AppArmor profile exchange

Find profiles by name | Find profiles by author | Find profiles by name and author | List all profiles | List all users | My profiles | New profile | Anonymous | Login

opensuse10.3's profiles

Distribution Name Profile Created At Changelog View Count Username
opensuse10.3 /sbin/dhclient #include <tunables/global> /sbin/dhclient { #include <abstractions/base> capability net_bind_service, capability net_raw, network inet dgram, network packet packet, /etc/dhclient.conf r, /etc/resolv.conf w, /etc/resolv.conf.saved.by.dhclient rw, /proc/net/dev r, /sbin/dhclient mr, /sbin/dhclient-script Px, /var/lib/dhcp/dhclient-*.leases rw, /var/lib/dhcp/dhclient.leases rw, /var/run/dhclient-*.pid rw, /var/run/dhclient.pid rw, /var/run/nscd/services r, /var/run/nscd/socket w, } about 1 year ago none 132 cinimod Edit History
opensuse10.3 /usr/bin/bug-buddy #include <tunables/global> /usr/bin/bug-buddy { #include <abstractions/base> /usr/bin/bug-buddy mr, } about 7 hours ago 16 cattoire Edit History
opensuse10.3 /usr/sbin/vmware-serverd #include <tunables/global> /usr/sbin/vmware-serverd flags=(complain) { #include <abstractions/base> /usr/sbin/vmware-serverd mr, } about 1 year ago vmware_server_delta 139 jfernandez Edit History
opensuse10.3 /etc/X11/xinit/xinitrc.d/sabayon-xinitrc.sh #include <tunables/global> /etc/X11/xinit/xinitrc.d/sabayon-xinitrc.sh flags=(complain) { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> /bin/bash ixr, /etc/X11/xinit/xinitrc.d/sabayon-xinitrc.sh mr, /proc/meminfo r, /usr/sbin/sabayon-apply Px, } over 2 years ago few more changes to get gnome session working elsewhere 175 jmichael Edit History
opensuse10.3 /opt/kde3/bin/kmail #include <tunables/global> /opt/kde3/bin/kmail flags=(complain) { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/kde> #include <abstractions/nameservice> / r, /bin/bash ixr, /cur/tmp/** lrw, /dat/dMisc/KMail/ w, /dat/dMisc/KMail/** lrw, /etc/* r, /etc/X11/* r, /home/*/** rw, /home/*/.gnupg/pubring.kbx.lock lrw, /home/*/.kde/share/** lrw, /home/*/.qt/* krw, /opt/kde3/** r, /opt/kde3/bin/kaddressbook Ux, /opt/kde3/bin/kioexec px, /opt/kde3/bin/kleopatra Px, /opt/kde3/bin/kmail mr, /opt/kde3/bin/kmailcvt Px, /opt/kde3/bin/kwatchgnupg Px, /opt/kde3/lib/** mr, /proc/** r, /usr/bin/aspell Ux, /usr/bin/gpg2 Px, /usr/bin/gpgsm mpxr, /usr/share/** r, /var/cache/** r, } about 1 year ago internet radio u.a. 98 shivver-fox Edit History
opensuse10.3 /usr/lib/gnome-panel/mixer_applet2 #include <tunables/global> /usr/lib/gnome-panel/mixer_applet2 flags=(complain) { #include <abstractions/audio> #include <abstractions/base> #include <abstractions/fonts> #include <abstractions/gnome> #include <abstractions/kde> #include <abstractions/nameservice> /etc/gnome-vfs-2.0/modules/ r, /etc/sound/events/gtk-events-2.soundlist r, /home/*/.Xauthority r, /home/*/.esd_auth r, /home/*/.fontconfig/* r, /home/*/.gnome2_private/ w, /home/*/.gstreamer-0.10/registry.i686.xml r, /home/*/.icons/ r, /home/*/.local/share/icons/ r, /proc/meminfo r, /tmp/orbit-*/bonobo-activation-register.lock klrw, /usr/bin/bug-buddy ixr, /usr/lib/gnome-panel/mixer_applet2 mr, /usr/share/gnome-2.0/ui/GNOME_MixerApplet.xml r, } over 2 years ago some bug-buddy rules and other misc updates 165 jmichael Edit History
opensuse10.3 /usr/bin/gnome-open #include <tunables/global> /usr/bin/gnome-open { #include <abstractions/base> /usr/bin/gnome-open mr, } about 1 year ago none 109 cinimod Edit History
opensuse10.3 /opt/kde3/bin/kaffeine #include <tunables/global> /opt/kde3/bin/kaffeine { #include <abstractions/base> #include <abstractions/nameservice> / r, /bin/ r, /boot/ r, /dev/ r, /dev/snd/* rw, /dev/sr0 r, /etc/ r, /etc/X11/kstylerc r, /etc/X11/qt_plugins_3.3rc r, /etc/X11/qtrc r, /etc/exports r, /etc/fonts/** r, /etc/fstab r, /etc/kde3rc r, /etc/mtab r, /etc/opt/kde3/share/config/kioslaverc r, /etc/opt/kde3/share/icons/**/ r, /etc/rpc r, /etc/security/fileshare.conf r, /home/ r, /home/*/** r, /home/*/.dvdcss/* rw, /home/*/.kde/share/apps/kaffeine/** rw, /home/*/.kde/share/config/* lrw, /home/*/.qt/* krw, /home/*/.xine/catalog.cache rw, /home/*/.xine/config rw, /home/*/.xine/config~ w, /lib/ r, /lib64/ r, /media/ r, /media/** r, /mnt/ r, /opt/ r, /opt/kde3/bin/kaffeine mr, /opt/kde3/lib/kde3/plugins/styles/ r, /opt/kde3/lib64/* mr, /opt/kde3/lib64/kde3/* mr, /opt/kde3/lib64/kde3/plugins/styles/ r, /opt/kde3/lib64/kde3/plugins/styles/* mr, /opt/kde3/share/apps/kaffeine/** r, /opt/kde3/share/config/kdeglobals r, /opt/kde3/share/config/profilerc r, /opt/kde3/share/config/ui/ui_standards.rc r, /opt/kde3/share/icons/** r, /opt/kde3/share/locale-bundle/nb/LC_MESSAGES/* r, /opt/kde3/share/locale/nb/LC_MESSAGES/* r, /proc/ r, /sbin/ r, /srv/ r, /sys/ r, /tmp/ r, /tmp/.ICE-unix/* w, /tmp/.X11-unix/* w, /tmp/ksocket-n5/* w, /usr/ r, /usr/lib64/** mr, /usr/share/X11/* r, /usr/share/X11/locale/* r, /usr/share/X11/locale/en_US.UTF-8/* r, /usr/share/alsa/** r, /usr/share/desktop-data/qtrc r, /usr/share/fonts/** r, /usr/share/icons/** r, /usr/share/xine/** r, /var/ r, /var/cache/fontconfig/* r, /var/cache/libx11/compose/* r, /var/tmp/kdecache-n5/ksycoca r, /vol/ r, /vol/** r, /windows/ r, } over 2 years ago 236 kijo387 Edit History
opensuse10.3 /usr/bin/metacity #include <tunables/global> /usr/bin/metacity flags=(complain) { #include <abstractions/base> #include <abstractions/gnome> #include <abstractions/nameservice> /home/*/.ICEauthority r, /home/*/.Xauthority r, /home/*/.fontconfig/* r, /home/*/.metacity/sessions/* w, /proc/meminfo r, /usr/bin/bug-buddy ixr, /usr/bin/metacity mr, } over 2 years ago some bug-buddy rules and other misc updates 158 jmichael Edit History
opensuse10.3 /usr/bin/net #include <tunables/global> /usr/bin/net { #include <abstractions/base> network inet dgram, /etc/samba/dhcp.conf r, /etc/samba/smb.conf r, /usr/bin/net mr, } about 1 year ago none 136 cinimod Edit History
opensuse10.3 /sbin/dhclient #include <tunables/global> /sbin/dhclient { #include <abstractions/base> capability net_bind_service, capability net_raw, network inet dgram, network packet packet, /etc/dhclient.conf r, /etc/resolv.conf w, /etc/resolv.conf.saved.by.dhclient rw, /proc/net/dev r, /sbin/dhclient mr, /sbin/dhclient-script Px, /var/lib/dhcp/dhclient-*.leases rw, /var/lib/dhcp/dhclient.leases rw, /var/run/dhclient-*.pid rw, /var/run/dhclient.pid rw, /var/run/nscd/services r, /var/run/nscd/socket w, } about 1 year ago Import of jmichaels profiles 104 dominic Edit History
opensuse10.3 /opt/google-earth/googleearth-bin #include <tunables/global> /opt/google-earth/googleearth-bin { #include <abstractions/base> /opt/google-earth/googleearth-bin mr, /opt/google-earth/libQt3Support.so.* mr, /opt/google-earth/libQtCore.so.* mr, /opt/google-earth/libQtGui.so.* mr, /opt/google-earth/libQtNetwork.so.* mr, /opt/google-earth/libQtSql.so.* mr, /opt/google-earth/libQtXml.so.* r, /opt/google-earth/libQtXml.so.4 mr, /opt/google-earth/libbase.so r, /opt/google-earth/libgcc_s.so.* mr, /opt/google-earth/libgoogleearth_lib.so mr, /opt/google-earth/libstdc\+\+.so.* r, /opt/google-earth/libstdc\+\+.so.6 mr, } about 1 year ago 105 mathias Edit History
opensuse10.3 /usr/bin/gnome-volume-manager #include <tunables/global> /usr/bin/gnome-volume-manager { #include <abstractions/base> #include <abstractions/dbus> #include <abstractions/gnome> #include <abstractions/nameservice> /etc/gnome-vfs-2.0/modules/ r, /etc/sound/events/gtk-events-2.soundlist r, /home/*/.Xauthority r, /home/*/.gnome2_private/ w, /proc/*/mounts r, /usr/bin/bug-buddy ixr, /usr/bin/gnome-volume-manager mr, /var/run/resmgr/classes/desktop/ r, } about 1 year ago none 97 cinimod Edit History
opensuse10.3 /usr/bin/gnome-open #include <tunables/global> /usr/bin/gnome-open { #include <abstractions/base> /usr/bin/gnome-open mr, } about 1 year ago Import of jmichaels profiles 119 dominic Edit History
opensuse10.3 /usr/bin/ncftp #include <tunables/global> /usr/bin/ncftp { #include <abstractions/base> /usr/bin/ncftp mr, } about 1 year ago ncftp2 94 SamCurt Edit History
opensuse10.3 /usr/bin/net #include <tunables/global> /usr/bin/net { #include <abstractions/base> network inet dgram, /etc/samba/dhcp.conf r, /etc/samba/smb.conf r, /usr/bin/net mr, } about 1 year ago Import of jmichaels profiles 145 dominic Edit History
opensuse10.3 /usr/lib/GConf/2/gconfd-2 # $Id: usr.lib.GConf.2.gconfd-2 735 2007-06-11 05:17:30Z seth_arnold $ # ------------------------------------------------------------------ # # Copyright (C) 2002-2005 Novell/SUSE # # This program is free software; you can redistribute it and/or # modify it under the terms of version 2 of the GNU General Public # License published by the Free Software Foundation. # # ------------------------------------------------------------------ #include <tunables/global> /usr/lib/GConf/2/gconfd-2 flags=(complain) { #include <abstractions/base> #include <abstractions/nameservice> #include <abstractions/user-tmp> /cur/tmp/ r, /cur/tmp/** klrw, /etc/gconf/** r, /home/**/ r, /usr/lib/GConf/2/gconfd-2 rmix, /usr/lib/GConf/2/libgconfbackend-xml.so mr, /usr/lib64/GConf/2/libgconfbackend-xml.so mr, /usr/share/locale/** r, @{HOME}/.gconf r, @{HOME}/.gconf/** lrw, @{HOME}/.gconfd/** lrw, } about 1 year ago internet radio u.a. 104 shivver-fox Edit History
opensuse10.3 /usr/lib/evolution/2.12/evolution-alarm-notify #include <tunables/global> /usr/lib/evolution/2.12/evolution-alarm-notify { #include <abstractions/base> /usr/lib/evolution/2.12/evolution-alarm-notify mr, } about 1 year ago none 121 cinimod Edit History
opensuse10.3 /usr/bin/gnome-volume-manager #include <tunables/global> /usr/bin/gnome-volume-manager { #include <abstractions/base> #include <abstractions/dbus> #include <abstractions/gnome> #include <abstractions/nameservice> /etc/gnome-vfs-2.0/modules/ r, /etc/sound/events/gtk-events-2.soundlist r, /home/*/.Xauthority r, /home/*/.gnome2_private/ w, /proc/*/mounts r, /usr/bin/bug-buddy ixr, /usr/bin/gnome-volume-manager mr, /var/run/resmgr/classes/desktop/ r, } about 1 year ago Import of jmichaels profiles 93 dominic Edit History
opensuse10.3 /usr/bin/xfs #include <tunables/global> /usr/bin/xfs { #include <abstractions/base> capability setgid, capability setuid, network inet, network inet6, /etc/X11/fontpath.d rk, /etc/X11/fontpath.d/ rk, /etc/X11/fontpath.d/** r, /etc/X11/fs/config r, /etc/group r, /etc/ld.so.preload r, /etc/nsswitch.conf r, /etc/passwd r, /etc/services r, /home/*/.fontconfig r, /home/*/.fonts/** r, /tmp/ rw, /tmp/.font-unix rwlk, /tmp/.font-unix/ rwlk, /tmp/.font-unix/** rwlk, /usr/bin/xfs mr, /usr/share/fonts/** r, /usr/share/lilypond/2.11.40/fonts/** r, /var/db/nscd/group r, /var/db/nscd/passwd r, /var/db/nscd/services r, /var/fonts2/** r, /var/run/dbus/system_bus_socket rw, /var/run/nscd/services r, /var/run/nscd/socket rw, /var/run/xfs.pid rwl, } 10 months ago 72 hello Edit History
opensuse10.3 /usr/bin/totem-video-thumbnailer #include <tunables/global> /usr/bin/totem-video-thumbnailer flags=(complain) { #include <abstractions/base> #include <abstractions/gnome> #include <abstractions/nameservice> /etc/gnome-vfs-2.0/modules/ r, /home/*/.gstreamer-0.10/registry.i686.xml r, /home/*/Desktop/** r, /usr/bin/totem-video-thumbnailer mr, } over 2 years ago argh, switch things back to complain for a while 149 jmichael Edit History
opensuse10.3 /usr/local/BGRadiusDialup/radius.sh #include <tunables/global> /usr/local/BGRadiusDialup/radius.sh flags=(complain) { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/nameservice> /bin/bash ixr, /dev/tty rw, /etc/sysconfig/clock r, /proc/*/maps r, /proc/meminfo r, /proc/net/if_inet6 r, /proc/net/ipv6_route r, /proc/stat r, /tmp/** mrw, /usr/bin/nohup ixr, /usr/bin/readlink ixr, /usr/lib64/** mr, /usr/lib64/jvm/java-1.6.0.u4-sun-1.6.0.u4/jre/bin/java ixr, /usr/lib64/jvm/java-1.6.0.u4-sun-1.6.0.u4/jre/bin/java.bin ixr, /usr/local/BGRadiusDialup/dictionary.xml r, /usr/local/BGRadiusDialup/lib/ r, /usr/local/BGRadiusDialup/lib/activation.jar mr, /usr/local/BGRadiusDialup/lib/bsh-1.3.0.jar mr, /usr/local/BGRadiusDialup/lib/commons-collections.jar mr, /usr/local/BGRadiusDialup/lib/commons-dbcp-1.1.jar mr, /usr/local/BGRadiusDialup/lib/commons-pool-1.1.jar mr, /usr/local/BGRadiusDialup/lib/dialup.jar mr, /usr/local/BGRadiusDialup/lib/dnsjava.jar mr, /usr/local/BGRadiusDialup/lib/gnu-crypto.jar mr, /usr/local/BGRadiusDialup/lib/log4j-1.2.8.jar mr, /usr/local/BGRadiusDialup/lib/mail.jar mr, /usr/local/BGRadiusDialup/lib/mysql-5.0.3.jar mr, /usr/local/BGRadiusDialup/lib/snmp4_13.jar mr, /usr/local/BGRadiusDialup/lib/xalan.jar mr, /usr/local/BGRadiusDialup/lib/xercesImpl.jar mr, /usr/local/BGRadiusDialup/log/collector.log w, /usr/local/BGRadiusDialup/log/connection.log w, /usr/local/BGRadiusDialup/log/netflow.log w, /usr/local/BGRadiusDialup/log/processor.log w, /usr/local/BGRadiusDialup/log/radius.log w, /usr/local/BGRadiusDialup/log/radius.out w, /usr/local/BGRadiusDialup/log/script.log w, /usr/local/BGRadiusDialup/log4j_radius.properties r, /usr/local/BGRadiusDialup/radius.properties r, /usr/local/BGRadiusDialup/radius.sh mr, /usr/share/zoneinfo/ r, } about 1 year ago andrew 106 gankov Edit History
opensuse10.3 /usr/lib/firefox/firefox.sh #include <tunables/global> /usr/lib/firefox/firefox.sh flags=(complain) { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/user-tmp> /bin/basename Px, /bin/bash ixr, /bin/grep ixr, /bin/mktemp ixr, /etc/magic r, /home/*/.gdbinit r, /home/*/.inputrc r, /proc/*/auxv r, /proc/*/mem r, /proc/*/status r, /proc/meminfo r, /proc/sys/kernel/ngroups_max r, /usr/bin/file ixr, /usr/bin/gdb ixr, /usr/lib/firefox/firefox-bin Pxr, /usr/lib/firefox/firefox.sh mr, /usr/share/misc/magic.mgc r, } over 2 years ago allow -d gdb option for firefox plus other misc updates 154 jmichael Edit History
opensuse10.3 /usr/bin/Xgl #include <tunables/global> /usr/bin/Xgl { #include <abstractions/X> #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/fonts> #include <abstractions/freedesktop.org> #include <abstractions/user-tmp> capability dac_override, capability ipc_owner, capability setgid, capability setuid, capability sys_admin, /bin/bash ixr, /dev/dri/card* rw, /etc/sysconfig/displaymanager r, /home/*/.gnome2/share/cursor-fonts/fonts.dir r, /home/*/.gnome2/share/fonts/fonts.dir r, /home/jesse/.gnome2/share/fonts/** r, /proc/meminfo r, /usr/bin/Xgl mr, /usr/bin/Xorg Px, /usr/bin/xkbcomp Px, /usr/lib/dri/*.so mr, /var/lib/gdm/* r, /var/lib/xkb/compiled/*.xkm rw, /var/log/Xgl.*.log rw, /var/log/Xgl.*.log.old w, /var/log/gdm/*.log w, } about 1 year ago Import of jmichaels profiles 150 dominic Edit History
opensuse10.3 /usr/bin/gnome-open #include <tunables/global> /usr/bin/gnome-open flags=(complain) { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/nameservice> /bin/basename ixr, /bin/bash ixr, /bin/grep ixr, /bin/netstat ixr, /bin/ps ixr, /dev/snd/controlC0 rw, /dev/snd/controlC1 rw, /dev/snd/pcmC0D0p rw, /dev/tty rw, /etc/fonts/** r, /etc/gnome-vfs-2.0/modules/ r, /etc/gnome-vfs-2.0/modules/default-modules.conf r, /etc/gnome-vfs-2.0/modules/font-method.conf r, /etc/gnome-vfs-2.0/modules/mapping-modules.conf r, /etc/gnome-vfs-2.0/modules/smb-module.conf r, /etc/gnome-vfs-2.0/modules/ssl-modules.conf r, /etc/gnome-vfs-2.0/modules/theme-method.conf r, /etc/gtk-2.0/gdk-pixbuf.loaders r, /etc/gtk-2.0/gtk.immodules r, /etc/gtk-2.0/gtkrc r, /etc/magic r, /etc/mailcap r, /etc/mime.types r, /etc/opt/kde3/share/applications/ r, /etc/opt/kde3/share/applications/mimeinfo.cache r, /etc/pango/pango.modules r, /etc/sound/events/gtk-events-2.soundlist r, /home/*/.ICEauthority r, /home/*/.Xauthority r, /home/*/.esd_auth r, /home/*/.fontconfig/a739e0075b4b5d92542755c278dde193-x86.cache-2 r, /home/*/.gnome2_private/ w, /home/*/.local/share/applications/ r, /home/*/.local/share/applications/mimeinfo.cache r, /home/*/.local/share/mime/aliases r, /home/*/.local/share/mime/globs r, /home/*/.local/share/mime/magic r, /home/*/.local/share/mime/subclasses r, /home/*/.macromedia/Flash_Player/#SharedObjects/ r, /home/*/.macromedia/Flash_Player/#SharedObjects/VD9JQJ6E/skype.com/ rw, /home/*/.macromedia/Flash_Player/#SharedObjects/VD9JQJ6E/skype.com/#user/ rw, /home/*/.macromedia/Flash_Player/#SharedObjects/VD9JQJ6E/skype.com/#user/session.sxx w, /home/*/.macromedia/Flash_Player/macromedia.com/support/flashplayer/sys/#skype.com/ w, /home/*/.macromedia/Flash_Player/macromedia.com/support/flashplayer/sys/#skype.com/settings.sol rw, /home/*/.macromedia/Flash_Player/macromedia.com/support/flashplayer/sys/#skype.com/settings.sxx rw, /home/*/.macromedia/Flash_Player/macromedia.com/support/flashplayer/sys/settings.sol rw, /home/*/.macromedia/Flash_Player/macromedia.com/support/flashplayer/sys/settings.sxx rw, /home/*/.mailcap r, /home/*/.mozilla/firefox/3749x1bh.default/ r, /home/*/.mozilla/firefox/3749x1bh.default/.parentlock kw, /home/*/.mozilla/firefox/3749x1bh.default/Cache.Trash/ rw, /home/*/.mozilla/firefox/3749x1bh.default/Cache.Trash/Trash/ rw, /home/*/.mozilla/firefox/3749x1bh.default/Cache.Trash/Trash/Cache/ rw, /home/*/.mozilla/firefox/3749x1bh.default/Cache.Trash/Trash/Cache/* w, /home/*/.mozilla/firefox/3749x1bh.default/Cache/ rw, /home/*/.mozilla/firefox/3749x1bh.default/Cache/* rw, /home/*/.mozilla/firefox/3749x1bh.default/XPC.mfasl r, /home/*/.mozilla/firefox/3749x1bh.default/XUL.mfasl r, /home/*/.mozilla/firefox/3749x1bh.default/bookmarkbackups/ r, /home/*/.mozilla/firefox/3749x1bh.default/bookmarks-1.html rw, /home/*/.mozilla/firefox/3749x1bh.default/bookmarks.bak w, /home/*/.mozilla/firefox/3749x1bh.default/bookmarks.html rw, /home/*/.mozilla/firefox/3749x1bh.default/cert8.db rw, /home/*/.mozilla/firefox/3749x1bh.default/compatibility.ini r, /home/*/.mozilla/firefox/3749x1bh.default/compreg.dat r, /home/*/.mozilla/firefox/3749x1bh.default/cookies-1.txt rw, /home/*/.mozilla/firefox/3749x1bh.default/cookies.txt rw, /home/*/.mozilla/firefox/3749x1bh.default/downloads.rdf r, /home/*/.mozilla/firefox/3749x1bh.default/extensions.cache r, /home/*/.mozilla/firefox/3749x1bh.default/extensions.ini r, /home/*/.mozilla/firefox/3749x1bh.default/extensions/ r, /home/*/.mozilla/firefox/3749x1bh.default/formhistory.dat rw, /home/*/.mozilla/firefox/3749x1bh.default/history.dat rw, /home/*/.mozilla/firefox/3749x1bh.default/hostperm.1 r, /home/*/.mozilla/firefox/3749x1bh.default/key3.db rw, /home/*/.mozilla/firefox/3749x1bh.default/localstore-1.rdf rw, /home/*/.mozilla/firefox/3749x1bh.default/localstore.rdf rw, /home/*/.mozilla/firefox/3749x1bh.default/lock w, /home/*/.mozilla/firefox/3749x1bh.default/mimeTypes.rdf rw, /home/*/.mozilla/firefox/3749x1bh.default/prefs-1.js rw, /home/*/.mozilla/firefox/3749x1bh.default/prefs.js rw, /home/*/.mozilla/firefox/3749x1bh.default/search.sqlite krw, /home/*/.mozilla/firefox/3749x1bh.default/secmod.db r, /home/*/.mozilla/firefox/3749x1bh.default/sessionstore-1.js rw, /home/*/.mozilla/firefox/3749x1bh.default/sessionstore.js rw, /home/*/.mozilla/firefox/3749x1bh.default/urlclassifier2.sqlite rw, /home/*/.mozilla/firefox/3749x1bh.default/urlclassifier2.sqlite-journal