[Pkg-privacy-commits] [onioncircuits] 03/21: Add apparmor profile to upstream code
Sascha Steinbiss
satta at debian.org
Wed Oct 4 15:53:55 UTC 2017
This is an automated email from the git hooks/post-receive script.
satta pushed a commit to branch master
in repository onioncircuits.
commit 6f71b4806308a86557fb4c1317ffd9fa0fc12bad
Author: Ulrike Uhlig <u at 451f.org>
Date: Sun Mar 19 20:07:41 2017 +0100
Add apparmor profile to upstream code
---
apparmor/usr.bin.onioncircuits | 27 +++++++++++++++++++++++++++
1 file changed, 27 insertions(+)
diff --git a/apparmor/usr.bin.onioncircuits b/apparmor/usr.bin.onioncircuits
new file mode 100644
index 0000000..61c0cb6
--- /dev/null
+++ b/apparmor/usr.bin.onioncircuits
@@ -0,0 +1,27 @@
+#include <tunables/global>
+
+/usr/bin/onioncircuits {
+ #include <abstractions/base>
+ #include <abstractions/gnome>
+ #include <abstractions/ibus>
+ #include <abstractions/nameservice>
+ #include <abstractions/python>
+
+ # Why are these not in abstractions/python?
+ /usr/lib{,32,64}/python{2,3}.[0-9]/__pycache__/ rw,
+ /usr/lib{,32,64}/python{2,3}.[0-9]/__pycache__/* rw,
+ /usr/lib{,32,64}/python{2,3}.[0-9]/**/__pycache__/ rw,
+ /usr/lib{,32,64}/python{2,3}.[0-9]/**/__pycache__/* rw,
+ /usr/lib{,32,64}/python{2,3}/**/__pycache__/ rw,
+ /usr/lib{,32,64}/python{2,3}/**/__pycache__/* rw,
+
+ /usr/bin/ r,
+ /usr/bin/onioncircuits r,
+ /usr/share/xml/iso-codes/** r,
+
+ deny /etc/machine-id r,
+
+ # Accessibility support
+ owner /{,var/}run/user/*/at-spi2-*/ rw,
+ owner /{,var/}run/user/*/at-spi2-*/** rw,
+}
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-privacy/packages/onioncircuits.git
More information about the Pkg-privacy-commits
mailing list