apparmor/gnunet-config | |||
@@ -0,0 +1,13 @@ | |||
1 | # Last Modified: Fri Aug 7 15:36:02 2015 | ||
2 | #include <tunables/global> | ||
3 | #include <tunables/gnunet> | ||
4 | |||
5 | profile @{GNUNET_PREFIX}/bin/gnunet-config { | ||
6 | #include <abstractions/base> | ||
7 | #include <abstractions/gnunet-common> | ||
8 | |||
9 | @{GNUNET_PREFIX}/bin/gnunet-config mr, | ||
10 | |||
11 | # Site-specific additions and overrides. See local/README for details. | ||
12 | #include <local/gnunet> | ||
13 | } | ||
diff --git a/contrib/apparmor/gnunet-conversation b/contrib/apparmor/gnunet-conversation new file mode 100644 index 000000000..7c14fc382 --- /dev/null +++ b/contrib/apparmor/gnunet-conversation | |||
@@ -0,0 +1,13 @@ | |||
1 | # Last Modified: Fri Aug 7 15:41:05 2015 | ||
2 | #include <tunables/global> | ||
3 | #include <tunables/gnunet> | ||
4 | |||
5 | profile @{GNUNET_PREFIX}/bin/gnunet-conversation { | ||
6 | #include <abstractions/base> | ||
7 | #include <abstractions/gnunet-common> | ||
8 | |||
9 | @{GNUNET_PREFIX}/bin/gnunet-conversation mr, | ||
10 | |||
11 | # Site-specific additions and overrides. See local/README for details. | ||
12 | #include <local/gnunet> | ||
13 | } | ||
diff --git a/contrib/apparmor/gnunet-conversation-gtk b/contrib/apparmor/gnunet-conversation-gtk new file mode 100644 index 000000000..676cb198d --- /dev/null +++ b/contrib/apparmor/gnunet-conversation-gtk | |||
@@ -0,0 +1,26 @@ | |||
1 | # Last Modified: Tue Aug 4 16:59:51 2015 | ||
2 | #include <tunables/global> | ||
3 | #include <tunables/gnunet> | ||
4 | |||
5 | profile @{GNUNET_PREFIX}/bin/gnunet-conversation-gtk { | ||
6 | #include <abstractions/kde> | ||
7 | #include <abstractions/gnome> | ||
8 | #include <abstractions/gnunet-gtk> | ||
9 | |||
10 | @{GNUNET_PREFIX}/bin/gnunet-conversation-gtk mr, | ||
11 | |||
12 | @{GNUNET_PREFIX}/lib/gnunet/ r, | ||
13 | # @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_gnsrecord_conversation.la r, | ||
14 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_gnsrecord_conversation.so mr, | ||
15 | # @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_gnsrecord_dns.la r, | ||
16 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_gnsrecord_dns.so mr, | ||
17 | # @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_gnsrecord_gns.la r, | ||
18 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_gnsrecord_gns.so mr, | ||
19 | |||
20 | @{GNUNET_PREFIX}/share/gnunet-gtk/gnunet_conversation_gtk_main_window.glade r, | ||
21 | |||
22 | @{HOME}/.local/share/gnunet/private_key.ecc rk, | ||
23 | |||
24 | # Site-specific additions and overrides. See local/README for details. | ||
25 | #include <local/gnunet> | ||
26 | } | ||
diff --git a/contrib/apparmor/gnunet-conversation-test b/contrib/apparmor/gnunet-conversation-test new file mode 100644 index 000000000..7eefec2ce --- /dev/null +++ b/contrib/apparmor/gnunet-conversation-test | |||
@@ -0,0 +1,16 @@ | |||
1 | # Last Modified: Fri Aug 7 16:02:29 2015 | ||
2 | #include <tunables/global> | ||
3 | #include <tunables/gnunet> | ||
4 | |||
5 | profile @{GNUNET_PREFIX}/bin/gnunet-conversation-test { | ||
6 | #include <abstractions/base> | ||
7 | #include <abstractions/gnunet-common> | ||
8 | |||
9 | @{GNUNET_PREFIX}/bin/gnunet-conversation-test mr, | ||
10 | |||
11 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-helper-audio-playback Px, | ||
12 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-helper-audio-record Px, | ||
13 | |||
14 | # Site-specific additions and overrides. See local/README for details. | ||
15 | #include <local/gnunet> | ||
16 | } | ||
diff --git a/contrib/apparmor/gnunet-core b/contrib/apparmor/gnunet-core new file mode 100644 index 000000000..83b1f3f83 --- /dev/null +++ b/contrib/apparmor/gnunet-core | |||
@@ -0,0 +1,13 @@ | |||
1 | # Last Modified: Fri Aug 7 16:12:14 2015 | ||
2 | #include <tunables/global> | ||
3 | #include <tunables/gnunet> | ||
4 | |||
5 | profile @{GNUNET_PREFIX}/bin/gnunet-core { | ||
6 | #include <abstractions/base> | ||
7 | #include <abstractions/gnunet-common> | ||
8 | |||
9 | @{GNUNET_PREFIX}/bin/gnunet-core mr, | ||
10 | |||
11 | # Site-specific additions and overrides. See local/README for details. | ||
12 | #include <local/gnunet> | ||
13 | } | ||
diff --git a/contrib/apparmor/gnunet-daemon-exit b/contrib/apparmor/gnunet-daemon-exit index 95f1c57d8..3c5b99557 100644 --- a/contrib/apparmor/gnunet-daemon-exit +++ b/contrib/apparmor/gnunet-daemon-exit | |||
@@ -3,22 +3,11 @@ | |||
3 | #include <tunables/gnunet> | 3 | #include <tunables/gnunet> |
4 | 4 | ||
5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-daemon-exit { | 5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-daemon-exit { |
6 | #include <abstractions/base> | ||
6 | #include <abstractions/gnunet-common> | 7 | #include <abstractions/gnunet-common> |
7 | 8 | ||
8 | /usr/lib/ld-*.so r, | ||
9 | |||
10 | /usr/lib/locale/locale-archive r, | ||
11 | |||
12 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-daemon-exit mr, | 9 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-daemon-exit mr, |
13 | 10 | ||
14 | #Gnunet librairies | 11 | # Site-specific additions and overrides. See local/README for details. |
15 | @{GNUNET_PREFIX}/lib/libgnunetcadet.so.* mr, | 12 | #include <local/gnunet> |
16 | @{GNUNET_PREFIX}/lib/libgnunetdht.so.* mr, | ||
17 | @{GNUNET_PREFIX}/lib/libgnunetdnsstub.so.* mr, | ||
18 | @{GNUNET_PREFIX}/lib/libgnunetregex.so.* mr, | ||
19 | @{GNUNET_PREFIX}/lib/libgnunetstatistics.so.* mr, | ||
20 | @{GNUNET_PREFIX}/lib/libgnunettun.so.* mr, | ||
21 | |||
22 | /usr/share/locale/locale.alias r, | ||
23 | |||
24 | } | 13 | } |
diff --git a/contrib/apparmor/gnunet-daemon-hostlist b/contrib/apparmor/gnunet-daemon-hostlist index 82afb3848..4e21b1b30 100644 --- a/contrib/apparmor/gnunet-daemon-hostlist +++ b/contrib/apparmor/gnunet-daemon-hostlist | |||
@@ -3,7 +3,8 @@ | |||
3 | #include <tunables/gnunet> | 3 | #include <tunables/gnunet> |
4 | 4 | ||
5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-daemon-hostlist { | 5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-daemon-hostlist { |
6 | #include <abstractions/gnunet-common> | 6 | #include <abstractions/base> |
7 | #include <abstractions/gnunet-common> | ||
7 | 8 | ||
8 | /etc/gai.conf r, | 9 | /etc/gai.conf r, |
9 | /etc/host.conf r, | 10 | /etc/host.conf r, |
@@ -11,56 +12,8 @@ profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-daemon-hostlist { | |||
11 | /etc/nsswitch.conf r, | 12 | /etc/nsswitch.conf r, |
12 | /etc/resolv.conf r, | 13 | /etc/resolv.conf r, |
13 | 14 | ||
14 | /usr/lib/gconv/gconv-modules r, | ||
15 | |||
16 | #Librairies | ||
17 | /usr/lib/ld-*.so r, | ||
18 | /usr/lib/libacl.so.* mr, | ||
19 | /usr/lib/libattr.so.* mr, | ||
20 | /usr/lib/libcap.so.* mr, | ||
21 | /usr/lib/libcom_err.so.* mr, | ||
22 | /usr/lib/libcrypto.so.* mr, | ||
23 | /usr/lib/libffi.so.* mr, | ||
24 | /usr/lib/libgmp.so.* mr, | ||
25 | /usr/lib/libgnurl.so.* mr, | ||
26 | /usr/lib/libgnutls.so.* mr, | ||
27 | /usr/lib/libgssapi_krb5.so.* mr, | ||
28 | /usr/lib/libhogweed.so.* mr, | ||
29 | /usr/lib/libidn.so.* mr, | ||
30 | /usr/lib/libk5crypto.so.* mr, | ||
31 | /usr/lib/libkeyutils.so.* mr, | ||
32 | /usr/lib/libkrb5.so.* mr, | ||
33 | /usr/lib/libkrb5support.so.* mr, | ||
34 | /usr/lib/liblz4.so.* mr, | ||
35 | /usr/lib/liblzma.so.* mr, | ||
36 | /usr/lib/libmicrohttpd.so.* mr, | ||
37 | /usr/lib/libnettle.so.* mr, | ||
38 | /usr/lib/libnss_dns-*.so mr, | ||
39 | /usr/lib/libnss_files-*.so mr, | ||
40 | /usr/lib/libnss_gns.so.* mr, | ||
41 | /usr/lib/libnss_myhostname.so.* mr, | ||
42 | /usr/lib/libp11-kit.so.* mr, | ||
43 | /usr/lib/libpthread-*.so mr, | ||
44 | /usr/lib/libresolv-*.so mr, | ||
45 | /usr/lib/librt-*.so mr, | ||
46 | /usr/lib/libseccomp.so.* mr, | ||
47 | /usr/lib/libssh2.so.* mr, | ||
48 | /usr/lib/libssl.so.* mr, | ||
49 | /usr/lib/libtasn1.so.* mr, | ||
50 | |||
51 | /usr/lib/locale/locale-archive r, | ||
52 | |||
53 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-daemon-hostlist mr, | 15 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-daemon-hostlist mr, |
54 | 16 | ||
55 | #Gnunet librairies | 17 | # Site-specific additions and overrides. See local/README for details. |
56 | @{GNUNET_PREFIX}/lib/libgnunetats.so.* mr, | 18 | #include <local/gnunet> |
57 | @{GNUNET_PREFIX}/lib/libgnunetcore.so.* mr, | ||
58 | @{GNUNET_PREFIX}/lib/libgnunethello.so.* mr, | ||
59 | @{GNUNET_PREFIX}/lib/libgnunetpeerinfo.so.* mr, | ||
60 | @{GNUNET_PREFIX}/lib/libgnunetstatistics.so.* mr, | ||
61 | @{GNUNET_PREFIX}/lib/libgnunettransport.so.* mr, | ||
62 | @{GNUNET_PREFIX}/lib/libgnunetutil.so.* mr, | ||
63 | |||
64 | /usr/share/locale/fr/LC_MESSAGES/libc.mo r, | ||
65 | /usr/share/locale/locale.alias r, | ||
66 | } | 19 | } |
diff --git a/contrib/apparmor/gnunet-daemon-latency-logger b/contrib/apparmor/gnunet-daemon-latency-logger index 38053ffec..531516f1d 100644 --- a/contrib/apparmor/gnunet-daemon-latency-logger +++ b/contrib/apparmor/gnunet-daemon-latency-logger | |||
@@ -3,15 +3,11 @@ | |||
3 | #include <tunables/gnunet> | 3 | #include <tunables/gnunet> |
4 | 4 | ||
5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-daemon-latency-logger { | 5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-daemon-latency-logger { |
6 | #include <abstractions/base> | ||
6 | #include <abstractions/gnunet-common> | 7 | #include <abstractions/gnunet-common> |
7 | 8 | ||
8 | /usr/lib/ld-*.so r, | ||
9 | /usr/lib/libpthread-*.so mr, | ||
10 | /usr/lib/libsqlite3.so.* mr, | ||
11 | /usr/lib/locale/locale-archive r, | ||
12 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-daemon-latency-logger mr, | 9 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-daemon-latency-logger mr, |
13 | @{GNUNET_PREFIX}/lib/libgnunetats.so.* mr, | 10 | |
14 | @{GNUNET_PREFIX}/lib/libgnunethello.so.* mr, | 11 | # Site-specific additions and overrides. See local/README for details. |
15 | /usr/share/locale/locale.alias r, | 12 | #include <local/gnunet> |
16 | |||
17 | } | 13 | } |
diff --git a/contrib/apparmor/gnunet-daemon-pt b/contrib/apparmor/gnunet-daemon-pt index a6460d46b..b30160c1a 100644 --- a/contrib/apparmor/gnunet-daemon-pt +++ b/contrib/apparmor/gnunet-daemon-pt | |||
@@ -3,23 +3,11 @@ | |||
3 | #include <tunables/gnunet> | 3 | #include <tunables/gnunet> |
4 | 4 | ||
5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-daemon-pt { | 5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-daemon-pt { |
6 | #include <abstractions/base> | ||
6 | #include <abstractions/gnunet-common> | 7 | #include <abstractions/gnunet-common> |
7 | 8 | ||
8 | #Librairies | ||
9 | /usr/lib/ld-*.so r, | ||
10 | /usr/lib/libidn.so.* mr, | ||
11 | |||
12 | /usr/lib/locale/locale-archive r, | ||
13 | |||
14 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-daemon-pt mr, | 9 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-daemon-pt mr, |
15 | 10 | ||
16 | #Gnunet librairies | 11 | # Site-specific additions and overrides. See local/README for details. |
17 | @{GNUNET_PREFIX}/lib/libgnunetcadet.so.* mr, | 12 | #include <local/gnunet> |
18 | @{GNUNET_PREFIX}/lib/libgnunetdht.so.* mr, | ||
19 | @{GNUNET_PREFIX}/lib/libgnunetdns.so.* mr, | ||
20 | @{GNUNET_PREFIX}/lib/libgnunetdnsparser.so.* mr, | ||
21 | @{GNUNET_PREFIX}/lib/libgnunetstatistics.so.* mr, | ||
22 | @{GNUNET_PREFIX}/lib/libgnunetvpn.so.* mr, | ||
23 | |||
24 | /usr/share/locale/locale.alias r, | ||
25 | } | 13 | } |
diff --git a/contrib/apparmor/gnunet-daemon-regexprofiler b/contrib/apparmor/gnunet-daemon-regexprofiler index eface26d1..c47533bd0 100644 --- a/contrib/apparmor/gnunet-daemon-regexprofiler +++ b/contrib/apparmor/gnunet-daemon-regexprofiler | |||
@@ -2,12 +2,12 @@ | |||
2 | #include <tunables/global> | 2 | #include <tunables/global> |
3 | #include <tunables/gnunet> | 3 | #include <tunables/gnunet> |
4 | 4 | ||
5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-daemon-regexprofiler flags=(complain) { | 5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-daemon-regexprofiler { |
6 | #include <abstractions/base> | ||
6 | #include <abstractions/gnunet-common> | 7 | #include <abstractions/gnunet-common> |
7 | 8 | ||
8 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-daemon-regexprofiler mr, | 9 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-daemon-regexprofiler mr, |
9 | @{GNUNET_PREFIX}/lib/libgnunetdht.so.* mr, | 10 | |
10 | @{GNUNET_PREFIX}/lib/libgnunetregexblock.so.* mr, | 11 | # Site-specific additions and overrides. See local/README for details. |
11 | @{GNUNET_PREFIX}/lib/libgnunetstatistics.so.* mr, | 12 | #include <local/gnunet> |
12 | |||
13 | } | 13 | } |
diff --git a/contrib/apparmor/gnunet-daemon-testbed-blacklist b/contrib/apparmor/gnunet-daemon-testbed-blacklist index 9dcfe321b..2f01531f8 100644 --- a/contrib/apparmor/gnunet-daemon-testbed-blacklist +++ b/contrib/apparmor/gnunet-daemon-testbed-blacklist | |||
@@ -2,12 +2,12 @@ | |||
2 | #include <tunables/global> | 2 | #include <tunables/global> |
3 | #include <tunables/gnunet> | 3 | #include <tunables/gnunet> |
4 | 4 | ||
5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-daemon-testbed-blacklist flags=(complain) { | 5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-daemon-testbed-blacklist { |
6 | #include <abstractions/base> | ||
6 | #include <abstractions/gnunet-common> | 7 | #include <abstractions/gnunet-common> |
7 | 8 | ||
8 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-daemon-testbed-blacklist mr, | 9 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-daemon-testbed-blacklist mr, |
9 | @{GNUNET_PREFIX}/lib/libgnunetats.so.* mr, | 10 | |
10 | @{GNUNET_PREFIX}/lib/libgnunethello.so.* mr, | 11 | # Site-specific additions and overrides. See local/README for details. |
11 | @{GNUNET_PREFIX}/lib/libgnunettransport.so.* mr, | 12 | #include <local/gnunet> |
12 | |||
13 | } | 13 | } |
diff --git a/contrib/apparmor/gnunet-daemon-testbed-underlay b/contrib/apparmor/gnunet-daemon-testbed-underlay index f11dcbca9..f9423ac7f 100644 --- a/contrib/apparmor/gnunet-daemon-testbed-underlay +++ b/contrib/apparmor/gnunet-daemon-testbed-underlay | |||
@@ -3,21 +3,11 @@ | |||
3 | #include <tunables/gnunet> | 3 | #include <tunables/gnunet> |
4 | 4 | ||
5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-daemon-testbed-underlay { | 5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-daemon-testbed-underlay { |
6 | #include <abstractions/base> | ||
6 | #include <abstractions/gnunet-common> | 7 | #include <abstractions/gnunet-common> |
7 | 8 | ||
8 | #Librairies | ||
9 | /usr/lib/ld-*.so r, | ||
10 | /usr/lib/libpthread-*.so mr, | ||
11 | /usr/lib/libsqlite3.so.* mr, | ||
12 | |||
13 | /usr/lib/locale/locale-archive r, | ||
14 | |||
15 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-daemon-testbed-underlay mr, | 9 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-daemon-testbed-underlay mr, |
16 | 10 | ||
17 | #Gnunet librairies | 11 | # Site-specific additions and overrides. See local/README for details. |
18 | @{GNUNET_PREFIX}/lib/libgnunetats.so.* mr, | 12 | #include <local/gnunet> |
19 | @{GNUNET_PREFIX}/lib/libgnunethello.so.* mr, | ||
20 | @{GNUNET_PREFIX}/lib/libgnunettransport.so.* mr, | ||
21 | |||
22 | /usr/share/locale/locale.alias r, | ||
23 | } | 13 | } |
diff --git a/contrib/apparmor/gnunet-daemon-topology b/contrib/apparmor/gnunet-daemon-topology index b8b03082c..777baa4f3 100644 --- a/contrib/apparmor/gnunet-daemon-topology +++ b/contrib/apparmor/gnunet-daemon-topology | |||
@@ -3,25 +3,11 @@ | |||
3 | #include <tunables/gnunet> | 3 | #include <tunables/gnunet> |
4 | 4 | ||
5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-daemon-topology { | 5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-daemon-topology { |
6 | #include <abstractions/base> | ||
6 | #include <abstractions/gnunet-common> | 7 | #include <abstractions/gnunet-common> |
7 | 8 | ||
8 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-daemon-topology mr, | 9 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-daemon-topology mr, |
9 | |||
10 | #Gnunet librairies | ||
11 | @{GNUNET_PREFIX}/lib/libgnunetats.so.* mr, | ||
12 | @{GNUNET_PREFIX}/lib/libgnunetfriends.so.* mr, | ||
13 | @{GNUNET_PREFIX}/lib/libgnunetcore.so.* mr, | ||
14 | @{GNUNET_PREFIX}/lib/libgnunetpeerinfo.so.* mr, | ||
15 | @{GNUNET_PREFIX}/lib/libgnunetstatistics.so.* mr, | ||
16 | @{GNUNET_PREFIX}/lib/libgnunettransport.so.* mr, | ||
17 | @{GNUNET_PREFIX}/lib/libgnunethello.so.* mr, | ||
18 | |||
19 | /usr/lib/ld-*.so r, | ||
20 | 10 | ||
21 | /usr/lib//locale/locale-archive r, | 11 | # Site-specific additions and overrides. See local/README for details. |
22 | 12 | #include <local/gnunet> | |
23 | /usr/lib/gconv/gconv-modules r, | ||
24 | |||
25 | /usr/share/locale/locale.alias r, | ||
26 | /usr/share/locale/fr/LC_MESSAGES/libc.mo r, | ||
27 | } | 13 | } |
diff --git a/contrib/apparmor/gnunet-datastore b/contrib/apparmor/gnunet-datastore new file mode 100644 index 000000000..2ade374b6 --- /dev/null +++ b/contrib/apparmor/gnunet-datastore | |||