w, /home/*/.mozilla/firefox/3749x1bh.default/webappsstore.sqlite rw, /home/*/.mozilla/firefox/3749x1bh.default/webappsstore.sqlite-journal w, /home/*/.mozilla/firefox/3749x1bh.default/xpti.dat r, /home/*/.mozilla/firefox/pluginreg.dat rw, /home/*/.mozilla/firefox/profiles.ini r, /opt/kde3/share/applications/ r, /opt/kde3/share/applications/mimeinfo.cache r, /proc/ r, /proc/*/cmdline r, /proc/*/maps r, /proc/*/stat r, /proc/*/status r, /proc/meminfo r, /proc/net/ r, /proc/net/dev r, /proc/net/unix r, /proc/stat r, /proc/sys/kernel/ngroups_max r, /proc/sys/kernel/pid_max r, /proc/uptime r, /tmp/ r, /tmp/* rw, /tmp/.ICE-unix/3510 w, /tmp/.ICE-unix/3664 w, /tmp/.ICE-unix/3665 w, /tmp/.ICE-unix/4499 w, /tmp/.X11-unix/X0 w, /tmp/.esd/socket rw, /tmp/gconfd-overwrite/lock/ior r, /tmp/orbit-overwrite/ w, /tmp/orbit-overwrite/* w, /tmp/orbit-somebody/ w, /usr/bin/bug-buddy ixr, /usr/bin/expr ixr, /usr/bin/file ixr, /usr/bin/gnome-open mr, /usr/lib/** mr, /usr/lib/firefox/firefox-bin ixr, /usr/lib/firefox/firefox.sh ixr, /usr/share/X11/locale/compose.dir r, /usr/share/X11/locale/en_US.UTF-8/Compose r, /usr/share/X11/locale/en_US.UTF-8/XLC_LOCALE r, /usr/share/X11/locale/locale.alias r, /usr/share/X11/locale/locale.dir r, /usr/share/alsa/alsa.conf r, /usr/share/alsa/cards/EMU10K1.conf r, /usr/share/alsa/cards/VIA8237.conf r, /usr/share/alsa/cards/aliases.conf r, /usr/share/alsa/pcm/center_lfe.conf r, /usr/share/alsa/pcm/default.conf r, /usr/share/alsa/pcm/dmix.conf r, /usr/share/alsa/pcm/dsnoop.conf r, /usr/share/alsa/pcm/front.conf r, /usr/share/alsa/pcm/iec958.conf r, /usr/share/alsa/pcm/rear.conf r, /usr/share/alsa/pcm/surround40.conf r, /usr/share/alsa/pcm/surround41.conf r, /usr/share/alsa/pcm/surround50.conf r, /usr/share/alsa/pcm/surround51.conf r, /usr/share/applications/ r, /usr/share/applications/mimeinfo.cache r, /usr/share/fonts/** r, /usr/share/gdm/applications/ r, /usr/share/gdm/applications/mimeinfo.cache r, /usr/share/ghostscript/fonts/** r, /usr/share/icons/Industrial/cursors/fleur r, /usr/share/icons/Industrial/cursors/hand2 r, /usr/share/icons/Industrial/cursors/left_ptr r, /usr/share/icons/Industrial/cursors/xterm r, /usr/share/icons/Industrial/index.theme r, /usr/share/icons/Tango/index.theme r, /usr/share/icons/crystalblue/cursors/hand r, /usr/share/icons/crystalblue/cursors/left_ptr r, /usr/share/icons/crystalblue/cursors/left_ptr_watch r, /usr/share/icons/crystalblue/cursors/xterm r, /usr/share/icons/crystalblue/index.theme r, /usr/share/icons/crystalblue_nonanim/cursors/left_ptr_watch r, /usr/share/icons/crystalblue_nonanim/index.theme r, /usr/share/icons/gnome/index.theme r, /usr/share/locale-bundle/de/LC_MESSAGES/glib20.mo r, /usr/share/locale-bundle/de/LC_MESSAGES/gtk20-properties.mo r, /usr/share/locale-bundle/de/LC_MESSAGES/gtk20.mo r, /usr/share/locale-bundle/de/LC_MESSAGES/libbonobo-2.0.mo r, /usr/share/locale-bundle/de/LC_MESSAGES/libgnome-2.0.mo r, /usr/share/mime/aliases r, /usr/share/mime/globs r, /usr/share/mime/magic r, /usr/share/mime/subclasses r, /usr/share/misc/magic.mgc r, /usr/share/themes/Clearlooks/gtk-2.0/gtkrc r, /usr/share/themes/Default/gtk-2.0-key/gtkrc r, /usr/share/themes/bluebubble/gtk-2.0/bc-dark.png r, /usr/share/themes/bluebubble/gtk-2.0/bc-light.png r, /usr/share/themes/bluebubble/gtk-2.0/bc.png r, /usr/share/themes/bluebubble/gtk-2.0/bubble-blue-prelight.png r, /usr/share/themes/bluebubble/gtk-2.0/bubble-blue-pressed.png r, /usr/share/themes/bluebubble/gtk-2.0/bubble-blue.png r, /usr/share/themes/bluebubble/gtk-2.0/gtkrc r, /usr/share/themes/bluebubble/gtk-2.0/lines_background_const.png r, /var/cache/fontconfig/* r, /var/cache/gnome-vfs/defaults.list r, /var/cache/libx11/compose/l4_024_313cb605_00280cc0 r, /var/run/dbus/system_bus_socket w, /var/tmp/ r, } about 1 year ago 283 overwrite Edit History
opensuse10.3 /usr/bin/amule #include <tunables/global> /usr/bin/amule flags=(complain) { #include <abstractions/base> /usr/bin/amule mr, } about 1 year ago amule 101 spiky781 Edit History
opensuse10.3 /usr/lib/helix-dbus-server/helix-dbus-server.bin #include <tunables/global> /usr/lib/helix-dbus-server/helix-dbus-server.bin { #include <abstractions/audio> #include <abstractions/base> #include <abstractions/nameservice> /proc/cpuinfo r, /usr/lib/RealPlayer10/**.so mr, /usr/lib/helix-dbus-server/helix-dbus-server.bin mr, } about 1 year ago none 93 cinimod Edit History
opensuse10.3 /usr/bin/manpath #include <tunables/global> /usr/bin/manpath { #include <abstractions/base> /etc/manpath.config r, /usr/bin/manpath mr, } about 1 year ago Import of jmichaels profiles 112 dominic Edit History
opensuse10.3 /usr/sbin/httpd2-prefork #include <tunables/global> /usr/sbin/httpd2-prefork flags=(complain) { #include <abstractions/base> #include <abstractions/nameservice> #include <abstractions/nis> capability dac_override, capability net_bind_service, capability setgid, capability setuid, /etc/apache2/conf.d/ r, /etc/apache2/conf.d/mod_fcgid.conf r, /etc/apache2/conf.d/mod_mono.conf r, /etc/apache2/conf.d/mod_perl.conf r, /etc/apache2/conf.d/php5.conf r, /etc/apache2/conf.d/phpmyadmin.conf r, /etc/apache2/default-server.conf r, /etc/apache2/errors.conf r, /etc/apache2/httpd.conf r, /etc/apache2/listen.conf r, /etc/apache2/mod_autoindex-defaults.conf r, /etc/apache2/mod_info.conf r, /etc/apache2/mod_log_config.conf r, /etc/apache2/mod_mime-defaults.conf r, /etc/apache2/mod_status.conf r, /etc/apache2/mod_userdir.conf r, /etc/apache2/mod_usertrack.conf r, /etc/apache2/server-tuning.conf r, /etc/apache2/ssl-global.conf r, /etc/apache2/sysconfig.d/global.conf r, /etc/apache2/sysconfig.d/include.conf r, /etc/apache2/sysconfig.d/loadmodule.conf r, /etc/apache2/uid.conf r, /etc/apache2/vhosts.d/ r, /etc/gai.conf r, /etc/mime.types r, /etc/php5/apache2/php.ini r, /etc/php5/conf.d/ r, /etc/php5/conf.d/bcmath.ini r, /etc/php5/conf.d/bz2.ini r, /etc/php5/conf.d/calendar.ini r, /etc/php5/conf.d/ctype.ini r, /etc/php5/conf.d/curl.ini r, /etc/php5/conf.d/dba.ini r, /etc/php5/conf.d/dom.ini r, /etc/php5/conf.d/exif.ini r, /etc/php5/conf.d/gd.ini r, /etc/php5/conf.d/gmp.ini r, /etc/php5/conf.d/hash.ini r, /etc/php5/conf.d/iconv.ini r, /etc/php5/conf.d/json.ini r, /etc/php5/conf.d/mbstring.ini r, /etc/php5/conf.d/mcrypt.ini r, /etc/php5/conf.d/mysql.ini r, /etc/php5/conf.d/mysqli.ini r, /etc/php5/conf.d/ncurses.ini r, /etc/php5/conf.d/odbc.ini r, /etc/php5/conf.d/openssl.ini r, /etc/php5/conf.d/pcntl.ini r, /etc/php5/conf.d/pdo.ini r, /etc/php5/conf.d/pdo_mysql.ini r, /etc/php5/conf.d/pdo_odbc.ini r, /etc/php5/conf.d/pdo_sqlite.ini r, /etc/php5/conf.d/posix.ini r, /etc/php5/conf.d/pspell.ini r, /etc/php5/conf.d/readline.ini r, /etc/php5/conf.d/shmop.ini r, /etc/php5/conf.d/snmp.ini r, /etc/php5/conf.d/soap.ini r, /etc/php5/conf.d/sockets.ini r, /etc/php5/conf.d/sqlite.ini r, /etc/php5/conf.d/suhosin.ini r, /etc/php5/conf.d/tidy.ini r, /etc/php5/conf.d/tokenizer.ini r, /etc/php5/conf.d/wddx.ini r, /etc/php5/conf.d/xmlreader.ini r, /etc/php5/conf.d/xmlrpc.ini r, /etc/php5/conf.d/xmlwriter.ini r, /etc/php5/conf.d/xsl.ini r, /etc/php5/conf.d/zip.ini r, /etc/php5/conf.d/zlib.ini r, /proc/*/attr/current w, /tmp/.wapi/ w, /tmp/mod_mono_dashboard_XXGLOBAL_1 rw, /usr/bin/mod-mono-server px, /usr/lib64/** mr, /usr/sbin/httpd2-prefork mr, /usr/share/snmp/mibs/.index r, /usr/share/snmp/mibs/DISMAN-EVENT-MIB.txt r, /usr/share/snmp/mibs/DISMAN-SCHEDULE-MIB.txt r, /usr/share/snmp/mibs/HOST-RESOURCES-MIB.txt r, /usr/share/snmp/mibs/HOST-RESOURCES-TYPES.txt r, /usr/share/snmp/mibs/IANA-RTPROTO-MIB.txt r, /usr/share/snmp/mibs/IANAifType-MIB.txt r, /usr/share/snmp/mibs/IF-MIB.txt r, /usr/share/snmp/mibs/INET-ADDRESS-MIB.txt r, /usr/share/snmp/mibs/IP-FORWARD-MIB.txt r, /usr/share/snmp/mibs/IP-MIB.txt r, /usr/share/snmp/mibs/IPV6-ICMP-MIB.txt r, /usr/share/snmp/mibs/IPV6-MIB.txt r, /usr/share/snmp/mibs/IPV6-TC.txt r, /usr/share/snmp/mibs/IPV6-TCP-MIB.txt r, /usr/share/snmp/mibs/IPV6-UDP-MIB.txt r, /usr/share/snmp/mibs/LM-SENSORS-MIB.txt r, /usr/share/snmp/mibs/NET-SNMP-AGENT-MIB.txt r, /usr/share/snmp/mibs/NET-SNMP-EXTEND-MIB.txt r, /usr/share/snmp/mibs/NET-SNMP-MIB.txt r, /usr/share/snmp/mibs/NET-SNMP-VACM-MIB.txt r, /usr/share/snmp/mibs/NOTIFICATION-LOG-MIB.txt r, /usr/share/snmp/mibs/RFC1155-SMI.txt r, /usr/share/snmp/mibs/RFC1213-MIB.txt r, /usr/share/snmp/mibs/SNMP-COMMUNITY-MIB.txt r, /usr/share/snmp/mibs/SNMP-FRAMEWORK-MIB.txt r, /usr/share/snmp/mibs/SNMP-MPD-MIB.txt r, /usr/share/snmp/mibs/SNMP-NOTIFICATION-MIB.txt r, /usr/share/snmp/mibs/SNMP-TARGET-MIB.txt r, /usr/share/snmp/mibs/SNMP-USER-BASED-SM-MIB.txt r, /usr/share/snmp/mibs/SNMP-VIEW-BASED-ACM-MIB.txt r, /usr/share/snmp/mibs/SNMPv2-MIB.txt r, /usr/share/snmp/mibs/SNMPv2-SMI.txt r, /usr/share/snmp/mibs/SNMPv2-TC.txt r, /usr/share/snmp/mibs/SNMPv2-TM.txt r, /usr/share/snmp/mibs/TCP-MIB.txt r, /usr/share/snmp/mibs/UCD-DEMO-MIB.txt r, /usr/share/snmp/mibs/UCD-DISKIO-MIB.txt r, /usr/share/snmp/mibs/UCD-DLMOD-MIB.txt r, /usr/share/snmp/mibs/UCD-IPFWACC-MIB.txt r, /usr/share/snmp/mibs/UCD-SNMP-MIB.txt r, /usr/share/snmp/mibs/UDP-MIB.txt r, /usr/share/terminfo/v/vt100 r, /var/lib/php5/session_mm_apache2handler0.sem kw, /var/log/apache2/access_log a, /var/log/apache2/error_log a, /var/run/httpd2.pid w, /var/run/nscd/services r, } /usr/sbin/httpd2-prefork///egroupware/login.php flags=(complain) { #include <abstractions/nameservice> /dev/urandom r, /proc/*/attr/current w, /srv/www/htdocs/egroupware/header.inc.php r, /srv/www/htdocs/egroupware/login.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/adodb/adodb-iterator.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/adodb/adodb-time.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/adodb/adodb.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/adodb/drivers/adodb-mysql.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.Template.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.accounts.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.accounts_sql.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.acl.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.applications.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.auth.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.auth_sql.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.browser.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.common.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.config.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.contenthistory.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.crypto.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.dragdrop.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.egw.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.egw_datetime.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.egw_db.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.egw_framework.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.error.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.errorlog.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.hooks.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.html.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.javascript.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.preferences.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.sessions.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.sessions_php4.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.tplsavant2.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.translation.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/common_functions.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/functions.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/savant2/Savant2.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/soap_functions.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/xajax.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/xajaxResponse.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/xml_functions.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/js/jsapi/jsapi.js r, /srv/www/htdocs/egroupware/phpgwapi/setup/setup.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/setup/tables_current.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/templates/default/head.tpl r, /srv/www/htdocs/egroupware/phpgwapi/templates/default/images/ r, /srv/www/htdocs/egroupware/phpgwapi/templates/default/login.tpl r, /srv/www/htdocs/egroupware/phpgwapi/templates/idots/class.idots_framework.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/templates/idots/images/ r, /var/lib/mysql/mysql.sock w, /var/log/apache2/access_log w, } "/usr/sbin/httpd2-prefork///egroupware/phpgwapi/templates/default/images/DPC LOGO TIFF.tif" flags=(complain) { #include <abstractions/nameservice> /proc/*/attr/current w, "/srv/www/htdocs/egroupware/phpgwapi/templates/default/images/DPC LOGO TIFF.tif" r, /var/log/apache2/access_log w, } /usr/sbin/httpd2-prefork///webERP/index.php flags=(complain) { #include <abstractions/nameservice> /dev/urandom r, /proc/*/attr/current w, /srv/www/htdocs/webERP/config.php r, /srv/www/htdocs/webERP/includes/ConnectDB.inc r, /srv/www/htdocs/webERP/includes/ConnectDB_mysqli.inc r, /srv/www/htdocs/webERP/includes/DateFunctions.inc r, /srv/www/htdocs/webERP/includes/GetConfig.php r, /srv/www/htdocs/webERP/includes/LanguageSetup.php r, /srv/www/htdocs/webERP/includes/MiscFunctions.php r, /srv/www/htdocs/webERP/includes/footer.inc r, /srv/www/htdocs/webERP/includes/header.inc r, /srv/www/htdocs/webERP/includes/php-gettext/gettext.php r, /srv/www/htdocs/webERP/includes/php-gettext/streams.php r, /srv/www/htdocs/webERP/includes/session.inc r, /srv/www/htdocs/webERP/index.php r, /srv/www/htdocs/webERP/locale/en_US/LC_MESSAGES/messages.mo r, /usr/share/mysql/charsets/Index.xml r, /var/lib/mysql/mysql.sock w, /var/lib/php5/sess_4srj8ot0k3dg4i4cfh382evemsc9jshf krw, /var/log/apache2/access_log w, } /usr/sbin/httpd2-prefork//DEFAULT_URI flags=(complain) { /var/log/apache2/error_log w, } /usr/sbin/httpd2-prefork//HANDLING_UNTRUSTED_INPUT flags=(complain) { #include <abstractions/nameservice> /proc/*/attr/current w, } about 1 year ago egroupware 196 kent Edit History
opensuse10.3 /usr/bin/ekiga #include <tunables/global> /usr/bin/ekiga flags=(complain) { #include <abstractions/audio> #include <abstractions/base> #include <abstractions/dbus> #include <abstractions/fonts> #include <abstractions/gnome> #include <abstractions/kde> #include <abstractions/nameservice> /dev/ r, /dev/** r, /etc/gnome-vfs-2.0/modules/ r, /etc/mtab r, /etc/sound/events/gtk-events-2.soundlist r, /home/*/.ICEauthority r, /home/*/.Xauthority r, /home/*/.beagle/socket w, /home/*/.esd_auth r, /home/*/.fontconfig/* r, /home/*/.gnome2/gnomemeeting rw, /home/*/.gnome2_private/ w, /home/*/.icons/ r, /home/*/.local/share/icons/ r, /home/*/.recently-used.xbel rw, /home/*/.recently-used.xbel.* rw, /proc/meminfo r, /proc/net/if_inet6 r, /tmp/orbit-*/bonobo-activation-register.lock klrw, /usr/bin/ekiga mr, /usr/lib/pwlib/devices/sound/*.so mr, /usr/lib/pwlib/devices/videoinput/*.so mr, /usr/share/mime/**.xml r, /var/cache/libx11/compose/* r, } over 2 years ago argh, switch things back to complain for a while 124 jmichael Edit History
opensuse10.3 /usr/bin/Xgl #include <tunables/global> /usr/bin/Xgl { #include <abstractions/X> #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/fonts> #include <abstractions/freedesktop.org> #include <abstractions/user-tmp> capability dac_override, capability ipc_owner, capability setgid, capability setuid, capability sys_admin, /bin/bash ixr, /dev/dri/card* rw, /etc/sysconfig/displaymanager r, /home/*/.gnome2/share/cursor-fonts/fonts.dir r, /home/*/.gnome2/share/fonts/fonts.dir r, /home/jesse/.gnome2/share/fonts/** r, /proc/meminfo r, /usr/bin/Xgl mr, /usr/bin/Xorg Px, /usr/bin/xkbcomp Px, /usr/lib/dri/*.so mr, /var/lib/gdm/* r, /var/lib/xdm/authdir/authfiles/* r, /var/lib/xkb/compiled/*.xkm rw, /var/log/Xgl.*.log rw, /var/log/Xgl.*.log.old w, /var/log/gdm/*.log w, } about 1 year ago none 116 cinimod Edit History
opensuse10.3 /usr/lib/beagle/beagled-index-helper #include <tunables/global> /usr/lib/beagle/beagled-index-helper flags=(complain) { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/nameservice> #include <abstractions/user-tmp> /bin/bash ixr, /etc/mono/2.0/machine.config r, /etc/mono/config r, /home/*/ rw, /home/*/.beagle/** krw, /home/*/.local/share/mime/mime.cache mr, /home/*/.wapi/shared_data-* mrw, /home/*/.wapi/shared_fileshare-* mrw, /home/*/Desktop/* r, /proc/*/maps r, /proc/*/status r, /proc/meminfo r, /proc/stat r, /proc/sys/kernel/ngroups_max r, /usr/bin/mono ixr, /usr/bin/totem-video-indexer Px, /usr/lib/beagle/*.dll mr, /usr/lib/beagle/Filters/*.dll mr, /usr/lib/beagle/IndexHelper.exe mr, /usr/lib/beagle/beagled-index-helper mr, /usr/lib/mono/2.0/mscorlib.dll mr, /usr/lib/mono/gac/**.dll mr, /usr/share/mime/mime.cache mr, /var/tmp/ rw, } over 2 years ago argh, switch things back to complain for a while 161 jmichael Edit History
opensuse10.3 /usr/bin/skype #include <tunables/global> /usr/bin/skype flags=(complain) { #include <abstractions/base> /usr/bin/skype mr, } over 2 years ago 254 draglor Edit History
opensuse10.3 /var/lib/distccd/flashgot.m384mqii.default/flashgot-1.fgt #include <tunables/global> /var/lib/distccd/flashgot.m384mqii.default/flashgot-1.fgt { #include <abstractions/base> /var/lib/distccd/flashgot.m384mqii.default/flashgot-1.fgt mr, } 10 months ago 75 hello Edit History
