diff options
Diffstat (limited to 'contrib')
-rw-r--r-- | contrib/apparmor/usr.bin.extract | 60 |
1 files changed, 60 insertions, 0 deletions
diff --git a/contrib/apparmor/usr.bin.extract b/contrib/apparmor/usr.bin.extract new file mode 100644 index 000000000..8b9604747 --- /dev/null +++ b/contrib/apparmor/usr.bin.extract | |||
@@ -0,0 +1,60 @@ | |||
1 | # Last Modified: Wed Jul 15 15:26:31 2015 | ||
2 | #include <tunables/global> | ||
3 | |||
4 | /usr/bin/extract { | ||
5 | /dev/shm/LE-* rw, | ||
6 | |||
7 | /etc/ld.so.cache mr, | ||
8 | |||
9 | /usr/bin/extract mr, | ||
10 | |||
11 | /usr/lib/gconv/gconv-modules r, | ||
12 | |||
13 | /usr/lib/libFLAC.so.* mr, | ||
14 | /usr/lib/libacl.so.* mr, | ||
15 | /usr/lib/libarchive.so.* mr, | ||
16 | /usr/lib/libattr.so.* mr, | ||
17 | /usr/lib/libbz2.so.* mr, | ||
18 | /usr/lib/libc-*.so mr, | ||
19 | /usr/lib/libcrypto.so.* mr, | ||
20 | /usr/lib/libdl-*.so mr, | ||
21 | /usr/lib/libexiv2.so.* mr, | ||
22 | /usr/lib/libexpat.so.* mr, | ||
23 | /usr/lib/libextractor.so.* mr, | ||
24 | |||
25 | /usr/lib/libextractor/ r, | ||
26 | /usr/lib/libextractor/libextractor_*.so mr, | ||
27 | |||
28 | /usr/lib/libextractor_common.so.* mr, | ||
29 | |||
30 | /usr/lib/libgcc_s.so.* mr, | ||
31 | /usr/lib/libjpeg.so.* mr, | ||
32 | /usr/lib/libltdl.so.* mr, | ||
33 | /usr/lib/liblzma.so.* mr, | ||
34 | /usr/lib/liblzo2.so.* mr, | ||
35 | /usr/lib/libm-*.so mr, | ||
36 | /usr/lib/libmagic.so.* mr, | ||
37 | /usr/lib/libmpeg2.so.* mr, | ||
38 | /usr/lib/libogg.so.* mr, | ||
39 | /usr/lib/libpthread-*.so mr, | ||
40 | /usr/lib/librt-*.so mr, | ||
41 | /usr/lib/libstdc++.so.* mr, | ||
42 | /usr/lib/libtiff.so.* mr, | ||
43 | /usr/lib/libvorbis.so.* mr, | ||
44 | /usr/lib/libvorbisfile.so.* mr, | ||
45 | /usr/lib/libz.so.* mr, | ||
46 | |||
47 | /usr/lib/locale/locale-archive r, | ||
48 | |||
49 | /usr/share/file/misc/magic.mgc r, | ||
50 | |||
51 | /usr/share/locale/fr/LC_MESSAGES/libc.mo r, | ||
52 | /usr/share/locale/fr/LC_MESSAGES/libextractor.mo r, | ||
53 | /usr/share/locale/locale.alias r, | ||
54 | |||
55 | deny @{HOME}/.** mr, | ||
56 | owner @{HOME}/** r, | ||
57 | /media/** r, | ||
58 | |||
59 | @{PROC}/@{pid}/maps r, | ||
60 | } | ||