@@ -0,0 +1,13 @@ | |||
1 | # Last Modified: Fri Aug 7 16:29:48 2015 | ||
2 | #include <tunables/global> | ||
3 | #include <tunables/gnunet> | ||
4 | |||
5 | profile @{GNUNET_PREFIX}/bin/gnunet-datastore { | ||
6 | #include <abstractions/base> | ||
7 | #include <abstractions/gnunet-common> | ||
8 | |||
9 | @{GNUNET_PREFIX}/bin/gnunet-datastore mr, | ||
10 | |||
11 | # Site-specific additions and overrides. See local/README for details. | ||
12 | #include <local/gnunet> | ||
13 | } | ||
diff --git a/contrib/apparmor/gnunet-directory b/contrib/apparmor/gnunet-directory new file mode 100644 index 000000000..caad23e7f --- /dev/null +++ b/contrib/apparmor/gnunet-directory | |||
@@ -0,0 +1,16 @@ | |||
1 | # Last Modified: Fri Aug 7 16:34:37 2015 | ||
2 | #include <tunables/global> | ||
3 | #include <tunables/gnunet> | ||
4 | |||
5 | profile @{GNUNET_PREFIX}/bin/gnunet-directory { | ||
6 | #include <abstractions/base> | ||
7 | #include <abstractions/gnunet-common> | ||
8 | |||
9 | @{GNUNET_PREFIX}/bin/gnunet-directory mr, | ||
10 | |||
11 | # Access to directory ? | ||
12 | |||
13 | |||
14 | # Site-specific additions and overrides. See local/README for details. | ||
15 | #include <local/gnunet> | ||
16 | } | ||
diff --git a/contrib/apparmor/gnunet-dns2gns b/contrib/apparmor/gnunet-dns2gns index c860d56b0..6720c102e 100644 --- a/contrib/apparmor/gnunet-dns2gns +++ b/contrib/apparmor/gnunet-dns2gns | |||
@@ -3,24 +3,11 @@ | |||
3 | #include <tunables/gnunet> | 3 | #include <tunables/gnunet> |
4 | 4 | ||
5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-dns2gns { | 5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-dns2gns { |
6 | #include <abstractions/base> | ||
6 | #include <abstractions/gnunet-common> | 7 | #include <abstractions/gnunet-common> |
7 | 8 | ||
8 | #Librairies | ||
9 | /usr/lib/ld-*.so r, | ||
10 | /usr/lib/libidn.so.* mr, | ||
11 | |||
12 | /usr/lib/locale/locale-archive r, | ||
13 | |||
14 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-dns2gns mr, | 9 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-dns2gns mr, |
15 | 10 | ||
16 | #Gnunet librairies | 11 | # Site-specific additions and overrides. See local/README for details. |
17 | @{GNUNET_PREFIX}/lib/libgnunetdnsparser.so.* mr, | 12 | #include <local/gnunet> |
18 | @{GNUNET_PREFIX}/lib/libgnunetdnsstub.so.* mr, | ||
19 | @{GNUNET_PREFIX}/lib/libgnunetgns.so.* mr, | ||
20 | @{GNUNET_PREFIX}/lib/libgnunetgnsrecord.so.* mr, | ||
21 | @{GNUNET_PREFIX}/lib/libgnunetidentity.so.* mr, | ||
22 | @{GNUNET_PREFIX}/lib/libgnunetnamestore.so.* mr, | ||
23 | @{GNUNET_PREFIX}/lib/libgnunetstatistics.so.* mr, | ||
24 | |||
25 | /usr/share/locale/locale.alias r, | ||
26 | } | 13 | } |
diff --git a/contrib/apparmor/gnunet-download b/contrib/apparmor/gnunet-download new file mode 100644 index 000000000..bcc212857 --- /dev/null +++ b/contrib/apparmor/gnunet-download | |||
@@ -0,0 +1,13 @@ | |||
1 | # Last Modified: Fri Aug 7 16:42:43 2015 | ||
2 | #include <tunables/global> | ||
3 | #include <tunables/gnunet> | ||
4 | |||
5 | profile @{GNUNET_PREFIX}/bin/gnunet-download { | ||
6 | #include <abstractions/base> | ||
7 | #include <abstractions/gnunet-common> | ||
8 | |||
9 | @{GNUNET_PREFIX}/bin/gnunet-download mr, | ||
10 | |||
11 | # Site-specific additions and overrides. See local/README for details. | ||
12 | #include <local/gnunet> | ||
13 | } | ||
diff --git a/contrib/apparmor/gnunet-download-manager.scm b/contrib/apparmor/gnunet-download-manager.scm new file mode 100644 index 000000000..a1e8c07dd --- /dev/null +++ b/contrib/apparmor/gnunet-download-manager.scm | |||
@@ -0,0 +1,25 @@ | |||
1 | # vim:syntax=apparmor | ||
2 | # Last Modified: Tue Aug 11 11:17:17 2015 | ||
3 | #include <tunables/global> | ||
4 | #include <tunables/gnunet> | ||
5 | |||
6 | profile @{GNUNET_PREFIX}/bin/gnunet-download-manager.scm { | ||
7 | #include <abstractions/base> | ||
8 | #include <abstractions/bash> | ||
9 | |||
10 | /dev/tty rw, | ||
11 | |||
12 | @{HOME}/.cache/guile/ccache/*-LE-*@{GNUNET_PREFIX}/bin/gnunet-download-manager.scm.go.* rw, | ||
13 | |||
14 | @{PROC}/@{pid}/statm r, | ||
15 | |||
16 | /usr/bin/bash ix, | ||
17 | /usr/bin/guile rix, | ||
18 | |||
19 | @{GNUNET_PREFIX}/bin/gnunet-download-manager.scm r, | ||
20 | |||
21 | /usr/share/guile/**/*.scm r, | ||
22 | |||
23 | # Site-specific additions and overrides. See local/README for details. | ||
24 | #include <local/gnunet> | ||
25 | } | ||
diff --git a/contrib/apparmor/gnunet-ecc b/contrib/apparmor/gnunet-ecc new file mode 100644 index 000000000..67e2ac4e0 --- /dev/null +++ b/contrib/apparmor/gnunet-ecc | |||
@@ -0,0 +1,15 @@ | |||
1 | # Last Modified: Fri Aug 7 16:54:41 2015 | ||
2 | #include <tunables/global> | ||
3 | #include <tunables/gnunet> | ||
4 | |||
5 | profile @{GNUNET_PREFIX}/bin/gnunet-ecc { | ||
6 | #include <abstractions/base> | ||
7 | #include <abstractions/gnunet-common> | ||
8 | |||
9 | @{GNUNET_PREFIX}/bin/gnunet-ecc mr, | ||
10 | |||
11 | #Access to filename? | ||
12 | |||
13 | # Site-specific additions and overrides. See local/README for details. | ||
14 | #include <local/gnunet> | ||
15 | } | ||
diff --git a/contrib/apparmor/gnunet-fs b/contrib/apparmor/gnunet-fs new file mode 100644 index 000000000..4637b251b --- /dev/null +++ b/contrib/apparmor/gnunet-fs | |||
@@ -0,0 +1,13 @@ | |||
1 | # Last Modified: Fri Aug 7 17:09:21 2015 | ||
2 | #include <tunables/global> | ||
3 | #include <tunables/gnunet> | ||
4 | |||
5 | profile @{GNUNET_PREFIX}/bin/gnunet-fs { | ||
6 | #include <abstractions/base> | ||
7 | #include <abstractions/gnunet-common> | ||
8 | |||
9 | @{GNUNET_PREFIX}/bin/gnunet-fs mr, | ||
10 | |||
11 | # Site-specific additions and overrides. See local/README for details. | ||
12 | #include <local/gnunet> | ||
13 | } | ||
diff --git a/contrib/apparmor/gnunet-fs-gtk b/contrib/apparmor/gnunet-fs-gtk new file mode 100644 index 000000000..0ffb0b38b --- /dev/null +++ b/contrib/apparmor/gnunet-fs-gtk | |||
@@ -0,0 +1,43 @@ | |||
1 | # Last Modified: Wed Aug 5 10:53:37 2015 | ||
2 | #include <tunables/global> | ||
3 | #include <tunables/gnunet> | ||
4 | |||
5 | profile @{GNUNET_PREFIX}/bin/gnunet-fs-gtk { | ||
6 | #include <abstractions/gnome> | ||
7 | #include <abstractions/kde> | ||
8 | #include <abstractions/dconf> | ||
9 | #include <abstractions/gnunet-gtk> | ||
10 | #include <abstractions/user-download> | ||
11 | |||
12 | # /dev/shm/LE-* rw, | ||
13 | |||
14 | owner @{HOME}/.config/gtk-*/bookmarks r, | ||
15 | owner @{HOME}/.local/share/gnunet/fs/persistence/gnunet-fs-gtk/download-child/* rw, | ||
16 | owner @{HOME}/.local/share/gnunet/fs/persistence/gnunet-fs-gtk/download/ r, | ||
17 | owner @{HOME}/.local/share/gnunet/fs/persistence/gnunet-fs-gtk/download/* rw, | ||
18 | owner @{HOME}/.local/share/gnunet/fs/persistence/gnunet-fs-gtk/search/ r, | ||
19 | owner @{HOME}/.local/share/gnunet/fs/persistence/gnunet-fs-gtk/search/** rw, | ||
20 | owner @{HOME}/.local/share/gnunet/fs/persistence/gnunet-fs-gtk/publish-file/ ra, | ||
21 | owner @{HOME}/.local/share/gnunet/fs/persistence/gnunet-fs-gtk/publish-file/* rw, | ||
22 | owner @{HOME}/.local/share/gnunet/fs/persistence/gnunet-fs-gtk/publish/ ra, | ||
23 | owner @{HOME}/.local/share/gnunet/fs/persistence/gnunet-fs-gtk/publish/* rw, | ||
24 | |||
25 | #Acces to files to share ? (lets create a gnunet directory in home) | ||
26 | owner @{HOME}/gnunet-fs/ r, | ||
27 | |||
28 | @{GNUNET_PREFIX}/bin/gnunet-fs-gtk mr, | ||
29 | |||
30 | @{GNUNET_PREFIX}/share/gnunet-gtk/* r, | ||
31 | |||
32 | /usr/share/glib-*/schemas/gschemas.compiled r, | ||
33 | |||
34 | #abstractions/dconf but we need write right here | ||
35 | /run/user/*/dconf/user rw, | ||
36 | |||
37 | @{HOME}/.cache/thumbnails/normal/*.png r, | ||
38 | |||
39 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-helper-fs-publish Px, | ||
40 | |||
41 | # Site-specific additions and overrides. See local/README for details. | ||
42 | #include <local/gnunet> | ||
43 | } | ||
diff --git a/contrib/apparmor/gnunet-gns b/contrib/apparmor/gnunet-gns new file mode 100644 index 000000000..1b63d2506 --- /dev/null +++ b/contrib/apparmor/gnunet-gns | |||
@@ -0,0 +1,21 @@ | |||
1 | # Last Modified: Fri Aug 7 17:41:19 2015 | ||
2 | #include <tunables/global> | ||
3 | #include <tunables/gnunet> | ||
4 | |||
5 | profile /usr/local/bin/gnunet-gns { | ||
6 | #include <abstractions/base> | ||
7 | #include <abstractions/gnunet-common> | ||
8 | |||
9 | /usr/local/bin/gnunet-gns mr, | ||
10 | |||
11 | /usr/local/lib/gnunet/ r, | ||
12 | # /usr/local/lib/gnunet/libgnunet_plugin_gnsrecord_conversation.la r, | ||
13 | /usr/local/lib/gnunet/libgnunet_plugin_gnsrecord_conversation.so mr, | ||
14 | # /usr/local/lib/gnunet/libgnunet_plugin_gnsrecord_dns.la r, | ||
15 | /usr/local/lib/gnunet/libgnunet_plugin_gnsrecord_dns.so mr, | ||
16 | # /usr/local/lib/gnunet/libgnunet_plugin_gnsrecord_gns.la r, | ||
17 | /usr/local/lib/gnunet/libgnunet_plugin_gnsrecord_gns.so mr, | ||
18 | |||
19 | # Site-specific additions and overrides. See local/README for details. | ||
20 | #include <local/gnunet> | ||
21 | } | ||
diff --git a/contrib/apparmor/gnunet-gns-import.sh b/contrib/apparmor/gnunet-gns-import.sh new file mode 100644 index 000000000..631717ccf --- /dev/null +++ b/contrib/apparmor/gnunet-gns-import.sh | |||
@@ -0,0 +1,22 @@ | |||
1 | # Last Modified: Tue Aug 11 10:19:01 2015 | ||
2 | #include <tunables/global> | ||
3 | #include <tunables/gnunet> | ||
4 | |||
5 | profile @{GNUNET_PREFIX}/bin/gnunet-gns-import.sh { | ||
6 | #include <abstractions/base> | ||
7 | #include <abstractions/bash> | ||
8 | #include <abstractions/gnunet-common> | ||
9 | |||
10 | /dev/tty rw, | ||
11 | /usr/bin/bash ix, | ||
12 | /usr/bin/gawk rix, | ||
13 | /usr/bin/grep rix, | ||
14 | /usr/bin/which rix, | ||
15 | @{GNUNET_PREFIX}/bin/gnunet-arm Px, | ||
16 | @{GNUNET_PREFIX}/bin/gnunet-config rPx, | ||
17 | @{GNUNET_PREFIX}/bin/gnunet-gns-import.sh r, | ||
18 | @{GNUNET_PREFIX}/bin/gnunet-identity Px, | ||
19 | |||
20 | # Site-specific additions and overrides. See local/README for details. | ||
21 | #include <local/gnunet> | ||
22 | } | ||
diff --git a/contrib/apparmor/gnunet-gns-proxy b/contrib/apparmor/gnunet-gns-proxy index 5d24b3a5e..99a306434 100644 --- a/contrib/apparmor/gnunet-gns-proxy +++ b/contrib/apparmor/gnunet-gns-proxy | |||
@@ -3,48 +3,15 @@ | |||
3 | #include <tunables/gnunet> | 3 | #include <tunables/gnunet> |
4 | 4 | ||
5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-gns-proxy { | 5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-gns-proxy { |
6 | #include <abstractions/base> | ||
6 | #include <abstractions/gnunet-common> | 7 | #include <abstractions/gnunet-common> |
7 | 8 | ||
8 | /etc/ssl/openssl.cnf r, | 9 | /etc/ssl/openssl.cnf r, |
9 | 10 | ||
10 | @{HOME}/.local/share/gnunet/gns/gns_ca_cert.pem r, | 11 | @{HOME}/.local/share/gnunet/gns/gns_ca_cert.pem r, |
11 | 12 | ||
12 | #Librairies | ||
13 | /usr/lib/gconv/gconv-modules r, | ||
14 | /usr/lib/ld-*.so r, | ||
15 | /usr/lib/libcom_err.so.* mr, | ||
16 | /usr/lib/libcrypto.so.* mr, | ||
17 | /usr/lib/libffi.so.* mr, | ||
18 | /usr/lib/libgmp.so.* mr, | ||
19 | /usr/lib/libgnurl.so.* mr, | ||
20 | /usr/lib/libgnutls.so.* mr, | ||
21 | /usr/lib/libgssapi_krb5.so.* mr, | ||
22 | /usr/lib/libhogweed.so.* mr, | ||
23 | /usr/lib/libidn.so.* mr, | ||
24 | /usr/lib/libk5crypto.so.* mr, | ||
25 | /usr/lib/libkeyutils.so.* mr, | ||
26 | /usr/lib/libkrb5.so.* mr, | ||
27 | /usr/lib/libkrb5support.so.* mr, | ||
28 | /usr/lib/libltdl.so.* mr, | ||
29 | /usr/lib/libmicrohttpd.so.* mr, | ||
30 | /usr/lib/libnettle.so.* mr, | ||
31 | /usr/lib/libp11-kit.so.* mr, | ||
32 | /usr/lib/libpthread-*.so mr, | ||
33 | /usr/lib/libresolv-*.so mr, | ||
34 | /usr/lib/libssh2.so.* mr, | ||
35 | /usr/lib/libssl.so.* mr, | ||
36 | /usr/lib/libtasn1.so.* mr, | ||
37 | |||
38 | /usr/lib/locale/locale-archive r, | ||
39 | |||
40 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-gns-proxy mr, | 13 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-gns-proxy mr, |
41 | 14 | ||
42 | #Gnunet librairies | 15 | # Site-specific additions and overrides. See local/README for details. |
43 | @{GNUNET_PREFIX}/lib/libgnunetdnsparser.so.* mr, | 16 | #include <local/gnunet> |
44 | @{GNUNET_PREFIX}/lib/libgnunetgns.so.* mr, | ||
45 | @{GNUNET_PREFIX}/lib/libgnunetgnsrecord.so.* mr, | ||
46 | @{GNUNET_PREFIX}/lib/libgnunetidentity.so.* mr, | ||
47 | |||
48 | /usr/share/locale/fr/LC_MESSAGES/libc.mo r, | ||
49 | /usr/share/locale/locale.alias r, | ||
50 | } | 17 | } |
diff --git a/contrib/apparmor/gnunet-gns-proxy-setup-ca b/contrib/apparmor/gnunet-gns-proxy-setup-ca new file mode 100644 index 000000000..cbb3fa191 --- /dev/null +++ b/contrib/apparmor/gnunet-gns-proxy-setup-ca | |||
@@ -0,0 +1,40 @@ | |||
1 | # Last Modified: Tue Aug 11 11:40:50 2015 | ||
2 | #include <tunables/global> | ||
3 | #include <tunables/gnunet> | ||
4 | |||
5 | profile @{GNUNET_PREFIX}/bin/gnunet-gns-proxy-setup-ca { | ||
6 | #include <abstractions/base> | ||
7 | #include <abstractions/bash> | ||
8 | #include <abstractions/user-tmp> | ||
9 | #include <abstractions/openssl> | ||
10 | |||
11 | /dev/tty rw, | ||
12 | /etc/passwd r, | ||
13 | /home/*/.local/share/gnunet/gns/ r, | ||
14 | /home/*/.local/share/gnunet/gns/gns_ca_cert.pem rw, | ||
15 | /home/*/.mozilla/firefox/ r, | ||
16 | /home/*/.mozilla/firefox/kw6js9xl.default/cert8.db rw, | ||
17 | /home/*/.mozilla/firefox/kw6js9xl.default/key3.db rw, | ||
18 | /home/*/.mozilla/firefox/kw6js9xl.default/secmod.db r, | ||
19 | /home/*/.pki/nssdb/cert8.db rw, | ||
20 | /home/*/.pki/nssdb/key3.db rw, | ||
21 | /home/*/.pki/nssdb/secmod.db r, | ||
22 | /home/*/.rnd rw, | ||
23 | |||
24 | /usr/bin/bash ix, | ||
25 | /usr/bin/cat rix, | ||
26 | /usr/bin/certtool r, | ||
27 | /usr/bin/certutil rix, | ||
28 | /usr/bin/dirname rix, | ||
29 | /usr/bin/mkdir rix, | ||
30 | /usr/bin/mktemp rix, | ||
31 | /usr/bin/openssl rix, | ||
32 | /usr/bin/rm rix, | ||
33 | /usr/bin/which rix, | ||
34 | |||
35 | @{GNUNET_PREFIX}/bin/gnunet-config Px, | ||
36 | @{GNUNET_PREFIX}/bin/gnunet-gns-proxy-setup-ca r, | ||
37 | |||
38 | # Site-specific additions and overrides. See local/README for details. | ||
39 | #include <local/gnunet> | ||
40 | } | ||
diff --git a/contrib/apparmor/gnunet-gtk b/contrib/apparmor/gnunet-gtk new file mode 100644 index 000000000..336748215 --- /dev/null +++ b/contrib/apparmor/gnunet-gtk | |||
@@ -0,0 +1,26 @@ | |||
1 | # Last Modified: Wed Aug 5 11:25:26 2015 | ||
2 | #include <tunables/global> | ||
3 | #include <tunables/gnunet> | ||
4 | |||
5 | profile @{GNUNET_PREFIX}/bin/gnunet-gtk { | ||
6 | #include <abstractions/gnome> | ||
7 | #include <abstractions/gnunet-gtk> | ||
8 | #include <abstractions/kde> | ||
9 | |||
10 | @{GNUNET_PREFIX}/bin/gnunet-gtk mr, | ||
11 | |||
12 | #GNUnet gtk binaries | ||
13 | @{GNUNET_PREFIX}/bin/gnunet-conversation-gtk Px, | ||
14 | @{GNUNET_PREFIX}/bin/gnunet-fs-gtk Px, | ||
15 | @{GNUNET_PREFIX}/bin/gnunet-identity-gtk Px, | ||
16 | @{GNUNET_PREFIX}/bin/gnunet-namestore-gtk Px, | ||
17 | @{GNUNET_PREFIX}/bin/gnunet-peerinfo-gtk Px, | ||
18 | @{GNUNET_PREFIX}/bin/gnunet-statistics-gtk Px, | ||
19 | |||
20 | @{GNUNET_PREFIX}/share/gnunet-gtk/*.png r, | ||
21 | @{GNUNET_PREFIX}/share/gnunet-gtk/gnunet_gtk.glade r, | ||
22 | |||
23 | # Site-specific additions and overrides. See local/README for details. | ||
24 | #include <local/gnunet> | ||
25 | |||
26 | } | ||
diff --git a/contrib/apparmor/gnunet-helper-audio-playback b/contrib/apparmor/gnunet-helper-audio-playback index b98b22b69..67d3ba371 100644 --- a/contrib/apparmor/gnunet-helper-audio-playback +++ b/contrib/apparmor/gnunet-helper-audio-playback | |||
@@ -2,9 +2,16 @@ | |||
2 | #include <tunables/global> | 2 | #include <tunables/global> |
3 | #include <tunables/gnunet> | 3 | #include <tunables/gnunet> |
4 | 4 | ||
5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-helper-audio-playback flags=(complain) { | 5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-helper-audio-playback { |
6 | #include <abstractions/base> | ||
6 | #include <abstractions/gnunet-common> | 7 | #include <abstractions/gnunet-common> |
7 | #include <abstractions/gnunet-libaudio> | 8 | #include <abstractions/audio> |
8 | 9 | ||
9 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-helper-audio-playback mr, | 10 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-helper-audio-playback mr, |
11 | |||
12 | /etc/machine-id r, | ||
13 | owner @{HOME}/.Xauthority r, | ||
14 | |||
15 | # Site-specific additions and overrides. See local/README for details. | ||
16 | #include <local/gnunet> | ||
10 | } | 17 | } |
diff --git a/contrib/apparmor/gnunet-helper-audio-record b/contrib/apparmor/gnunet-helper-audio-record index f85b83d9f..afed73ffb 100644 --- a/contrib/apparmor/gnunet-helper-audio-record +++ b/contrib/apparmor/gnunet-helper-audio-record | |||
@@ -2,9 +2,16 @@ | |||
2 | #include <tunables/global> | 2 | #include <tunables/global> |
3 | #include <tunables/gnunet> | 3 | #include <tunables/gnunet> |
4 | 4 | ||