opensuse10.3 /usr/sbin/httpd2-prefork # $Id: usr.sbin.httpd2-prefork 706 2007-05-31 06:58:22Z steve-beattie $ # ------------------------------------------------------------------ # # Copyright (C) 2002-2005 Novell/SUSE # # This program is free software; you can redistribute it and/or # modify it under the terms of version 2 of the GNU General Public # License published by the Free Software Foundation. # # ------------------------------------------------------------------ #include <tunables/global> /usr/sbin/httpd2-prefork flags=(complain) { #include <abstractions/base> #include <abstractions/consoles> #include <abstractions/kerberosclient> #include <abstractions/nameservice> #include <abstractions/perl> capability dac_override, capability kill, capability net_bind_service, capability setgid, capability setuid, capability sys_tty_config, /dev/random r, /etc/apache2/*.conf r, /etc/apache2/.digest r, /etc/apache2/magic r, /etc/apache2/mod_perl-startup.pl r, /etc/apache2/ssl.crt/*.crt r, /etc/apache2/ssl.key/*.key r, /etc/apache2/{conf,sysconfig,vhosts}.d/ r, /etc/apache2/{conf,sysconfig,vhosts}.d/* r, /etc/fstab r, /etc/gai.conf r, /etc/mime.types r, /etc/mtab r, /etc/odbcinst.ini r, /etc/php.d/ r, /etc/php.d/** r, /etc/php.ini r, /etc/php5/apache2/php.ini r, /etc/php5/conf.d/ r, /etc/php5/conf.d/ctype.ini r, /etc/php5/conf.d/dom.ini r, /etc/php5/conf.d/hash.ini r, /etc/php5/conf.d/iconv.ini r, /etc/php5/conf.d/json.ini r, /etc/php5/conf.d/pdo.ini r, /etc/php5/conf.d/pdo_sqlite.ini r, /etc/php5/conf.d/sqlite.ini r, /etc/php5/conf.d/tokenizer.ini r, /etc/php5/conf.d/xmlreader.ini r, /etc/php5/conf.d/xmlwriter.ini r, /home/*/ r, /srv/www/htdocs r, /srv/www/htdocs/** r, /srv/www/icons/*.{gif,jpg,png} r, /srv/www/vhosts r, /srv/www/vhosts/** r, /tmp/auth_ldap_cache.sem wl, /tmp/session_mm_apache0.sem wl, /tmp/session_mm_apache2handler0.sem wl, /usr/X11R6/lib/lib*.so* mr, /usr/X11R6/lib64/lib*.so* mr, /usr/apache2/error/* r, /usr/lib/apache2-leader/{lib,mod_}*.so* mr, /usr/lib/apache2-metuxmpm/{lib,mod_}*.so* mr, /usr/lib/apache2-prefork/{lib,mod_}*.so* mr, /usr/lib/apache2-worker/{lib,mod_}*.so* mr, /usr/lib/apache2/modules/{lib,mod_}*.so* mr, /usr/lib/apache2/{lib,mod_}*.so mr, /usr/lib/mysql/libmysql*.so* mr, /usr/lib/php/extensions/*.so mr, /usr/lib/php4/*.so mr, /usr/lib/python[12].[0-9]/**.{py,pyc,pth,so} mr, /usr/lib/python[12].[0-9]/site-packages r, /usr/lib/qt3/lib/lib*.so* mr, /usr/lib64/** mr, /usr/lib64/apache2-leader/{lib,mod_}*.so* mr, /usr/lib64/apache2-metuxmpm/{lib,mod_}*.so* mr, /usr/lib64/apache2-prefork/{lib,mod_}*.so* mr, /usr/lib64/apache2-worker/{lib,mod_}*.so* mr, /usr/lib64/apache2/modules/{lib,mod_}*.so* mr, /usr/lib64/apache2/{lib,mod_}*.so* mr, /usr/lib64/python[12].[0-9]/**.{py,pyc,pth,so} mr, /usr/local/tomcat/conf/mod_jk.conf r, /usr/local/tomcat/conf/workers-ajp12.properties r, /usr/sbin/httpd2-prefork r, /usr/sbin/suexec2 mixr, /usr/share/apache2/** r, /usr/share/apache2/error/* r, /usr/share/apache2/error/include/* r, /usr/share/misc/magic.mime r, /usr/share/snmp/mibs r, /usr/share/snmp/mibs/*.{txt,mib} r, /usr/share/snmp/mibs/.index wr, /usr/share/ssl/openssl.cnf r, /var/dav/lock/lockdb.dir krw, /var/dav/lock/lockdb.pag rw, /var/lib/php/sess_* rwl, /var/lib/php5/session_mm_apache2handler0.sem kw, /var/lock/httpd2.lock.* wl, /var/log/apache2/* rwl, /var/log/apache2/** rwl, /var/log/httpd/ssl_scache.dir r, /var/log/httpd/ssl_scache.pag r, /var/run/httpd2.mm.* wl, /var/run/httpd2.pid wl, /var/www/error/* r, /var/www/html/** r, /var/www/icons/*.{gif,jpg,png} r, @{HOME}/public_html r, @{HOME}/public_html/** r, } /usr/sbin/httpd2-prefork//DEFAULT_URI flags=(complain) { #include <abstractions/base> #include <abstractions/nameservice> /srv/www/htdocs r, /srv/www/htdocs/** r, /srv/www/icons/*.{gif,jpg,png} r, /srv/www/vhosts r, /srv/www/vhosts/** r, /usr/sbin/suexec2 mixr, /usr/share/apache2/** r, /var/lib/php/sess_* rwl, /var/log/apache2/** rwl, /var/www/error/* r, /var/www/html/** r, /var/www/icons/*.{gif,jpg,png} r, @{HOME}/public_html r, @{HOME}/public_html/** r, } /usr/sbin/httpd2-prefork//HANDLING_UNTRUSTED_INPUT flags=(complain) { #include <abstractions/nameservice> /**.htaccess r, /var/log/apache2/* w, } about 1 year ago 114 ytakeda Edit History
opensuse10.3 /usr/lib/helix-dbus-server/helix-dbus-server.bin #include <tunables/global> /usr/lib/helix-dbus-server/helix-dbus-server.bin { #include <abstractions/audio> #include <abstractions/base> #include <abstractions/nameservice> /proc/cpuinfo r, /usr/lib/RealPlayer10/**.so mr, /usr/lib/helix-dbus-server/helix-dbus-server.bin mr, } about 1 year ago Import of jmichaels profiles 111 dominic Edit History
opensuse10.3 /usr/bin/manpath #include <tunables/global> /usr/bin/manpath { #include <abstractions/base> /etc/manpath.config r, /usr/bin/manpath mr, } about 1 year ago none 105 cinimod Edit History
opensuse10.3 /etc/X11/xdm/Xsession #include <tunables/global> /etc/X11/xdm/Xsession { #include <abstractions/X> #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/nameservice> capability sys_ptrace, /bin/bash ixr, /bin/grep ixr, /bin/hostname Px, /bin/ls ixmr, /bin/uname Px, /etc/X11/Xresources r, /etc/X11/xdm/Xsession mr, /etc/X11/xdm/sys.xsession Px, /etc/X11/xinit/xinitrc.common r, /etc/opt/ r, /etc/shells r, /etc/sysconfig/console r, /etc/sysconfig/language r, /etc/sysconfig/mail r, /etc/sysconfig/news r, /etc/sysconfig/proxy r, /etc/sysconfig/suseconfig r, /etc/sysconfig/windowmanager r, /home/*/.Xdefaults r, /home/*/.bashrc r, /home/*/.profile r, /opt/ r, /proc/ r, /proc/*/cmdline r, /proc/*/mounts r, /proc/*/stat r, /proc/meminfo r, /proc/sys/kernel/ngroups_max r, /sbin/killall5 ixr, /usr/bin/dircolors ixmr, /usr/bin/manpath Px, /usr/bin/tty ixr, /usr/bin/xrdb Px, /usr/lib/jvm/java-1.5.0-sun-1.5.0_update12/jre/bin/java ixr, /var/log/Xorg.*.log r, } about 1 year ago Import of jmichaels profiles 145 dominic Edit History
opensuse10.3 /usr/lib/gnome-keyring-1/gnome-keyring-ask #include <tunables/global> /usr/lib/gnome-keyring-1/gnome-keyring-ask flags=(complain) { #include <abstractions/base> #include <abstractions/fonts> #include <abstractions/gnome> #include <abstractions/kde> #include <abstractions/nameservice> /home/*/.Xauthority r, /home/*/.fontconfig/* r, /home/*/.icons/ r, /home/*/.local/share/icons/ r, /proc/meminfo r, /usr/lib/gnome-keyring-1/gnome-keyring-ask mr, } over 2 years ago argh, switch things back to complain for a while 116 jmichael Edit History
opensuse10.3 /usr/bin/claws-mail #include <tunables/global> /usr/bin/claws-mail flags=(complain) { #include <abstractions/base> /home/vljliljlv/.claws-mail/tagsrc w, /home/vljliljlv/rajakarta/queue/ r, /usr/bin/claws-mail mr, } 5 months ago claws-mail log 57 praanap Edit History
opensuse10.3 /sbin/ip #include <tunables/global> /sbin/ip flags=(complain) { #include <abstractions/base> capability sys_module, /etc/iproute2/rt_scopes r, /proc/net/ r, /proc/net/unix r, /sbin/ip mr, } over 2 years ago argh, switch things back to complain for a while 162 jmichael Edit History
opensuse10.3 /usr/bin/evolution #include <tunables/global> /usr/bin/evolution flags=(complain) { #include <abstractions/base> /usr/bin/evolution mr, } about 1 year ago Appevolution 92 vmbaumgaertel Edit History
opensuse10.3 /usr/sbin/snmpd #include <tunables/global> /usr/sbin/snmpd { #include <abstractions/base> #include <abstractions/nameservice> capability net_admin, /dev/md* r, /dev/sd* r, /etc/hosts.allow r, /etc/hosts.deny r, /etc/mtab r, /etc/rpm/ r, /etc/rpm/macros.gconf2 r, /etc/rpm/macros.mkinitrd r, /etc/sensors.conf r, /etc/snmp/snmpd.conf r, /proc/ r, /proc/*/cmdline r, /proc/*/mounts r, /proc/*/stat r, /proc/*/status r, /proc/cmdline r, /proc/loadavg r, /proc/net/arp r, /proc/net/dev r, /proc/net/if_inet6 r, /proc/net/ipv6_route r, /proc/net/route r, /proc/net/snmp r, /proc/net/snmp6 r, /proc/net/tcp r, /proc/net/tcp6 r, /proc/net/udp r, /proc/net/udp6 r, /proc/sys/net/ipv4/ipfrag_time r, /proc/sys/net/ipv4/neigh/eth0/retrans_time_ms r, /proc/sys/net/ipv4/neigh/eth1/retrans_time_ms r, /proc/sys/net/ipv4/neigh/lo/retrans_time_ms r, /proc/sys/net/ipv6/conf/all/forwarding r, /proc/sys/net/ipv6/conf/default/hop_limit r, /proc/sys/net/ipv6/conf/eth0/forwarding r, /proc/sys/net/ipv6/conf/eth1/forwarding r, /proc/sys/net/ipv6/conf/lo/forwarding r, /proc/sys/net/ipv6/neigh/eth0/base_reachable_time_ms r, /proc/sys/net/ipv6/neigh/eth0/retrans_time_ms r, /proc/sys/net/ipv6/neigh/eth1/base_reachable_time_ms r, /proc/sys/net/ipv6/neigh/eth1/retrans_time_ms r, /proc/sys/net/ipv6/neigh/lo/base_reachable_time_ms r, /proc/sys/net/ipv6/neigh/lo/retrans_time_ms r, /proc/uptime r, /proc/vmstat r, /sys/class/hwmon/ r, /sys/class/i2c-adapter/ r, /sys/devices/pci0000:00/0000:00:1f.3/i2c-adapter/i2c-0/name r, /sys/devices/platform/coretemp.[0-9]/name r, /sys/devices/platform/coretemp.[0-9]/temp1_input r, /sys/devices/platform/coretemp.[0-9]/temp1_label r, /usr/sbin/snmpd mr, /usr/share/snmp/mibs/ r, /usr/share/snmp/mibs/* r, /var/lib/net-snmp/snmpd.0.conf w, /var/lib/net-snmp/snmpd.conf rw, /var/lib/rpm/ w, /var/lib/rpm/Packages kr, /var/log/net-snmpd.log rw, /var/run/snmpd.pid w, /var/run/utmp krw, } about 1 year ago 301 arclyde Edit History
opensuse10.3 /etc/X11/xdm/Xsession #include <tunables/global> /etc/X11/xdm/Xsession { #include <abstractions/X> #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/nameservice> capability sys_ptrace, /bin/bash ixr, /bin/grep ixr, /bin/hostname Px, /bin/ls ixmr, /bin/uname Px, /etc/X11/Xresources r, /etc/X11/xdm/Xsession mr, /etc/X11/xdm/sys.xsession Px, /etc/X11/xim r, /etc/X11/xinit/xinitrc.common r, /etc/opt/ r, /etc/shells r, /etc/sysconfig/console r, /etc/sysconfig/language r, /etc/sysconfig/mail r, /etc/sysconfig/news r, /etc/sysconfig/proxy r, /etc/sysconfig/suseconfig r, /etc/sysconfig/windowmanager r, /home/*/.Xdefaults r, /home/*/.bashrc r, /home/*/.profile r, /home/*/.xsession-errors w, /opt/ r, /proc/ r, /proc/*/cmdline r, /proc/*/mounts r, /proc/*/stat r, /proc/meminfo r, /proc/sys/kernel/ngroups_max r, /sbin/killall5 ixr, /usr/bin/dircolors ixmr, /usr/bin/manpath Px, /usr/bin/printenv ixr, /usr/bin/tty ixr, /usr/bin/xrdb Px, /usr/lib/jvm/java-1.5.0-sun-1.5.0_update12/jre/bin/java ixr, /usr/lib/jvm/java-1.6.0.u3.sr2-sun-1.6.0.u3/bin/java ixr, /usr/lib/jvm/java-1.6.0.u3.sr2-sun-1.6.0.u3/bin/javac ixr, /usr/lib/jvm/java-1.6.0.u3.sr2-sun-1.6.0.u3/jre/bin/java ixr, /var/log/Xorg.*.log r, } about 1 year ago none 121 cinimod Edit History
opensuse10.3 /usr/lib/cyrus/bin/cyr_expire #include <tunables/global> /usr/lib/cyrus/bin/cyr_expire { #include <abstractions/base> /etc/imapd.* r, /mnt/mail/config/** rw, /usr/lib/cyrus/bin/cyr_expire mr, /var/lib/imap/** rw, } about 1 year ago 127 arclyde Edit History
opensuse10.3 /usr/sbin/apxs2 #include <tunables/global> /usr/sbin/apxs2 { #include <abstractions/base> #include <abstractions/perl> /usr/bin/perl ix, /usr/sbin/apxs2 mr, } about 1 year ago 1 94 kungfu Edit History
opensuse10.3 /usr/bin/strigidaemon #include <tunables/global> /usr/bin/strigidaemon { #include <abstractions/base> #include <abstractions/user-tmp> /etc/opt/kde3/share/ r, /home/*/ r, /home/*/.local/share/ r, /home/*/.strigi/*.conf rw, /home/*/.strigi/clucene/* r, /home/*/.strigi/lock kw, /home/*/.strigi/socket w, /opt/kde3/share/ r, /usr/bin/strigidaemon mr, /usr/lib/strigi/*.so mr, /usr/share/strigi/** r, } about 1 year ago kde4 testing 90 dominic Edit History
opensuse10.3 /usr/lib/control-center-2.0/novell-sysconfig-proxy-helper #include <tunables/global> /usr/lib/control-center-2.0/novell-sysconfig-proxy-helper { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> /bin/bash ixr, /etc/sysconfig/proxy r, /proc/meminfo r, /proc/sys/kernel/ngroups_max r, /usr/lib/control-center-2.0/novell-sysconfig-proxy-helper mr, } about 1 year ago Import of jmichaels profiles 131 dominic Edit History
opensuse10.3 /usr/lib/cups/daemon/cups-deviced #include <tunables/global> /usr/lib/cups/daemon/cups-deviced flags=(complain) { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/nameservice> #include <abstractions/perl> #include <abstractions/python> capability setgid, capability setuid, /bin/bash ixr, /dev/bus/usb/ r, /dev/bus/usb/** rw, /dev/lp0 rw, /dev/ttyS0 w, /dev/tty{*} w, /proc/meminfo r, /root/.hplip/hplip.conf r, /usr/bin/env ixr, /usr/bin/perl ix, /usr/bin/python2.5 ixr, /usr/bin/smbspool ixr, /usr/lib/cups/backend/beh ixr, /usr/lib/cups/backend/canon ixr, /usr/lib/cups/backend/epson ixr, /usr/lib/cups/backend/hal ixr, /usr/lib/cups/backend/hp ixr, /usr/lib/cups/backend/hpfax ixr, /usr/lib/cups/backend/ipp ixr, /usr/lib/cups/backend/lpd ixr, /usr/lib/cups/backend/parallel ixr, /usr/lib/cups/backend/pipe ixr, /usr/lib/cups/backend/scsi ixr, /usr/lib/cups/backend/serial ixr, /usr/lib/cups/backend/snmp ixr, /usr/lib/cups/backend/socket ixr, /usr/lib/cups/backend/usb ixr, /usr/lib/cups/daemon/cups-deviced mr, /usr/share/hplip/**.py r, /usr/share/hplip/**.pyc r, } about 1 year ago 111 dhughes Edit History
opensuse10.3 /usr/sbin/httpd2-prefork # $Id: usr.sbin.httpd2-prefork 706 2007-05-31 06:58:22Z steve-beattie $ # ------------------------------------------------------------------ # # Copyright (C) 2002-2005 Novell/SUSE # # This program is free software; you can redistribute it and/or # modify it under the terms of version 2 of the GNU General Public # License published by the Free Software Foundation. # # ------------------------------------------------------------------ #include <tunables/global> /usr/sbin/httpd2-prefork flags=(complain) { #include <abstractions/base> #include <abstractions/consoles> #include <abstractions/kerberosclient> #include <abstractions/nameservice> #include <abstractions/perl> capability kill, capability net_bind_service, capability setgid, capability setuid, capability sys_tty_config, /dev/random r, /etc/apache2/*.conf r, /etc/apache2/magic r, /etc/apache2/mod_perl-startup.pl r, /etc/apache2/ssl.crt/*.crt r, /etc/apache2/ssl.key/*.key r, /etc/apache2/{conf,sysconfig,vhosts}.d/ r, /etc/apache2/{conf,sysconfig,vhosts}.d/* r, /etc/fstab r, /etc/mime.types r, /etc/mtab r, /etc/odbcinst.ini r, /etc/php.d/ r, /etc/php.d/** r, /etc/php.ini r, /srv/www/htdocs r, /srv/www/htdocs/** r, /srv/www/icons/*.{gif,jpg,png} r, /srv/www/vhosts r, /srv/www/vhosts/** r, /tmp/auth_ldap_cache.sem wl, /tmp/session_mm_apache0.sem wl, /tmp/session_mm_apache2handler0.sem wl, /usr/X11R6/lib/lib*.so* mr, /usr/X11R6/lib64/lib*.so* mr, /usr/apache2/error/* r, /usr/lib/apache2-leader/{lib,mod_}*.so* mr, /usr/lib/apache2-metuxmpm/{lib,mod_}*.so* mr, /usr/lib/apache2-prefork/{lib,mod_}*.so* mr, /usr/lib/apache2-worker/{lib,mod_}*.so* mr, /usr/lib/apache2/modules/{lib,mod_}*.so* mr, /usr/lib/apache2/{lib,mod_}*.so mr, /usr/lib/mysql/libmysql*.so* mr, /usr/lib/php/extensions/*.so mr, /usr/lib/php4/*.so mr, /usr/lib/python[12].[0-9]/**.{py,pyc,pth,so} mr, /usr/lib/python[12].[0-9]/site-packages r, /usr/lib/qt3/lib/lib*.so* mr, /usr/lib64/apache2-leader/{lib,mod_}*.so* mr, /usr/lib64/apache2-metuxmpm/{lib,mod_}*.so* mr, /usr/lib64/apache2-prefork/{lib,mod_}*.so* mr, /usr/lib64/apache2-worker/{lib,mod_}*.so* mr, /usr/lib64/apache2/modules/{lib,mod_}*.so* mr, /usr/lib64/apache2/{lib,mod_}*.so* mr, /usr/lib64/mysql/libmysql*.so* mr, /usr/lib64/php/extensions/*.so mr, /usr/lib64/php4/*.so mr, /usr/lib64/python[12].[0-9]/**.{py,pyc,pth,so} mr, /usr/lib64/python[12].[0-9]/site-packages r, /usr/lib64/qt3/lib/lib*.so* mr, /usr/local/tomcat/conf/mod_jk.conf r, /usr/local/tomcat/conf/workers-ajp12.properties r, /usr/sbin/httpd2-prefork r, /usr/sbin/suexec2 mixr, /usr/share/apache2/** r, /usr/share/apache2/error/* r, /usr/share/apache2/error/include/* r, /usr/share/misc/magic.mime r, /usr/share/snmp/mibs r, /usr/share/snmp/mibs/*.{txt,mib} r, /usr/share/snmp/mibs/.index wr, /usr/share/ssl/openssl.cnf r, /var/lib/php/sess_* rwl, /var/lock/httpd2.lock.* wl, /var/log/apache2/* rwl, /var/log/apache2/** rwl, /var/log/httpd/ssl_scache.dir r, /var/log/httpd/ssl_scache.pag r, /var/run/httpd2.mm.* wl, /var/run/httpd2.pid wl, /var/www/error/* r, /var/www/html/** r, /var/www/icons/*.{gif,jpg,png} r, @{HOME}/public_html r, @{HOME}/public_html/** r, } /usr/sbin/httpd2-prefork//DEFAULT_URI flags=(complain) { #include <abstractions/base> #include <abstractions/nameservice> /srv/www/htdocs r, /srv/www/htdocs/** r, /srv/www/icons/*.{gif,jpg,png} r, /srv/www/vhosts r, /srv/www/vhosts/** r, /usr/sbin/suexec2 mixr, /usr/share/apache2/** r, /var/lib/php/sess_* rwl, /var/log/apache2/** rwl, /var/www/error/* r, /var/www/html/** r, /var/www/icons/*.{gif,jpg,png} r, @{HOME}/public_html r, @{HOME}/public_html/** r, } /usr/sbin/httpd2-prefork//HANDLING_UNTRUSTED_INPUT flags=(complain) { #include <abstractions/nameservice> /**.htaccess r, /var/log/apache2/* w, } about 1 year ago 99 hbree Edit History
opensuse10.3 /bin/uname #include <tunables/global> /bin/uname { #include <abstractions/base> /bin/uname mr, /proc/cpuinfo r, } about 1 year ago Import of jmichaels profiles 139 dominic Edit History
opensuse10.3 /bin/ps #include <tunables/global> /bin/ps flags=(complain) { #include <abstractions/base> #include <abstractions/consoles> #include <abstractions/nameservice> capability dac_override, capability sys_admin, capability sys_ptrace, /bin/ps mr, /proc/ r, /proc/*/attr/current r, /proc/*/cmdline r, /proc/*/stat r, /proc/*/status r, /proc/meminfo r, /proc/stat r, /proc/sys/kernel/pid_max r, /proc/tty/drivers r, /proc/uptime r, } over 2 years ago argh, switch things back to complain for a while 134 jmichael Edit History
opensuse10.3 /usr/bin/gpgsm #include <tunables/global> /usr/bin/gpgsm flags=(complain) { #include <abstractions/base> /home/*/.gnupg/* lrw, /usr/bin/gpgsm mr, } about 1 year ago internet radio, u.a. 87 shivver-fox Edit History
opensuse10.3 /usr/lib/cups/backend/usb #include <tunables/global> /usr/lib/cups/backend/usb flags=(complain) { #include <abstractions/base> /usr/lib/cups/backend/usb mr, } over 2 years ago cups testing 187 dominic Edit History
opensuse10.3 /bin/basename #include <tunables/global> /bin/basename flags=(complain) { #include <abstractions/base> /bin/basename mr, } about 1 year ago 152 overwrite Edit History
opensuse10.3 /usr/lib/control-center-2.0/novell-sysconfig-proxy-helper #include <tunables/global> /usr/lib/control-center-2.0/novell-sysconfig-proxy-helper { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> /bin/bash ixr, /etc/sysconfig/proxy r, /proc/meminfo r, /proc/sys/kernel/ngroups_max r, /usr/lib/control-center-2.0/novell-sysconfig-proxy-helper mr, } about 1 year ago none 109 cinimod Edit History
opensuse10.3 /usr/bin/xscreensaver #include <tunables/global> /usr/bin/xscreensaver flags=(complain) { #include <abstractions/base> /usr/bin/xscreensaver mr, } over 2 years ago argh, switch things back to complain for a while 133 jmichael Edit History
opensuse10.3 /usr/lib/cups/daemon/cups-deviced #include <tunables/global> /usr/lib/cups/daemon/cups-deviced flags=(complain) { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/nameservice> capability setgid, capability setuid, /bin/bash ixr, /proc/meminfo r, /usr/bin/smbspool Px, /usr/lib/cups/backend/ r, /usr/lib/cups/backend/beh Px, /usr/lib/cups/backend/hal Px, /usr/lib/cups/backend/ipp Px, /usr/lib/cups/backend/lpd Px, /usr/lib/cups/backend/novell Px, /usr/lib/cups/backend/parallel Px, /usr/lib/cups/backend/pipe Px, /usr/lib/cups/backend/scsi Px, /usr/lib/cups/backend/serial Px, /usr/lib/cups/backend/snmp Px, /usr/lib/cups/backend/socket Px, /usr/lib/cups/backend/usb Px, /usr/lib/cups/daemon/cups-deviced mr, } over 2 years ago cups testing 138 dominic Edit History
