From b7d7b8c0fc2985e922f8fb63a14b1b17386af069 Mon Sep 17 00:00:00 2001 From: Julien Morvan Date: Tue, 28 Jul 2015 15:04:15 +0000 Subject: Add AppArmor abstractions(gnunet-common, gnunet-libaudio) --- contrib/apparmor/abstractions/gnunet-common | 34 +++++++++++++++++++++++++++ contrib/apparmor/abstractions/gnunet-libaudio | 23 ++++++++++++++++++ 2 files changed, 57 insertions(+) create mode 100644 contrib/apparmor/abstractions/gnunet-common create mode 100644 contrib/apparmor/abstractions/gnunet-libaudio (limited to 'contrib/apparmor') diff --git a/contrib/apparmor/abstractions/gnunet-common b/contrib/apparmor/abstractions/gnunet-common new file mode 100644 index 000000000..7d7515d80 --- /dev/null +++ b/contrib/apparmor/abstractions/gnunet-common @@ -0,0 +1,34 @@ +# This files contains common permissions for gnunet + + /usr/share/zoneinfo/ r, + /usr/share/zoneinfo/** r, + + /dev/urandom r, + + /etc/ld.so.cache r, + + @{PROC}/@{pid}/maps r, + + #Gnunet configuration file + /usr/local/share/gnunet/config.d/ r, + /usr/local/share/gnunet/config.d/*.conf r, + + /etc/gnunet.conf r, + owner @{HOME}/.config/gnunet.conf r, + + #Librairies + /usr/lib/libc-*.so mr, + /usr/lib/libdl-*.so mr, + /usr/lib/libgcrypt.so.* mr, + /usr/lib/libltdl.so.* mr, + /usr/lib/libgpg-error.so.* mr, + /usr/lib/libm-*.so mr, + /usr/lib/libunistring.so.* mr, + /usr/lib/libz.so.* mr, + + #Gnunet librairies + /usr/local/lib/libgnunetutil.so.* mr, + + #For testbed (if the /tmp directory is used) + /tmp/testbed*/ rw, + /tmp/testbed*/** rwk, diff --git a/contrib/apparmor/abstractions/gnunet-libaudio b/contrib/apparmor/abstractions/gnunet-libaudio new file mode 100644 index 000000000..6dda03573 --- /dev/null +++ b/contrib/apparmor/abstractions/gnunet-libaudio @@ -0,0 +1,23 @@ +/usr/lib/libFLAC.so.* mr, +/usr/lib/libXau.so.* mr, +/usr/lib/libXdmcp.so.* mr, +/usr/lib/libasyncns.so.* mr, +/usr/lib/libattr.so.* mr, +/usr/lib/libcap.so.* mr, +/usr/lib/libdbus-1.so.* mr, +/usr/lib/libjson-c.so.* mr, +/usr/lib/liblz4.so.* mr, +/usr/lib/liblzma.so.* mr, +/usr/lib/libnsl-*.so mr, +/usr/lib/libogg.so.* mr, +/usr/lib/libopus.so.* mr, +/usr/lib/libpthread-*.so mr, +/usr/lib/libpulse.so.* mr, +/usr/lib/libresolv-*.so mr, +/usr/lib/librt-*.so mr, +/usr/lib/libsndfile.so.* mr, +/usr/lib/libsystemd.so.* mr, +/usr/lib/libvorbis.so.* mr, +/usr/lib/libvorbisenc.so.* mr, +/usr/lib/libxcb.so.* mr, +/usr/lib/pulseaudio/libpulsecommon-*.so mr, -- cgit v1.2.3