5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-helper-audio-record flags=(complain) { | 5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-helper-audio-record { |
6 | #include <abstractions/base> | ||
6 | #include <abstractions/gnunet-common> | 7 | #include <abstractions/gnunet-common> |
7 | #include <abstractions/gnunet-libaudio> | 8 | #include <abstractions/audio> |
8 | 9 | ||
9 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-helper-audio-record mr, | 10 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-helper-audio-record mr, |
11 | |||
12 | /etc/machine-id r, | ||
13 | owner @{HOME}/.Xauthority r, | ||
14 | |||
15 | # Site-specific additions and overrides. See local/README for details. | ||
16 | #include <local/gnunet> | ||
10 | } | 17 | } |
diff --git a/contrib/apparmor/gnunet-helper-dns b/contrib/apparmor/gnunet-helper-dns index b6a102585..b5e219585 100644 --- a/contrib/apparmor/gnunet-helper-dns +++ b/contrib/apparmor/gnunet-helper-dns | |||
@@ -2,8 +2,8 @@ | |||
2 | #include <tunables/global> | 2 | #include <tunables/global> |
3 | #include <tunables/gnunet> | 3 | #include <tunables/gnunet> |
4 | 4 | ||
5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-helper-dns flags=(complain) { | 5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-helper-dns { |
6 | #include <abstractions/gnunet-common> | 6 | #include <abstractions/gnunet-suid> |
7 | 7 | ||
8 | #Capability | 8 | #Capability |
9 | capability net_admin, | 9 | capability net_admin, |
@@ -42,4 +42,7 @@ profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-helper-dns flags=(complain) { | |||
42 | /usr/lib/locale/locale-archive r, | 42 | /usr/lib/locale/locale-archive r, |
43 | 43 | ||
44 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-helper-dns mr, | 44 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-helper-dns mr, |
45 | |||
46 | # Site-specific additions and overrides. See local/README for details. | ||
47 | #include <local/gnunet> | ||
45 | } | 48 | } |
diff --git a/contrib/apparmor/gnunet-helper-exit b/contrib/apparmor/gnunet-helper-exit index d185f5b80..f69e34d0c 100644 --- a/contrib/apparmor/gnunet-helper-exit +++ b/contrib/apparmor/gnunet-helper-exit | |||
@@ -2,11 +2,13 @@ | |||
2 | #include <tunables/global> | 2 | #include <tunables/global> |
3 | #include <tunables/gnunet> | 3 | #include <tunables/gnunet> |
4 | 4 | ||
5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-helper-exit flags=(complain) { | 5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-helper-exit { |
6 | #include <abstractions/gnunet-common> | 6 | #include <abstractions/gnunet-suid> |
7 | 7 | ||
8 | capability setuid, | 8 | capability setuid, |
9 | 9 | ||
10 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-helper-exit mr, | 10 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-helper-exit mr, |
11 | 11 | ||
12 | # Site-specific additions and overrides. See local/README for details. | ||
13 | #include <local/gnunet-suid> | ||
12 | } | 14 | } |
diff --git a/contrib/apparmor/gnunet-helper-fs-publish b/contrib/apparmor/gnunet-helper-fs-publish index ccf0cb513..9d437194c 100644 --- a/contrib/apparmor/gnunet-helper-fs-publish +++ b/contrib/apparmor/gnunet-helper-fs-publish | |||
@@ -2,13 +2,17 @@ | |||
2 | #include <tunables/global> | 2 | #include <tunables/global> |
3 | #include <tunables/gnunet> | 3 | #include <tunables/gnunet> |
4 | 4 | ||
5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-helper-fs-publish flags=(complain) { | 5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-helper-fs-publish { |
6 | #include <abstractions/base> | ||
6 | #include <abstractions/gnunet-common> | 7 | #include <abstractions/gnunet-common> |
8 | #include <abstractions/user-download> | ||
7 | 9 | ||
8 | /usr/lib/libbz2.so.* mr, | 10 | /dev/shm/LE-* r, |
9 | /usr/lib/libextractor.so.* mr, | 11 | |
10 | /usr/lib/libpthread-*.so mr, | 12 | /usr/share/file/misc/magic.mgc r, |
11 | /usr/lib/librt-*.so mr, | ||
12 | 13 | ||
13 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-helper-fs-publish mr, | 14 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-helper-fs-publish mr, |
15 | |||
16 | # Site-specific additions and overrides. See local/README for details. | ||
17 | #include <local/gnunet> | ||
14 | } | 18 | } |
diff --git a/contrib/apparmor/gnunet-helper-nat-client b/contrib/apparmor/gnunet-helper-nat-client index 19a563878..ead52a5f1 100644 --- a/contrib/apparmor/gnunet-helper-nat-client +++ b/contrib/apparmor/gnunet-helper-nat-client | |||
@@ -2,11 +2,13 @@ | |||
2 | #include <tunables/global> | 2 | #include <tunables/global> |
3 | #include <tunables/gnunet> | 3 | #include <tunables/gnunet> |
4 | 4 | ||
5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-helper-nat-client flags=(complain) { | 5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-helper-nat-client { |
6 | #include <abstractions/gnunet-common> | 6 | #include <abstractions/gnunet-suid> |
7 | 7 | ||
8 | capability setuid, | 8 | capability setuid, |
9 | 9 | ||
10 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-helper-nat-client mr, | 10 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-helper-nat-client mr, |
11 | 11 | ||
12 | # Site-specific additions and overrides. See local/README for details. | ||
13 | #include <local/gnunet-suid> | ||
12 | } | 14 | } |
diff --git a/contrib/apparmor/gnunet-helper-nat-server b/contrib/apparmor/gnunet-helper-nat-server index 594d2de7a..d458f467f 100644 --- a/contrib/apparmor/gnunet-helper-nat-server +++ b/contrib/apparmor/gnunet-helper-nat-server | |||
@@ -2,11 +2,14 @@ | |||
2 | #include <tunables/global> | 2 | #include <tunables/global> |
3 | #include <tunables/gnunet> | 3 | #include <tunables/gnunet> |
4 | 4 | ||
5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-helper-nat-server flags=(complain) { | 5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-helper-nat-server { |
6 | #include <abstractions/gnunet-common> | 6 | #include <abstractions/gnunet-suid> |
7 | 7 | ||
8 | capability setuid, | 8 | capability setuid, |
9 | 9 | ||
10 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-helper-nat-server mr, | 10 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-helper-nat-server mr, |
11 | |||
12 | # Site-specific additions and overrides. See local/README for details. | ||
13 | #include <local/gnunet-suid> | ||
11 | 14 | ||
12 | } | 15 | } |
diff --git a/contrib/apparmor/gnunet-helper-testbed b/contrib/apparmor/gnunet-helper-testbed index 22ac13347..b7b41f688 100644 --- a/contrib/apparmor/gnunet-helper-testbed +++ b/contrib/apparmor/gnunet-helper-testbed | |||
@@ -2,36 +2,20 @@ | |||
2 | #include <tunables/global> | 2 | #include <tunables/global> |
3 | #include <tunables/gnunet> | 3 | #include <tunables/gnunet> |
4 | 4 | ||
5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-helper-testbed flags=(complain) { | 5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-helper-testbed { |
6 | #include <abstractions/base> | ||
6 | #include <abstractions/gnunet-common> | 7 | #include <abstractions/gnunet-common> |
8 | #include <abstractions/gnunet-test> | ||
7 | 9 | ||
8 | /dev/null rw, | ||
9 | |||
10 | /etc/gai.conf r, | 10 | /etc/gai.conf r, |
11 | 11 | ||
12 | /usr/lib/ld-*.so r, | ||
13 | |||
14 | /usr/lib/locale/locale-archive r, | ||
15 | |||
16 | /usr/share/locale/locale.alias r, | ||
17 | /usr/share/locale/fr/LC_MESSAGES/libc.mo r, | ||
18 | |||
19 | /usr/lib/gconv/gconv-modules r, | ||
20 | |||
21 | @{GNUNET_PREFIX}/lib/gnunet/libexec/ r, | 12 | @{GNUNET_PREFIX}/lib/gnunet/libexec/ r, |
22 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-helper-testbed mr, | 13 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-helper-testbed mr, |
23 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-arm r, | 14 | #@{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-arm r, |
24 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-testbed Px, | 15 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-testbed Px, |
25 | 16 | ||
26 | #Gnunet librairies | ||
27 | @{GNUNET_PREFIX}/lib/libgnunetarm.so.* mr, | ||
28 | @{GNUNET_PREFIX}/lib/libgnunetats.so.* mr, | ||
29 | @{GNUNET_PREFIX}/lib/libgnunetcore.so.* mr, | ||
30 | @{GNUNET_PREFIX}/lib/libgnunethello.so.* mr, | ||
31 | @{GNUNET_PREFIX}/lib/libgnunetstatistics.so.* mr, | ||
32 | @{GNUNET_PREFIX}/lib/libgnunettestbed.so.* mr, | ||
33 | @{GNUNET_PREFIX}/lib/libgnunettesting.so.* mr, | ||
34 | @{GNUNET_PREFIX}/lib/libgnunettransport.so.* mr, | ||
35 | |||
36 | @{GNUNET_PREFIX}/share/gnunet/testing_hostkeys.ecc r, | 17 | @{GNUNET_PREFIX}/share/gnunet/testing_hostkeys.ecc r, |
18 | |||
19 | # Site-specific additions and overrides. See local/README for details. | ||
20 | #include <local/gnunet> | ||
37 | } | 21 | } |
diff --git a/contrib/apparmor/gnunet-helper-transport-bluetooth b/contrib/apparmor/gnunet-helper-transport-bluetooth new file mode 100644 index 000000000..b13ccb269 --- /dev/null +++ b/contrib/apparmor/gnunet-helper-transport-bluetooth | |||
@@ -0,0 +1,18 @@ | |||
1 | # Last Modified: Tue Jul 28 11:44:00 2015 | ||
2 | #include <tunables/global> | ||
3 | #include <tunables/gnunet> | ||
4 | |||
5 | # Add extra libs for this helper(libthread and libbluetooth) | ||
6 | @{LIBS}+=libpthread libbluetooth | ||
7 | |||
8 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-helper-transport-bluetooth { | ||
9 | #include <abstractions/gnunet-suid> | ||
10 | |||
11 | capability setuid, | ||
12 | |||
13 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-helper-transport-bluetooth mr, | ||
14 | |||
15 | # Site-specific additions and overrides. See local/README for details. | ||
16 | #include <local/gnunet-suid> | ||
17 | |||
18 | } | ||
diff --git a/contrib/apparmor/gnunet-helper-transport-wlan b/contrib/apparmor/gnunet-helper-transport-wlan index 0f1d5cf57..296b0c978 100644 --- a/contrib/apparmor/gnunet-helper-transport-wlan +++ b/contrib/apparmor/gnunet-helper-transport-wlan | |||
@@ -2,11 +2,14 @@ | |||
2 | #include <tunables/global> | 2 | #include <tunables/global> |
3 | #include <tunables/gnunet> | 3 | #include <tunables/gnunet> |
4 | 4 | ||
5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-helper-transport-wlan flags=(complain) { | 5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-helper-transport-wlan { |
6 | #include <abstractions/gnunet-common> | 6 | #include <abstractions/gnunet-suid> |
7 | 7 | ||
8 | capability setuid, | 8 | capability setuid, |
9 | 9 | ||
10 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-helper-transport-wlan mr, | 10 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-helper-transport-wlan mr, |
11 | |||
12 | # Site-specific additions and overrides. See local/README for details. | ||
13 | #include <local/gnunet-suid> | ||
11 | 14 | ||
12 | } | 15 | } |
diff --git a/contrib/apparmor/gnunet-helper-transport-wlan-dummy b/contrib/apparmor/gnunet-helper-transport-wlan-dummy index 9ad58e5d0..1c0514417 100644 --- a/contrib/apparmor/gnunet-helper-transport-wlan-dummy +++ b/contrib/apparmor/gnunet-helper-transport-wlan-dummy | |||
@@ -2,9 +2,12 @@ | |||
2 | #include <tunables/global> | 2 | #include <tunables/global> |
3 | #include <tunables/gnunet> | 3 | #include <tunables/gnunet> |
4 | 4 | ||
5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-helper-transport-wlan-dummy flags=(complain) { | 5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-helper-transport-wlan-dummy { |
6 | #include <abstractions/gnunet-common> | 6 | #include <abstractions/gnunet-suid> |
7 | 7 | ||
8 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-helper-transport-wlan-dummy mr, | 8 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-helper-transport-wlan-dummy mr, |
9 | |||
10 | # Site-specific additions and overrides. See local/README for details. | ||
11 | #include <local/gnunet> | ||
9 | 12 | ||
10 | } | 13 | } |
diff --git a/contrib/apparmor/gnunet-helper-vpn b/contrib/apparmor/gnunet-helper-vpn index 9be198d76..8631b1b7c 100644 --- a/contrib/apparmor/gnunet-helper-vpn +++ b/contrib/apparmor/gnunet-helper-vpn | |||
@@ -2,20 +2,17 @@ | |||
2 | #include <tunables/global> | 2 | #include <tunables/global> |
3 | #include <tunables/gnunet> | 3 | #include <tunables/gnunet> |
4 | 4 | ||
5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-helper-vpn flags=(complain) { | 5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-helper-vpn { |
6 | #include <abstractions/gnunet-suid> | ||
6 | 7 | ||
7 | #Capability | 8 | #Capability |
8 | capability net_admin, | 9 | capability net_admin, |
9 | capability setuid, | 10 | capability setuid, |
10 | 11 | ||
11 | /dev/net/tun rw, | 12 | /dev/net/tun rw, |
12 | /etc/ld.so.cache r, | ||
13 | |||
14 | #Librairies | ||
15 | /usr/lib/ld-*.so r, | ||
16 | /usr/lib/libc-*.so mr, | ||
17 | /usr/lib/libm-*.so mr, | ||
18 | 13 | ||
19 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-helper-vpn mr, | 14 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-helper-vpn mr, |
20 | 15 | ||
16 | # Site-specific additions and overrides. See local/README for details. | ||
17 | #include <local/gnunet> | ||
21 | } | 18 | } |
diff --git a/contrib/apparmor/gnunet-identity b/contrib/apparmor/gnunet-identity new file mode 100644 index 000000000..3aa76cc6e --- /dev/null +++ b/contrib/apparmor/gnunet-identity | |||
@@ -0,0 +1,15 @@ | |||
1 | # Last Modified: Fri Aug 7 17:48:29 2015 | ||
2 | #include <tunables/global> | ||
3 | #include <tunables/gnunet> | ||
4 | |||
5 | profile @{GNUNET_PREFIX}/bin/gnunet-identity { | ||
6 | #include <abstractions/base> | ||
7 | #include <abstractions/gnunet-common> | ||
8 | |||
9 | @{HOME}/.local/share/gnunet/identity/egos/* rw, | ||
10 | |||
11 | @{GNUNET_PREFIX}/bin/gnunet-identity mr, | ||
12 | |||
13 | # Site-specific additions and overrides. See local/README for details. | ||
14 | #include <local/gnunet> | ||
15 | } | ||
diff --git a/contrib/apparmor/gnunet-identity-gtk b/contrib/apparmor/gnunet-identity-gtk new file mode 100644 index 000000000..e7abb8795 --- /dev/null +++ b/contrib/apparmor/gnunet-identity-gtk | |||
@@ -0,0 +1,16 @@ | |||
1 | # Last Modified: Wed Aug 5 11:24:55 2015 | ||
2 | #include <tunables/global> | ||
3 | #include <tunables/gnunet> | ||
4 | |||
5 | profile @{GNUNET_PREFIX}/bin/gnunet-identity-gtk { | ||
6 | #include <abstractions/gnome> | ||
7 | #include <abstractions/gnunet-gtk> | ||
8 | #include <abstractions/kde> | ||
9 | |||
10 | @{GNUNET_PREFIX}/bin/gnunet-identity-gtk mr, | ||
11 | |||
12 | @{GNUNET_PREFIX}/share/gnunet-gtk/gnunet_identity_gtk_main_window.glade r, | ||
13 | |||
14 | # Site-specific additions and overrides. See local/README for details. | ||
15 | #include <local/gnunet> | ||
16 | } | ||
diff --git a/contrib/apparmor/gnunet-mesh b/contrib/apparmor/gnunet-mesh new file mode 100644 index 000000000..9f5b07fc5 --- /dev/null +++ b/contrib/apparmor/gnunet-mesh | |||
@@ -0,0 +1,13 @@ | |||
1 | # Last Modified: Fri Aug 7 18:02:28 2015 | ||
2 | #include <tunables/global> | ||
3 | #include <tunables/gnunet> | ||
4 | |||
5 | profile @{GNUNET_PREFIX}/bin/gnunet-mesh { | ||
6 | #include <abstractions/base> | ||
7 | #include <abstractions/gnunet-common> | ||
8 | |||
9 | @{GNUNET_PREFIX}/bin/gnunet-mesh mr, | ||
10 | |||
11 | # Site-specific additions and overrides. See local/README for details. | ||
12 | #include <local/gnunet> | ||
13 | } | ||
diff --git a/contrib/apparmor/gnunet-namecache b/contrib/apparmor/gnunet-namecache new file mode 100644 index 000000000..f7eca4091 --- /dev/null +++ b/contrib/apparmor/gnunet-namecache | |||
@@ -0,0 +1,13 @@ | |||
1 | # Last Modified: Fri Aug 7 18:07:23 2015 | ||
2 | #include <tunables/global> | ||
3 | #include <tunables/gnunet> | ||
4 | |||
5 | profile @{GNUNET_PREFIX}/bin/gnunet-namecache { | ||
6 | #include <abstractions/base> | ||
7 | #include <abstractions/gnunet-common> | ||
8 | |||
9 | @{GNUNET_PREFIX}/bin/gnunet-namecache mr, | ||
10 | |||
11 | # Site-specific additions and overrides. See local/README for details. | ||
12 | #include <local/gnunet> | ||
13 | } | ||
diff --git a/contrib/apparmor/gnunet-namestore b/contrib/apparmor/gnunet-namestore new file mode 100644 index 000000000..c97fad77d --- /dev/null +++ b/contrib/apparmor/gnunet-namestore | |||
@@ -0,0 +1,21 @@ | |||
1 | # Last Modified: Mon Aug 10 11:05:21 2015 | ||
2 | #include <tunables/global> | ||
3 | #include <tunables/gnunet> | ||
4 | |||
5 | profile @{GNUNET_PREFIX}/bin/gnunet-namestore { | ||
6 | #include <abstractions/base> | ||
7 | #include <abstractions/gnunet-common> | ||
8 | |||
9 | @{GNUNET_PREFIX}/bin/gnunet-namestore mr, | ||
10 | |||
11 | #GNUnet plugin | ||
12 | # @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_gnsrecord_conversation.la r, | ||
13 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_gnsrecord_conversation.so mr, | ||
14 | # @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_gnsrecord_dns.la r, | ||
15 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_gnsrecord_dns.so mr, | ||
16 | # @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_gnsrecord_gns.la r, | ||
17 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_gnsrecord_gns.so mr, | ||