opensuse10.3 /usr/lib/firefox/firefox-bin #include <tunables/global> /usr/lib/firefox/firefox-bin flags=(complain) { #include <abstractions/audio> #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/dbus> #include <abstractions/fonts> #include <abstractions/gnome> #include <abstractions/kde> #include <abstractions/nameservice> /bin/bash ixr, /bin/grep ixr, /bin/netstat Px, /bin/ps Px, /etc/gai.conf r, /etc/gnome-vfs-2.0/modules/ r, /etc/mailcap r, /etc/mime.types r, /etc/mtab r, /etc/opt/kde3/share/applications/ r, /etc/opt/kde3/share/applications/mimeinfo.cache r, /etc/sound/events/gtk-events-2.soundlist r, /home/*/.ICEauthority r, /home/*/.Xauthority r, /home/*/.adobe/Flash_Player/** r, /home/*/.beagle/socket w, /home/*/.bookmarks.html rw, /home/*/.config/gtk-2.0/gtkfilechooser.ini rw, /home/*/.config/gtk-2.0/gtkfilechooser.ini.* rw, /home/*/.esd_auth r, /home/*/.fontconfig/* r, /home/*/.gnome2_private/ w, /home/*/.icons/ r, /home/*/.local/share/applications/ r, /home/*/.local/share/applications/*.desktop r, /home/*/.local/share/applications/defaults.list r, /home/*/.local/share/applications/mimeinfo.cache r, /home/*/.local/share/icons/ r, /home/*/.macromedia/Flash_Player/** r, /home/*/.mailcap r, /home/*/.mozilla/firefox/** rw, /home/*/.mozilla/firefox/*/.parentlock krw, /home/*/.mozilla/firefox/*/urlclassifier2.sqlite krw, /home/*/.mozilla/plugins/ r, /home/*/.mozilla/plugins/libflashplayer.so mr, /home/*/.recently-used.xbel r, /home/*/Desktop/ r, /home/*/Desktop/** rw, /home/*/Documents/** rw, /opt/kde3/bin/gwenview Px, /opt/kde3/share/applications/ r, /opt/kde3/share/applications/mimeinfo.cache r, /proc/*/maps r, /proc/cpuinfo r, /proc/meminfo r, /proc/sys/kernel/ngroups_max r, /usr/bin/acroread Px, /usr/bin/eog Px, /usr/bin/evince Px, /usr/bin/file-roller Px, /usr/bin/gimp-remote-2.2 Px, /usr/bin/gvim-normal ixr, /usr/bin/mplayer Px, /usr/lib/Acrobat7/Browser/intellinux/*.so mr, /usr/lib/firefox/firefox-bin ixr, /usr/lib/firefox/firefox.sh Px, /usr/share/applications/ r, /usr/share/applications/*.desktop r, /usr/share/applications/mimeinfo.cache r, /usr/share/dist/icons/suse-help.svg r, /usr/share/gdm/applications/ r, /usr/share/mime/**.xml r, /var/cache/gnome-vfs/defaults.list r, /var/cache/libx11/compose/* r, } over 2 years ago allow -d gdb option for firefox plus other misc updates 118 jmichael Edit History
opensuse10.3 /usr/bin/bug-buddy #include <tunables/global> /usr/bin/bug-buddy { #include <abstractions/base> /usr/bin/bug-buddy mr, } about 1 year ago 102 FYPJ Edit History
opensuse10.3 /opt/kde3/bin/kopete #include <tunables/global> /opt/kde3/bin/kopete { #include <abstractions/base> /opt/kde3/bin/kopete mr, /opt/kde3/lib/lib*so* mr, /usr/lib/qt3/lib/lib*so* mr, } over 2 years ago 1 141 robsn81 Edit History
opensuse10.3 /bin/dbus-daemon #include <tunables/global> /bin/dbus-daemon { #include <abstractions/base> #include <abstractions/dbus> #include <abstractions/nameservice> capability dac_override, capability setgid, capability setuid, /bin/dbus-daemon mr, /etc/dbus-1/session.conf r, /etc/dbus-1/system.conf r, /etc/dbus-1/system.d/ r, /etc/dbus-1/system.d/*.conf r, /usr/bin/helix-dbus-server Px, /usr/lib/control-center-2.0/gnome-settings-daemon Px, /usr/lib/gnome-vfs-2.0/gnome-vfs-daemon Px, /usr/lib/notification-daemon-1.0/notification-daemon Px, /usr/share/dbus-1/services/ r, /usr/share/dbus-1/services/*.service r, /var/run/dbus/pid w, } about 1 year ago none 112 cinimod Edit History
opensuse10.3 /usr/bin/gconftool-2 #include <tunables/global> /usr/bin/gconftool-2 { #include <abstractions/base> #include <abstractions/nameservice> #include <abstractions/user-tmp> capability kill, capability sys_ptrace, /etc/gconf/gconf.xml.defaults/ r, /etc/gconf/gconf.xml.defaults/.testing.writeability w, /etc/gconf/gconf.xml.schemas/ r, /etc/gconf/gconf.xml.schemas/** rw, /etc/gconf/schema-install-source r, /etc/gconf/schemas/**.schemas r, /etc/gconf/schemas/*.entries r, /proc/ r, /proc/*/cmdline r, /proc/*/stat r, /usr/bin/gconftool-2 mr, /usr/bin/killall ixr, /usr/lib/GConf/2/gconfd-2 Px, } about 1 year ago none 92 cinimod Edit History
opensuse10.3 /bin/uname #include <tunables/global> /bin/uname { #include <abstractions/base> /bin/uname mr, /proc/cpuinfo r, } about 1 year ago none 96 cinimod Edit History
opensuse10.3 /usr/lib/GConf/2/gconf-sanity-check-2 #include <tunables/global> /usr/lib/GConf/2/gconf-sanity-check-2 { #include <abstractions/X> #include <abstractions/base> #include <abstractions/nameservice> #include <abstractions/user-tmp> /home/*/.Xauthority r, /tmp/gconf-test-locking-file-* klrw, /usr/lib/GConf/2/gconf-sanity-check-2 mr, } about 1 year ago Import of jmichaels profiles 112 dominic Edit History
opensuse10.3 /usr/bin/php5 #include <tunables/global> /usr/bin/php5 { #include <abstractions/base> #include <abstractions/consoles> #include <abstractions/nameservice> #include <abstractions/php5> capability dac_override, /etc/php5/cli/* r, /root/.pearrc r, /tmp/* rw, /tmp/pear/*/ w, /usr/bin/php5 ixr, /usr/share/kolab/scripts/resmgr/* r, /usr/share/php5/** krw, /var/lib/php5/session_mm_* klrw, } about 1 year ago 110 haris Edit History
opensuse10.3 /usr/sbin/lisa #include <tunables/global> /usr/sbin/lisa { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/nameservice> #include <abstractions/winbind> capability net_raw, capability setuid, network inet raw, /bin/bash ixr, /etc/lisarc r, /proc/meminfo r, /usr/bin/nmblookup ixr, /usr/sbin/lisa mr, /var/lib/samba/unexpected.tdb r, } over 2 years ago 148 JaMm Edit History
opensuse10.3 /bin/dbus-daemon #include <tunables/global> /bin/dbus-daemon { #include <abstractions/base> #include <abstractions/dbus> #include <abstractions/nameservice> #include <abstractions/user-tmp> capability dac_override, capability setgid, capability setuid, /bin/dbus-daemon mr, /etc/dbus-1/session.conf r, /etc/dbus-1/system.conf r, /etc/dbus-1/system.d/ r, /etc/dbus-1/system.d/*.conf r, /etc/opt/kde3/share/ r, /home/*/ r, /home/*/.local/share/ r, /home/*/.strigi/*.conf rw, /home/*/.strigi/clucene/* r, /home/*/.strigi/lock kw, /home/*/.strigi/socket w, /opt/kde3/share/ r, /usr/bin/helix-dbus-server Px, /usr/bin/knotify4 Px, /usr/bin/strigidaemon Pxmr, /usr/lib/control-center-2.0/gnome-settings-daemon Px, /usr/lib/gnome-vfs-2.0/gnome-vfs-daemon Px, /usr/lib/notification-daemon-1.0/notification-daemon Px, /usr/lib/strigi/*.so mr, /usr/share/dbus-1/services/ r, /usr/share/dbus-1/services/*.service r, /usr/share/strigi/** r, /var/run/dbus/pid w, } about 1 year ago 118 dominic Edit History
opensuse10.3 /usr/bin/gconftool-2 #include <tunables/global> /usr/bin/gconftool-2 { #include <abstractions/base> #include <abstractions/nameservice> #include <abstractions/user-tmp> capability kill, capability sys_ptrace, /etc/gconf/gconf.xml.defaults/ r, /etc/gconf/gconf.xml.defaults/.testing.writeability w, /etc/gconf/gconf.xml.schemas/ r, /etc/gconf/gconf.xml.schemas/** rw, /etc/gconf/schema-install-source r, /etc/gconf/schemas/**.schemas r, /etc/gconf/schemas/*.entries r, /proc/ r, /proc/*/cmdline r, /proc/*/stat r, /usr/bin/gconftool-2 mr, /usr/bin/killall ixr, /usr/lib/GConf/2/gconfd-2 Px, } about 1 year ago Import of jmichaels profiles 91 dominic Edit History
opensuse10.3 /usr/lib/GConf/2/gconf-sanity-check-2 #include <tunables/global> /usr/lib/GConf/2/gconf-sanity-check-2 { #include <abstractions/X> #include <abstractions/base> #include <abstractions/nameservice> #include <abstractions/user-tmp> /home/*/.Xauthority r, /tmp/gconf-test-locking-file-* klrw, /usr/lib/GConf/2/gconf-sanity-check-2 mr, } about 1 year ago none 99 cinimod Edit History
opensuse10.3 /usr/bin/cal #include <tunables/global> /usr/bin/cal { #include <abstractions/base> /usr/bin/cal mr, } about 1 year ago /var/log/apparmor/reports/cal/log 105 doknisa Edit History
opensuse10.3 /usr/bin/opensuse-updater-gnome-applet #include <tunables/global> /usr/bin/opensuse-updater-gnome-applet flags=(complain) { #include <abstractions/base> #include <abstractions/fonts> #include <abstractions/gnome> #include <abstractions/kde> #include <abstractions/nameservice> /home/*/.Xauthority r, /home/*/.fontconfig/* r, /home/*/.opensuse-updater-gnome rw, /proc/meminfo r, /usr/bin/bug-buddy ixr, /usr/bin/opensuse-updater-gnome-applet mr, /usr/sbin/zypp-checkpatches-wrapper Px, /usr/share/opensuse-updater-gnome/glade/*.glade r, /usr/share/opensuse-updater-gnome/images/** r, } over 2 years ago minor changes for 10.3 rc2 initial gnome launch 161 jmichael Edit History
opensuse10.3 /usr/sbin/httpd2-prefork # $Id: usr.sbin.httpd2-prefork 706 2007-05-31 06:58:22Z steve-beattie $ # ------------------------------------------------------------------ # # Copyright (C) 2002-2005 Novell/SUSE # # This program is free software; you can redistribute it and/or # modify it under the terms of version 2 of the GNU General Public # License published by the Free Software Foundation. # # ------------------------------------------------------------------ #include <tunables/global> /usr/sbin/httpd2-prefork flags=(complain) { #include <abstractions/base> #include <abstractions/consoles> #include <abstractions/kerberosclient> #include <abstractions/nameservice> #include <abstractions/perl> capability dac_override, capability kill, capability net_bind_service, capability setgid, capability setuid, capability sys_tty_config, /dev/random r, /etc/apache2/*.conf r, /etc/apache2/magic r, /etc/apache2/mod_perl-startup.pl r, /etc/apache2/ssl.crt/*.crt r, /etc/apache2/ssl.key/*.key r, /etc/apache2/{conf,sysconfig,vhosts}.d/ r, /etc/apache2/{conf,sysconfig,vhosts}.d/* r, /etc/fstab r, /etc/mime.types r, /etc/mtab r, /etc/odbcinst.ini r, /etc/php.d/ r, /etc/php.d/** r, /etc/php.ini r, /etc/php5/apache2/php.ini r, /etc/php5/conf.d/ r, /etc/php5/conf.d/bcmath.ini r, /etc/php5/conf.d/bz2.ini r, /etc/php5/conf.d/calendar.ini r, /etc/php5/conf.d/ctype.ini r, /etc/php5/conf.d/curl.ini r, /etc/php5/conf.d/dba.ini r, /etc/php5/conf.d/dbase.ini r, /etc/php5/conf.d/dom.ini r, /etc/php5/conf.d/exif.ini r, /etc/php5/conf.d/ftp.ini r, /etc/php5/conf.d/gd.ini r, /etc/php5/conf.d/gettext.ini r, /etc/php5/conf.d/gmp.ini r, /etc/php5/conf.d/hash.ini r, /etc/php5/conf.d/iconv.ini r, /etc/php5/conf.d/imap.ini r, /etc/php5/conf.d/json.ini r, /etc/php5/conf.d/mbstring.ini r, /etc/php5/conf.d/mcrypt.ini r, /etc/php5/conf.d/mhash.ini r, /etc/php5/conf.d/mysql.ini r, /etc/php5/conf.d/mysqli.ini r, /etc/php5/conf.d/openssl.ini r, /etc/php5/conf.d/pdo.ini r, /etc/php5/conf.d/pdo_mysql.ini r, /etc/php5/conf.d/pdo_sqlite.ini r, /etc/php5/conf.d/sqlite.ini r, /etc/php5/conf.d/suhosin.ini r, /etc/php5/conf.d/tidy.ini r, /etc/php5/conf.d/tokenizer.ini r, /etc/php5/conf.d/xmlreader.ini r, /etc/php5/conf.d/xmlwriter.ini r, /etc/php5/conf.d/xsl.ini r, /etc/php5/conf.d/zip.ini r, /etc/php5/conf.d/zlib.ini r, /proc/*/attr/current w, /srv/www/htdocs r, /srv/www/htdocs/** r, /srv/www/icons/*.{gif,jpg,png} r, /srv/www/vhosts r, /srv/www/vhosts/** r, /tmp/auth_ldap_cache.sem wl, /tmp/session_mm_apache0.sem wl, /tmp/session_mm_apache2handler0.sem wl, /usr/X11R6/lib/lib*.so* mr, /usr/X11R6/lib64/lib*.so* mr, /usr/apache2/error/* r, /usr/lib/** mr, /usr/lib/apache2-leader/{lib,mod_}*.so* mr, /usr/lib/apache2-metuxmpm/{lib,mod_}*.so* mr, /usr/lib/apache2-prefork/{lib,mod_}*.so* mr, /usr/lib/apache2-worker/{lib,mod_}*.so* mr, /usr/lib/apache2/modules/{lib,mod_}*.so* mr, /usr/lib/apache2/{lib,mod_}*.so mr, /usr/lib/python[12].[0-9]/**.{py,pyc,pth,so} mr, /usr/lib64/apache2-leader/{lib,mod_}*.so* mr, /usr/lib64/apache2-metuxmpm/{lib,mod_}*.so* mr, /usr/lib64/apache2-prefork/{lib,mod_}*.so* mr, /usr/lib64/apache2-worker/{lib,mod_}*.so* mr, /usr/lib64/apache2/modules/{lib,mod_}*.so* mr, /usr/lib64/apache2/{lib,mod_}*.so* mr, /usr/lib64/mysql/libmysql*.so* mr, /usr/lib64/php/extensions/*.so mr, /usr/lib64/php4/*.so mr, /usr/lib64/python[12].[0-9]/**.{py,pyc,pth,so} mr, /usr/lib64/python[12].[0-9]/site-packages r, /usr/lib64/qt3/lib/lib*.so* mr, /usr/local/tomcat/conf/mod_jk.conf r, /usr/local/tomcat/conf/workers-ajp12.properties r, /usr/sbin/httpd2-prefork r, /usr/sbin/suexec2 mixr, /usr/share/apache2/** r, /usr/share/apache2/error/* r, /usr/share/apache2/error/include/* r, /usr/share/misc/magic.mime r, /usr/share/snmp/mibs r, /usr/share/snmp/mibs/*.{txt,mib} r, /usr/share/snmp/mibs/.index wr, /usr/share/ssl/openssl.cnf r, /var/lib/php/sess_* rwl, /var/lib/php5/session_mm_apache2handler0.sem kw, /var/lock/httpd2.lock.* wl, /var/log/apache2/* rwl, /var/log/apache2/** rwl, /var/log/httpd/ssl_scache.dir r, /var/log/httpd/ssl_scache.pag r, /var/run/httpd2.mm.* wl, /var/run/httpd2.pid wl, /var/run/nscd/services r, /var/www/error/* r, /var/www/html/** r, /var/www/icons/*.{gif,jpg,png} r, @{HOME}/public_html r, @{HOME}/public_html/** r, } /usr/sbin/httpd2-prefork/// flags=(complain) { #include <abstractions/nameservice> /proc/*/attr/current w, } /usr/sbin/httpd2-prefork///favicon.ico flags=(complain) { #include <abstractions/nameservice> /proc/*/attr/current w, /srv/www/htdocs/favicon.ico r, /var/log/apache2/access_log w, } /usr/sbin/httpd2-prefork///wordpress/ flags=(complain) { #include <abstractions/nameservice> /dev/urandom r, /proc/*/attr/current w, /srv/www/htdocs/wordpress/index.php r, /srv/www/htdocs/wordpress/wp-blog-header.php r, /srv/www/htdocs/wordpress/wp-includes/classes.php r, /srv/www/htdocs/wordpress/wp-includes/functions.php r, /srv/www/htdocs/wordpress/wp-includes/plugin.php r, /var/log/apache2/access_log w, } /usr/sbin/httpd2-prefork///wordpress/wp-admin/css/install.css flags=(complain) { #include <abstractions/nameservice> /srv/www/htdocs/wordpress/wp-admin/css/install.css r, /var/log/apache2/access_log w, } /usr/sbin/httpd2-prefork///wordpress/wp-admin/setup-config.php flags=(complain) { #include <abstractions/nameservice> /dev/urandom r, /proc/*/attr/current w, /srv/www/htdocs/wordpress/wp-admin/setup-config.php r, /srv/www/htdocs/wordpress/wp-config-sample.php r, /srv/www/htdocs/wordpress/wp-includes/classes.php r, /srv/www/htdocs/wordpress/wp-includes/compat.php r, /srv/www/htdocs/wordpress/wp-includes/functions.php r, /var/log/apache2/access_log w, } /usr/sbin/httpd2-prefork//DEFAULT_URI flags=(complain) { #include <abstractions/base> #include <abstractions/nameservice> /srv/www/htdocs r, /srv/www/htdocs/** r, /srv/www/icons/*.{gif,jpg,png} r, /srv/www/vhosts r, /srv/www/vhosts/** r, /usr/sbin/suexec2 mixr, /usr/share/apache2/** r, /var/lib/php/sess_* rwl, /var/log/apache2/** rwl, /var/www/error/* r, /var/www/html/** r, /var/www/icons/*.{gif,jpg,png} r, @{HOME}/public_html r, @{HOME}/public_html/** r, } /usr/sbin/httpd2-prefork//HANDLING_UNTRUSTED_INPUT flags=(complain) { #include <abstractions/nameservice> /**.htaccess r, /proc/*/attr/current w, /var/log/apache2/* w, } about 1 year ago httpd2 111 eviled Edit History
opensuse10.3 /usr/bin/nm-applet #include <tunables/global> /usr/bin/nm-applet { #include <abstractions/base> #include <abstractions/dbus> #include <abstractions/gnome> #include <abstractions/kde> #include <abstractions/nameservice> /etc/gnome-vfs-2.0/modules/ r, /etc/sound/events/gtk-events-2.soundlist r, /home/*/.ICEauthority r, /home/*/.Xauthority r, /home/*/.esd_auth r, /home/*/.fontconfig/* r, /home/*/.gnome2_private/ w, /home/*/.icons/ r, /home/*/.local/share/icons/ r, /usr/bin/bug-buddy ixr, /usr/bin/nm-applet mr, /usr/share/nm-applet/*.glade r, } about 1 year ago Import of jmichaels profiles 148 dominic Edit History
opensuse10.3 /bin/basename #include <tunables/global> /bin/basename { #include <abstractions/base> /bin/basename mr, } about 1 year ago firefox2 116 vojta Edit History
opensuse10.3 /usr/lib/cups/backend/scsi #include <tunables/global> /usr/lib/cups/backend/scsi flags=(complain) { #include <abstractions/base> /usr/lib/cups/backend/scsi mr, } over 2 years ago cups testing 130 dominic Edit History
opensuse10.3 /usr/sbin/postsuper #include <tunables/global> /usr/sbin/postsuper flags=(complain) { #include <abstractions/base> /usr/sbin/postsuper mr, } about 1 year ago changes 6 123 security Edit History
opensuse10.3 /sbin/modprobe #include <tunables/global> /sbin/modprobe { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/nameservice> capability net_raw, capability sys_module, /bin/bash ixr, /bin/true ixr, /etc/modprobe.conf r, /etc/modprobe.conf.local r, /etc/modprobe.d/ r, /etc/modprobe.d/* r, /lib/modules/**.ko krw, /lib/modules/*/modules.alias r, /lib/modules/*/modules.dep r, /proc/meminfo r, /proc/modules r, /sbin/modprobe ixr, } about 1 year ago Import of jmichaels profiles 140 dominic Edit History
opensuse10.3 /usr/bin/nm-applet #include <tunables/global> /usr/bin/nm-applet { #include <abstractions/base> #include <abstractions/dbus> #include <abstractions/gnome> #include <abstractions/kde> #include <abstractions/nameservice> /etc/gnome-vfs-2.0/modules/ r, /etc/sound/events/gtk-events-2.soundlist r, /home/*/.ICEauthority r, /home/*/.Xauthority r, /home/*/.esd_auth r, /home/*/.fontconfig/* r, /home/*/.gnome2_private/ w, /home/*/.icons/ r, /home/*/.local/share/icons/ r, /usr/bin/bug-buddy ixr, /usr/bin/nm-applet mr, /usr/share/nm-applet/*.glade r, } about 1 year ago none 95 cinimod Edit History
opensuse10.3 /bin/sleep #include <tunables/global> /bin/sleep { #include <abstractions/base> /bin/sleep mr, } about 1 year ago Import of jmichaels profiles 100 dominic Edit History
opensuse10.3 /usr/bin/tor #include <tunables/global> /usr/bin/tor { #include <abstractions/base> #include <abstractions/nameservice> /etc/tor/torrc r, /usr/bin/tor mr, /var/lib/tor/* rw, /var/lib/tor/*/ r, /var/lib/tor/cached-status/** rw, /var/log/tor/* a, /var/run/tor/tor.pid w, } 8 months ago 60 shimingzhou Edit History
opensuse10.3 /sbin/route #include <tunables/global> /sbin/route { #include <abstractions/base> #include <abstractions/nameservice> capability net_admin, /proc/net/route r, /sbin/route mr, } about 1 year ago none 103 cinimod Edit History
opensuse10.3 /usr/bin/evince #include <tunables/global> /usr/bin/evince { #include <abstractions/base> #include <abstractions/gnome> #include <abstractions/kde> #include <abstractions/nameservice> capability dac_override, capability setgid, capability setuid, / r, /Archiv/ r, /Archiv/** rw, /etc/gai.conf r, /etc/ghostscript/8.15/Fontmap r, /etc/ghostscript/8.15/Fontmap.X11-auto r, /etc/ghostscript/8.15/cidfmap r, /etc/ghostscript/8.15/xlatmap r, /etc/gnome-vfs-2.0/modules/ r, /etc/mtab r, /etc/sound/events/gtk-events-2.soundlist r, /etc/xpdfrc r, /etc/xpdfrc-cjk r, /etc/xpdfrc-cjk-auto r, /etc/xpdfrc-cjk.sjis r, /home/*/ r, /home/*/.ICEauthority r, /home/*/.Xauthority r, /home/*/.bash_history r, /home/*/.bashrc r, /home/*/.beagle/socket w, /home/*/.cedegarc r, /home/*/.config/gtk-2.0/gtkfilechooser.ini rw, /home/*/.config/gtk-2.0/gtkfilechooser.ini.0S3G2T rw, /home/*/.config/gtk-2.0/gtkfilechooser.ini.66SB2T rw, /home/*/.config/gtk-2.0/gtkfilechooser.ini.9HHL1T rw, /home/*/.config/gtk-2.0/gtkfilechooser.ini.Q0VH2T rw, /home/*/.config/gtk-2.0/gtkfilechooser.ini.UPEH2T rw, /home/*/.dmrc r, /home/*/.dvipsrc r, /home/*/.emacs r, /home/*/.esd_auth r, /home/*/.exrc r, /home/*/.fontconfig/* r, /home/*/.gnome2/accels/evince rw, /home/*/.gnome2/evince/ev-metadata.xml rw, /home/*/.gnome2/evince/print-settings rw, /home/*/.gnome2/evince/print-settings.* rw, /home/*/.gnome2_private/ w, /home/*/.gpilotd.pid r, /home/*/.gtkrc-1.2-gnome2 r, /home/*/.icons/ r, /home/*/.inputrc r, /home/*/.kermrc r, /home/*/.local/share/icons/ r, /home/*/.local/share/mime/aliases r, /home/*/.local/share/mime/globs r, /home/*/.local/share/mime/magic r, /home/*/.local/share/mime/mime.cache r, /home/*/.local/share/mime/subclasses r, /home/*/.mailcap r, /home/*/.muttrc r, /home/*/.opensuse-updater-gnome r, /home/*/.profile r, /home/*/.realplayerrc r, /home/*/.recently-used r, /home/*/.recently-used.xbel rw, /home/*/.recently-used.xbel.* rw, /home/*/.urlview r, /home/*/.viminfo r, /home/*/.windows-label r, /home/*/.xcoralrc r, /home/*/.xim.template r, /home/*/.xinitrc.template r, /home/*/.xsession-errors r, /home/*/.xtalkrc r, /home/*/Desktop/ rw, /home/*/Desktop/**.pdf rw, /proc/*/mounts r, /proc/meminfo r, /root/.esd_auth r, /root/.gnome2/accels/evince rw, /root/.gnome2/evince/ w, /root/.gnome2_private/ w, /root/.local/share/mime/aliases r, /root/.local/share/mime/globs r, /root/.local/share/mime/magic r, /root/.local/share/mime/mime.cache r, /root/.local/share/mime/subclasses r, /root/.recently-used.xbel.FXVN3T rw, /root/.recently-used.xbel.WCCU3T rw, /root/.recently-used.xbel.X1XL3T rw, /root/.recently-used.xbel.XLCN3T rw, /root/.xauthQESsMm r, /usr/bin/bug-buddy ixr, /usr/bin/evince mr, /usr/bin/gs ixr, /usr/lib/** mr, /usr/share/evince/evince-toolbar.xml r, /usr/share/evince/evince-ui.xml r, /usr/share/evince/icons/ r, /usr/share/evince/icons/hicolor/** r, /usr/share/ghostscript/8.15/Resource/CMap/ r, /usr/share/ghostscript/8.15/lib/*.ps r, /usr/share/ghostscript/8.15/lib/Fontmap.GS r, /usr/share/ghostscript/8.15/lib/Fontmap.rus r, /usr/share/ghostscript/8.15/lib/cjkv/*.ps r, /usr/share/ghostscript/8.15/lib/escp_24.src r, /usr/share/locale-bundle/de/LC_MESSAGES/atk10.mo r, /usr/share/locale-bundle/de/LC_MESSAGES/evince.mo r, /usr/share/locale-bundle/de/LC_MESSAGES/glib20.mo r, /usr/share/locale-bundle/de/LC_MESSAGES/gnome-vfs-2.0.mo r, /usr/share/locale-bundle/de/LC_MESSAGES/gtk20-properties.mo r, /usr/share/locale-bundle/de/LC_MESSAGES/gtk20.mo r, /usr/share/locale-bundle/de/LC_MESSAGES/libbonobo-2.0.mo r, /usr/share/locale-bundle/de/LC_MESSAGES/libgnomeui-2.0.mo r, /usr/share/mime/application/octet-stream.xml r, /usr/share/mime/application/pdf.xml r, /usr/share/mime/application/vnd.oasis.opendocument.spreadsheet.xml r, /usr/share/mime/application/vnd.oasis.opendocument.text.xml r, /usr/share/mime/application/x-compressed-tar.xml r, /usr/share/mime/application/x-deb.xml r, /usr/share/mime/application/x-mozilla-bookmarks.xml r, /usr/share/mime/application/x-shellscript.xml r, /usr/share/mime/application/x-xbel.xml r, /usr/share/mime/application/xml.xml r, /usr/share/mime/application/zip.xml r, /usr/share/mime/inode/directory.xml r, /usr/share/mime/text/plain.xml r, /usr/share/mime/text/x-csrc.xml r, /usr/share/mime/text/x-log.xml r, /usr/share/xpdf/** r, /var/cache/libx11/compose/* r, /var/run/cups/cups.sock w, /var/run/nscd/services r, } about 1 year ago 164 overwrite Edit History
opensuse10.3 /usr/bin/skype #include <tunables/global> /usr/bin/skype { #include <abstractions/audio> #include <abstractions/base> #include <abstractions/fonts> #include <abstractions/freedesktop.org> #include <abstractions/kde> #include <abstractions/nameservice> /etc/gai.conf r, /home/*/.Skype/ rw, /home/*/.Skype/** krw, /home/*/.config/Trolltech.conf kr, /home/*/.fontconfig/** r, /home/*/.kde/share/config/kioslaverc r, /proc/interrupts r, /usr/bin/skype mr, /usr/share/skype/** kr, /var/cache/libx11/compose/l4_024_313cb605_00280cc0 r, } about 1 year ago 114 orat Edit History
opensuse10.3 /sbin/modprobe #include <tunables/global> /sbin/modprobe { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/nameservice> capability net_raw, capability sys_module, /bin/bash ixr, /bin/true ixr, /etc/modprobe.conf r, /etc/modprobe.conf.local r, /etc/modprobe.d/ r, /etc/modprobe.d/* r, /lib/modules/**.ko krw, /lib/modules/*/modules.alias r, /lib/modules/*/modules.dep r, /proc/meminfo r, /proc/modules r, /sbin/modprobe ixr, } about 1 year ago none 108 cinimod Edit History
opensuse10.3 /sbin/syslog-ng # $Id$ # ------------------------------------------------------------------ # # Copyright (C) 2006 Novell/SUSE # Copyright (C) 2006 Christian Boltz # # This program is free software; you can redistribute it and/or # modify it under the terms of version 2 of the GNU General Public # License published by the Free Software Foundation. # # ------------------------------------------------------------------ #include <tunables/global> /sbin/syslog-ng { #include <abstractions/base> #include <abstractions/consoles> #include <abstractions/nameservice> capability chown, capability dac_override, capability fowner, capability fsetid, /dev/log w, /dev/tty10 rw, /dev/xconsole rw, /etc/syslog-ng/* r, /sbin/syslog-ng mr, /var/lib/*/dev/log w, /var/log/** w, /var/run/syslog-ng.pid w, } over 2 years ago Initial Revision 143 novell Edit History
opensuse10.3 /etc/sysconfig/network/scripts/50-ntp #include <tunables/global> /etc/sysconfig/network/scripts/50-ntp flags=(complain) { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> /bin/bash ixr, /etc/init.d/ntp Px, /etc/sysconfig/network/scripts/50-ntp mr, /proc/meminfo r, /sbin/chkconfig Px, } over 2 years ago argh, switch things back to complain for a while 121 jmichael Edit History
opensuse10.3 /bin/sleep #include <tunables/global> /bin/sleep { #include <abstractions/base> /bin/sleep mr, } about 1 year ago none 92 cinimod Edit History
opensuse10.3 /etc/apparmor/profiles/extras/usr.bin.opera #include <tunables/global> /etc/apparmor/profiles/extras/usr.bin.opera flags=(complain) { #include <abstractions/base> /etc/apparmor/profiles/extras/usr.bin.opera mr, } about 1 year ago opera 135 gs222gs Edit History
opensuse10.3 /usr/lib/cups/backend/hal #include <tunables/global> /usr/lib/cups/backend/hal flags=(complain) { #include <abstractions/base> /usr/lib/cups/backend/hal mr, } over 2 years ago cups testing 145 dominic Edit History
opensuse10.3 /sbin/route #include <tunables/global> /sbin/route { #include <abstractions/base> #include <abstractions/nameservice> capability net_admin, /proc/net/route r, /sbin/route mr, } about 1 year ago Import of jmichaels profiles 134 dominic Edit History
opensuse10.3 /usr/bin/gnome-cups-icon #include <tunables/global> /usr/bin/gnome-cups-icon { #include <abstractions/base> #include <abstractions/gnome> #include <abstractions/nameservice> /etc/gnome-vfs-2.0/modules/ r, /etc/sound/events/gtk-events-2.soundlist r, /home/*/.ICEauthority r, /home/*/.Xauthority r, /home/*/.cups/lpoptions r, /home/*/.gnome2_private/ w, /tmp/orbit-*/bonobo-activation-register.lock klrw, /usr/bin/bug-buddy ixr, /usr/bin/gnome-cups-icon mr, /var/run/cups/cups.sock w, /var/run/nscd/services r, } about 1 year ago Import of jmichaels profiles 119 dominic Edit History
opensuse10.3 usr/bin/file #include <tunables/global> profile usr/bin/file { #include <abstractions/base> /etc/magic r, /usr/bin/file mr, /usr/share/misc/magic.mgc r, } about 1 year ago test profile - please don't use 83 jjohansen Edit History
opensuse10.3 /sbin/syslog-ng # $Id$ # ------------------------------------------------------------------ # # Copyright (C) 2006 Novell/SUSE # Copyright (C) 2006 Christian Boltz # # This program is free software; you can redistribute it and/or # modify it under the terms of version 2 of the GNU General Public # License published by the Free Software Foundation. # # ------------------------------------------------------------------ #include <tunables/global> /sbin/syslog-ng { #include <abstractions/base> #include <abstractions/consoles> #include <abstractions/nameservice> capability chown, capability dac_override, capability fowner, capability fsetid, /dev/log w, /dev/tty10 rw, /dev/xconsole rw, /etc/syslog-ng/* r, /sbin/syslog-ng mr, /var/lib/*/dev/log w, /var/log/** w, /var/run/syslog-ng.pid w, } about 1 year ago none 96 cinimod Edit History
opensuse10.3 /usr/bin/top #include <tunables/global> /usr/bin/top flags=(complain) { #include <abstractions/base> /proc/ r, /proc/*/stat r, /proc/*/statm r, /proc/loadavg r, /proc/sys/kernel/pid_max r, /proc/uptime r, /usr/bin/top mr, /usr/share/terminfo/x/xterm r, /var/run/nscd/passwd r, /var/run/nscd/socket w, /var/run/utmp kr, } over 2 years ago top-log 139 Sakthivel Rajan N Edit History
opensuse10.3 /usr/bin/evince #include <tunables/global> /usr/bin/evince { #include <abstractions/base> #include <abstractions/gnome> #include <abstractions/kde> #include <abstractions/nameservice> /etc/gnome-vfs-2.0/modules/ r, /etc/mtab r, /etc/sound/events/gtk-events-2.soundlist r, /etc/xpdfrc r, /etc/xpdfrc-cjk r, /etc/xpdfrc-cjk-auto r, /etc/xpdfrc-cjk.sjis r, /home/*/.ICEauthority r, /home/*/.Xauthority r, /home/*/.esd_auth r, /home/*/.fontconfig/* r, /home/*/.gnome2/accels/evince rw, /home/*/.gnome2/evince/ev-metadata.xml rw, /home/*/.gnome2_private/ w, /home/*/.icons/ r, /home/*/.local/share/icons/ r, /home/*/.recently-used.xbel rw, /home/*/.recently-used.xbel.* rw, /home/*/Desktop/**.pdf r, /proc/meminfo r, /usr/bin/evince mr, /usr/share/evince/evince-toolbar.xml r, /usr/share/evince/evince-ui.xml r, /usr/share/evince/icons/ r, /usr/share/evince/icons/hicolor/** r, /usr/share/xpdf/** r, /var/cache/libx11/compose/* r, } about 1 year ago Import of jmichaels profiles 132 dominic Edit History
opensuse10.3 /usr/bin/gnome-power-manager #include <tunables/global> /usr/bin/gnome-power-manager { #include <abstractions/base> #include <abstractions/dbus> #include <abstractions/gnome> #include <abstractions/kde> #include <abstractions/nameservice> /etc/gnome-vfs-2.0/modules/ r, /etc/sound/events/gtk-events-2.soundlist r, /home/*/.ICEauthority r, /home/*/.Xauthority r, /home/*/.esd_auth r, /home/*/.fontconfig/* r, /home/*/.gnome2/gnome-power-manager/ w, /home/*/.gnome2/gnome-power-manager/* rw, /home/*/.gnome2_private/ w, /home/*/.gstreamer-0.10/registry.i686.xml rw, /home/*/.gstreamer-0.10/registry.i686.xml.tmp* rw, /home/*/.icons/ r, /home/*/.local/share/icons/ r, /proc/stat r, /usr/bin/bug-buddy ixr, /usr/bin/gnome-power-manager mr, /usr/lib/nautilus-cd-burner/mapping-daemon Px, /usr/share/gnome-power-manager/*.glade r, /usr/share/gnome-power-manager/icons/ r, /usr/share/gnome-power-manager/icons/** r, } about 1 year ago none 104 cinimod Edit History
opensuse10.3 /usr/bin/gnome-cups-icon #include <tunables/global> /usr/bin/gnome-cups-icon { #include <abstractions/base> #include <abstractions/gnome> #include <abstractions/nameservice> /etc/gnome-vfs-2.0/modules/ r, /etc/sound/events/gtk-events-2.soundlist r, /home/*/.ICEauthority r, /home/*/.Xauthority r, /home/*/.cups/lpoptions r, /home/*/.gnome2_private/ w, /tmp/orbit-*/bonobo-activation-register.lock klrw, /usr/bin/bug-buddy ixr, /usr/bin/gnome-cups-icon mr, /var/run/cups/cups.sock w, /var/run/nscd/services r, } about 1 year ago none 100 cinimod Edit History
opensuse10.3 /usr/lib/nautilus-cd-burner/mapping-daemon #include <tunables/global> /usr/lib/nautilus-cd-burner/mapping-daemon flags=(complain) { #include <abstractions/base> #include <abstractions/nameservice> /tmp/mapping-* w, /tmp/virtual-*/ w, /usr/lib/nautilus-cd-burner/mapping-daemon mr, } over 2 years ago argh, switch things back to complain for a while 139 jmichael Edit History
opensuse10.3 /usr/sbin/saslauthd #include <tunables/global> /usr/sbin/saslauthd { #include <abstractions/authentication> #include <abstractions/base> #include <abstractions/nameservice> capability dac_override, /etc/saslauthd.conf r, /usr/sbin/saslauthd mr, /var/run/sasl2/* krw, } about 1 year ago 103 jco Edit History
opensuse10.3 /usr/lib/AntiVir/antivir-gui #include <tunables/global> /usr/lib/AntiVir/antivir-gui { #include <abstractions/base> #include <abstractions/bash> /bin/bash ix, /usr/lib/AntiVir/antivir-gui mr, } over 2 years ago ChangeLog 104 tdanisi Edit History
opensuse10.3 /usr/sbin/iwconfig #include <tunables/global> /usr/sbin/iwconfig flags=(complain) { #include <abstractions/base> #include <abstractions/nameservice> capability net_admin, /proc/net/dev r, /usr/sbin/iwconfig mr, } over 2 years ago argh, switch things back to complain for a while 128 jmichael Edit History
opensuse10.3 /sbin/ifconfig #include <tunables/global> /sbin/ifconfig flags=(complain) { #include <abstractions/base> /sbin/ifconfig mr, } about 1 year ago 98 AnThraxII Edit History
opensuse10.3 /usr/sbin/zypp-checkpatches-wrapper #include <tunables/global> /usr/sbin/zypp-checkpatches-wrapper flags=(complain) { #include <abstractions/base> #include <abstractions/nameservice> capability setgid, capability setuid, /usr/bin/zypper Px, /usr/sbin/zypp-checkpatches-wrapper mr, } over 2 years ago few extra changes 114 jmichael Edit History
opensuse10.3 /usr/bin/evince #include <tunables/global> /usr/bin/evince { #include <abstractions/base> #include <abstractions/gnome> #include <abstractions/kde> #include <abstractions/nameservice> /etc/gnome-vfs-2.0/modules/ r, /etc/mtab r, /etc/sound/events/gtk-events-2.soundlist r, /etc/xpdfrc r, /etc/xpdfrc-cjk r, /etc/xpdfrc-cjk-auto r, /etc/xpdfrc-cjk.sjis r, /home/*/.ICEauthority r, /home/*/.Xauthority r, /home/*/.esd_auth r, /home/*/.fontconfig/* r, /home/*/.gnome2/accels/evince rw, /home/*/.gnome2/evince/ev-metadata.xml rw, /home/*/.gnome2_private/ w, /home/*/.icons/ r, /home/*/.local/share/icons/ r, /home/*/.recently-used.xbel rw, /home/*/.recently-used.xbel.* rw, /home/*/Desktop/**.pdf r, /proc/meminfo r, /usr/bin/evince mr, /usr/share/evince/evince-toolbar.xml r, /usr/share/evince/evince-ui.xml r, /usr/share/evince/icons/ r, /usr/share/evince/icons/hicolor/** r, /usr/share/xpdf/** r, /var/cache/libx11/compose/* r, } about 1 year ago none 99 cinimod Edit History
opensuse10.3 /usr/bin/gnome-power-manager #include <tunables/global> /usr/bin/gnome-power-manager { #include <abstractions/base> #include <abstractions/dbus> #include <abstractions/gnome> #include <abstractions/kde> #include <abstractions/nameservice> /etc/gnome-vfs-2.0/modules/ r, /etc/sound/events/gtk-events-2.soundlist r, /home/*/.ICEauthority r, /home/*/.Xauthority r, /home/*/.esd_auth r, /home/*/.fontconfig/* r, /home/*/.gnome2/gnome-power-manager/ w, /home/*/.gnome2/gnome-power-manager/* rw, /home/*/.gnome2_private/ w, /home/*/.gstreamer-0.10/registry.i686.xml rw, /home/*/.gstreamer-0.10/registry.i686.xml.tmp* rw, /home/*/.icons/ r, /home/*/.local/share/icons/ r, /proc/stat r, /usr/bin/bug-buddy ixr, /usr/bin/gnome-power-manager mr, /usr/lib/nautilus-cd-burner/mapping-daemon Px, /usr/share/gnome-power-manager/*.glade r, /usr/share/gnome-power-manager/icons/ r, /usr/share/gnome-power-manager/icons/** r, } about 1 year ago Import of jmichaels profiles 131 dominic Edit History
opensuse10.3 /usr/lib/firefox/firefox-bin #include <tunables/global> /usr/lib/firefox/firefox-bin { #include <abstractions/audio> #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/dbus> #include <abstractions/fonts> #include <abstractions/gnome> #include <abstractions/kde> #include <abstractions/nameservice> /bin/bash ix, /bin/grep ixr, /bin/netstat Px, /bin/ps Px, /etc/gai.conf r, /etc/gconf/2/path r, /etc/gconf/gconf.xml.defaults/ r, /etc/gconf/gconf.xml.mandatory/ r, /etc/gconf/gconf.xml.schemas/ r, /etc/gconf/gconf.xml.schemas/desktop/ r, /etc/gconf/gconf.xml.schemas/desktop/gnome/ r, /etc/gconf/gconf.xml.schemas/desktop/gnome/interface/%gconf.xml r, /etc/gconf/gconf.xml.schemas/desktop/gnome/sound/%gconf.xml r, /etc/gconf/gconf.xml.schemas/schemas/ r, /etc/gconf/gconf.xml.schemas/schemas/desktop/ r, /etc/gconf/gconf.xml.schemas/schemas/desktop/gnome/ r, /etc/gconf/gconf.xml.schemas/schemas/desktop/gnome/interface/%gconf.xml r, /etc/gconf/gconf.xml.schemas/schemas/desktop/gnome/sound/%gconf.xml r, /etc/gnome-vfs-2.0/modules/ r, /etc/mailcap r, /etc/mime.types r, /etc/mtab r, /etc/opt/kde3/share/applications/ r, /etc/opt/kde3/share/applications/mimeinfo.cache r, /etc/sound/events/gtk-events-2.soundlist r, /home/*/*.conf r, /home/*/.ICEauthority r, /home/*/.Xauthority r, /home/*/.adobe/Flash_Player/** r, /home/*/.beagle/ToIndex/* rw, /home/*/.beagle/socket w, /home/*/.bookmarks.html rw, /home/*/.config/*.gtk-icons rw, /home/*/.config/gtk-2.0/gtkfilechooser.ini rw, /home/*/.config/gtk-2.0/gtkfilechooser.ini.* rw, /home/*/.config/qtcurve.gtk-colors rw, /home/*/.config/qtcurvestylerc r, /home/*/.esd_auth r, /home/*/.fontconfig/* r, /home/*/.gconf/ r, /home/*/.gconf/*.writeability w, /home/*/.gconfd/saved_state rw, /home/*/.gconfd/saved_state.orig w, /home/*/.gconfd/saved_state.tmp rw, /home/*/.gnome2_private/ w, /home/*/.icons/ r, /home/*/.kde/share/config/gtkrc-2.0 r, /home/*/.kde/share/config/kdeglobals r, /home/*/.local/share/applications/ r, /home/*/.local/share/applications/*.desktop r, /home/*/.local/share/applications/defaults.list r, /home/*/.local/share/applications/mimeinfo.cache r, /home/*/.local/share/icons/ r, /home/*/.macromedia/Flash_Player/** r, /home/*/.mailcap r, /home/*/.mozilla/firefox/** krw, /home/*/.mozilla/plugins/ r, /home/*/.mozilla/plugins/libflashplayer.so mr, /home/*/.qt/qtrc r, /home/*/.recently-used.xbel r, /home/*/Desktop/ r, /home/*/Desktop/** rw, /home/*/Documents/** rw, /opt/kde3/bin/gwenview Px, /opt/kde3/share/applications/ r, /opt/kde3/share/applications/kde/*.desktop r, /opt/kde3/share/applications/mimeinfo.cache r, /proc/*/cmdline r, /proc/*/maps r, /proc/cpuinfo r, /proc/meminfo r, /proc/sys/kernel/ngroups_max r, /tmp/** klrw, /usr/bin/acroread Px, /usr/bin/eog Px, /usr/bin/evince Px, /usr/bin/file-roller Px, /usr/bin/gimp-remote-2.2 Px, /usr/bin/gvim-normal ixr, /usr/bin/mplayer Px, /usr/bin/oowriter ixr, /usr/lib/** mr, /usr/lib/GConf/2/gconfd-2 ixr, /usr/lib/firefox/firefox-bin ixr, /usr/lib/firefox/firefox.sh Px, /usr/share/applications/ r, /usr/share/applications/*.desktop r, /usr/share/applications/mimeinfo.cache r, /usr/share/dist/icons/suse-help.svg r, /usr/share/gdm/applications/ r, /usr/share/locale-bundle/cs/LC_MESSAGES/GConf2.mo r, /usr/share/locale-bundle/cs/LC_MESSAGES/glib20.mo r, /usr/share/locale-bundle/cs/LC_MESSAGES/libbonobo-2.0.mo r, /usr/share/locale-bundle/cs/LC_MESSAGES/libgnome-2.0.mo r, /usr/share/mime/**.xml r, /var/cache/gnome-vfs/defaults.list r, /var/cache/libx11/compose/* r, } about 1 year ago firefox 87 vojta Edit History
opensuse10.3 /bin/ping # $Id: bin.ping 935 2007-08-20 01:28:20Z DominicReynolds_ $ # ------------------------------------------------------------------ # # Copyright (C) 2002-2005 Novell/SUSE # # This program is free software; you can redistribute it and/or # modify it under the terms of version 2 of the GNU General Public # License published by the Free Software Foundation. # # ------------------------------------------------------------------ #include <tunables/global> /bin/ping { #include <abstractions/base> #include <abstractions/consoles> #include <abstractions/nameservice> capability net_raw, capability setuid, network inet raw, /bin/ping mixr, /etc/modules.conf r, /var/run/avahi-daemon/socket w, } about 1 year ago none 106 cinimod Edit History
opensuse10.3 /usr/bin/knotify4 #include <tunables/global> /usr/bin/knotify4 { #include <abstractions/audio> #include <abstractions/base> #include <abstractions/dbus> #include <abstractions/kde> #include <abstractions/nameservice> /etc/kde4/* r, /home/*/.Xauthority r, /home/*/.config/Trolltech.conf kr, /home/*/.fontconfig/* r, /home/*/.fonts.conf r, /home/*/.kde4/cache-*/** lrw, /home/*/.kde4/share/apps/kde/ w, /home/*/.kde4/share/apps/kwin/ w, /home/*/.kde4/share/config/ w, /home/*/.kde4/share/config/* r, /home/*/.kde4/share/config/*new rw, /home/*/.kde4/share/config/*rc rw, /home/*/.kde4/share/config/*rc.lock lrw, /home/*/.kde4/share/config/*rc.lock.* rw, /home/*/.xine/catalog.cache rw, /proc/cpuinfo r, /proc/meminfo r, /usr/bin/knotify4 mr, /usr/lib/kde4/*.so mr, /usr/lib/kde4/libexec/drkonqi Px, /usr/lib/kde4/plugins/**.so mr, /usr/lib/xine/plugins/**.so mr, /usr/share/kde4/apps/** r, /usr/share/xine/libxine1/fonts/ r, } about 1 year ago kde4 rc2 tests 116 dominic Edit History