18 | |||
19 | # Site-specific additions and overrides. See local/README for details. | ||
20 | #include <local/gnunet> | ||
21 | } | ||
diff --git a/contrib/apparmor/gnunet-namestore-fcfsd b/contrib/apparmor/gnunet-namestore-fcfsd index 9c57801a9..8ac09e69b 100644 --- a/contrib/apparmor/gnunet-namestore-fcfsd +++ b/contrib/apparmor/gnunet-namestore-fcfsd | |||
@@ -3,29 +3,11 @@ | |||
3 | #include <tunables/gnunet> | 3 | #include <tunables/gnunet> |
4 | 4 | ||
5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-namestore-fcfsd { | 5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-namestore-fcfsd { |
6 | #include <abstractions/base> | ||
6 | #include <abstractions/gnunet-common> | 7 | #include <abstractions/gnunet-common> |
7 | 8 | ||
8 | #Librairies | ||
9 | /usr/lib/ld-*.so r, | ||
10 | /usr/lib/libffi.so.* mr, | ||
11 | /usr/lib/libgmp.so.* mr, | ||
12 | /usr/lib/libgnutls.so.* mr, | ||
13 | /usr/lib/libhogweed.so.* mr, | ||
14 | /usr/lib/libidn.so.* mr, | ||
15 | /usr/lib/libmicrohttpd.so.* mr, | ||
16 | /usr/lib/libnettle.so.* mr, | ||
17 | /usr/lib/libp11-kit.so.* mr, | ||
18 | /usr/lib/libpthread-*.so mr, | ||
19 | /usr/lib/libtasn1.so.* mr, | ||
20 | |||
21 | /usr/lib/locale/locale-archive r, | ||
22 | |||
23 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-namestore-fcfsd mr, | 9 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-namestore-fcfsd mr, |
24 | 10 | ||
25 | #Gnunet librairies | 11 | # Site-specific additions and overrides. See local/README for details. |
26 | @{GNUNET_PREFIX}/lib/libgnunetdnsparser.so.* mr, | 12 | #include <local/gnunet> |
27 | @{GNUNET_PREFIX}/lib/libgnunetgnsrecord.so.* mr, | ||
28 | @{GNUNET_PREFIX}/lib/libgnunetidentity.so.* mr, | ||
29 | @{GNUNET_PREFIX}/lib/libgnunetnamestore.so.* mr, | ||
30 | @{GNUNET_PREFIX}/lib/libgnunetstatistics.so.* mr, | ||
31 | } | 13 | } |
diff --git a/contrib/apparmor/gnunet-namestore-gtk b/contrib/apparmor/gnunet-namestore-gtk new file mode 100644 index 000000000..fb3256ca9 --- /dev/null +++ b/contrib/apparmor/gnunet-namestore-gtk | |||
@@ -0,0 +1,27 @@ | |||
1 | # Last Modified: Wed Aug 5 11:24:52 2015 | ||
2 | #include <tunables/global> | ||
3 | #include <tunables/gnunet> | ||
4 | |||
5 | profile @{GNUNET_PREFIX}/bin/gnunet-namestore-gtk { | ||
6 | #include <abstractions/gnome> | ||
7 | #include <abstractions/gnunet-gtk> | ||
8 | #include <abstractions/kde> | ||
9 | |||
10 | @{GNUNET_PREFIX}/bin/gnunet-namestore-gtk mr, | ||
11 | |||
12 | @{GNUNET_PREFIX}/lib/gnunet/ r, | ||
13 | |||
14 | #GNUnet plugin | ||
15 | # @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_gnsrecord_conversation.la r, | ||
16 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_gnsrecord_conversation.so mr, | ||
17 | # @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_gnsrecord_dns.la r, | ||
18 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_gnsrecord_dns.so mr, | ||
19 | # @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_gnsrecord_gns.la r, | ||
20 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_gnsrecord_gns.so mr, | ||
21 | |||
22 | @{GNUNET_PREFIX}/share/gnunet-gtk/gnunet_namestore_gtk_main_window.glade r, | ||
23 | @{GNUNET_PREFIX}/share/gnunet-gtk/qr_dummy.png r, | ||
24 | |||
25 | # Site-specific additions and overrides. See local/README for details. | ||
26 | #include <local/gnunet> | ||
27 | } | ||
diff --git a/contrib/apparmor/gnunet-nat-server b/contrib/apparmor/gnunet-nat-server new file mode 100644 index 000000000..9884383a2 --- /dev/null +++ b/contrib/apparmor/gnunet-nat-server | |||
@@ -0,0 +1,13 @@ | |||
1 | # Last Modified: Mon Aug 10 11:34:29 2015 | ||
2 | #include <tunables/global> | ||
3 | #include <tunables/gnunet> | ||
4 | |||
5 | profile @{GNUNET_PREFIX}/bin/gnunet-nat-server { | ||
6 | #include <abstractions/base> | ||
7 | #include <abstractions/gnunet-common> | ||
8 | |||
9 | @{GNUNET_PREFIX}/bin/gnunet-nat-server mr, | ||
10 | |||
11 | # Site-specific additions and overrides. See local/README for details. | ||
12 | #include <local/gnunet> | ||
13 | } | ||
diff --git a/contrib/apparmor/gnunet-nse b/contrib/apparmor/gnunet-nse new file mode 100644 index 000000000..74c0d9420 --- /dev/null +++ b/contrib/apparmor/gnunet-nse | |||
@@ -0,0 +1,13 @@ | |||
1 | # Last Modified: Mon Aug 10 11:38:47 2015 | ||
2 | #include <tunables/global> | ||
3 | #include <tunables/gnunet> | ||
4 | |||
5 | profile @{GNUNET_PREFIX}/bin/gnunet-nse { | ||
6 | #include <abstractions/base> | ||
7 | #include <abstractions/gnunet-common> | ||
8 | |||
9 | @{GNUNET_PREFIX}/bin/gnunet-nse mr, | ||
10 | |||
11 | # Site-specific additions and overrides. See local/README for details. | ||
12 | #include <local/gnunet> | ||
13 | } | ||
diff --git a/contrib/apparmor/gnunet-peerinfo b/contrib/apparmor/gnunet-peerinfo new file mode 100644 index 000000000..0c30d38af --- /dev/null +++ b/contrib/apparmor/gnunet-peerinfo | |||
@@ -0,0 +1,19 @@ | |||
1 | # Last Modified: Mon Aug 10 11:46:50 2015 | ||
2 | #include <tunables/global> | ||
3 | #include <tunables/gnunet> | ||
4 | |||
5 | profile @{GNUNET_PREFIX}/bin/gnunet-peerinfo { | ||
6 | #include <abstractions/base> | ||
7 | #include <abstractions/gnunet-common> | ||
8 | |||
9 | @{GNUNET_PREFIX}/bin/gnunet-peerinfo mr, | ||
10 | |||
11 | #GNUnet plugin | ||
12 | # @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_transport_tcp.la r, | ||
13 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_transport_tcp.so mr, | ||
14 | # @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_transport_udp.la r, | ||
15 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_transport_udp.so mr, | ||
16 | |||
17 | # Site-specific additions and overrides. See local/README for details. | ||
18 | #include <local/gnunet> | ||
19 | } | ||
diff --git a/contrib/apparmor/gnunet-peerinfo-gtk b/contrib/apparmor/gnunet-peerinfo-gtk new file mode 100644 index 000000000..e1e0271d8 --- /dev/null +++ b/contrib/apparmor/gnunet-peerinfo-gtk | |||
@@ -0,0 +1,17 @@ | |||
1 | # Last Modified: Tue Aug 11 16:20:57 2015 | ||
2 | #include <tunables/global> | ||
3 | #include <tunables/gnunet> | ||
4 | |||
5 | profile @{GNUNET_PREFIX}/bin/gnunet-peerinfo-gtk { | ||
6 | #include <abstractions/gnome> | ||
7 | #include <abstractions/gnunet-gtk> | ||
8 | #include <abstractions/kde> | ||
9 | |||
10 | @{GNUNET_PREFIX}/bin/gnunet-peerinfo-gtk mr, | ||
11 | |||
12 | @{GNUNET_PREFIX}/share/gnunet-gtk/* r, | ||
13 | @{GNUNET_PREFIX}/share/gnunet-gtk/flags/*.png r, | ||
14 | |||
15 | # Site-specific additions and overrides. See local/README for details. | ||
16 | #include <local/gnunet> | ||
17 | } | ||
diff --git a/contrib/apparmor/gnunet-peerstore b/contrib/apparmor/gnunet-peerstore new file mode 100644 index 000000000..944f1bed2 --- /dev/null +++ b/contrib/apparmor/gnunet-peerstore | |||
@@ -0,0 +1,13 @@ | |||
1 | # Last Modified: Mon Aug 10 12:03:53 2015 | ||
2 | #include <tunables/global> | ||
3 | #include <tunables/gnunet> | ||
4 | |||
5 | profile @{GNUNET_PREFIX}/bin/gnunet-peerstore { | ||
6 | #include <abstractions/base> | ||
7 | #include <abstractions/gnunet-common> | ||
8 | |||
9 | @{GNUNET_PREFIX}/bin/gnunet-peerstore mr, | ||
10 | |||
11 | # Site-specific additions and overrides. See local/README for details. | ||
12 | #include <local/gnunet> | ||
13 | } | ||
diff --git a/contrib/apparmor/gnunet-publish b/contrib/apparmor/gnunet-publish new file mode 100644 index 000000000..105ff1861 --- /dev/null +++ b/contrib/apparmor/gnunet-publish | |||
@@ -0,0 +1,16 @@ | |||
1 | # Last Modified: Thu Aug 6 12:00:00 2015 | ||
2 | #include <tunables/global> | ||
3 | #include <tunables/gnunet> | ||
4 | |||
5 | profile @{GNUNET_PREFIX}/bin/gnunet-publish { | ||
6 | #include <abstractions/base> | ||
7 | #include <abstractions/gnunet-common> | ||
8 | #include <abstractions/user-download> | ||
9 | |||
10 | @{GNUNET_PREFIX}/bin/gnunet-publish mr, | ||
11 | |||
12 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-helper-fs-publish Px, | ||
13 | |||
14 | # Site-specific additions and overrides. See local/README for details. | ||
15 | #include <local/gnunet> | ||
16 | } | ||
diff --git a/contrib/apparmor/gnunet-qr b/contrib/apparmor/gnunet-qr new file mode 100644 index 000000000..b893faf98 --- /dev/null +++ b/contrib/apparmor/gnunet-qr | |||
@@ -0,0 +1,15 @@ | |||
1 | # Last Modified: Tue Aug 11 16:14:05 2015 | ||
2 | #include <tunables/global> | ||
3 | #include <tunables/gnunet> | ||
4 | |||
5 | profile @{GNUNET_PREFIX}/bin/gnunet-qr { | ||
6 | #include <abstractions/base> | ||
7 | #include <abstractions/python> | ||
8 | #include <abstractions/gnunet-common> | ||
9 | |||
10 | /usr/bin/python3.4 ix, | ||
11 | @{GNUNET_PREFIX}/bin/gnunet-qr r, | ||
12 | |||
13 | # Site-specific additions and overrides. See local/README for details. | ||
14 | #include <local/gnunet> | ||
15 | } | ||
diff --git a/contrib/apparmor/gnunet-resolver b/contrib/apparmor/gnunet-resolver new file mode 100644 index 000000000..e5455b257 --- /dev/null +++ b/contrib/apparmor/gnunet-resolver | |||
@@ -0,0 +1,13 @@ | |||
1 | # Last Modified: Mon Aug 10 12:21:50 2015 | ||
2 | #include <tunables/global> | ||
3 | #include <tunables/gnunet> | ||
4 | |||
5 | profile @{GNUNET_PREFIX}/bin/gnunet-resolver { | ||
6 | #include <abstractions/base> | ||
7 | #include <abstractions/gnunet-common> | ||
8 | |||
9 | @{GNUNET_PREFIX}/bin/gnunet-resolver mr, | ||
10 | |||
11 | # Site-specific additions and overrides. See local/README for details. | ||
12 | #include <local/gnunet> | ||
13 | } | ||
diff --git a/contrib/apparmor/gnunet-revocation b/contrib/apparmor/gnunet-revocation new file mode 100644 index 000000000..8cab61f4f --- /dev/null +++ b/contrib/apparmor/gnunet-revocation | |||
@@ -0,0 +1,13 @@ | |||
1 | # Last Modified: Mon Aug 10 15:03:13 2015 | ||
2 | #include <tunables/global> | ||
3 | #include <tunables/gnunet> | ||
4 | |||
5 | profile @{GNUNET_PREFIX}/bin/gnunet-revocation { | ||
6 | #include <abstractions/base> | ||
7 | #include <abstractions/gnunet-common> | ||
8 | |||
9 | @{GNUNET_PREFIX}/bin/gnunet-revocation mr, | ||
10 | |||
11 | # Site-specific additions and overrides. See local/README for details. | ||
12 | #include <local/gnunet> | ||
13 | } | ||
diff --git a/contrib/apparmor/gnunet-scalarproduct b/contrib/apparmor/gnunet-scalarproduct new file mode 100644 index 000000000..acf564a8c --- /dev/null +++ b/contrib/apparmor/gnunet-scalarproduct | |||
@@ -0,0 +1,13 @@ | |||
1 | # Last Modified: Mon Aug 10 15:13:42 2015 | ||
2 | #include <tunables/global> | ||
3 | #include <tunables/gnunet> | ||
4 | |||
5 | profile @{GNUNET_PREFIX}/bin/gnunet-scalarproduct { | ||
6 | #include <abstractions/base> | ||
7 | #include <abstractions/gnunet-common> | ||
8 | |||
9 | @{GNUNET_PREFIX}/bin/gnunet-scalarproduct mr, | ||
10 | |||
11 | # Site-specific additions and overrides. See local/README for details. | ||
12 | #include <local/gnunet> | ||
13 | } | ||
diff --git a/contrib/apparmor/gnunet-scrypt b/contrib/apparmor/gnunet-scrypt new file mode 100644 index 000000000..a184bf0a3 --- /dev/null +++ b/contrib/apparmor/gnunet-scrypt | |||
@@ -0,0 +1,19 @@ | |||
1 | # Last Modified: Mon Aug 10 15:36:34 2015 | ||
2 | #include <tunables/global> | ||
3 | #include <tunables/gnunet> | ||
4 | |||
5 | profile @{GNUNET_PREFIX}/bin/gnunet-scrypt { | ||
6 | #include <abstractions/base> | ||
7 | #include <abstractions/gnunet-common> | ||
8 | |||
9 | @{HOME}/.local/share/gnunet/nse/proof.dat rw, | ||
10 | @{HOME}/.local/share/gnunet/private_key.ecc rk, | ||
11 | |||
12 | @{GNUNET_PREFIX}/bin/gnunet-scrypt mr, | ||
13 | |||
14 | @{GNUNET_USER}/.local/share/gnunet/nse/proof.dat rw, | ||
15 | @{GNUNET_USER}/.local/share/gnunet/private_key.ecc rk, | ||
16 | |||
17 | # Site-specific additions and overrides. See local/README for details. | ||
18 | #include <local/gnunet> | ||
19 | } | ||
diff --git a/contrib/apparmor/gnunet-search b/contrib/apparmor/gnunet-search new file mode 100644 index 000000000..b23f91e55 --- /dev/null +++ b/contrib/apparmor/gnunet-search | |||
@@ -0,0 +1,13 @@ | |||
1 | # Last Modified: Mon Aug 10 15:59:45 2015 | ||
2 | #include <tunables/global> | ||
3 | #include <tunables/gnunet> | ||
4 | |||
5 | profile @{GNUNET_PREFIX}/bin/gnunet-search { | ||
6 | #include <abstractions/base> | ||
7 | #include <abstractions/gnunet-common> | ||
8 | |||
9 | @{GNUNET_PREFIX}/bin/gnunet-search mr, | ||
10 | |||
11 | # Site-specific additions and overrides. See local/README for details. | ||
12 | #include <local/gnunet> | ||
13 | } | ||
diff --git a/contrib/apparmor/gnunet-service-arm b/contrib/apparmor/gnunet-service-arm index 5a4a78657..546e6332e 100644 --- a/contrib/apparmor/gnunet-service-arm +++ b/contrib/apparmor/gnunet-service-arm | |||
@@ -3,37 +3,16 @@ | |||
3 | #include <tunables/gnunet> | 3 | #include <tunables/gnunet> |
4 | 4 | ||
5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-arm { | 5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-arm { |
6 | #include <abstractions/base> | ||
6 | #include <abstractions/gnunet-common> | 7 | #include <abstractions/gnunet-common> |
7 | 8 | ||
8 | /dev/null ra, | ||
9 | |||
10 | /tmp/gnunet-*-runtime/ rw, | 9 | /tmp/gnunet-*-runtime/ rw, |
11 | /tmp/gnunet-*-runtime/gnunet-service-arm.sock rw, | 10 | # /tmp/gnunet-*-runtime/gnunet-service-arm.sock rw, |
12 | /tmp/gnunet-*-runtime/gnunet-service-gns.sock rw, | 11 | # /tmp/gnunet-*-runtime/gnunet-service-namestore.sock r, |
13 | /tmp/gnunet-*-runtime/gnunet-service-identity.unix rw, | 12 | # /tmp/gnunet-*-runtime/gnunet-service-identity.sock r, |
14 | /tmp/gnunet-*-runtime/gnunet-service-namestore.sock rw, | 13 | # /tmp/gnunet-*-runtime/gnunet-service-gns.sock r, |
15 | |||
16 | /tmp/gnunet-system-runtime/ rw, | ||
17 | /tmp/gnunet-system-runtime/gnunet-service-*.sock rw, | ||
18 | /tmp/gnunet-system-runtime/gnunet-service-nse.unix rw, | ||
19 | /tmp/gnunet-system-runtime/gnunet-service-revocation.unix rw, | ||
20 | |||
21 | /var/lib/gnunet/.local/share/gnunet/ r, | ||
22 | /var/lib/gnunet/.local/share/gnunet/revocation.dat r, | ||
23 | /var/lib/gnunet/.local/share/gnunet/peerstore/ a, | ||
24 | /var/lib/gnunet/.local/share/gnunet/peerstore/sqlite.db rwk, | ||
25 | /var/lib/gnunet/.local/share/gnunet/peerstore/sqlite.db-journal rw, | ||
26 | /var/lib/gnunet/.config/gnunet.conf r, | ||
27 | |||
28 | #Librairies | ||
29 | /usr/lib/ld-*.so r, | ||
30 | /usr/lib/libpthread-*.so mr, | ||
31 | 14 | ||
32 | /usr/lib/libsqlite3.so.* mr, | 15 | /tmp/gnunet-*-runtime/gnunet-service-*.sock rw, |
33 | |||
34 | /usr/lib/locale/locale-archive r, | ||
35 | |||
36 | /usr/share/locale/locale-alias r, | ||
37 | 16 | ||
38 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-arm mr, | 17 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-arm mr, |
39 | 18 | ||
@@ -41,7 +20,7 @@ profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-arm { | |||
41 | 20 | ||
42 | @{GNUNET_PREFIX}/lib/gnunet/libexec/ r, | 21 | @{GNUNET_PREFIX}/lib/gnunet/libexec/ r, |
43 | 22 | ||
44 | #Gnunet daemon | 23 | #GNUnet daemon |
45 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-daemon-exit Px, | 24 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-daemon-exit Px, |
46 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-daemon-hostlist Px, | 25 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-daemon-hostlist Px, |
47 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-daemon-latency-logger Px, | 26 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-daemon-latency-logger Px, |
@@ -55,54 +34,9 @@ profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-arm { | |||
55 | 34 | ||
56 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-namestore-fcfsd Px, | 35 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-namestore-fcfsd Px, |
57 | 36 | ||
58 | #Gnunet service | 37 | #GNUnet service |
59 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-ats Px, | 38 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-* Px, |
60 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-cadet Px, | 39 | |
61 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-core Px, | 40 | # Site-specific additions and overrides. See local/README for details. |
62 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-conversation Px, | 41 | #include <local/gnunet> |
63 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-datastore Px, | ||
64 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-dht Px, | ||
65 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-dns Px, | ||
66 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-fs Px, | ||
67 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-gns Px, | ||
68 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-identity Px, | ||
69 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-namecache Px, | ||
70 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-namestore Px, | ||
71 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-nse Px, | ||
72 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-peerinfo Px, | ||
73 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-peerstore Px, | ||