opensuse10.3 /usr/local/bin/tor #include <tunables/global> /usr/local/bin/tor { #include <abstractions/base> /usr/local/bin/tor mr, } about 1 year ago changes-3 101 security Edit History
opensuse10.3 /bin/netstat # $Id: bin.netstat 697 2007-05-25 03:09:30Z steve-beattie $ # ------------------------------------------------------------------ # # Copyright (C) 2002-2005 Novell/SUSE # # This program is free software; you can redistribute it and/or # modify it under the terms of version 2 of the GNU General Public # License published by the Free Software Foundation. # # ------------------------------------------------------------------ # evolution, amongst other things, calls this program. I didn't want to # give evolution access to significant chunks of /proc # #include <tunables/global> /bin/netstat { #include <abstractions/base> #include <abstractions/consoles> #include <abstractions/nameservice> capability dac_override, capability dac_read_search, /bin/netstat rmix, /etc/networks r, @{PROC} r, @{PROC}/[0-9]*/cmdline r, @{PROC}/[0-9]*/fd r, @{PROC}/net r, @{PROC}/net/* r, } over 2 years ago 20071015 108 davepl Edit History
opensuse10.3 /usr/bin/smbspool #include <tunables/global> /usr/bin/smbspool flags=(complain) { #include <abstractions/base> /usr/bin/smbspool mr, } over 2 years ago cups testing 203 dominic Edit History
opensuse10.3 /usr/sbin/amavisd #include <tunables/global> /usr/sbin/amavisd { #include <abstractions/base> #include <abstractions/consoles> #include <abstractions/nameservice> #include <abstractions/perl> capability dac_override, capability dac_read_search, /etc/amavisd.conf r, /etc/amavisd/templates.d/** r, /usr/bin/perl ix, /usr/sbin/amavisd mr, /var/spool/amavis/amavisd.pid r, } about 1 year ago 104 arclyde Edit History
opensuse10.3 /etc/sysconfig/network/scripts/dhcpcd-hook-samba #include <tunables/global> /etc/sysconfig/network/scripts/dhcpcd-hook-samba { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> /bin/bash ixr, /bin/gawk ixr, /etc/sysconfig/network/* r, /etc/sysconfig/network/scripts/dhcpcd-hook-samba mr, /etc/sysconfig/network/scripts/dhcpcd-hook-samba-functions r, /proc/meminfo r, /var/lib/dhcp/dhclient-*.leases r, } about 1 year ago more kde4 testing 87 dominic Edit History
opensuse10.3 /usr/lib/cyrus/bin/idled #include <tunables/global> /usr/lib/cyrus/bin/idled { #include <abstractions/base> /etc/imapd.* r, /mnt/mail/config/** rw, /usr/lib/cyrus/bin/idled mr, /var/lib/imap/* rw, /var/lib/imap/** w, /var/lib/imap/db/* rw, } about 1 year ago 99 arclyde Edit History
opensuse10.3 /usr/lib/cups/backend/ipp #include <tunables/global> /usr/lib/cups/backend/ipp flags=(complain) { #include <abstractions/base> #include <abstractions/nameservice> network inet dgram, /usr/lib/cups/backend/ipp mr, /var/run/avahi-daemon/socket w, /var/spool/cups/* r, } over 2 years ago Testing printing use cases 151 dominic Edit History
opensuse10.3 /sbin/runlevel #include <tunables/global> /sbin/runlevel { #include <abstractions/base> /sbin/runlevel mr, /var/run/utmp krw, } about 1 year ago Import of jmichaels profiles 89 dominic Edit History
opensuse10.3 /usr/lib/vmware/lib/wrapper-gtk24.sh #include <tunables/global> /usr/lib/vmware/lib/wrapper-gtk24.sh flags=(complain) { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/nameservice> /bin/bash ixr, /bin/grep ixr, /dev/ r, /dev/dsp r, /dev/sg1 r, /dev/tty rw, /etc/gtk-2.0/gdk-pixbuf.loaders r, /etc/gtk-2.0/gtkrc r, /etc/vmware/ r, /etc/vmware/config r, /home/*/.Xauthority r, /home/*/.config/qtcurvestylerc r, /home/*/.kde/share/config/kdeglobals r, /home/*/.qt/qtrc r, /home/*/.vmware/ rw, /home/*/.vmware/license.ws.6.0.200610 r, /home/*/.vmware/preferences r, /proc/*/cmdline r, /proc/cpuinfo r, /proc/meminfo r, /proc/net/dev r, /proc/sys/dev/parport r, /proc/uptime r, /tmp/ r, /tmp/.X11-unix/X0 w, /tmp/gconfd-admincs1/lock/ior r, /tmp/orbit-admincs1/ w, /tmp/orbit-admincs1/linc-1cf0-0-225dfec52121a w, /tmp/orbit-admincs1/linc-e42-0-7a2c25cc88df2 w, /tmp/vmware-admincs1.0 rw, /tmp/vmware-admincs1/ r, "/tmp/vmware-admincs1/VMware Workstation-:0.0-sp" rw, /tmp/vmware-admincs1/ui-3253.log w, /tmp/vmware-admincs1/ui-3253.log.lck/ rw, /tmp/vmware-admincs1/ui-3253.log.lck/D23516.lck/ w, /tmp/vmware-admincs1/ui-3253.log.lck/E23516.lck rw, /tmp/vmware-admincs1/ui-3253.log.lck/M23516.lck rw, /tmp/vmware-admincs1/ui-3649.log w, /usr/bin/gconftool-2 ixr, /usr/bin/ldd Ux, /usr/lib/vmware/bin/vmware ixr, /usr/lib/vmware/bin/vmware-tray ixr, /usr/lib/vmware/lib/wrapper-gtk24.sh mr, /usr/share/X11/locale/en_US.UTF-8/XLC_LOCALE r, /usr/share/X11/locale/locale.alias r, /usr/share/X11/locale/locale.dir r, /usr/share/icons/gnome/icon-theme.cache mr, /usr/share/icons/gnome/index.theme r, /usr/share/themes/QtCurve/gtk-2.0/gtkrc r, /usr/share/themes/QtCurve/gtk-2.0/gtkrc-kde3 r, /var/run/dbus/system_bus_socket w, } about 1 year ago vmware 219 knoble Edit History
opensuse10.3 /usr/lib/firefox/firefox.sh #include <tunables/global> /usr/lib/firefox/firefox.sh flags=(complain) { #include <abstractions/base> #include <abstractions/bash> /bin/bash ix, /usr/lib/firefox/firefox.sh mr, } about 1 year ago tristan 84 e1337r0ck3rX7 Edit History
opensuse10.3 /bin/ping # $Id: bin.ping 521 2007-03-30 23:45:28Z agruen $ # ------------------------------------------------------------------ # # Copyright (C) 2002-2005 Novell/SUSE # # This program is free software; you can redistribute it and/or # modify it under the terms of version 2 of the GNU General Public # License published by the Free Software Foundation. # # ------------------------------------------------------------------ #include <tunables/global> /bin/ping { #include <abstractions/base> #include <abstractions/consoles> #include <abstractions/nameservice> capability net_raw, capability setuid, /bin/ping mixr, /etc/modules.conf r, } over 2 years ago Initial Revision 146 novell Edit History
opensuse10.3 /opt/kde3/bin/kmail #include <tunables/global> /opt/kde3/bin/kmail flags=(complain) { #include <abstractions/base> /opt/kde3/bin/kmail mr, /opt/kde3/lib/lib*so* mr, } about 1 year ago qaz 91 vismanza Edit History
opensuse10.3 /etc/sysconfig/network/scripts/dhcpcd-hook-samba #include <tunables/global> /etc/sysconfig/network/scripts/dhcpcd-hook-samba { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> /bin/bash ixr, /bin/gawk ixr, /etc/sysconfig/network/dhcp r, /etc/sysconfig/network/scripts/dhcpcd-hook-samba mr, /etc/sysconfig/network/scripts/dhcpcd-hook-samba-functions r, /proc/meminfo r, /var/lib/dhcp/dhclient-*.leases r, } about 1 year ago none 98 cinimod Edit History
opensuse10.3 /usr/local/bin/amule #include <tunables/global> /usr/local/bin/amule { #include <abstractions/audio> #include <abstractions/base> #include <abstractions/bash> #include <abstractions/gnome> #include <abstractions/nameservice> /bin/bash ixr, /bin/uname ixr, /dev/tty rw, /etc/gnome-vfs-2.0/modules/ r, /etc/sound/events/gtk-events-2.soundlist r, /home/*/.ICEauthority r, /home/*/.Xauthority r, /home/*/.aMule/ rw, /home/*/.aMule/* krw, /home/*/.aMule/Incoming/ rw, /home/*/.aMule/Incoming/* rw, /home/*/.aMule/Temp/ rw, /home/*/.aMule/Temp/*.backup rw, /home/*/.aMule/Temp/*.bak rw, /home/*/.aMule/Temp/*.met rw, /home/*/.aMule/Temp/*.part rw, /home/*/.esd_auth r, /home/*/.fontconfig/*.cache-2 r, /home/*/.fonts/ r, /home/*/.gnome2/Totem/* rw, /home/*/.gnome2_private/ w, /home/*/.gstreamer-0.10/*.xml r, /home/*/.gstreamer-0.10/plugins/ r, /home/*/.gstreamer-0.10/plugins/*.so mr, /home/*/.icons/ r, /home/*/.local/share/icons/ r, /home/*/.local/share/mime/aliases r, /home/*/.local/share/mime/globs r, /home/*/.local/share/mime/magic r, /home/*/.local/share/mime/subclasses r, /home/*/.recently-used.xbel rw, /home/*/.recently-used.xbel.* rw, /proc/meminfo r, /proc/sys/kernel/ngroups_max r, /tmp/orbit-usr01/bonobo-activation-register.lock klrw, /usr/bin/bug-buddy ixr, /usr/bin/mplayer ixr, /usr/bin/totem ixr, /usr/local/bin/amule ixr, /usr/local/share/pixmaps/ r, /usr/share/applications/**.desktop r, /usr/share/gnome/autostart/*.desktop r, /usr/share/locale-bundle/de/LC_MESSAGES/*.mo r, /usr/share/totem/*.png r, /usr/share/totem/*.ui r, /usr/share/totem/*.xml r, /var/cache/libx11/compose/* r, } over 2 years ago 13 147 anonymus1 Edit History
opensuse10.3 /usr/sbin/mysqld-max #include <tunables/global> /usr/sbin/mysqld-max { #include <abstractions/base> #include <abstractions/nameservice> capability dac_override, capability setgid, capability setuid, network inet tcp, /etc/ld.so.preload r, /etc/my.cnf r, /usr/sbin/mysqld r, /usr/sbin/mysqld-max mr, /usr/share/mysql/** r, /var/db/nscd/passwd r, /var/lib/distccd/** lkrw, /var/lib/mysql/ r, /var/lib/mysql/** klrw, /var/run/mysqld/* lrw, } 9 months ago 65 shimingzhou Edit History
opensuse10.3 /bin/hostname #include <tunables/global> /bin/hostname { #include <abstractions/base> #include <abstractions/nameservice> capability sys_admin, /bin/hostname mr, } about 1 year ago none 107 cinimod Edit History
opensuse10.3 /sbin/ifconfig #include <tunables/global> /sbin/ifconfig { #include <abstractions/base> #include <abstractions/nameservice> capability net_admin, capability sys_module, /proc/net/ r, /proc/net/* r, /sbin/ifconfig mr, } about 1 year ago none 93 cinimod Edit History
opensuse10.3 /usr/bin/VBox #include <tunables/global> /usr/bin/VBox flags=(complain) { #include <abstractions/audio> #include <abstractions/base> #include <abstractions/bash> capability sys_ptrace, network inet dgram, network inet stream, network inet6 stream, / r, /Archiv/ rw, /Archiv/.Trash-overwrite/ rw, /Archiv/.Trash-patrick/ rw, /Archiv/Filez/ rw, /Archiv/Filez/GSO/ rw, /Archiv/Filez/GSO/** rw, /Archiv/Filez/Multimedia/Tonstudio/ r, /Archiv/Filez/Multimedia/Tonstudio/** rw, /bin/ r, /bin/basename ixr, /bin/bash ixr, /bin/gawk ixr, /bin/grep ixr, /bin/lsmod ixr, /bin/ps ixr, /bin/rm ixr, /boot/ r, /dev/ r, /dev/fd0 rw, /dev/sr0 r, /dev/tty rw, /dev/vboxdrv rw, /etc/ r, /etc/X11/qt_plugins_3.3rc r, /etc/X11/qtrc r, /etc/fonts/** r, /etc/fstab r, /etc/gnome-vfs-2.0/modules/ r, /etc/gnome-vfs-2.0/modules/default-modules.conf r, /etc/gnome-vfs-2.0/modules/font-method.conf r, /etc/gnome-vfs-2.0/modules/mapping-modules.conf r, /etc/gnome-vfs-2.0/modules/smb-module.conf r, /etc/gnome-vfs-2.0/modules/ssl-modules.conf r, /etc/gnome-vfs-2.0/modules/theme-method.conf r, /etc/gre.d/ r, /etc/gre.d/1.8.1.10.conf r, /etc/gre.d/1.8.1.9.conf r, /etc/host.conf r, /etc/hosts r, /etc/magic r, /etc/nsswitch.conf r, /etc/passwd r, /etc/resolv.conf r, /etc/sound/events/gtk-events-2.soundlist r, /home/*/.ICEauthority r, /home/*/.VirtualBox/* rw, /home/*/.VirtualBox/Machines/GSO/GSO.xml rw, /home/*/.VirtualBox/Machines/GSO/Logs/* rw, "/home/*/.VirtualBox/Machines/WinXP TonStudio/" w, /home/*/.VirtualBox/VDI/* krw, /home/*/.Xauthority r, /home/*/.fontconfig/*.cache-2 r, /home/*/.gnome2_private/ w, /home/*/.qt/.qtrc.lock krw, /home/*/.qt/qtrc r, /lib/ r, /log.txt r, /media/ r, /mnt/ r, /mypcs/ rw, /myscripts/ r, /opt/ r, /opt/kde3/lib/kde3/plugins/styles/ r, /opt/kde3/lib/kde3/plugins/styles/plastik.so mr, /opt/kde3/lib/lib*so* mr, /proc/ r, /proc/*/mounts r, /proc/*/stat r, /proc/*/status r, /proc/bus/usb/002/004 rw, /proc/bus/usb/003/002 rw, /proc/bus/usb/003/003 rw, /proc/bus/usb/003/004 rw, /proc/bus/usb/003/008 rw, /proc/bus/usb/004/002 rw, /proc/bus/usb/004/003 rw, /proc/bus/usb/004/004 rw, /proc/bus/usb/004/008 rw, /proc/bus/usb/005/002 rw, /proc/bus/usb/005/004 rw, /proc/bus/usb/005/008 rw, /proc/bus/usb/006/002 rw, /proc/bus/usb/006/003 rw, /proc/bus/usb/006/004 rw, /proc/bus/usb/007/002 rw, /proc/bus/usb/007/003 rw, /proc/bus/usb/007/004 rw, /proc/bus/usb/007/005 rw, /proc/bus/usb/007/006 rw, /proc/bus/usb/devices r, /proc/meminfo r, /proc/modules r, /proc/stat r, /proc/sys/kernel/ngroups_max r, /proc/sys/kernel/pid_max r, /proc/tty/drivers r, /proc/uptime r, /sbin/ r, /srv/ r, /sys/ r, /tmp/ rw, /tmp/.ICE-unix/* w, /tmp/.X11-unix/X0 w, /tmp/.vbox-overwrite-ipc/ rw, /tmp/.vbox-overwrite-ipc/ipcd w, /tmp/.vbox-overwrite-ipc/lock kw, /tmp/gconfd-overwrite/lock/ior r, /tmp/orbit-overwrite/ w, /tmp/orbit-overwrite/linc-* w, /usr/ r, /usr/bin/VBox mr, /usr/bin/bug-buddy ixr, /usr/bin/expr ixr, /usr/bin/file ixr, /usr/bin/gnome-open ixr, /usr/bin/which ixr, /usr/bin/whoami ixr, /usr/lib/** mr, /usr/lib/firefox/firefox-bin ixr, /usr/lib/firefox/firefox.sh ixr, /usr/lib/virtualbox/VBoxSVC ixr, /usr/lib/virtualbox/VBoxXPCOMIPCD ixr, /usr/lib/virtualbox/VirtualBox ixr, /usr/share/X11/locale/compose.dir r, /usr/share/X11/locale/en_US.UTF-8/Compose r, /usr/share/X11/locale/en_US.UTF-8/XLC_LOCALE r, /usr/share/X11/locale/locale.alias r, /usr/share/X11/locale/locale.dir r, /usr/share/desktop-data/qtrc r, /usr/share/doc/packages/VirtualBox/ r, /usr/share/fonts/** r, /usr/share/icons/Industrial/cursors/hand2 r, /usr/share/icons/Industrial/cursors/left_ptr r, /usr/share/icons/Industrial/cursors/left_ptr_watch r, /usr/share/icons/Industrial/cursors/sb_h_double_arrow r, /usr/share/icons/Industrial/cursors/sb_v_double_arrow r, /usr/share/icons/Industrial/cursors/watch r, /usr/share/icons/Industrial/cursors/xterm r, /usr/share/icons/Industrial/index.theme r, /usr/share/icons/Tango/index.theme r, /usr/share/icons/gnome/index.theme r, /usr/share/locale-bundle/de/LC_MESSAGES/gtk20-properties.mo r, /usr/share/locale-bundle/de/LC_MESSAGES/gtk20.mo r, /usr/share/locale-bundle/de/LC_MESSAGES/libbonobo-2.0.mo r, /usr/share/locale-bundle/de/LC_MESSAGES/libgnome-2.0.mo r, /usr/share/misc/magic.mgc r, /usr/share/virtualbox/** r, /var/ r, /var/cache/fontconfig/* r, /var/cache/libx11/compose/l4_024_313cb605_00280cc0 r, /var/run/nscd/group r, /var/run/nscd/passwd r, /var/run/nscd/socket w, } about 1 year ago 142 overwrite Edit History
opensuse10.3 /usr/sbin/NetworkManagerDispatcher #include <tunables/global> /usr/sbin/NetworkManagerDispatcher { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/dbus> /bin/bash ixr, /etc/NetworkManager/dispatcher.d/ r, /etc/NetworkManager/dispatcher.d/autofs Px, /etc/NetworkManager/dispatcher.d/netcontrol_global_hooks Px, /etc/NetworkManager/dispatcher.d/netcontrol_services Px, /etc/NetworkManager/dispatcher.d/nfs Px, /etc/NetworkManager/dispatcher.d/privoxy Px, /proc/meminfo r, /usr/sbin/NetworkManagerDispatcher mr, /var/run/NetworkManagerDispatcher.pid w, } about 1 year ago Import of jmichaels profiles 124 dominic Edit History
opensuse10.3 /sbin/runlevel #include <tunables/global> /sbin/runlevel { #include <abstractions/base> /sbin/runlevel mr, /var/run/utmp krw, } about 1 year ago none 95 cinimod Edit History
opensuse10.3 /sda7/distributions/10.3/bin/zcat #include <tunables/global> /sda7/distributions/10.3/bin/zcat { #include <abstractions/base> #include <abstractions/bash> /bin/bash ix, /sda7/distributions/10.3/bin/zcat mr, } about 1 year ago sda 100 resqp2if Edit History
opensuse10.3 /usr/lib/postfix/showq #include <tunables/global> /usr/lib/postfix/showq flags=(complain) { #include <abstractions/base> #include <abstractions/nameservice> capability setgid, capability setuid, /etc/gai.conf r, /etc/postfix/dynamicmaps.cf r, /etc/postfix/main.cf r, /proc/net/if_inet6 r, /usr/lib/postfix/showq mr, /var/spool/postfix/active/ r, /var/spool/postfix/deferred/ r, /var/spool/postfix/deferred/0/ r, /var/spool/postfix/deferred/1/ r, /var/spool/postfix/deferred/2/ r, /var/spool/postfix/deferred/3/ r, /var/spool/postfix/deferred/4/ r, /var/spool/postfix/deferred/5/ r, /var/spool/postfix/deferred/6/ r, /var/spool/postfix/deferred/7/ r, /var/spool/postfix/deferred/8/ r, /var/spool/postfix/deferred/A/ r, /var/spool/postfix/deferred/B/ r, /var/spool/postfix/deferred/C/ r, /var/spool/postfix/deferred/D/ r, /var/spool/postfix/deferred/E/ r, /var/spool/postfix/deferred/F/ r, /var/spool/postfix/hold/ r, /var/spool/postfix/incoming/ r, /var/spool/postfix/maildrop/ r, /var/spool/postfix/pid/unix.showq krw, } about 1 year ago e 110 mikemende Edit History
opensuse10.3 /bin/hostname #include <tunables/global> /bin/hostname { #include <abstractions/base> #include <abstractions/nameservice> capability sys_admin, /bin/hostname mr, } about 1 year ago Import of jmichaels profiles 128 dominic Edit History
opensuse10.3 /sbin/ifconfig #include <tunables/global> /sbin/ifconfig { #include <abstractions/base> #include <abstractions/nameservice> capability net_admin, capability sys_module, /proc/net/ r, /proc/net/* r, /sbin/ifconfig mr, } about 1 year ago Import of jmichaels profiles 124 dominic Edit History
opensuse10.3 /usr/sbin/NetworkManagerDispatcher #include <tunables/global> /usr/sbin/NetworkManagerDispatcher { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/dbus> /bin/bash ixr, /etc/NetworkManager/dispatcher.d/ r, /etc/NetworkManager/dispatcher.d/autofs Px, /etc/NetworkManager/dispatcher.d/netcontrol_global_hooks Px, /etc/NetworkManager/dispatcher.d/netcontrol_services Px, /etc/NetworkManager/dispatcher.d/nfs Px, /etc/NetworkManager/dispatcher.d/privoxy Px, /proc/meminfo r, /usr/sbin/NetworkManagerDispatcher mr, /var/run/NetworkManagerDispatcher.pid w, } about 1 year ago none 105 cinimod Edit History
opensuse10.3 /usr/bin/beagle-search #include <tunables/global> /usr/bin/beagle-search flags=(complain) { #include <abstractions/base> #include <abstractions/bash> /bin/bash ix, /usr/bin/beagle-search mr, } over 2 years ago few more profile tweaks 140 jmichael Edit History
opensuse10.3 /opt/skype/skype #include <tunables/global> /opt/skype/skype flags=(complain) { #include <abstractions/base> /opt/skype/skype mr, } about 1 year ago 95 CarlosAlbertoRibeiro Edit History
opensuse10.3 /usr/bin/ssh-agent #include <tunables/global> /usr/bin/ssh-agent { #include <abstractions/base> /tmp/** w, /usr/bin/ssh-agent mr, } about 1 year ago changes-3 96 security Edit History
opensuse10.3 /usr/share/kolab/scripts/kolab_smtpdpolicy #include <tunables/global> /usr/share/kolab/scripts/kolab_smtpdpolicy { #include <abstractions/base> #include <abstractions/nameservice> #include <abstractions/perl> /etc/kolab/kolab_smtpdpolicy.conf r, /usr/bin/perl ix, /usr/share/kolab/scripts/kolab_smtpdpolicy mr, } about 1 year ago 100 arclyde Edit History
opensuse10.3 /sbin/portmap #include <tunables/global> /sbin/portmap { #include <abstractions/base> #include <abstractions/nameservice> #include <abstractions/nis> capability net_bind_service, capability setgid, capability setuid, /etc/hosts.allow r, /etc/hosts.deny r, /sbin/portmap mr, /var/run/portmap_mapping rw, } over 2 years ago 126 JaMm Edit History
opensuse10.3 /usr/bin/gnome-terminal #include <tunables/global> /usr/bin/gnome-terminal flags=(complain) { #include <abstractions/base> #include <abstractions/consoles> #include <abstractions/fonts> #include <abstractions/gnome> #include <abstractions/kde> #include <abstractions/nameservice> capability sys_ptrace, /bin/bash Ux, /dev/ptmx rw, /etc/gnome-vfs-2.0/modules/ r, /etc/sound/events/gtk-events-2.soundlist r, /home/*/.ICEauthority r, /home/*/.Xauthority r, /home/*/.esd_auth r, /home/*/.fontconfig/* r, /home/*/.gnome2_private/ w, /proc/meminfo r, /tmp/orbit-*/bonobo-activation-register.lock klrw, /usr/bin/bug-buddy ixr, /usr/bin/gnome-terminal mr, /usr/lib/vte/gnome-pty-helper Px, /usr/share/terminfo/** r, /usr/share/vte/termcap/* r, /var/cache/libx11/compose/* r, } over 2 years ago misc update 111 jmichael Edit History
opensuse10.3 /opt/kde3/bin/kmplayer #include <tunables/global> /opt/kde3/bin/kmplayer flags=(complain) { #include <abstractions/base> /opt/kde3/bin/kmplayer mr, /opt/kde3/lib/lib*so* mr, } about 1 year ago kmplayer 99 Falko_Gehde Edit History
opensuse10.3 /bin/basename #include <tunables/global> /bin/basename flags=(complain) { #include <abstractions/base> /bin/basename mr, } over 2 years ago argh, switch things back to complain for a while 140 jmichael Edit History
opensuse10.3 /etc/gdm/PostLogin/Default #include <tunables/global> /etc/gdm/PostLogin/Default { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> /bin/bash ixr, /etc/gdm/PostLogin/Default mr, /proc/meminfo r, } about 1 year ago Import of jmichaels profiles 128 dominic Edit History
opensuse10.3 /etc/init.d/boot.dazuko #include <tunables/global> /etc/init.d/boot.dazuko flags=(complain) { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> capability sys_module, /bin/basename ixr, /bin/bash ixr, /bin/grep ixr, /bin/lsmod ixr, /bin/stty ixr, /etc/init.d/boot.dazuko mr, /etc/modprobe.conf r, /etc/modprobe.conf.local r, /etc/modprobe.d/ r, /etc/modprobe.d/blacklist r, /etc/modprobe.d/ipv6 r, /etc/modprobe.d/ipw2200 r, /etc/modprobe.d/iwlwifi r, /etc/modprobe.d/module-renames r, /etc/modprobe.d/nvidia r, /etc/modprobe.d/pnp-aliases r, /etc/modprobe.d/sound r, /etc/modprobe.d/thinkpad_acpi r, /etc/modprobe.d/tv r, /etc/modprobe.d/unsupported.blacklist r, /etc/modprobe.d/xorg-x11-driver-video r, /etc/rc.status r, /etc/sysconfig/dazuko r, /etc/sysconfig/kernel r, /lib/modules/*/modules.dep r, /lib/modules/*/updates/dazuko.ko krw, /proc/modules r, /sbin/modprobe ixr, } about 1 year ago it works 161 overwrite Edit History
opensuse10.3 /usr/lib/firefox/firefox.sh #include <tunables/global> /usr/lib/firefox/firefox.sh flags=(complain) { #include <abstractions/base> #include <abstractions/bash> /bin/bash ix, /usr/lib/firefox/firefox.sh mr, } about 1 year ago 0.001 94 mechwarr1214 Edit History
opensuse10.3 /bin/basename #include <tunables/global> /bin/basename { #include <abstractions/base> /bin/basename mr, } over 2 years ago 20071015 106 davepl Edit History
opensuse10.3 /usr/sbin/wpa_supplicant #include <tunables/global> /usr/sbin/wpa_supplicant flags=(complain) { #include <abstractions/base> capability net_admin, capability net_raw, capability sys_module, network inet dgram, network packet dgram, /proc/net/ r, /proc/net/unix r, /usr/sbin/wpa_supplicant mr, /var/run/NetworkManager/wpa_ctrl_* w, /var/run/wpa_supplicant-global w, /var/run/wpa_supplicant/ w, /var/run/wpa_supplicant/* w, } over 2 years ago argh, switch things back to complain for a while 130 jmichael Edit History
opensuse10.3 /usr/bin/gnome-wm #include <tunables/global> /usr/bin/gnome-wm { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> /bin/bash ixr, /bin/grep ixr, /proc/meminfo r, /proc/sys/kernel/ngroups_max r, /usr/bin/compiz Px, /usr/bin/gnome-wm mr, /usr/bin/xdpyinfo Px, } about 1 year ago Import of jmichaels profiles 107 dominic Edit History
opensuse10.3 /etc/gdm/PostLogin/Default #include <tunables/global> /etc/gdm/PostLogin/Default { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> /bin/bash ixr, /etc/gdm/PostLogin/Default mr, /proc/meminfo r, } about 1 year ago none 108 cinimod Edit History
opensuse10.3 /usr/lib/cyrus/bin/notifyd #include <tunables/global> /usr/lib/cyrus/bin/notifyd { #include <abstractions/base> /etc/imapd.* r, /mnt/mail/config/** krw, /usr/lib/cyrus/bin/notifyd mr, /var/lib/imap/** krw, } about 1 year ago 96 arclyde Edit History
opensuse10.3 /usr/lib/firefox/firefox.sh #include <tunables/global> /usr/lib/firefox/firefox.sh { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/user-tmp> /bin/basename Px, /bin/bash ixr, /bin/grep ixr, /bin/mktemp ixr, /etc/magic r, /home/*/.gdbinit r, /home/*/.inputrc r, /proc/*/auxv r, /proc/*/mem r, /proc/*/status r, /proc/meminfo r, /proc/sys/kernel/ngroups_max r, /usr/bin/expr ixr, /usr/bin/file ixr, /usr/bin/gdb ixr, /usr/lib/firefox/firefox-bin Pxr, /usr/lib/firefox/firefox.sh mr, /usr/share/misc/magic.mgc r, } about 1 year ago 103 overwrite Edit History
opensuse10.3 /usr/bin/gnome-wm #include <tunables/global> /usr/bin/gnome-wm { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> /bin/bash ixr, /bin/grep ixr, /proc/meminfo r, /proc/sys/kernel/ngroups_max r, /usr/bin/compiz Px, /usr/bin/gnome-wm mr, /usr/bin/xdpyinfo Px, } about 1 year ago none 87 cinimod Edit History
opensuse10.3 /usr/bin/xdpyinfo #include <tunables/global> /usr/bin/xdpyinfo flags=(complain) { #include <abstractions/X> #include <abstractions/base> /home/*/.Xauthority r, /usr/bin/xdpyinfo mr, } over 2 years ago few more changes to get gnome session working elsewhere 150 jmichael Edit History
opensuse10.3 /usr/sbin/cron #include <tunables/global> /usr/sbin/cron flags=(complain) { #include <abstractions/base> /usr/sbin/cron mr, } about 1 year ago 113 rm2011 Edit History
opensuse10.3 /etc/init.d/ntp #include <tunables/global> /etc/init.d/ntp flags=(complain) { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/nameservice> #include <abstractions/nis> #include <abstractions/wutmp> capability kill, capability net_bind_service, capability setgid, capability setuid, capability sys_chroot, capability sys_ptrace, capability sys_time, capability sys_tty_config, /bin/bash ixr, /bin/cp ixr, /bin/rm ixr, /bin/stty ixr, /dev/blog w, /etc/gai.conf r, /etc/init.d/ntp ixr, /etc/ntp.conf r, /etc/rc.status r, /etc/sysconfig/ntp r, /proc/ r, /proc/*/stat r, /proc/*/statm r, /proc/meminfo r, /proc/net/if_inet6 r, /sbin/checkproc ixr, /sbin/killproc ixr, /sbin/startproc ixr, /usr/sbin/ntpd Pxmr, /usr/sbin/ntpdate Px, /var/lib/ntp/drift/ntp.drift r, /var/lib/ntp/etc/localtime w, /var/lib/ntp/var/run/ntp/ntpd.pid rw, /var/log/ntp a, /var/run/nscd/services r, } over 2 years ago argh, switch things back to complain for a while 119 jmichael Edit History
opensuse10.3 /usr/lib/ssh/x11-ssh-askpass #include <tunables/global> /usr/lib/ssh/x11-ssh-askpass { #include <abstractions/base> /usr/lib/ssh/x11-ssh-askpass mr, } about 1 year ago none 102 cinimod Edit History
opensuse10.3 /usr/bin/package-manager #include <tunables/global> /usr/bin/package-manager flags=(complain) { #include <abstractions/base> #include <abstractions/bash> /bin/bash ix, /usr/bin/package-manager mr, } over 2 years ago argh, switch things back to complain for a while 132 jmichael Edit History
opensuse10.3 /FYP/FileReadWrite #include <tunables/global> /FYP/FileReadWrite { #include <abstractions/base> /FYP/FileReadWrite mr, /FYP/data/prices.dat rw, } about 1 year ago 98 FYPJ Edit History
opensuse10.3 /usr/lib/ssh/x11-ssh-askpass #include <tunables/global> /usr/lib/ssh/x11-ssh-askpass { #include <abstractions/base> /usr/lib/ssh/x11-ssh-askpass mr, } about 1 year ago Import of jmichaels profiles 116 dominic Edit History
opensuse10.3 /usr/bin/mplayer #include <tunables/global> /usr/bin/mplayer flags=(complain) { #include <abstractions/X> #include <abstractions/audio> #include <abstractions/base> #include <abstractions/fonts> #include <abstractions/freedesktop.org> #include <abstractions/gnome> #include <abstractions/nameservice> #include <abstractions/php5> /cur/tmp/** rw, /etc/mplayer/input.conf r, /etc/mplayer/mplayer.conf r, /home/*/** r, /home/*/.config/qtcurve.gtk-colors rw, /home/*/.config/qtcurve.gtk-icons rw, /home/*/.mplayer/* rw, /opt/kde3/lib/lib*so* mr, /proc/*/cmdline r, /usr/** r, /usr/bin/mplayer mr, /usr/lib/win32/*.dll mr, } about 1 year ago internet radio u.a. 89 shivver-fox Edit History
opensuse10.3 /bin/uname #include <tunables/global> /bin/uname flags=(complain) { #include <abstractions/base> /bin/uname mr, /proc/cpuinfo r, } about 1 year ago 83 arturk Edit History
opensuse10.3 /opt/kde3/bin/kpdf #include <tunables/global> /opt/kde3/bin/kpdf { #include <abstractions/base> /opt/kde3/bin/kpdf mr, /opt/kde3/lib64/libDCOP.so.* mr, /opt/kde3/lib64/libkdecore.so.* mr, /opt/kde3/lib64/libkdefx.so.* mr, /opt/kde3/lib64/libkdesu.so.* mr, /opt/kde3/lib64/libkdeui.so.* mr, /opt/kde3/lib64/libkio.so.* mr, /opt/kde3/lib64/libkparts.so.* mr, /opt/kde3/lib64/libkwalletclient.so.* mr, /tmp/.X11-unix/* w, } over 2 years ago 196 kijo387 Edit History
opensuse10.3 /usr/lib64/firefox/firefox.sh #include <tunables/global> /usr/lib64/firefox/firefox.sh { #include <abstractions/base> #include <abstractions/bash> /bin/basename ixr, /bin/bash ixr, /bin/grep ixr, /dev/tty rw, /etc/magic r, /usr/bin/file ixr, /usr/lib64/firefox/firefox-bin Px, /usr/lib64/firefox/firefox.sh mr, /usr/share/misc/magic r, /usr/share/misc/magic.mgc r, } over 2 years ago 207 kijo387 Edit History
opensuse10.3 /usr/bin/sudo #include <tunables/global> /usr/bin/sudo flags=(complain) { #include <abstractions/base> /usr/bin/sudo mr, } over 2 years ago 114 overwrite Edit History
opensuse10.3 /usr/bin/gconftool-2 #include <tunables/global> /usr/bin/gconftool-2 flags=(complain) { #include <abstractions/base> #include <abstractions/nameservice> #include <abstractions/user-tmp> capability kill, capability sys_ptrace, /etc/gconf/gconf.xml.defaults/ r, /etc/gconf/gconf.xml.defaults/.testing.writeability w, /etc/gconf/gconf.xml.schemas/ r, /etc/gconf/gconf.xml.schemas/** rw, /etc/gconf/schema-install-source r, /etc/gconf/schemas/**.schemas r, /etc/gconf/schemas/*.entries r, /proc/ r, /proc/*/cmdline r, /proc/*/stat r, /usr/bin/gconftool-2 mr, /usr/bin/killall ixr, /usr/lib/GConf/2/gconfd-2 Px, /usr/share/locale-bundle/de/LC_MESSAGES/GConf2.mo r, } about 1 year ago 100 overwrite Edit History
opensuse10.3 /usr/sbin/sabayon-apply #include <tunables/global> /usr/sbin/sabayon-apply { #include <abstractions/X> #include <abstractions/base> #include <abstractions/nameservice> #include <abstractions/python> /etc/xml/catalog r, /etc/xml/suse-catalog.xml r, /home/*/.Xauthority r, /proc/meminfo r, /usr/bin/env ixr, /usr/bin/python2.5 ixr, /usr/sbin/sabayon-apply mr, } about 1 year ago Import of jmichaels profiles 115 dominic Edit History
opensuse10.3 /opt/kde3/bin/kwatchgnupg #include <tunables/global> /opt/kde3/bin/kwatchgnupg flags=(complain) { #include <abstractions/base> /opt/kde3/bin/kwatchgnupg mr, /opt/kde3/lib/lib*so* mr, } about 1 year ago gconf-neu 86 shivver-fox Edit History
opensuse10.3 /usr/bin/numlockx #include <tunables/global> /usr/bin/numlockx { #include <abstractions/X> #include <abstractions/base> /home/*/.Xauthority r, /usr/bin/numlockx mr, } about 1 year ago Import of jmichaels profiles 119 dominic Edit History
opensuse10.3 /usr/lib/firefox/firefox.sh #include <tunables/global> /usr/lib/firefox/firefox.sh flags=(complain) { #include <abstractions/base> #include <abstractions/bash> /bin/bash ix, /usr/lib/firefox/firefox.sh mr, } about 1 year ago test 84 higp Edit History
opensuse10.3 /usr/lib/jvm/java-1.6.0.u5-sun-1.6.0.u5/jre/bin/java #include <tunables/global> /usr/lib/jvm/java-1.6.0.u5-sun-1.6.0.u5/jre/bin/java { #include <abstractions/base> #include <abstractions/bash> /bin/bash ix, /usr/lib/jvm/java-1.6.0.u5-sun-1.6.0.u5/jre/bin/java mr, } about 1 year ago java 77 rockets Edit History
opensuse10.3 /usr/lib/firefox/firefox.sh # ------------------------------------------------------------------ # # Copyright (C) 2002-2005 Novell/SUSE # # This program is free software; you can redistribute it and/or # modify it under the terms of version 2 of the GNU General Public # License published by the Free Software Foundation. # # ------------------------------------------------------------------ #include <tunables/global> /usr/lib/firefox/firefox.sh { #include <abstractions/audio> #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/dbus> #include <abstractions/gnome> #include <abstractions/kde> #include <abstractions/nameservice> #include <abstractions/user-tmp> / r, /** r, /bin/basename mixr, /bin/bash mixr, /bin/gawk mixr, /bin/grep mixr, /bin/ps Uxr, /cur/** rw, /dat/**/ rw, /home/*/** rw, /home/*/.mozilla/firefox/** krw, /opt/kde3/bin/kpdf Px, /usr/bin/audacity px, /usr/bin/file mixr, /usr/bin/gtk-gnash Px, /usr/bin/mplayer px, /usr/bin/which mixr, /usr/lib/GConf/2/gconfd-2 Px, /usr/lib/browser-plugins/* mr, /usr/lib/firefox/firefox ixr, /usr/lib/firefox/firefox-bin px, /usr/lib/firefox/firefox.sh rmix, /usr/lib/firefox/mozilla-xremote-client px, /usr/lib/jvm/java-1.5.0-sun-1.5.0_update16/jre/bin/java_vm Px, /usr/lib/win32/drvc.so mr, /usr/lib/xine/plugins/1.23/*.so mr, /usr/lib/xine/plugins/1.23/post/xineplug_post_goom.so mr, /usr/lib/xine/plugins/1.23/post/xineplug_post_tvtime.so mr, /var/tmp/ rw, } about 1 year ago internet radio u.a. 72 shivver-fox Edit History
opensuse10.3 /var/lib/distccd/flashgot.m384mqii.default/flashgot.fgt #include <tunables/global> /var/lib/distccd/flashgot.m384mqii.default/flashgot.fgt { #include <abstractions/base> /var/lib/distccd/flashgot.m384mqii.default/flashgot.fgt mr, } 11 months ago 85 hello Edit History
opensuse10.3 /usr/sbin/sabayon-apply #include <tunables/global> /usr/sbin/sabayon-apply { #include <abstractions/X> #include <abstractions/base> #include <abstractions/nameservice> #include <abstractions/python> /etc/xml/catalog r, /etc/xml/suse-catalog.xml r, /home/*/.Xauthority r, /home/*/.xsession-errors w, /proc/meminfo r, /usr/bin/env ixr, /usr/bin/python2.5 ixr, /usr/sbin/sabayon-apply mr, } about 1 year ago none 98 cinimod Edit History
opensuse10.3 /usr/bin/numlockx #include <tunables/global> /usr/bin/numlockx { #include <abstractions/X> #include <abstractions/base> /home/*/.Xauthority r, /usr/bin/numlockx mr, } about 1 year ago none 94 cinimod Edit History
opensuse10.3 /opt/SecondLife_i686_1_19_0_5/secondlife #include <tunables/global> /opt/SecondLife_i686_1_19_0_5/secondlife { #include <abstractions/base> #include <abstractions/bash> /bin/arch ixr, /bin/bash ixr, /bin/cat ixr, /opt/SecondLife_i686_1_19_0_5/secondlife mr, /usr/bin/dirname ixr, /usr/bin/readlink ixr, } about 1 year ago 100 angel832 Edit History
opensuse10.3 /usr/sbin/postfix #include <tunables/global> /usr/sbin/postfix { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/nameservice> #include <abstractions/nis> capability dac_override, capability net_bind_service, capability setgid, capability setuid, capability sys_tty_config, /bin/bash ixr, /bin/egrep ixr, /bin/grep ixr, /bin/ls ixmr, /bin/uname ixr, /dev/console rw, /dev/tty rw, /etc/gai.conf r, /etc/postfix/ r, /etc/postfix/dynamicmaps.cf r, /etc/postfix/main.cf r, /etc/postfix/master.cf r, /etc/postfix/post-install r, /etc/postfix/postfix-files r, /etc/postfix/postfix-script ixr, /etc/postfix/relocated.db krw, /etc/postfix/transport.db krw, /etc/postfix/virtual.db krw, /proc/meminfo r, /proc/net/if_inet6 r, /proc/stat r, /proc/sys/kernel/ngroups_max r, /usr/bin/cmp ixr, /usr/bin/find ixr, /usr/lib/postfix/bounce ixr, /usr/lib/postfix/error ixr, /usr/lib/postfix/master ixr, /usr/lib/postfix/pickup ixr, /usr/lib/postfix/qmgr ixr, /usr/lib/postfix/smtp ixr, /usr/lib/postfix/trivial-rewrite ixr, /usr/sbin/ r, /usr/sbin/postconf ixr, /usr/sbin/postfix mr, /usr/sbin/postlog ixr, /usr/sbin/postqueue ixr, /usr/sbin/postsuper ixr, /usr/sbin/sendmail r, /usr/share/doc/packages/postfix/README_FILES/QMQP_README r, /var/run/nscd/services r, /var/spool/postfix/ r, /var/spool/postfix/active/ r, /var/spool/postfix/active/100091AF41CB krw, /var/spool/postfix/active/4BE3E1AF41C1 krw, /var/spool/postfix/active/4CE981AF41C2 krw, /var/spool/postfix/active/644E71AF41C4 krw, /var/spool/postfix/active/A3C3F1AF41B0 krw, /var/spool/postfix/active/BDB231AF41B6 krw, /var/spool/postfix/active/CAE441AF41C0 krw, /var/spool/postfix/bounce/ r, /var/spool/postfix/corrupt/ r, /var/spool/postfix/defer/ r, /var/spool/postfix/defer/1/ r, /var/spool/postfix/defer/1/100091AF41CB kw, /var/spool/postfix/defer/4/ r, /var/spool/postfix/defer/4/4BE3E1AF41C1 kw, /var/spool/postfix/defer/4/4CE981AF41C2 kw, /var/spool/postfix/defer/6/ r, /var/spool/postfix/defer/6/644E71AF41C4 kw, /var/spool/postfix/defer/A/ r, /var/spool/postfix/defer/A/A3C3F1AF41B0 kw, /var/spool/postfix/defer/B/ r, /var/spool/postfix/defer/B/BDB231AF41B6 kw, /var/spool/postfix/defer/C/ r, /var/spool/postfix/defer/C/CAE441AF41C0 kw, /var/spool/postfix/deferred/ r, /var/spool/postfix/deferred/1/ r, /var/spool/postfix/deferred/1/100091AF41CB rw, /var/spool/postfix/deferred/4/ r, /var/spool/postfix/deferred/4/4BE3E1AF41C1 rw, /var/spool/postfix/deferred/4/4CE981AF41C2 rw, /var/spool/postfix/deferred/6/ r, /var/spool/postfix/deferred/6/644E71AF41C4 rw, /var/spool/postfix/deferred/A/ r, /var/spool/postfix/deferred/A/A3C3F1AF41B0 rw, /var/spool/postfix/deferred/B/ r, /var/spool/postfix/deferred/B/BDB231AF41B6 rw, /var/spool/postfix/deferred/C/ r, /var/spool/postfix/deferred/C/CAE441AF41C0 rw, /var/spool/postfix/flush/ r, /var/spool/postfix/hold/ r, /var/spool/postfix/incoming/ r, /var/spool/postfix/maildrop/ r, /var/spool/postfix/pid/master.pid krw, /var/spool/postfix/pid/unix.defer krw, /var/spool/postfix/pid/unix.retry krw, /var/spool/postfix/pid/unix.smtp krw, /var/spool/postfix/private/ r, /var/spool/postfix/private/anvil w, /var/spool/postfix/private/bounce w, /var/spool/postfix/private/bsmtp w, /var/spool/postfix/private/cyrus w, /var/spool/postfix/private/defer w, /var/spool/postfix/private/discard w, /var/spool/postfix/private/error w, /var/spool/postfix/private/ifmail w, /var/spool/postfix/private/lmtp w, /var/spool/postfix/private/local w, /var/spool/postfix/private/maildrop w, /var/spool/postfix/private/procmail w, /var/spool/postfix/private/proxymap w, /var/spool/postfix/private/relay w, /var/spool/postfix/private/retry w, /var/spool/postfix/private/rewrite w, /var/spool/postfix/private/scache w, /var/spool/postfix/private/smtp w, /var/spool/postfix/private/trace w, /var/spool/postfix/private/uucp w, /var/spool/postfix/private/verify w, /var/spool/postfix/private/virtual w, /var/spool/postfix/public/ r, /var/spool/postfix/public/cleanup w, /var/spool/postfix/public/flush w, /var/spool/postfix/public/pickup rw, /var/spool/postfix/public/qmgr rw, /var/spool/postfix/public/showq w, /var/spool/postfix/trace/ r, } about 1 year ago 95 milos Edit History
opensuse10.3 /usr/bin/test #include <tunables/global> /usr/bin/test flags=(complain) { #include <abstractions/base> /usr/bin/test mr, } over 2 years ago test 114 hogy Edit History
opensuse10.3 /usr/lib/firefox/firefox-bin #include <tunables/global> /usr/lib/firefox/firefox-bin { #include <abstractions/base> #include <abstractions/dbus> #include <abstractions/fonts> #include <abstractions/gnome> #include <abstractions/nameservice> network inet stream, network inet6 stream, deny /usr/bin/bug-buddy x, /bin/netstat cx, /etc/gnome-vfs-2.0/modules/ r, /etc/sound/events/gtk-events-2.soundlist r, owner /home/*/.ICEauthority r, owner /home/*/.Xauthority r, owner /home/*/.esd_auth r, owner /home/*/.fontconfig/* r, owner /home/*/.gnome2_private/ w, owner /home/*/.mozilla/firefox/** rw, owner /home/*/.mozilla/firefox/*/*.sqlite rwk, owner /home/*/.mozilla/firefox/*/.parentlock wk, /usr/lib/firefox/firefox-bin mr, /var/cache/libx11/compose/* r, profile /bin/netstat { #include <abstractions/base> network inet dgram, /bin/netstat mr, /proc/net/ r, /proc/net/dev r, /proc/net/unix r, } } about 1 year ago test profile - please don't use 90 jjohansen Edit History