74 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-regex Px, | ||
75 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-resolver Px, | ||
76 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-revocation Px, | ||
77 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-set Px, | ||
78 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-scalarproduct-alice Px, | ||
79 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-scalarproduct-bob Px, | ||
80 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-statistics Px, | ||
81 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-template Px, | ||
82 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-testbed Px, | ||
83 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-testbed-logger Px, | ||
84 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-transport Px, | ||
85 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-vpn Px, | ||
86 | |||
87 | #Gnunet helper | ||
88 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-helper-dns r, | ||
89 | |||
90 | #Gnunet librairies | ||
91 | @{GNUNET_PREFIX}/lib/libgnunetats.so.* mr, | ||
92 | @{GNUNET_PREFIX}/lib/libgnunetcadet.so.* mr, | ||
93 | @{GNUNET_PREFIX}/lib/libgnunetdht.so.* mr, | ||
94 | @{GNUNET_PREFIX}/lib/libgnunetdnsstub.so.* mr, | ||
95 | @{GNUNET_PREFIX}/lib/libgnunetgnsrecord.so.* r, | ||
96 | @{GNUNET_PREFIX}/lib/libgnunethello.so.* mr, | ||
97 | @{GNUNET_PREFIX}/lib/libgnunetnamecache.so.* r, | ||
98 | @{GNUNET_PREFIX}/lib/libgnunetpeerstore.so.* mr, | ||
99 | @{GNUNET_PREFIX}/lib/libgnunetregex.so.* mr, | ||
100 | @{GNUNET_PREFIX}/lib/libgnunetset.so.* mr, | ||
101 | @{GNUNET_PREFIX}/lib/libgnunetstatistics.so.* mr, | ||
102 | @{GNUNET_PREFIX}/lib/libgnunettransport.so.* mr, | ||
103 | @{GNUNET_PREFIX}/lib/libgnunettun.so.* mr, | ||
104 | |||
105 | #Gnunet plugin | ||
106 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_peerstore_sqlite.la r, | ||
107 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_peerstore_sqlite.so mr, | ||
108 | } | 42 | } |
diff --git a/contrib/apparmor/gnunet-service-ats b/contrib/apparmor/gnunet-service-ats index 53e849517..8e6b35295 100644 --- a/contrib/apparmor/gnunet-service-ats +++ b/contrib/apparmor/gnunet-service-ats | |||
@@ -3,18 +3,16 @@ | |||
3 | #include <tunables/gnunet> | 3 | #include <tunables/gnunet> |
4 | 4 | ||
5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-ats { | 5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-ats { |
6 | #include <abstractions/base> | ||
6 | #include <abstractions/gnunet-common> | 7 | #include <abstractions/gnunet-common> |
7 | 8 | ||
8 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-ats mr, | 9 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-ats mr, |
9 | 10 | ||
10 | #Gnunet librairies | ||
11 | @{GNUNET_PREFIX}/lib/libgnunethello.so.* mr, | ||
12 | @{GNUNET_PREFIX}/lib/libgnunetstatistics.so.* mr, | ||
13 | @{GNUNET_PREFIX}/lib/libgnunetats.so.* mr, | ||
14 | |||
15 | #Gnunet plugin | 11 | #Gnunet plugin |
16 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_ats_proportional.la r, | 12 | # @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_ats_proportional.la r, |
17 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_ats_proportional.so mr, | 13 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_ats_proportional.so mr, |
14 | |||
15 | # Site-specific additions and overrides. See local/README for details. | ||
16 | #include <local/gnunet> | ||
18 | 17 | ||
19 | /usr/lib/ld-*.so r, | ||
20 | } | 18 | } |
diff --git a/contrib/apparmor/gnunet-service-cadet b/contrib/apparmor/gnunet-service-cadet index 07def08ad..056ce49fa 100644 --- a/contrib/apparmor/gnunet-service-cadet +++ b/contrib/apparmor/gnunet-service-cadet | |||
@@ -3,24 +3,15 @@ | |||
3 | #include <tunables/gnunet> | 3 | #include <tunables/gnunet> |
4 | 4 | ||
5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-cadet { | 5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-cadet { |
6 | #include <abstractions/base> | ||
6 | #include <abstractions/gnunet-common> | 7 | #include <abstractions/gnunet-common> |
7 | 8 | ||
8 | #Librairies | 9 | /tmp/gnunet-system-runtime/gnunet-service-cadet.sock rw, |
9 | /usr/lib/ld-*.so r, | ||
10 | /usr/lib/libpthread-*.so mr, | ||
11 | /usr/lib/librt-*.so mr, | ||
12 | 10 | ||
13 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-cadet mr, | 11 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-cadet mr, |
14 | 12 | ||
15 | #Gnunet librairies | 13 | @{GNUNET_USER}/.local/share/gnunet/private_key.ecc rk, |
16 | @{GNUNET_PREFIX}/lib/libgnunetats.so.* mr, | 14 | |
17 | @{GNUNET_PREFIX}/lib/libgnunetblock.so.* mr, | 15 | # Site-specific additions and overrides. See local/README for details. |
18 | @{GNUNET_PREFIX}/lib/libgnunetcore.so.* mr, | 16 | #include <local/gnunet> |
19 | @{GNUNET_PREFIX}/lib/libgnunetdht.so.* mr, | ||
20 | @{GNUNET_PREFIX}/lib/libgnunethello.so.* mr, | ||
21 | @{GNUNET_PREFIX}/lib/libgnunetpeerinfo.so.* mr, | ||
22 | @{GNUNET_PREFIX}/lib/libgnunetstatistics.so.* mr, | ||
23 | @{GNUNET_PREFIX}/lib/libgnunettransport.so.* mr, | ||
24 | |||
25 | /var/lib/gnunet/.local/share/gnunet/private_key.ecc rk, | ||
26 | } | 17 | } |
diff --git a/contrib/apparmor/gnunet-service-conversation b/contrib/apparmor/gnunet-service-conversation index 781c239f9..740332768 100644 --- a/contrib/apparmor/gnunet-service-conversation +++ b/contrib/apparmor/gnunet-service-conversation | |||
@@ -3,25 +3,17 @@ | |||
3 | #include <tunables/gnunet> | 3 | #include <tunables/gnunet> |
4 | 4 | ||
5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-conversation { | 5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-conversation { |
6 | #include <abstractions/base> | ||
6 | #include <abstractions/gnunet-common> | 7 | #include <abstractions/gnunet-common> |
7 | 8 | ||
8 | #Librairies | ||
9 | /usr/lib/ld-*.so r, | ||
10 | /usr/lib/libidn.so.* mr, | ||
11 | |||
12 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-conversation mr, | 9 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-conversation mr, |
13 | 10 | ||
14 | #Gnunet librairies | 11 | #GNUnet helper |
15 | @{GNUNET_PREFIX}/lib/libgnunetcadet.so.* mr, | 12 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-helper-audio-playback Px, |
16 | @{GNUNET_PREFIX}/lib/libgnunetconversation.so.* mr, | 13 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-helper-audio-record Px, |
17 | @{GNUNET_PREFIX}/lib/libgnunetdnsparser.so.* mr, | ||
18 | @{GNUNET_PREFIX}/lib/libgnunetgns.so.* mr, | ||
19 | @{GNUNET_PREFIX}/lib/libgnunetgnsrecord.so.* mr, | ||
20 | @{GNUNET_PREFIX}/lib/libgnunetidentity.so.* mr, | ||
21 | @{GNUNET_PREFIX}/lib/libgnunetmicrophone.so.* mr, | ||
22 | @{GNUNET_PREFIX}/lib/libgnunetnamestore.so.* mr, | ||
23 | @{GNUNET_PREFIX}/lib/libgnunetspeaker.so.* mr, | ||
24 | @{GNUNET_PREFIX}/lib/libgnunetstatistics.so.* mr, | ||
25 | 14 | ||
26 | /var/lib/gnunet/.local/share/gnunet/private_key.ecc rk, | 15 | @{GNUNET_USER}/.local/share/gnunet/private_key.ecc rk, |
16 | |||
17 | # Site-specific additions and overrides. See local/README for details. | ||
18 | #include <local/gnunet> | ||
27 | } | 19 | } |
diff --git a/contrib/apparmor/gnunet-service-core b/contrib/apparmor/gnunet-service-core index 24fdd641c..4d9b28353 100644 --- a/contrib/apparmor/gnunet-service-core +++ b/contrib/apparmor/gnunet-service-core | |||
@@ -1,20 +1,15 @@ | |||
1 | # Last Modified: Thu Jul 9 10:16:30 2015 | 1 | # Last Modified: Thu Jul 9 10:16:30 2015 |
2 | |||
3 | #include <tunables/global> | 2 | #include <tunables/global> |
4 | #include <tunables/gnunet> | 3 | #include <tunables/gnunet> |
5 | 4 | ||
6 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-core { | 5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-core { |
6 | #include <abstractions/base> | ||
7 | #include <abstractions/gnunet-common> | 7 | #include <abstractions/gnunet-common> |
8 | 8 | ||
9 | /var/lib/gnunet/.local/share/gnunet/private_key.ecc rk, | 9 | @{GNUNET_USER}/.local/share/gnunet/private_key.ecc rk, |
10 | |||
11 | /usr/lib/ld-*.so r, | ||
12 | 10 | ||
13 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-core mr, | 11 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-core mr, |
14 | 12 | ||
15 | #Gnunet librairies | 13 | # Site-specific additions and overrides. See local/README for details. |
16 | @{GNUNET_PREFIX}/lib/libgnunetats.so.* mr, | 14 | #include <local/gnunet> |
17 | @{GNUNET_PREFIX}/lib/libgnunethello.so.* mr, | ||
18 | @{GNUNET_PREFIX}/lib/libgnunetstatistics.so.* mr, | ||
19 | @{GNUNET_PREFIX}/lib/libgnunettransport.so.* mr, | ||
20 | } | 15 | } |
diff --git a/contrib/apparmor/gnunet-service-datastore b/contrib/apparmor/gnunet-service-datastore index 363946910..32efa4c52 100644 --- a/contrib/apparmor/gnunet-service-datastore +++ b/contrib/apparmor/gnunet-service-datastore | |||
@@ -1,27 +1,22 @@ | |||
1 | # Last Modified: Thu Jul 9 10:16:30 2015 | 1 | # Last Modified: Thu Jul 9 10:16:30 2015 |
2 | |||
3 | #include <tunables/global> | 2 | #include <tunables/global> |
4 | #include <tunables/gnunet> | 3 | #include <tunables/gnunet> |
5 | 4 | ||
6 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-datastore { | 5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-datastore { |
6 | #include <abstractions/base> | ||
7 | #include <abstractions/gnunet-common> | 7 | #include <abstractions/gnunet-common> |
8 | #include <abstractions/gnunet-db> | ||
8 | 9 | ||
9 | /var/lib/gnunet/.local/share/gnunet/datastore/bloomfilter.sqlite rw, | 10 | @{GNUNET_USER}/.local/share/gnunet/datastore/bloomfilter.sqlite rw, |
10 | /var/lib/gnunet/.local/share/gnunet/datastore/sqlite.db rwk, | 11 | @{GNUNET_USER}/.local/share/gnunet/datastore/sqlite.db rwk, |
11 | /var/lib/gnunet/.local/share/gnunet/datastore/sqlite.db-journal rw, | 12 | @{GNUNET_USER}/.local/share/gnunet/datastore/sqlite.db-journal rw, |
12 | |||
13 | #Librairies | ||
14 | /usr/lib/ld-*.so r, | ||
15 | /usr/lib/libpthread-*.so mr, | ||
16 | /usr/lib/libsqlite3.so.* mr, | ||
17 | 13 | ||
18 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-datastore mr, | 14 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-datastore mr, |
19 | 15 | ||
20 | #Gnunet plugin | 16 | #Gnunet plugin |
21 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_datastore_sqlite.la r, | 17 | # @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_datastore_sqlite.la r, |
22 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_datastore_sqlite.so mr, | 18 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_datastore_sqlite.so mr, |
23 | 19 | ||
24 | #Gnunet Librairies | 20 | # Site-specific additions and overrides. See local/README for details. |
25 | @{GNUNET_PREFIX}/lib/libgnunetstatistics.so.* mr, | 21 | #include <local/gnunet> |
26 | @{GNUNET_PREFIX}/lib/libgnunetutil.so.* mr, | ||
27 | } | 22 | } |
diff --git a/contrib/apparmor/gnunet-service-dht b/contrib/apparmor/gnunet-service-dht index 67c45beb8..1d0922441 100644 --- a/contrib/apparmor/gnunet-service-dht +++ b/contrib/apparmor/gnunet-service-dht | |||
@@ -3,55 +3,34 @@ | |||
3 | #include <tunables/gnunet> | 3 | #include <tunables/gnunet> |
4 | 4 | ||
5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-dht { | 5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-dht { |
6 | #include <abstractions/base> | ||
6 | #include <abstractions/gnunet-common> | 7 | #include <abstractions/gnunet-common> |
7 | 8 | ||
8 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-dht mr, | 9 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-dht mr, |
9 | 10 | ||
10 | #Gnunet librairies | ||
11 | @{GNUNET_PREFIX}/lib/libgnunetstatistics.so.* mr, | ||
12 | @{GNUNET_PREFIX}/lib/libgnunetcore.so.* mr, | ||
13 | @{GNUNET_PREFIX}/lib/libgnunetnse.so.* mr, | ||
14 | @{GNUNET_PREFIX}/lib/libgnunetats.so.* mr, | ||
15 | @{GNUNET_PREFIX}/lib/libgnunettransport.so.* mr, | ||
16 | @{GNUNET_PREFIX}/lib/libgnunetpeerinfo.so.* mr, | ||
17 | @{GNUNET_PREFIX}/lib/libgnunethello.so.* mr, | ||
18 | @{GNUNET_PREFIX}/lib/libgnunetblock.so.* mr, | ||
19 | @{GNUNET_PREFIX}/lib/libgnunetdatacache.so.* mr, | ||
20 | @{GNUNET_PREFIX}/lib/libgnunetfs.so.* mr, | ||
21 | @{GNUNET_PREFIX}/lib/libgnunetdatastore.so.* mr, | ||
22 | @{GNUNET_PREFIX}/lib/libgnunetregexblock.so.* mr, | ||
23 | @{GNUNET_PREFIX}/lib/libgnunetgnsrecord.so.* mr, | ||
24 | @{GNUNET_PREFIX}/lib/libgnunetdnsparser.so.* mr, | ||
25 | |||
26 | #Gnunet plugin | 11 | #Gnunet plugin |
27 | @{GNUNET_PREFIX}/lib/gnunet/ r, | 12 | @{GNUNET_PREFIX}/lib/gnunet/ r, |
28 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_block_template.la r, | 13 | # @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_block_template.la r, |
29 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_block_template.so mr, | 14 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_block_template.so mr, |
30 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_block_dns.la r, | 15 | # @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_block_dns.la r, |
31 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_block_dns.so mr, | 16 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_block_dns.so mr, |
32 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_block_fs.la r, | 17 | # @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_block_fs.la r, |
33 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_block_fs.so mr, | 18 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_block_fs.so mr, |
34 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_block_regex.la r, | 19 | # @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_block_regex.la r, |
35 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_block_regex.so mr, | 20 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_block_regex.so mr, |
36 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_block_dht.la r, | 21 | # @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_block_dht.la r, |
37 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_block_dht.so mr, | ||
38 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_block_dht.so mr, | 22 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_block_dht.so mr, |
39 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_block_test.la r, | 23 | # @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_block_test.la r, |
40 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_block_test.so mr, | 24 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_block_test.so mr, |
41 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_block_gns.la r, | 25 | # @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_block_gns.la r, |
42 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_block_gns.so mr, | 26 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_block_gns.so mr, |
43 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_datacache_heap.la r, | 27 | # @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_datacache_heap.la r, |
44 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_datacache_heap.so mr, | 28 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_datacache_heap.so mr, |
45 | 29 | ||
46 | #Librairies | ||
47 | /usr/lib/ld-*.so r, | ||
48 | /usr/lib/libextractor.so.* mr, | ||
49 | /usr/lib/libbz2.so.* mr, | ||
50 | /usr/lib/librt-*.so mr, | ||
51 | /usr/lib/libpthread-*.so mr, | ||
52 | /usr/lib/libidn.so.* mr, | ||
53 | |||
54 | /tmp/gnunet-system-runtime/gnunet-service-dht.sock w, | 30 | /tmp/gnunet-system-runtime/gnunet-service-dht.sock w, |
55 | 31 | ||
56 | /tmp/gnunet-datacachebloom* rw, | 32 | /tmp/gnunet-datacachebloom* rw, |
33 | |||
34 | # Site-specific additions and overrides. See local/README for details. | ||
35 | #include <local/gnunet> | ||
57 | } | 36 | } |
diff --git a/contrib/apparmor/gnunet-service-dns b/contrib/apparmor/gnunet-service-dns index ba8a31ce1..394b97eb1 100644 --- a/contrib/apparmor/gnunet-service-dns +++ b/contrib/apparmor/gnunet-service-dns | |||
@@ -3,12 +3,13 @@ | |||
3 | #include <tunables/gnunet> | 3 | #include <tunables/gnunet> |
4 | 4 | ||
5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-dns { | 5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-dns { |
6 | #include <abstractions/gnunet-common> | 6 | #include <abstractions/gnunet-sgid> |
7 | 7 | ||
8 | capability setgid, | 8 | capability setgid, |
9 | 9 | ||
10 | /usr/lib/ld-*.so r, | 10 | /usr/lib/ld-*.so r, |
11 | 11 | ||
12 | #GNUnet helper | ||
12 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-helper-dns Px, | 13 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-helper-dns Px, |
13 | 14 | ||
14 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-dns mr, | 15 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-dns mr, |
@@ -17,4 +18,7 @@ profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-dns { | |||
17 | @{GNUNET_PREFIX}/lib/libgnunetdnsstub.so.* mr, | 18 | @{GNUNET_PREFIX}/lib/libgnunetdnsstub.so.* mr, |
18 | @{GNUNET_PREFIX}/lib/libgnunetstatistics.so.* mr, | 19 | @{GNUNET_PREFIX}/lib/libgnunetstatistics.so.* mr, |
19 | @{GNUNET_PREFIX}/lib/libgnunettun.so.* mr, | 20 | @{GNUNET_PREFIX}/lib/libgnunettun.so.* mr, |
21 | |||
22 | # Site-specific additions and overrides. See local/README for details. | ||
23 | #include <local/gnunet-sgid> | ||
20 | } | 24 | } |
diff --git a/contrib/apparmor/gnunet-service-fs b/contrib/apparmor/gnunet-service-fs index 59a74f502..70de39c2e 100644 --- a/contrib/apparmor/gnunet-service-fs +++ b/contrib/apparmor/gnunet-service-fs | |||
@@ -4,56 +4,34 @@ | |||
4 | #include <tunables/gnunet> | 4 | #include <tunables/gnunet> |
5 | 5 | ||
6 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-fs { | 6 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-fs { |
7 | #include <abstractions/base> | ||
7 | #include <abstractions/gnunet-common> | 8 | #include <abstractions/gnunet-common> |
8 | 9 | ||
9 | /etc/gnunet.conf r, | ||
10 | @{HOME}/.config/gnunet.conf r, | ||
11 | |||
12 | /tmp/gnunet-system-runtime/gnunet-service-fs.sock w, | 10 | /tmp/gnunet-system-runtime/gnunet-service-fs.sock w, |
13 | 11 | ||
14 | /var/lib/gnunet/.local/share/gnunet/private_key.ecc rk, | 12 | @{GNUNET_USER}/.local/share/gnunet/private_key.ecc rk, |
15 | 13 | ||
16 | owner @{HOME}/.local/share/gnunet/fs/idxinfo.lst r, | 14 | owner @{HOME}/.local/share/gnunet/fs/idxinfo.lst r, |
17 | 15 | ||
18 | #Librairies | ||
19 | /usr/lib/ld-*.so r, | ||
20 | /usr/lib/libbz2.so.* mr, | ||
21 | /usr/lib/libextractor.so.* mr, | ||
22 | /usr/lib/libidn.so.* mr, | ||
23 | /usr/lib/libpthread-*.so mr, | ||
24 | /usr/lib/librt-*.so mr, | ||
25 | |||
26 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-fs mr, | 16 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-fs mr, |
27 | 17 | ||
28 | #Gnunet plugin | 18 | #Gnunet plugin |
29 | @{GNUNET_PREFIX}/lib/gnunet/ r, | 19 | @{GNUNET_PREFIX}/lib/gnunet/ r, |
30 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_block_dht.la r, | 20 | # @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_block_dht.la r, |
31 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_block_dht.so mr, | 21 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_block_dht.so mr, |
32 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_block_dns.la r, | 22 | # @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_block_dns.la r, |
33 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_block_dns.so mr, | 23 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_block_dns.so mr, |
34 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_block_fs.la r, | 24 | # @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_block_fs.la r, |
35 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_block_fs.so mr, | 25 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_block_fs.so mr, |
36 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_block_gns.la r, | 26 | # @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_block_gns.la r, |
37 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_block_gns.so mr, | 27 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_block_gns.so mr, |
38 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_block_regex.la r, | 28 | # @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_block_regex.la r, |
39 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_block_regex.so mr, | 29 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_block_regex.so mr, |
40 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_block_template.la r, | 30 | # @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_block_template.la r, |
41 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_block_template.so mr, | 31 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_block_template.so mr, |
42 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_block_test.la r, | 32 | # @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_block_test.la r, |
43 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_block_test.so mr, | 33 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_block_test.so mr, |
44 | 34 | ||
45 | #Gnunet librairies | 35 | # Site-specific additions and overrides. See local/README for details. |
46 | @{GNUNET_PREFIX}/lib/libgnunetats.so.* mr, | 36 | #include <local/gnunet> |
47 | @{GNUNET_PREFIX}/lib/libgnunetblock.so.* mr, | ||
48 | @{GNUNET_PREFIX}/lib/libgnunetcadet.so.* mr, | ||
49 | @{GNUNET_PREFIX}/lib/libgnunetcore.so.* mr, | ||
50 | @{GNUNET_PREFIX}/lib/libgnunetdatastore.so.* mr, | ||
51 | @{GNUNET_PREFIX}/lib/libgnunetdht.so.* mr, | ||
52 | @{GNUNET_PREFIX}/lib/libgnunetdnsparser.so.* mr, | ||
53 | @{GNUNET_PREFIX}/lib/libgnunetfs.so.* mr, | ||
54 | @{GNUNET_PREFIX}/lib/libgnunetgnsrecord.so.* mr, | ||
55 | @{GNUNET_PREFIX}/lib/libgnunethello.so.* mr, | ||
56 | @{GNUNET_PREFIX}/lib/libgnunetpeerstore.so.* mr, | ||
57 | @{GNUNET_PREFIX}/lib/libgnunetregexblock.so.* mr, | ||
58 | @{GNUNET_PREFIX}/lib/libgnunetstatistics.so.* mr, | ||
59 | } | 37 | } |
diff --git a/contrib/apparmor/gnunet-service-gns b/contrib/apparmor/gnunet-service-gns index b271eecba..25184e50d 100644 --- a/contrib/apparmor/gnunet-service-gns +++ b/contrib/apparmor/gnunet-service-gns | |||
@@ -4,27 +4,15 @@ | |||
4 | #include <tunables/gnunet> | 4 | #include <tunables/gnunet> |
5 | 5 | ||
6 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-gns { | 6 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-gns { |
7 | #include <abstractions/base> | ||
7 | #include <abstractions/gnunet-common> | 8 | #include <abstractions/gnunet-common> |
8 | 9 | ||
9 | @{HOME}/.config/gnunet.conf r, | 10 | /tmp/gnunet-*-runtime/gnunet-service-gns.sock rw, |
10 | 11 | ||
11 | #Librairies | 12 | @{HOME}/.config/gnunet.conf r, |
12 | /usr/lib/ld-2.21.so r, | ||
13 | /usr/lib/libidn.so.* mr, | ||
14 | 13 | ||
15 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-gns mr, | 14 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-gns mr, |
16 | 15 | ||
17 | #Gnunet librairies | 16 | # Site-specific additions and overrides. See local/README for details. |
18 | @{GNUNET_PREFIX}/lib/libgnunetdht.so.* mr, | 17 | #include <local/gnunet> |
19 | @{GNUNET_PREFIX}/lib/libgnunetdns.so.* mr, | ||
20 | @{GNUNET_PREFIX}/lib/libgnunetdnsparser.so.* mr, | ||
21 | @{GNUNET_PREFIX}/lib/libgnunetdnsstub.so.* mr, | ||
22 | @{GNUNET_PREFIX}/lib/libgnunetgnsrecord.so.* mr, | ||
23 | @{GNUNET_PREFIX}/lib/libgnunetidentity.so.* mr, | ||
24 | @{GNUNET_PREFIX}/lib/libgnunetnamecache.so.* mr, | ||
25 | @{GNUNET_PREFIX}/lib/libgnunetnamestore.so.* mr, | ||
26 | @{GNUNET_PREFIX}/lib/libgnunetrevocation.so.* mr, | ||
27 | @{GNUNET_PREFIX}/lib/libgnunetstatistics.so.* mr, | ||
28 | @{GNUNET_PREFIX}/lib/libgnunettun.so.* mr, | ||
29 | @{GNUNET_PREFIX}/lib/libgnunetvpn.so.* mr, | ||
30 | } | 18 | } |
diff --git a/contrib/apparmor/gnunet-service-identity b/contrib/apparmor/gnunet-service-identity index 8cf0f99b6..3e0a6bb60 100644 --- a/contrib/apparmor/gnunet-service-identity +++ b/contrib/apparmor/gnunet-service-identity | |||
@@ -3,17 +3,15 @@ | |||
3 | #include <tunables/gnunet> | 3 | #include <tunables/gnunet> |
4 | 4 | ||
5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-identity { | 5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-identity { |
6 | #include <abstractions/base> | ||
6 | #include <abstractions/gnunet-common> | 7 | #include <abstractions/gnunet-common> |
7 | 8 | ||
8 | /tmp/gnunet-*-runtime/ a, | 9 | /tmp/gnunet-*-runtime/ a, |
9 | 10 | ||
10 | /usr/lib/ld-*.so r, | 11 | @{GNUNET_USER}/.local/share/gnunet/identity/ a, |
11 | 12 | @{GNUNET_USER}/.local/share/gnunet/identity/egos/ ra, | |
12 | /var/lib/gnunet/.local/share/gnunet/identity/ a, | ||
13 | /var/lib/gnunet/.local/share/gnunet/identity/egos/ ra, | ||
14 | 13 | ||
15 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-identity mr, | 14 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-identity mr, |
16 | @{GNUNET_PREFIX}/lib/libgnunetstatistics.so.* mr, | ||
17 | 15 | ||
18 | @{HOME}/.config/gnunet/identity/subsystem_defaults.conf rw, | 16 | @{HOME}/.config/gnunet/identity/subsystem_defaults.conf rw, |
19 | 17 | ||
@@ -22,4 +20,7 @@ profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-identity { | |||
22 | @{HOME}/.local/share/gnunet/identity/egos/private-zone rk, | 20 | @{HOME}/.local/share/gnunet/identity/egos/private-zone rk, |
23 | @{HOME}/.local/share/gnunet/identity/egos/short-zone rk, | 21 | @{HOME}/.local/share/gnunet/identity/egos/short-zone rk, |
24 | @{HOME}/.local/share/gnunet/identity/egos/sks-zone rk, | 22 | @{HOME}/.local/share/gnunet/identity/egos/sks-zone rk, |
23 | |||
24 | # Site-specific additions and overrides. See local/README for details. | ||
25 | #include <local/gnunet> | ||
25 | } | 26 | } |
diff --git a/contrib/apparmor/gnunet-service-mesh b/contrib/apparmor/gnunet-service-mesh new file mode 100644 index 000000000..6b7944110 --- /dev/null +++ b/contrib/apparmor/gnunet-service-mesh | |||
@@ -0,0 +1,19 @@ | |||
1 | # Last Modified: Fri Jul 3 17:37:56 2015 | ||
2 | #include <tunables/global> | ||
3 | #include <tunables/gnunet> | ||
4 | |||
5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-mesh { | ||
6 | #include <abstractions/base> | ||
7 | #include <abstractions/gnunet-common> | ||
8 | |||
9 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-mesh mr, | ||
10 | |||
11 | @{HOME}/.local/share/gnunet/private_key.ecc rk, | ||
12 | |||
13 | /tmp/gnunet-system-runtime/gnunet-service-mesh.sock w, | ||
14 | |||
15 | @{GNUNET_USER}/.local/share/gnunet/private_key.ecc rwk, | ||
16 | |||
17 | # Site-specific additions and overrides. See local/README for details. | ||
18 | #include <local/gnunet> | ||
19 | } | ||
diff --git a/contrib/apparmor/gnunet-service-namecache b/contrib/apparmor/gnunet-service-namecache index 8b5f21103..ddf6ab57e 100644 --- a/contrib/apparmor/gnunet-service-namecache +++ b/contrib/apparmor/gnunet-service-namecache | |||
@@ -3,28 +3,21 @@ | |||
3 | #include <tunables/gnunet> | 3 | #include <tunables/gnunet> |
4 | 4 | ||
5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-namecache { | 5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-namecache { |
6 | #include <abstractions/base> | ||
6 | #include <abstractions/gnunet-common> | 7 | #include <abstractions/gnunet-common> |
8 | #include <abstractions/gnunet-db> | ||
7 | 9 | ||
8 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-namecache mr, | 10 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-namecache mr, |
9 | 11 | ||
10 | #Gnunet librairies | ||
11 | @{GNUNET_PREFIX}/lib/libgnunetdnsparser.so.* mr, | ||
12 | @{GNUNET_PREFIX}/lib/libgnunetnamecache.so.* mr, | ||
13 | @{GNUNET_PREFIX}/lib/libgnunetstatistics.so.* mr, | ||
14 | @{GNUNET_PREFIX}/lib/libgnunetgnsrecord.so.* mr, | ||
15 | |||
16 | #Gnunet plugin | 12 | #Gnunet plugin |
17 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_namecache_sqlite.la r, | 13 | # @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_namecache_sqlite.la r, |
18 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_namecache_sqlite.so mr, | 14 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_namecache_sqlite.so mr, |
19 | 15 | ||
20 | /var/lib/gnunet/.local/share/gnunet/namecache/ r, | 16 | @{GNUNET_USER}/.local/share/gnunet/namecache/ r, |
21 | /var/lib/gnunet/.local/share/gnunet/namecache/sqlite.db rwk, | 17 | @{GNUNET_USER}/.local/share/gnunet/namecache/sqlite.db rwk, |
22 | /var/lib/gnunet/.local/share/gnunet/namecache/sqlite.db-journal rw, | 18 | @{GNUNET_USER}/.local/share/gnunet/namecache/sqlite.db-journal rw, |
23 | 19 | ||
24 | #Librairies | 20 | # Site-specific additions and overrides. See local/README for details. |
25 | /usr/lib/libpthread-*.so mr, | 21 | #include <local/gnunet> |
26 | /usr/lib/libsqlite3.so.* mr, | ||
27 | /usr/lib/libidn.so.* mr, | ||
28 | /usr/lib/ld-*.so r, | ||
29 | } | 22 | } |
30 | 23 | ||
diff --git a/contrib/apparmor/gnunet-service-namestore b/contrib/apparmor/gnunet-service-namestore index 68b94e6aa..0ee993ea0 100644 --- a/contrib/apparmor/gnunet-service-namestore +++ b/contrib/apparmor/gnunet-service-namestore | |||
@@ -3,34 +3,18 @@ | |||
3 | #include <tunables/gnunet> | 3 | #include <tunables/gnunet> |
4 | 4 | ||
5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-namestore { | 5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-namestore { |
6 | #include <abstractions/base> | ||
6 | #include <abstractions/gnunet-common> | 7 | #include <abstractions/gnunet-common> |
8 | #include <abstractions/gnunet-db> | ||
7 | 9 | ||
8 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-namestore mr, | 10 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-namestore mr, |
9 | 11 | ||
10 | #Gnunet librairies | ||
11 | @{GNUNET_PREFIX}/lib/libgnunetnamecache.so.* mr, | ||
12 | @{GNUNET_PREFIX}/lib/libgnunetgnsrecord.so.* mr, | ||
13 | @{GNUNET_PREFIX}/lib/libgnunetstatistics.so.* mr, | ||
14 | @{GNUNET_PREFIX}/lib/libgnunetnamestore.so.* mr, | ||
15 | @{GNUNET_PREFIX}/lib/libgnunetdnsparser.so.* mr, | ||
16 | |||
17 | #Gnunet plugin | 12 | #Gnunet plugin |
18 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_namestore_sqlite.la r, | 13 | # @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_namestore_sqlite.la r, |
19 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_namestore_sqlite.so mr, | 14 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_namestore_sqlite.so mr, |
20 | 15 | ||
21 | #Librairies | ||
22 | /usr/lib/libidn.so.* mr, | ||
23 | /usr/lib/ld-*.so r, | ||
24 | /usr/lib/libsqlite3.so.* mr, | ||
25 | /usr/lib/libpthread-*.so mr, | ||
26 | |||
27 | /var/lib/gnunet/.local/share/gnunet/namestore/ ra, | ||
28 | /var/lib/gnunet/.local/share/gnunet/namestore/sqlite.db rwk, | ||
29 | /var/lib/gnunet/.local/share/gnunet/namestore/sqlite.db-journal rw, | ||
30 | |||
31 | @{HOME}/.local/share/gnunet/namestore/ r, | ||
32 | @{HOME}/.local/share/gnunet/namestore/sqlite.db rwk, | ||
33 | @{HOME}/.local/share/gnunet/namestore/sqlite.db-journal rw, | ||
34 | |||
35 | /tmp/gnunet-*-runtime/ a, | 16 | /tmp/gnunet-*-runtime/ a, |
17 | |||
18 | # Site-specific additions and overrides. See local/README for details. | ||
19 | #include <local/gnunet> | ||
36 | } | 20 | } |
diff --git a/contrib/apparmor/gnunet-service-nse b/contrib/apparmor/gnunet-service-nse index a3f7f2a12..6b6ecf757 100644 --- a/contrib/apparmor/gnunet-service-nse +++ b/contrib/apparmor/gnunet-service-nse | |||
@@ -3,22 +3,19 @@ | |||
3 | #include <tunables/gnunet> | 3 | #include <tunables/gnunet> |
4 | 4 | ||
5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-nse { | 5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-nse { |
6 | #include <abstractions/base> | ||
6 | #include <abstractions/gnunet-common> | 7 | #include <abstractions/gnunet-common> |
7 | 8 | ||
8 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-nse mr, | 9 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-nse mr, |
9 | 10 | ||
10 | #Gnunet librairies | 11 | /tmp/gnunet-system-runtime/gnunet-service-nse.sock rw, |
11 | @{GNUNET_PREFIX}/lib/libgnunetnse.so.* mr, | ||
12 | @{GNUNET_PREFIX}/lib/libgnunetcore.so.* mr, | ||
13 | @{GNUNET_PREFIX}/lib/libgnunetstatistics.so.* mr, | ||
14 | |||
15 | /usr/lib/ld-*.so mr, | ||
16 | |||
17 | /tmp/gnunet-system-runtime/gnunet-service-nse.unix w, | ||
18 | 12 | ||
19 | @{HOME}/.local/share/gnunet/private_key.ecc rk, | 13 | @{HOME}/.local/share/gnunet/private_key.ecc rk, |
20 | owner @{HOME}/.local/share/gnunet/nse/proof.dat rw, | 14 | owner @{HOME}/.local/share/gnunet/nse/proof.dat rw, |
21 | 15 | ||
22 | /var/lib/gnunet/.local/share/gnunet/private_key.ecc rwk, | 16 | @{GNUNET_USER}/.local/share/gnunet/private_key.ecc rwk, |
23 | /var/lib/gnunet/.local/share/gnunet/nse/proof.dat rw, | 17 | @{GNUNET_USER}/.local/share/gnunet/nse/proof.dat rw, |
18 | |||
19 | # Site-specific additions and overrides. See local/README for details. | ||
20 | #include <local/gnunet> | ||
24 | } | 21 | } |
diff --git a/contrib/apparmor/gnunet-service-peerinfo b/contrib/apparmor/gnunet-service-peerinfo index 1ce4a85f8..4da70eb53 100644 --- a/contrib/apparmor/gnunet-service-peerinfo +++ b/contrib/apparmor/gnunet-service-peerinfo | |||
@@ -1,21 +1,20 @@ | |||
1 | # Last Modified: Wed Jul 8 17:03:17 2015 | 1 | # Last Modified: Wed Jul 8 17:03:17 2015 |
2 | |||
3 | #include <tunables/global> | 2 | #include <tunables/global> |
4 | #include <tunables/gnunet> | 3 | #include <tunables/gnunet> |
5 | 4 | ||
6 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-peerinfo { | 5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-peerinfo { |
6 | #include <abstractions/base> | ||
7 | #include <abstractions/gnunet-common> | 7 | #include <abstractions/gnunet-common> |
8 | 8 | ||
9 | @{GNUNET_PREFIX}/share/gnunet/hellos/ r, | 9 | @{GNUNET_PREFIX}/share/gnunet/hellos/ r, |
10 | @{GNUNET_PREFIX}/share/gnunet/hellos/* r, | 10 | @{GNUNET_PREFIX}/share/gnunet/hellos/* r, |
11 | 11 | ||
12 | /var/lib/gnunet/.local/share/gnunet/peerinfo/hosts/ r, | 12 | @{GNUNET_USER}/.local/share/gnunet/peerinfo/hosts/ r, |
13 | /var/lib/gnunet/.local/share/gnunet/peerinfo/hosts/* rw, | 13 | @{GNUNET_USER}/.local/share/gnunet/peerinfo/hosts/* rw, |
14 | 14 | ||
15 | /usr/lib/ld-*.so r, | ||
16 | 15 | ||
17 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-peerinfo mr, | 16 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-peerinfo mr, |
18 | 17 | ||
19 | @{GNUNET_PREFIX}/lib/libgnunethello.so.* mr, | 18 | # Site-specific additions and overrides. See local/README for details. |
20 | @{GNUNET_PREFIX}/lib/libgnunetstatistics.so.* mr, | 19 | #include <local/gnunet> |
21 | } | 20 | } |
diff --git a/contrib/apparmor/gnunet-service-peerstore b/contrib/apparmor/gnunet-service-peerstore index 536e4ee0f..cbab2395e 100644 --- a/contrib/apparmor/gnunet-service-peerstore +++ b/contrib/apparmor/gnunet-service-peerstore | |||
@@ -3,22 +3,19 @@ | |||
3 | #include <tunables/gnunet> | 3 | #include <tunables/gnunet> |
4 | 4 | ||
5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-peerstore { | 5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-peerstore { |
6 | #include <abstractions/base> | ||
6 | #include <abstractions/gnunet-common> | 7 | #include <abstractions/gnunet-common> |
7 | 8 | #include <abstractions/gnunet-db> | |
8 | #Librairies | ||
9 | /usr/lib/ld-*.so r, | ||
10 | /usr/lib/libpthread-*.so mr, | ||
11 | /usr/lib/libsqlite3.so.* mr, | ||
12 | 9 | ||
13 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-peerstore mr, | 10 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-peerstore mr, |
14 | 11 | ||
15 | #Gnunet Plugin | 12 | #Gnunet Plugin |
16 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_peerstore_sqlite.la r, | 13 | # @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_peerstore_sqlite.la r, |
17 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_peerstore_sqlite.so mr, | 14 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_peerstore_sqlite.so mr, |
18 | 15 | ||
19 | #Gnunet librairies | 16 | @{GNUNET_USER}/.local/share/gnunet/peerstore/sqlite.db rwk, |
20 | @{GNUNET_PREFIX}/lib/libgnunetpeerstore.so.* mr, | 17 | @{GNUNET_USER}/.local/share/gnunet/peerstore/sqlite.db-journal rw, |
21 | 18 | ||
22 | /var/lib/gnunet/.local/share/gnunet/peerstore/sqlite.db rwk, | 19 | # Site-specific additions and overrides. See local/README for details. |
23 | /var/lib/gnunet/.local/share/gnunet/peerstore/sqlite.db-journal rw, | 20 | #include <local/gnunet> |
24 | } | 21 | } |
diff --git a/contrib/apparmor/gnunet-service-regex b/contrib/apparmor/gnunet-service-regex index 358675dc0..ba7a4f3a5 100644 --- a/contrib/apparmor/gnunet-service-regex +++ b/contrib/apparmor/gnunet-service-regex | |||
@@ -3,16 +3,13 @@ | |||
3 | #include <tunables/gnunet> | 3 | #include <tunables/gnunet> |
4 | 4 | ||
5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-regex { | 5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-regex { |
6 | #include <abstractions/base> | ||
6 | #include <abstractions/gnunet-common> | 7 | #include <abstractions/gnunet-common> |
7 | 8 | ||
8 | /usr/lib/ld-*.so r, | ||
9 | |||
10 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-regex mr, | 9 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-regex mr, |
11 | 10 | ||
12 | #Gnunet librairies | 11 | @{GNUNET_USER}/.local/share/gnunet/private_key.ecc rk, |
13 | @{GNUNET_PREFIX}/lib/libgnunetdht.so.* mr, | 12 | |
14 | @{GNUNET_PREFIX}/lib/libgnunetregexblock.so.* mr, | 13 | # Site-specific additions and overrides. See local/README for details. |
15 | @{GNUNET_PREFIX}/lib/libgnunetstatistics.so.* mr, | 14 | #include <local/gnunet> |
16 | |||
17 | /var/lib/gnunet/.local/share/gnunet/private_key.ecc rk, | ||
18 | } | 15 | } |
diff --git a/contrib/apparmor/gnunet-service-resolver b/contrib/apparmor/gnunet-service-resolver index 6c5e3eb60..9e2002575 100644 --- a/contrib/apparmor/gnunet-service-resolver +++ b/contrib/apparmor/gnunet-service-resolver | |||
@@ -3,31 +3,18 @@ | |||
3 | #include <tunables/gnunet> | 3 | #include <tunables/gnunet> |
4 | 4 | ||
5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-resolver { | 5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-resolver { |
6 | #include <abstractions/base> | ||
6 | #include <abstractions/gnunet-common> | 7 | #include <abstractions/gnunet-common> |
7 | 8 | ||
8 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-resolver mr, | 9 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-resolver mr, |
9 | 10 | ||
10 | #Librairies | ||
11 | /usr/lib/ld-*.so r, | ||
12 | /usr/lib/libnss_files-*.so mr, | ||
13 | /usr/lib/libnss_gns.so.* mr, | ||
14 | /usr/lib/libnss_dns-*.so mr, | ||
15 | /usr/lib/libresolv-*.so mr, | ||
16 | /usr/lib/libnss_myhostname.so.* mr, | ||
17 | /usr/lib/librt-*.so mr, | ||
18 | /usr/lib/liblzma.so.* mr, | ||
19 | /usr/lib/liblz4.so.* mr, | ||
20 | /usr/lib/libacl.so.* mr, | ||
21 | /usr/lib/libidn.so.* mr, | ||
22 | /usr/lib/libseccomp.so.* mr, | ||
23 | /usr/lib/libcap.so.* mr, | ||
24 | /usr/lib/libpthread-*.so mr, | ||
25 | /usr/lib/libattr.so.* mr, | ||
26 | |||
27 | /etc/nsswitch.conf r, | 11 | /etc/nsswitch.conf r, |
28 | /etc/resolv.conf r, | 12 | /etc/resolv.conf r, |
29 | /etc/host.conf r, | 13 | /etc/host.conf r, |
30 | /etc/hosts r, | 14 | /etc/hosts r, |
31 | 15 | ||
32 | /tmp/gnunet-system-runtime/gnunet-service-resolver.sock w, | 16 | /tmp/gnunet-system-runtime/gnunet-service-resolver.sock w, |
17 | |||
18 | # Site-specific additions and overrides. See local/README for details. | ||
19 | #include <local/gnunet> | ||
33 | } | 20 | } |
diff --git a/contrib/apparmor/gnunet-service-revocation b/contrib/apparmor/gnunet-service-revocation index 6e6412820..cd3c59f03 100644 --- a/contrib/apparmor/gnunet-service-revocation +++ b/contrib/apparmor/gnunet-service-revocation | |||
@@ -1,27 +1,19 @@ | |||
1 | # Last Modified: Thu Jul 9 10:16:30 2015 | 1 | # Last Modified: Thu Jul 9 10:16:30 2015 |
2 | |||
3 | #include <tunables/global> | 2 | #include <tunables/global> |
4 | #include <tunables/gnunet> | 3 | #include <tunables/gnunet> |
5 | 4 | ||
6 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-revocation { | 5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-revocation { |
6 | #include <abstractions/base> | ||
7 | #include <abstractions/gnunet-common> | 7 | #include <abstractions/gnunet-common> |
8 | 8 | ||
9 | /etc/gnunet.conf r, | 9 | /tmp/gnunet-system-runtime/gnunet-service-revocation.sock rw, |
10 | @{HOME}/.config/gnunet.conf r, | ||
11 | |||
12 | /tmp/gnunet-system-runtime/gnunet-service-revocation.unix w, | ||
13 | 10 | ||
14 | /var/lib/gnunet/.local/share/gnunet/revocation.dat rw, | 11 | @{GNUNET_USER}/.local/share/gnunet/revocation.dat rw, |
15 | 12 | ||
16 | @{HOME}/.local/share/gnunet/revocation.dat rw, | 13 | @{HOME}/.local/share/gnunet/revocation.dat rw, |
17 | 14 | ||
18 | /usr/lib/ld-*.so r, | ||
19 | |||
20 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-revocation mr, | 15 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-revocation mr, |
21 | 16 | ||
22 | #Gnunet librairies | 17 | # Site-specific additions and overrides. See local/README for details. |
23 | @{GNUNET_PREFIX}/lib/libgnunetcore.so.* mr, | 18 | #include <local/gnunet> |
24 | @{GNUNET_PREFIX}/lib/libgnunetrevocation.so.* mr, | ||
25 | @{GNUNET_PREFIX}/lib/libgnunetset.so.* mr, | ||
26 | @{GNUNET_PREFIX}/lib/libgnunetstatistics.so.* mr, | ||
27 | } | 19 | } |
diff --git a/contrib/apparmor/gnunet-service-scalarproduct-alice b/contrib/apparmor/gnunet-service-scalarproduct-alice index 7a7ba77d5..8801ca824 100644 --- a/contrib/apparmor/gnunet-service-scalarproduct-alice +++ b/contrib/apparmor/gnunet-service-scalarproduct-alice | |||
@@ -3,11 +3,11 @@ | |||
3 | #include <tunables/gnunet> | 3 | #include <tunables/gnunet> |
4 | 4 | ||
5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-scalarproduct-alice { | 5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-scalarproduct-alice { |
6 | #include <abstractions/base> | ||
6 | #include <abstractions/gnunet-common> | 7 | #include <abstractions/gnunet-common> |
7 | 8 | ||
8 | /usr/lib/ld-*.so r, | ||
9 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-scalarproduct-alice mr, | 9 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-scalarproduct-alice mr, |
10 | @{GNUNET_PREFIX}/lib/libgnunetcadet.so.* mr, | 10 | |
11 | @{GNUNET_PREFIX}/lib/libgnunetset.so.* mr, | 11 | # Site-specific additions and overrides. See local/README for details. |
12 | 12 | #include <local/gnunet> | |
13 | } | 13 | } |
diff --git a/contrib/apparmor/gnunet-service-scalarproduct-bob b/contrib/apparmor/gnunet-service-scalarproduct-bob index a7faae9d0..72a7e7f84 100644 --- a/contrib/apparmor/gnunet-service-scalarproduct-bob +++ b/contrib/apparmor/gnunet-service-scalarproduct-bob | |||
@@ -3,12 +3,11 @@ | |||
3 | #include <tunables/gnunet> | 3 | #include <tunables/gnunet> |
4 | 4 | ||
5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-scalarproduct-bob { | 5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-scalarproduct-bob { |
6 | #include <abstractions/base> | ||
6 | #include <abstractions/gnunet-common> | 7 | #include <abstractions/gnunet-common> |
7 | 8 | ||
8 | /usr/lib/ld-*.so r, | ||
9 | |||
10 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-scalarproduct-bob mr, | 9 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-scalarproduct-bob mr, |
11 | 10 | ||
12 | @{GNUNET_PREFIX}/lib/libgnunetcadet.so.* mr, | 11 | # Site-specific additions and overrides. See local/README for details. |
13 | @{GNUNET_PREFIX}/lib/libgnunetset.so.* mr, | 12 | #include <local/gnunet> |
14 | } | 13 | } |
diff --git a/contrib/apparmor/gnunet-service-set b/contrib/apparmor/gnunet-service-set index 4aa0253d8..000884cd6 100644 --- a/contrib/apparmor/gnunet-service-set +++ b/contrib/apparmor/gnunet-service-set | |||
@@ -3,15 +3,11 @@ | |||
3 | #include <tunables/gnunet> | 3 | #include <tunables/gnunet> |
4 | 4 | ||
5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-set { | 5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-set { |
6 | #include <abstractions/base> | ||
6 | #include <abstractions/gnunet-common> | 7 | #include <abstractions/gnunet-common> |
7 | 8 | ||
8 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-set mr, | 9 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-set mr, |
9 | 10 | ||
10 | #Gnunet librairies | 11 | # Site-specific additions and overrides. See local/README for details. |
11 | @{GNUNET_PREFIX}/lib/libgnunetcadet.so.* mr, | 12 | #include <local/gnunet> |
12 | @{GNUNET_PREFIX}/lib/libgnunetcore.so.* mr, | ||
13 | @{GNUNET_PREFIX}/lib/libgnunetblock.so.* mr, | ||
14 | |||
15 | #Librairies | ||
16 | /usr/lib/ld-*.so r, | ||
17 | } | 13 | } |
diff --git a/contrib/apparmor/gnunet-service-statistics b/contrib/apparmor/gnunet-service-statistics index e26e30edc..e5a8df7c4 100644 --- a/contrib/apparmor/gnunet-service-statistics +++ b/contrib/apparmor/gnunet-service-statistics | |||
@@ -1,16 +1,15 @@ | |||
1 | # Last Modified: Thu Jul 9 10:16:30 2015 | 1 | # Last Modified: Thu Jul 9 10:16:30 2015 |
2 | |||
3 | #include <tunables/global> | 2 | #include <tunables/global> |
4 | #include <tunables/gnunet> | 3 | #include <tunables/gnunet> |
5 | 4 | ||
6 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-statistics { | 5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-statistics { |
6 | #include <abstractions/base> | ||
7 | #include <abstractions/gnunet-common> | 7 | #include <abstractions/gnunet-common> |
8 | 8 | ||
9 | /var/lib/gnunet/.local/share/gnunet/statistics.dat rw, | 9 | @{GNUNET_USER}/.local/share/gnunet/statistics.dat rw, |
10 | |||
11 | /usr/lib/ld-*.so r, | ||
12 | 10 | ||
13 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-statistics mr, | 11 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-statistics mr, |
14 | 12 | ||
15 | @{GNUNET_PREFIX}/lib/libgnunetstatistics.so.* mr, | 13 | # Site-specific additions and overrides. See local/README for details. |
14 | #include <local/gnunet> | ||
16 | } | 15 | } |
diff --git a/contrib/apparmor/gnunet-service-template b/contrib/apparmor/gnunet-service-template index 824183e78..4b442239f 100644 --- a/contrib/apparmor/gnunet-service-template +++ b/contrib/apparmor/gnunet-service-template | |||
@@ -3,14 +3,14 @@ | |||
3 | #include <tunables/gnunet> | 3 | #include <tunables/gnunet> |
4 | 4 | ||
5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-template { | 5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-template { |
6 | #include <abstractions/base> | ||
6 | #include <abstractions/gnunet-common> | 7 | #include <abstractions/gnunet-common> |
7 | 8 | ||
8 | /tmp/gnunet-system-runtime/ w, | 9 | /tmp/gnunet-system-runtime/ w, |
9 | /tmp/gnunet-system-runtime/gnunet-service-template.sock w, | 10 | /tmp/gnunet-system-runtime/gnunet-service-template.sock w, |
10 | 11 | ||
11 | #Librairies | ||
12 | /usr/lib/ld-*.so r, | ||
13 | |||
14 | #Gnunet Librairies | ||
15 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-template mr, | 12 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-template mr, |
13 | |||
14 | # Site-specific additions and overrides. See local/README for details. | ||
15 | #include <local/gnunet> | ||
16 | } | 16 | } |
diff --git a/contrib/apparmor/gnunet-service-testbed b/contrib/apparmor/gnunet-service-testbed index 06e8f36ea..24f5c4525 100644 --- a/contrib/apparmor/gnunet-service-testbed +++ b/contrib/apparmor/gnunet-service-testbed | |||
@@ -2,8 +2,10 @@ | |||
2 | #include <tunables/global> | 2 | #include <tunables/global> |
3 | #include <tunables/gnunet> | 3 | #include <tunables/gnunet> |
4 | 4 | ||
5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-testbed flags=(complain) { | 5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-testbed { |
6 | #include <abstractions/base> | ||
6 | #include <abstractions/gnunet-common> | 7 | #include <abstractions/gnunet-common> |
8 | #include <abstractions/gnunet-test> | ||
7 | 9 | ||
8 | /etc/gai.conf r, | 10 | /etc/gai.conf r, |
9 | 11 | ||
@@ -11,26 +13,17 @@ profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-testbed flags=(compla | |||
11 | /tmp/gnunet-system-runtime/gnunet-service-testbed-barrier.sock w, | 13 | /tmp/gnunet-system-runtime/gnunet-service-testbed-barrier.sock w, |
12 | /tmp/gnunet-system-runtime/gnunet-service-testbed.sock w, | 14 | /tmp/gnunet-system-runtime/gnunet-service-testbed.sock w, |
13 | 15 | ||
14 | /usr/lib/ld-*.so r, | ||
15 | |||
16 | /dev/null r, | ||
17 | |||
18 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-* r, | 16 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-* r, |
19 | 17 | ||
20 | @{GNUNET_PREFIX}/lib/gnunet/libexec/ r, | 18 | @{GNUNET_PREFIX}/lib/gnunet/libexec/ r, |
21 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-arm Px, | 19 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-arm Px, |
22 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-testbed mr, | 20 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-testbed mr, |
23 | 21 | ||
24 | #Gnunet librairies | ||
25 | @{GNUNET_PREFIX}/lib/libgnunetarm.so.* mr, | ||
26 | @{GNUNET_PREFIX}/lib/libgnunetats.so.* mr, | ||
27 | @{GNUNET_PREFIX}/lib/libgnunetcore.so.* mr, | ||
28 | @{GNUNET_PREFIX}/lib/libgnunethello.so.* mr, | ||
29 | @{GNUNET_PREFIX}/lib/libgnunetstatistics.so.* mr, | ||
30 | @{GNUNET_PREFIX}/lib/libgnunettestbed.so.* mr, | ||
31 | @{GNUNET_PREFIX}/lib/libgnunettesting.so.* mr, | ||
32 | @{GNUNET_PREFIX}/lib/libgnunettransport.so.* mr, | ||
33 | |||
34 | @{GNUNET_PREFIX}/share/gnunet/testing_hostkeys.ecc r, | 22 | @{GNUNET_PREFIX}/share/gnunet/testing_hostkeys.ecc r, |
35 | 23 | ||
24 | #GNUnet helper | ||
25 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-helper-testbed Px, | ||
26 | |||
27 | # Site-specific additions and overrides. See local/README for details. | ||
28 | #include <local/gnunet> | ||
36 | } | 29 | } |
diff --git a/contrib/apparmor/gnunet-service-testbed-logger b/contrib/apparmor/gnunet-service-testbed-logger index 5bd6a77d3..0baefb466 100644 --- a/contrib/apparmor/gnunet-service-testbed-logger +++ b/contrib/apparmor/gnunet-service-testbed-logger | |||
@@ -3,6 +3,7 @@ | |||
3 | #include <tunables/gnunet> | 3 | #include <tunables/gnunet> |
4 | 4 | ||
5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-testbed-logger { | 5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-testbed-logger { |
6 | #include <abstractions/base> | ||
6 | #include <abstractions/gnunet-common> | 7 | #include <abstractions/gnunet-common> |
7 | 8 | ||
8 | #??? | 9 | #??? |
@@ -11,7 +12,8 @@ profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-testbed-logger { | |||
11 | /tmp/gnunet-system-runtime/ w, | 12 | /tmp/gnunet-system-runtime/ w, |
12 | /tmp/gnunet-system-runtime/gnunet-gnunet-testbed-logger.sock w, | 13 | /tmp/gnunet-system-runtime/gnunet-gnunet-testbed-logger.sock w, |
13 | 14 | ||
14 | /usr/lib/ld-*.so r, | ||
15 | |||
16 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-testbed-logger mr, | 15 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-testbed-logger mr, |
16 | |||
17 | # Site-specific additions and overrides. See local/README for details. | ||
18 | #include <local/gnunet> | ||
17 | } | 19 | } |
diff --git a/contrib/apparmor/gnunet-service-transport b/contrib/apparmor/gnunet-service-transport index 52985cf1b..ab724c153 100644 --- a/contrib/apparmor/gnunet-service-transport +++ b/contrib/apparmor/gnunet-service-transport | |||
@@ -1,29 +1,21 @@ | |||
1 | # Last Modified: Thu Jul 9 10:16:30 2015 | 1 | # Last Modified: Thu Jul 9 10:16:30 2015 |
2 | |||
3 | #include <tunables/global> | 2 | #include <tunables/global> |
4 | #include <tunables/gnunet> | 3 | #include <tunables/gnunet> |
5 | 4 | ||
6 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-transport { | 5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-transport { |
6 | #include <abstractions/base> | ||
7 | #include <abstractions/gnunet-common> | 7 | #include <abstractions/gnunet-common> |
8 | 8 | ||
9 | /var/lib/gnunet/.local/share/gnunet/private_key.ecc rk, | 9 | @{GNUNET_USER}/.local/share/gnunet/private_key.ecc rk, |
10 | |||
11 | /usr/lib/ld-*.so r, | ||
12 | 10 | ||
13 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-transport mr, | 11 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-transport mr, |
14 | 12 | ||
15 | #Gnunet plugin | 13 | #Gnunet plugin |
16 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_transport_tcp.la r, | 14 | # @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_transport_tcp.la r, |
17 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_transport_tcp.so mr, | 15 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_transport_tcp.so mr, |
18 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_transport_udp.la r, | 16 | # @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_transport_udp.la r, |
19 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_transport_udp.so mr, | 17 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_transport_udp.so mr, |
20 | 18 | ||
21 | #Gnunet librairies | 19 | # Site-specific additions and overrides. See local/README for details. |
22 | @{GNUNET_PREFIX}/lib/libgnunetats.so.* mr, | 20 | #include <local/gnunet> |
23 | @{GNUNET_PREFIX}/lib/libgnunetfragmentation.so.* mr, | ||
24 | @{GNUNET_PREFIX}/lib/libgnunethello.so.* mr, | ||
25 | @{GNUNET_PREFIX}/lib/libgnunetnat.so.* mr, | ||
26 | @{GNUNET_PREFIX}/lib/libgnunetpeerinfo.so.* mr, | ||
27 | @{GNUNET_PREFIX}/lib/libgnunetstatistics.so.* mr, | ||
28 | @{GNUNET_PREFIX}/lib/libgnunettransport.so.* mr, | ||
29 | } | 21 | } |
diff --git a/contrib/apparmor/gnunet-service-vpn b/contrib/apparmor/gnunet-service-vpn index 2d3438bf6..d17925f1b 100644 --- a/contrib/apparmor/gnunet-service-vpn +++ b/contrib/apparmor/gnunet-service-vpn | |||
@@ -3,25 +3,15 @@ | |||
3 | #include <tunables/gnunet> | 3 | #include <tunables/gnunet> |
4 | 4 | ||
5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-vpn { | 5 | profile @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-vpn { |
6 | #include <abstractions/base> | ||
6 | #include <abstractions/gnunet-common> | 7 | #include <abstractions/gnunet-common> |
7 | |||
8 | #Capability | ||
9 | capability setuid, | ||
10 | capability net_admin, | ||
11 | 8 | ||
12 | /dev/net/tun rw, | ||
13 | 9 | ||
14 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-vpn mr, | 10 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-vpn mr, |
15 | 11 | ||
16 | #Librairies | ||
17 | /usr/lib/ld-*.so r, | ||
18 | |||
19 | #Gnunet helper | 12 | #Gnunet helper |
20 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-helper-vpn Px, | 13 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-helper-vpn Px, |
21 | 14 | ||
22 | #Gnunet librairies | 15 | # Site-specific additions and overrides. See local/README for details. |
23 | @{GNUNET_PREFIX}/lib/libgnunetcadet.so.* mr, | 16 | #include <local/gnunet> |
24 | @{GNUNET_PREFIX}/lib/libgnunetregex.so.* mr, | ||
25 | @{GNUNET_PREFIX}/lib/libgnunetstatistics.so.* mr, | ||
26 | @{GNUNET_PREFIX}/lib/libgnunettun.so.* mr, | ||
27 | } | 17 | } |
diff --git a/contrib/apparmor/gnunet-set-ibf-profiler b/contrib/apparmor/gnunet-set-ibf-profiler new file mode 100644 index 000000000..71fa98649 --- /dev/null +++ b/contrib/apparmor/gnunet-set-ibf-profiler | |||
@@ -0,0 +1,13 @@ | |||
1 | # Last Modified: Mon Aug 10 18:15:38 2015 | ||
2 | #include <tunables/global> | ||
3 | #include <tunables/gnunet> | ||
4 | |||
5 | profile @{GNUNET_PREFIX}/bin/gnunet-set-ibf-profiler { | ||
6 | #include <abstractions/base> | ||
7 | #include <abstractions/gnunet-common> | ||
8 | |||
9 | @{GNUNET_PREFIX}/bin/gnunet-set-ibf-profiler mr, | ||
10 | |||
11 | # Site-specific additions and overrides. See local/README for details. | ||
12 | #include <local/gnunet> | ||
13 | } | ||
diff --git a/contrib/apparmor/gnunet-set-profiler b/contrib/apparmor/gnunet-set-profiler new file mode 100644 index 000000000..f72c4a226 --- /dev/null +++ b/contrib/apparmor/gnunet-set-profiler | |||
@@ -0,0 +1,14 @@ | |||
1 | # Last Modified: Mon Aug 10 18:17:19 2015 | ||
2 | #include <tunables/global> | ||
3 | #include <tunables/gnunet> | ||
4 | |||
5 | profile @{GNUNET_PREFIX}/bin/gnunet-set-profiler { | ||
6 | #include <abstractions/base> | ||
7 | #include <abstractions/gnunet-common> | ||
8 | |||
9 | @{HOME}/.local/share/gnunet/private_key.ecc rk, | ||
10 | @{GNUNET_PREFIX}/bin/gnunet-set-profiler mr, | ||
11 | |||
12 | # Site-specific additions and overrides. See local/README for details. | ||
13 | #include <local/gnunet> | ||
14 | } | ||
diff --git a/contrib/apparmor/gnunet-setup b/contrib/apparmor/gnunet-setup new file mode 100644 index 000000000..9243dd75e --- /dev/null +++ b/contrib/apparmor/gnunet-setup | |||
@@ -0,0 +1,57 @@ | |||
1 | # Last Modified: Tue Aug 11 16:25:03 2015 | ||
2 | #include <tunables/global> | ||
3 | #include <tunables/gnunet> | ||
4 | |||
5 | profile @{GNUNET_PREFIX}/bin/gnunet-setup { | ||
6 | #include <abstractions/gnome> | ||
7 | #include <abstractions/gnunet-gtk> | ||
8 | #include <abstractions/kde> | ||
9 | |||
10 | /etc/nsswitch.conf r, | ||
11 | /etc/passwd r, | ||
12 | @{PROC}/@{pid}/fd/ r, | ||
13 | |||
14 | /usr/bin/exo-open rix, | ||
15 | |||
16 | @{GNUNET_PREFIX}/bin/gnunet-peerinfo-gtk Px, | ||
17 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-daemon-hostlist Px, | ||
18 | |||
19 | @{GNUNET_PREFIX}/bin/gnunet-setup mr, | ||
20 | |||
21 | @{GNUNET_PREFIX}/share/gnunet-gtk/*.png r, | ||
22 | @{GNUNET_PREFIX}/share/gnunet-gtk/gnunet_setup_main_window.glade r, | ||
23 | |||
24 | @{HOME}/.config/gtk-*/bookmarks r, | ||
25 | |||
26 | #GNUnet plugin | ||
27 | # @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_datacache_heap.la r, | ||
28 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_datacache_heap.so mr, | ||
29 | # @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_datacache_sqlite.la r, | ||
30 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_datacache_sqlite.so mr, | ||
31 | # @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_datastore_mysql.la r, | ||
32 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_datastore_mysql.so mr, | ||
33 | # @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_datastore_sqlite.la r, | ||
34 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_datastore_sqlite.so mr, | ||
35 | # @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_namestore_sqlite.la r, | ||
36 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_namestore_sqlite.so mr, | ||
37 | # @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_transport_http_client.la r, | ||
38 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_transport_http_client.so mr, | ||
39 | # @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_transport_http_server.la r, | ||
40 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_transport_http_server.so mr, | ||
41 | # @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_transport_https_client.la r, | ||
42 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_transport_https_client.so mr, | ||
43 | # @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_transport_https_server.la r, | ||
44 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_transport_https_server.so mr, | ||
45 | # @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_transport_tcp.la r, | ||
46 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_transport_tcp.so mr, | ||
47 | # @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_transport_udp.la r, | ||
48 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_transport_udp.so mr, | ||
49 | # @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_transport_wlan.la r, | ||
50 | @{GNUNET_PREFIX}/lib/gnunet/libgnunet_plugin_transport_wlan.so mr, | ||
51 | |||
52 | /usr/share/glib-*/schemas/gschemas.compiled r, | ||
53 | /usr/share/gtk-*/gtkrc r, | ||
54 | |||
55 | # Site-specific additions and overrides. See local/README for details. | ||
56 | #include <local/gnunet> | ||
57 | } | ||
diff --git a/contrib/apparmor/gnunet-statistics b/contrib/apparmor/gnunet-statistics new file mode 100644 index 000000000..d9538e35b --- /dev/null +++ b/contrib/apparmor/gnunet-statistics | |||
@@ -0,0 +1,13 @@ | |||
1 | # Last Modified: Mon Aug 10 16:15:07 2015 | ||
2 | #include <tunables/global> | ||
3 | #include <tunables/gnunet> | ||
4 | |||
5 | profile @{GNUNET_PREFIX}/bin/gnunet-statistics { | ||
6 | #include <abstractions/base> | ||
7 | #include <abstractions/gnunet-common> | ||
8 | |||
9 | @{GNUNET_PREFIX}/bin/gnunet-statistics mr, | ||
10 | |||
11 | # Site-specific additions and overrides. See local/README for details. | ||
12 | #include <local/gnunet> | ||
13 | } | ||
diff --git a/contrib/apparmor/gnunet-statistics-gtk b/contrib/apparmor/gnunet-statistics-gtk new file mode 100644 index 000000000..2e13b8ada --- /dev/null +++ b/contrib/apparmor/gnunet-statistics-gtk | |||
@@ -0,0 +1,16 @@ | |||
1 | # Last Modified: Wed Aug 5 11:25:27 2015 | ||
2 | #include <tunables/global> | ||
3 | #include <tunables/gnunet> | ||
4 | |||
5 | profile @{GNUNET_PREFIX}/bin/gnunet-statistics-gtk { | ||
6 | #include <abstractions/kde> | ||
7 | #include <abstractions/gnome> | ||
8 | #include <abstractions/gnunet-gtk> | ||
9 | |||
10 | @{GNUNET_PREFIX}/bin/gnunet-statistics-gtk mr, | ||
11 | |||
12 | @{GNUNET_PREFIX}/share/gnunet-gtk/gnunet_statistics_gtk_main_window.glade r, | ||
13 | |||
14 | # Site-specific additions and overrides. See local/README for details. | ||
15 | #include <local/gnunet> | ||
16 | } | ||
diff --git a/contrib/apparmor/gnunet-template b/contrib/apparmor/gnunet-template new file mode 100644 index 000000000..844dc22ae --- /dev/null +++ b/contrib/apparmor/gnunet-template | |||
@@ -0,0 +1,13 @@ | |||
1 | # Last Modified: Mon Aug 10 16:22:33 2015 | ||
2 | #include <tunables/global> | ||
3 | #include <tunables/gnunet> | ||
4 | |||
5 | profile @{GNUNET_PREFIX}/bin/gnunet-template { | ||
6 | #include <abstractions/base> | ||
7 | #include <abstractions/gnunet-common> | ||
8 | |||
9 | @{GNUNET_PREFIX}/bin/gnunet-template mr, | ||
10 | |||
11 | # Site-specific additions and overrides. See local/README for details. | ||
12 | #include <local/gnunet> | ||
13 | } | ||
diff --git a/contrib/apparmor/gnunet-testbed-profiler b/contrib/apparmor/gnunet-testbed-profiler new file mode 100644 index 000000000..0f8d79ad9 --- /dev/null +++ b/contrib/apparmor/gnunet-testbed-profiler | |||
@@ -0,0 +1,13 @@ | |||
1 | # Last Modified: Mon Aug 10 16:38:17 2015 | ||
2 | #include <tunables/global> | ||
3 | #include <tunables/gnunet> | ||
4 | |||
5 | profile @{GNUNET_PREFIX}/bin/gnunet-testbed-profiler { | ||
6 | #include <abstractions/base> | ||
7 | #include <abstractions/gnunet-common> | ||
8 | |||
9 | @{GNUNET_PREFIX}/bin/gnunet-testbed-profiler mr, | ||
10 | |||
11 | # Site-specific additions and overrides. See local/README for details. | ||
12 | #include <local/gnunet> | ||
13 | } | ||
diff --git a/contrib/apparmor/gnunet-testing b/contrib/apparmor/gnunet-testing new file mode 100644 index 000000000..a0cac673d --- /dev/null +++ b/contrib/apparmor/gnunet-testing | |||
@@ -0,0 +1,20 @@ | |||
1 | # Last Modified: Mon Aug 10 16:54:53 2015 | ||
2 | #include <tunables/global> | ||
3 | #include <tunables/gnunet> | ||
4 | |||
5 | profile @{GNUNET_PREFIX}/bin/gnunet-testing { | ||
6 | #include <abstractions/base> | ||
7 | #include <abstractions/gnunet-common> | ||
8 | #include <abstractions/gnunet-test> | ||
9 | |||
10 | /etc/gai.conf r, | ||
11 | |||
12 | @{GNUNET_PREFIX}/bin/gnunet-testing mr, | ||
13 | |||
14 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-* Px, | ||
15 | |||
16 | @{GNUNET_PREFIX}/share/gnunet/testing_hostkeys.ecc r, | ||
17 | |||
18 | # Site-specific additions and overrides. See local/README for details. | ||
19 | #include <local/gnunet> | ||
20 | } | ||
diff --git a/contrib/apparmor/gnunet-transport b/contrib/apparmor/gnunet-transport new file mode 100644 index 000000000..70b0cd228 --- /dev/null +++ b/contrib/apparmor/gnunet-transport | |||
@@ -0,0 +1,15 @@ | |||
1 | # Last Modified: Mon Aug 10 17:17:40 2015 | ||
2 | #include <tunables/global> | ||
3 | #include <tunables/gnunet> | ||
4 | |||
5 | profile @{GNUNET_PREFIX}/bin/gnunet-transport { | ||
6 | #include <abstractions/base> | ||
7 | #include <abstractions/gnunet-common> | ||
8 | |||
9 | @{GNUNET_PREFIX}/bin/gnunet-transport mr, | ||
10 | |||
11 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-service-resolver Px, | ||
12 | |||
13 | # Site-specific additions and overrides. See local/README for details. | ||
14 | #include <local/gnunet> | ||
15 | } | ||
diff --git a/contrib/apparmor/gnunet-transport-certificate-creation b/contrib/apparmor/gnunet-transport-certificate-creation new file mode 100644 index 000000000..fa65305d7 --- /dev/null +++ b/contrib/apparmor/gnunet-transport-certificate-creation | |||
@@ -0,0 +1,26 @@ | |||
1 | # Last Modified: Mon Aug 10 17:31:32 2015 | ||
2 | #include <tunables/global> | ||
3 | #include <tunables/gnunet> | ||
4 | |||
5 | profile @{GNUNET_PREFIX}/bin/gnunet-transport-certificate-creation { | ||
6 | #include <abstractions/base> | ||
7 | #include <abstractions/openssl> | ||
8 | #include <abstractions/gnunet-common> | ||
9 | |||
10 | @{HOME}/.rnd rw, | ||
11 | |||
12 | @{PROC}/meminfo r, | ||
13 | |||
14 | /usr/bin/openssl rix, | ||
15 | |||
16 | @{GNUNET_PREFIX}/bin/gnunet-transport-certificate-creation mr, | ||
17 | |||
18 | #Access to arg privatekey and certificate ? | ||
19 | @{HOME}/ rw, | ||
20 | @{HOME}/** rw, | ||
21 | deny @{HOME}/.*/ rw, | ||
22 | deny @{HOME}/.*/** rw, | ||
23 | |||
24 | # Site-specific additions and overrides. See local/README for details. | ||
25 | #include <local/gnunet> | ||
26 | } | ||
diff --git a/contrib/apparmor/gnunet-unindex b/contrib/apparmor/gnunet-unindex new file mode 100644 index 000000000..e94a33152 --- /dev/null +++ b/contrib/apparmor/gnunet-unindex | |||
@@ -0,0 +1,21 @@ | |||
1 | # Last Modified: Mon Aug 10 17:40:53 2015 | ||
2 | #include <tunables/global> | ||
3 | #include <tunables/gnunet> | ||
4 | |||
5 | profile @{GNUNET_PREFIX}/bin/gnunet-unindex { | ||
6 | #include <abstractions/base> | ||
7 | #include <abstractions/gnunet-common> | ||
8 | |||
9 | @{GNUNET_PREFIX}/bin/gnunet-unindex mr, | ||
10 | |||
11 | @{GNUNET_PREFIX}/lib/gnunet/libexec/gnunet-helper-fs-publish Px, | ||
12 | |||
13 | #Path to files to unindex ? | ||
14 | @{HOME}/ rw, | ||
15 | @{HOME}/** rw, | ||
16 | deny @{HOME}/.*/ rw, | ||
17 | deny @{HOME}/.*/** rw, | ||
18 | |||
19 | # Site-specific additions and overrides. See local/README for details. | ||
20 | #include <local/gnunet> | ||
21 | } | ||
diff --git a/contrib/apparmor/gnunet-uri b/contrib/apparmor/gnunet-uri new file mode 100644 index 000000000..d314fbad5 --- /dev/null +++ b/contrib/apparmor/gnunet-uri | |||
@@ -0,0 +1,16 @@ | |||
1 | # Last Modified: Mon Aug 10 18:04:08 2015 | ||
2 | #include <tunables/global> | ||
3 | #include <tunables/gnunet> | ||
4 | |||
5 | profile @{GNUNET_PREFIX}/bin/gnunet-uri { | ||
6 | #include <abstractions/base> | ||
7 | #include <abstractions/gnunet-common> | ||
8 | |||
9 | #More needed | ||
10 | @{GNUNET_PREFIX}/bin/gnunet-fs-gtk Px, | ||
11 | |||
12 | @{GNUNET_PREFIX}/bin/gnunet-uri mr, | ||
13 | |||
14 | # Site-specific additions and overrides. See local/README for details. | ||
15 | #include <local/gnunet> | ||
16 | } | ||
diff --git a/contrib/apparmor/gnunet-vpn b/contrib/apparmor/gnunet-vpn new file mode 100644 index 000000000..1cf5b5ecc --- /dev/null +++ b/contrib/apparmor/gnunet-vpn | |||
@@ -0,0 +1,13 @@ | |||
1 | # Last Modified: Mon Aug 10 18:11:26 2015 | ||
2 | #include <tunables/global> | ||
3 | #include <tunables/gnunet> | ||
4 | |||
5 | profile @{GNUNET_PREFIX}/bin/gnunet-vpn { | ||
6 | #include <abstractions/base> | ||
7 | #include <abstractions/gnunet-common> | ||
8 | |||
9 | @{GNUNET_PREFIX}/bin/gnunet-vpn mr, | ||
10 | |||
11 | # Site-specific additions and overrides. See local/README for details. | ||
12 | #include <local/gnunet> | ||
13 | } | ||
diff --git a/contrib/apparmor/tunables/gnunet b/contrib/apparmor/tunables/gnunet index e7ff8256a..106169714 100644 --- a/contrib/apparmor/tunables/gnunet +++ b/contrib/apparmor/tunables/gnunet | |||
@@ -1 +1,6 @@ | |||
1 | @{GNUNET_PREFIX}=/usr/local | 1 | @{GNUNET_PREFIX}=/usr/local |
2 | @{GNUNET_USER}=/var/lib/gnunet | ||
3 | @{LIBPRE}=/ /usr/ | ||
4 | @{LIBDIRS}=lib{,32,64} lib/@{multiarch} | ||
5 | @{LIBS}=libc libm linux-vso | ||
6 | |||