opensuse10.3 /usr/lib/helix-dbus-server/helix-dbus-server.bin #include <tunables/global> /usr/lib/helix-dbus-server/helix-dbus-server.bin flags=(complain) { #include <abstractions/audio> #include <abstractions/base> #include <abstractions/nameservice> /proc/cpuinfo r, /usr/lib/RealPlayer10/**.so mr, /usr/lib/helix-dbus-server/helix-dbus-server.bin mr, } over 2 years ago argh, switch things back to complain for a while 123 jmichael Edit History
opensuse10.3 /usr/sbin/NetworkManager #include <tunables/global> /usr/sbin/NetworkManager flags=(complain) { #include <abstractions/base> #include <abstractions/dbus> #include <abstractions/nameservice> capability net_admin, capability net_raw, capability sys_module, network packet packet, /etc/resolv.conf w, /etc/resolv.conf.tmp rw, /etc/sysconfig/network/ r, /etc/sysconfig/network/dhcp r, /proc/net/psched r, /sbin/ip Px, /usr/lib/NetworkManager/nm-crash-logger Px, /usr/sbin/NetworkManager mr, /usr/sbin/nscd Px, /usr/sbin/wpa_supplicant Px, /var/run/NetworkManager.pid w, /var/run/NetworkManager/wpa_ctrl_* w, /var/run/wpa_supplicant-global w, /var/run/wpa_supplicant/* w, } over 2 years ago argh, switch things back to complain for a while 136 jmichael Edit History
opensuse10.3 /usr/lib/firefox/firefox-bin #include <tunables/global> /usr/lib/firefox/firefox-bin { #include <abstractions/audio> #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/dbus> #include <abstractions/fonts> #include <abstractions/gnome> #include <abstractions/kde> #include <abstractions/nameservice> capability sys_nice, / r, /Archiv/ r, /Archiv/Filez/ r, /Archiv/Filez/.privat/ r, /Archiv/Filez/.privat/** r, /Archiv/Filez/GSO/ r, /Archiv/Filez/GSO/** r, /Archiv/computer/howto/cedega/Cedega_6_Quick_Start_Guide.html r, /bin/basename ixr, /bin/bash ixr, /bin/grep ixr, /bin/netstat Px, /bin/ps Px, /bin/uname ixr, /etc/cups/lpoptions r, /etc/gai.conf r, /etc/gnome-vfs-2.0/modules/ r, /etc/mailcap r, /etc/mime.types r, /etc/mtab r, /etc/opt/kde3/share/applications/ r, /etc/opt/kde3/share/applications/mimeinfo.cache r, /etc/samba/dhcp.conf r, /etc/sound/events/gtk-events-2.soundlist r, /home/*/ r, /home/*/.ICEauthority r, /home/*/.Xauthority r, /home/*/.adobe/Flash_Player/** r, /home/*/.beagle/socket w, /home/*/.bookmarks.html rw, /home/*/.cedegarc r, /home/*/.config/ r, /home/*/.config/gtk-2.0/gtkfilechooser.ini rw, /home/*/.config/gtk-2.0/gtkfilechooser.ini.* rw, /home/*/.dmrc r, /home/*/.dvipsrc r, /home/*/.emacs r, /home/*/.esd_auth r, /home/*/.evolution/ r, /home/*/.evolution/.evolution-composer.autosave-A9ON3T w, /home/*/.evolution/camel-cert.db rw, /home/*/.evolution/camel-cert.db~ rw, /home/*/.evolution/categories.xml r, /home/*/.evolution/cert8.db rw, /home/*/.evolution/key3.db rw, /home/*/.evolution/mail/config/folder-tree-expand-state.xml r, /home/*/.evolution/mail/config/gtkrc-mail-fonts r, /home/*/.evolution/secmod.db r, /home/*/.evolution/signatures/signature-0 r, /home/*/.exrc r, /home/*/.fontconfig/* r, /home/*/.gnome2/Totem/state.ini rw, /home/*/.gnome2/Totem/state.ini.KFDV2T rw, /home/*/.gnome2/Totem/state.ini.W6XS2T rw, /home/*/.gnome2/Totem/xine_config rw, /home/*/.gnome2/Totem/xine_config~ w, /home/*/.gnome2/accels/gedit rw, /home/*/.gnome2/evolution-ErtiHU w, /home/*/.gnome2/gecko-rQhLuR w, /home/*/.gnome2/gedit-2 rw, /home/*/.gnome2/gedit-2.6N632T rw, /home/*/.gnome2/gedit-metadata.xml rw, /home/*/.gnome2_private/ w, /home/*/.gpilotd.pid r, /home/*/.gtkrc-1.2-gnome2 r, /home/*/.icons/ r, /home/*/.inputrc r, /home/*/.kde/share/config/kdeglobals r, /home/*/.kermrc r, /home/*/.local/share/applications/ r, /home/*/.local/share/applications/*.desktop r, /home/*/.local/share/applications/defaults.list r, /home/*/.local/share/applications/mimeinfo.cache r, /home/*/.local/share/icons/ r, /home/*/.local/share/mime/aliases r, /home/*/.local/share/mime/globs r, /home/*/.local/share/mime/magic r, /home/*/.local/share/mime/subclasses r, /home/*/.macromedia/Flash_Player/** rw, /home/*/.mailcap r, /home/*/.mozilla/ r, /home/*/.mozilla/firefox/ r, /home/*/.mozilla/firefox/** krw, /home/*/.mozilla/plugins/ r, /home/*/.mozilla/plugins/libflashplayer.so mr, /home/*/.muttrc r, /home/*/.ooo-2.0/.lock krw, /home/*/.ooo-2.0/user/basic/Standard/Module1.xba kr, /home/*/.ooo-2.0/user/basic/Standard/dialog.xlb kr, /home/*/.ooo-2.0/user/basic/Standard/script.xlb kr, /home/*/.ooo-2.0/user/basic/dialog.xlc kr, /home/*/.ooo-2.0/user/basic/script.xlc kr, /home/*/.ooo-2.0/user/config/imagecache/ r, /home/*/.ooo-2.0/user/config/javasettings_Linux_x86.xml r, /home/*/.ooo-2.0/user/config/soffice.cfg/modules/swriter/menubar/ r, /home/*/.ooo-2.0/user/config/soffice.cfg/modules/swriter/statusbar/ r, /home/*/.ooo-2.0/user/config/soffice.cfg/modules/swriter/toolbar/ r, /home/*/.ooo-2.0/user/psprint/ r, /home/*/.ooo-2.0/user/psprint/driver/ r, /home/*/.ooo-2.0/user/psprint/pspfontcache r, /home/*/.ooo-2.0/user/registry/ r, /home/*/.ooo-2.0/user/registry/cache/ r, /home/*/.ooo-2.0/user/registry/cache/org.openoffice.Office.Addons.dat kr, /home/*/.ooo-2.0/user/registry/cache/org.openoffice.Office.Calc.dat kr, /home/*/.ooo-2.0/user/registry/cache/org.openoffice.Office.Commands.dat kr, /home/*/.ooo-2.0/user/registry/cache/org.openoffice.Office.Common.dat kr, /home/*/.ooo-2.0/user/registry/cache/org.openoffice.Office.Compatibility.dat kr, /home/*/.ooo-2.0/user/registry/cache/org.openoffice.Office.Events.dat kr, /home/*/.ooo-2.0/user/registry/cache/org.openoffice.Office.Impress.dat kr, /home/*/.ooo-2.0/user/registry/cache/org.openoffice.Office.Jobs.dat kr, /home/*/.ooo-2.0/user/registry/cache/org.openoffice.Office.Linguistic.dat kr, /home/*/.ooo-2.0/user/registry/cache/org.openoffice.Office.Paths.dat kr, /home/*/.ooo-2.0/user/registry/cache/org.openoffice.Office.ProtocolHandler.dat kr, /home/*/.ooo-2.0/user/registry/cache/org.openoffice.Office.Recovery.dat kr, /home/*/.ooo-2.0/user/registry/cache/org.openoffice.Office.SFX.dat kr, /home/*/.ooo-2.0/user/registry/cache/org.openoffice.Office.Substitution.dat kr, /home/*/.ooo-2.0/user/registry/cache/org.openoffice.Office.TabBrowse.dat kr, /home/*/.ooo-2.0/user/registry/cache/org.openoffice.Office.TypeDetection.dat kr, /home/*/.ooo-2.0/user/registry/cache/org.openoffice.Office.UI.Controller.dat kr, /home/*/.ooo-2.0/user/registry/cache/org.openoffice.Office.UI.Factories.dat kr, /home/*/.ooo-2.0/user/registry/cache/org.openoffice.Office.UI.GenericCommands.dat kr, /home/*/.ooo-2.0/user/registry/cache/org.openoffice.Office.UI.GlobalSettings.dat kr, /home/*/.ooo-2.0/user/registry/cache/org.openoffice.Office.UI.WriterCommands.dat kr, /home/*/.ooo-2.0/user/registry/cache/org.openoffice.Office.UI.WriterWindowState.dat kr, /home/*/.ooo-2.0/user/registry/cache/org.openoffice.Office.UI.dat kr, /home/*/.ooo-2.0/user/registry/cache/org.openoffice.Office.Views.dat kr, /home/*/.ooo-2.0/user/registry/cache/org.openoffice.Office.Writer.dat kr, /home/*/.ooo-2.0/user/registry/cache/org.openoffice.Office.WriterWeb.dat kr, /home/*/.ooo-2.0/user/registry/cache/org.openoffice.Setup.dat kr, /home/*/.ooo-2.0/user/registry/cache/org.openoffice.System.dat kr, /home/*/.ooo-2.0/user/registry/cache/org.openoffice.TypeDetection.Filter.dat kr, /home/*/.ooo-2.0/user/registry/cache/org.openoffice.TypeDetection.Misc.dat kr, /home/*/.ooo-2.0/user/registry/cache/org.openoffice.TypeDetection.Types.dat kr, /home/*/.ooo-2.0/user/registry/cache/org.openoffice.VCL.dat kr, /home/*/.ooo-2.0/user/registry/cache/org.openoffice.ucb.Configuration.dat kr, /home/*/.ooo-2.0/user/registry/cache/org.openoffice.ucb.Store.dat kr, /home/*/.ooo-2.0/user/registry/data/org/openoffice/Office/Common.xcu krw, /home/*/.ooo-2.0/user/registry/data/org/openoffice/Office/Common.xcu_tmp krw, /home/*/.ooo-2.0/user/registry/data/org/openoffice/Office/Linguistic.xcu kr, /home/*/.ooo-2.0/user/registry/data/org/openoffice/Office/Recovery.xcu krw, /home/*/.ooo-2.0/user/registry/data/org/openoffice/Office/Recovery.xcu_tmp krw, /home/*/.ooo-2.0/user/registry/data/org/openoffice/Office/UI/WriterWindowState.xcu kr, /home/*/.ooo-2.0/user/registry/data/org/openoffice/Office/Views.xcu krw, /home/*/.ooo-2.0/user/registry/data/org/openoffice/Office/Views.xcu_tmp krw, /home/*/.ooo-2.0/user/registry/data/org/openoffice/Office/Writer.xcu kr, /home/*/.ooo-2.0/user/registry/data/org/openoffice/Setup.xcu kr, /home/*/.ooo-2.0/user/registry/data/org/openoffice/ucb/Store.xcu kr, /home/*/.ooo-2.0/user/uno_packages/cache/ r, /home/*/.ooo-2.0/user/uno_packages/cache/log.txt krw, /home/*/.ooo-2.0/user/uno_packages/cache/registry/com.sun.star.comp.deployment.component.PackageRegistryBackend/ r, /home/*/.ooo-2.0/user/uno_packages/cache/registry/com.sun.star.comp.deployment.component.PackageRegistryBackend/Linux_x86.rdb kr, /home/*/.ooo-2.0/user/uno_packages/cache/registry/com.sun.star.comp.deployment.component.PackageRegistryBackend/Linux_x86_.rdb krw, /home/*/.ooo-2.0/user/uno_packages/cache/registry/com.sun.star.comp.deployment.component.PackageRegistryBackend/Linux_x86rc krw, /home/*/.ooo-2.0/user/uno_packages/cache/registry/com.sun.star.comp.deployment.component.PackageRegistryBackend/common.rdb kr, /home/*/.ooo-2.0/user/uno_packages/cache/registry/com.sun.star.comp.deployment.component.PackageRegistryBackend/common_.rdb krw, /home/*/.ooo-2.0/user/uno_packages/cache/registry/com.sun.star.comp.deployment.component.PackageRegistryBackend/unorc krw, /home/*/.ooo-2.0/user/uno_packages/cache/registry/com.sun.star.comp.deployment.configuration.PackageRegistryBackend/registered_packages.db rw, /home/*/.ooo-2.0/user/uno_packages/cache/registry/com.sun.star.comp.deployment.configuration.PackageRegistryBackend/registry/ r, /home/*/.ooo-2.0/user/uno_packages/cache/stamp.sys krw, /home/*/.ooo-2.0/user/uno_packages/cache/uno_packages.db rw, /home/*/.ooo-2.0/user/uno_packages/cache/uno_packages/ r, /home/*/.ooo-2.0/user/wordbook/ r, /home/*/.opensuse-updater-gnome r, /home/*/.realplayerrc r, /home/*/.recently-used krw, /home/*/.recently-used.xbel rw, /home/*/.recently-used.xbel.* rw, /home/*/.urlview r, /home/*/.viminfo r, /home/*/.windows-label r, /home/*/.xcoralrc r, /home/*/.xim.template r, /home/*/.xine/catalog.cache rw, /home/*/.xinitrc.template r, /home/*/.xsession-errors r, /home/*/.xtalkrc r, /home/*/.y2log r, /home/*/Desktop/ r, /home/*/Desktop/** rw, /home/*/Documents/** rw, /home/*/mycompiz r, /opt/kde3/bin/gwenview Px, /opt/kde3/share/applications/ r, /opt/kde3/share/applications/kde/amarok.desktop r, /opt/kde3/share/applications/kde/kate.desktop r, /opt/kde3/share/applications/kde/kfmclient_dir.desktop r, /opt/kde3/share/applications/kde/kwrite.desktop r, /opt/kde3/share/applications/kde/realplay-kde.desktop r, /opt/kde3/share/applications/mimeinfo.cache r, /proc/*/maps r, /proc/cpuinfo r, /proc/meminfo r, /proc/stat r, /proc/sys/kernel/ngroups_max r, /root/.gnome2_private/ w, /root/.mozilla/firefox/** krw, /tmp/ rw, /tmp/** klrw, /usr/X11R6/lib/lib*so* mr, /usr/bin/acroread Px, /usr/bin/banshee ixr, /usr/bin/bug-buddy ixr, /usr/bin/dirname ixr, /usr/bin/eog Px, /usr/bin/evince Px, /usr/bin/evolution ixr, /usr/bin/file-roller Px, /usr/bin/find ixr, /usr/bin/gedit ixr, /usr/bin/gimp-remote-2.2 Px, /usr/bin/gnome-mplayer ixr, /usr/bin/gnome-open ixr, /usr/bin/gvim-normal ixr, /usr/bin/head ixr, /usr/bin/mplayer Px, /usr/bin/nautilus ixr, /usr/bin/oowriter ixr, /usr/bin/purple-url-handler ixr, /usr/bin/python2.5 ixr, /usr/bin/totem ixr, /usr/bin/wine ixr, /usr/bin/xdg-open ixr, /usr/lib/** kmr, /usr/lib/firefox/** mrw, /usr/lib/firefox/firefox-bin ixr, /usr/lib/firefox/firefox.sh Px, /usr/lib/ooo-2.0/program/javaldx ixr, /usr/lib/ooo-2.0/program/ooqstart ixr, /usr/lib/ooo-2.0/program/pagein ixr, /usr/lib/ooo-2.0/program/soffice ixr, /usr/lib/ooo-2.0/program/soffice.bin ixr, /usr/lib/totem/totem-plugin-viewer ixr, /usr/share/** r, /usr/share/locale-bundle/de/LC_MESSAGES/*.mo mr, /usr/share/locale/** mr, /usr/share/ooo-2.0/share/config/images_crystal.zip kr, /usr/share/ooo-2.0/share/config/images_tango.zip kr, /var/cache/gnome-vfs/defaults.list r, /var/cache/libx11/compose/* r, /var/run/cups/cups.sock w, /var/run/nscd/services r, } about 1 year ago 144 overwrite Edit History
opensuse10.3 /etc/NetworkManager/dispatcher.d/nfs #include <tunables/global> /etc/NetworkManager/dispatcher.d/nfs { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> /bin/bash ixr, /bin/ls ixmr, /etc/NetworkManager/dispatcher.d/nfs mr, /etc/init.d/rc5.d/ r, /proc/meminfo r, /sbin/runlevel Px, } about 1 year ago Import of jmichaels profiles 99 dominic Edit History
opensuse10.3 /opt/kde3/bin/kmail #include <tunables/global> /opt/kde3/bin/kmail flags=(complain) { #include <abstractions/base> /opt/kde3/bin/kmail mr, /opt/kde3/lib/lib*so* mr, } about 1 year ago kmail1 100 mmm Edit History
opensuse10.3 /usr/lib/postfix/cleanup # $Id: usr.lib.postfix.cleanup 741 2007-06-11 22:55:56Z seth_arnold $ # ------------------------------------------------------------------ # # Copyright (C) 2002-2006 Novell/SUSE # # This program is free software; you can redistribute it and/or # modify it under the terms of version 2 of the GNU General Public # License published by the Free Software Foundation. # # ------------------------------------------------------------------ #include <tunables/global> /usr/lib/postfix/cleanup { #include <abstractions/base> #include <abstractions/kerberosclient> #include <abstractions/nameservice> #include <program-chunks/postfix-common> capability net_bind_service, /etc/gai.conf r, /etc/postfix/* krw, /etc/{m,fs}tab r, /usr/lib/postfix/cleanup rmix, /var/spool/postfix/** krw, /{var/spool/postfix/,}hold/[0-9A-F]* w, /{var/spool/postfix/,}incoming/[0-9A-F]/ rwl, /{var/spool/postfix/,}incoming/[0-9A-F]/[0-9A-F]/ rwl, /{var/spool/postfix/,}incoming/[0-9A-F]/[0-9A-F]/* rwl, /{var/spool/postfix/,}incoming/[0-9]*.[0-9]* rwl, /{var/spool/postfix/,}pid/unix.cleanup rw, /{var/spool/postfix/,}private/{rewrite,bounce} w, /{var/spool/postfix/,}public/qmgr w, } about 1 year ago ssh needed the ability to create /root/.ssh, and assorted CUPS fixes 112 crispin Edit History
opensuse10.3 /usr/lib/gnome-main-menu/main-menu #include <tunables/global> /usr/lib/gnome-main-menu/main-menu flags=(complain) { #include <abstractions/base> #include <abstractions/dbus> #include <abstractions/fonts> #include <abstractions/gnome> #include <abstractions/kde> #include <abstractions/nameservice> /etc/gnome-vfs-2.0/modules/ r, /etc/mtab r, /etc/opt/kde3/share/applications/ r, /etc/opt/kde3/share/applications/mimeinfo.cache r, /etc/sound/events/gtk-events-2.soundlist r, /home/*/ r, /home/*/.ICEauthority r, /home/*/.Xauthority r, /home/*/.config/ w, /home/*/.config/gnome-main-menu/ w, /home/*/.config/gnome-main-menu/showable_files_migrated w, /home/*/.esd_auth r, /home/*/.fontconfig/* r, /home/*/.gnome2_private/ w, /home/*/.icons/ r, /home/*/.local/share/applications/ r, /home/*/.local/share/applications/*.desktop r, /home/*/.local/share/applications/defaults.list r, /home/*/.local/share/applications/mimeinfo.cache r, /home/*/.local/share/icons/ r, /home/*/.local/share/mime/aliases r, /home/*/.local/share/mime/globs r, /home/*/.local/share/mime/magic r, /home/*/.local/share/mime/subclasses r, /home/*/.recently-used.xbel r, /home/*/.recently-used.xbel.* rw, /home/*/.thumbnails/ w, /home/*/.thumbnails/** rw, /home/*/Desktop/** r, /home/*/Documents/* rw, /opt/kde3/share/applications/ r, /opt/kde3/share/applications/mimeinfo.cache r, /proc/*/mounts r, /proc/meminfo r, /proc/net/dev r, /proc/partitions r, /proc/stat r, /sys/block/**/stat r, /sys/devices/**/net/*/statistics/* r, /tmp/orbit-*/bonobo-activation-register.lock klrw, /usr/bin/beagle-search Px, /usr/bin/bug-buddy ixr, /usr/bin/evince-thumbnailer Px, /usr/bin/gnome-screensaver-command Px, /usr/bin/gsf-office-thumbnailer Px, /usr/bin/package-manager Px, /usr/bin/totem-video-thumbnailer Px, /usr/lib/gnome-main-menu/main-menu mr, /usr/share/applications/ r, /usr/share/applications/**.desktop r, /usr/share/applications/mimeinfo.cache r, /usr/share/f-spot/icons/**.png r, /usr/share/gdm/applications/ r, /usr/share/gnome-2.0/ui/*.xml r, /usr/share/gnome-main-menu/ r, /usr/share/gnome-main-menu/*.glade r, /usr/share/gnome-main-menu/*.xbel r, /usr/share/gnome-main-menu/empty.ods r, /usr/share/mime/**.xml r, /var/cache/gnome-vfs/defaults.list r, /var/cache/libx11/compose/* r, } over 2 years ago minor changes for 10.3 rc2 initial gnome launch 123 jmichael Edit History
opensuse10.3 /usr/sbin/postfix #include <tunables/global> /usr/sbin/postfix flags=(complain) { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/nameservice> #include <abstractions/nis> capability dac_override, capability net_bind_service, capability setgid, capability setuid, capability sys_tty_config, /bin/bash ixr, /bin/egrep ixr, /bin/grep ixr, /bin/ls ixmr, /bin/uname ixr, /dev/console rw, /dev/tty rw, /etc/gai.conf r, /etc/postfix/ r, /etc/postfix/dynamicmaps.cf r, /etc/postfix/main.cf r, /etc/postfix/master.cf r, /etc/postfix/post-install r, /etc/postfix/postfix-files r, /etc/postfix/postfix-script ixr, /etc/postfix/relocated.db krw, /etc/postfix/transport.db krw, /etc/postfix/virtual.db krw, /proc/meminfo r, /proc/net/if_inet6 r, /proc/stat r, /proc/sys/kernel/ngroups_max r, /usr/bin/cmp ixr, /usr/bin/find ixr, /usr/lib/postfix/bounce ixr, /usr/lib/postfix/error ixr, /usr/lib/postfix/master ixr, /usr/lib/postfix/pickup ixr, /usr/lib/postfix/qmgr ixr, /usr/lib/postfix/smtp ixr, /usr/lib/postfix/trivial-rewrite ixr, /usr/sbin/ r, /usr/sbin/postconf ixr, /usr/sbin/postfix mr, /usr/sbin/postlog ixr, /usr/sbin/postqueue ixr, /usr/sbin/postsuper ixr, /usr/sbin/sendmail r, /usr/share/doc/packages/postfix/README_FILES/QMQP_README r, /var/run/nscd/services r, /var/spool/postfix/ r, /var/spool/postfix/active/ r, /var/spool/postfix/active/100091AF41CB krw, /var/spool/postfix/active/4BE3E1AF41C1 krw, /var/spool/postfix/active/4CE981AF41C2 krw, /var/spool/postfix/active/644E71AF41C4 krw, /var/spool/postfix/active/A3C3F1AF41B0 krw, /var/spool/postfix/active/BDB231AF41B6 krw, /var/spool/postfix/active/CAE441AF41C0 krw, /var/spool/postfix/bounce/ r, /var/spool/postfix/corrupt/ r, /var/spool/postfix/defer/ r, /var/spool/postfix/defer/1/ r, /var/spool/postfix/defer/1/100091AF41CB kw, /var/spool/postfix/defer/4/ r, /var/spool/postfix/defer/4/4BE3E1AF41C1 kw, /var/spool/postfix/defer/4/4CE981AF41C2 kw, /var/spool/postfix/defer/6/ r, /var/spool/postfix/defer/6/644E71AF41C4 kw, /var/spool/postfix/defer/A/ r, /var/spool/postfix/defer/A/A3C3F1AF41B0 kw, /var/spool/postfix/defer/B/ r, /var/spool/postfix/defer/B/BDB231AF41B6 kw, /var/spool/postfix/defer/C/ r, /var/spool/postfix/defer/C/CAE441AF41C0 kw, /var/spool/postfix/deferred/ r, /var/spool/postfix/deferred/1/ r, /var/spool/postfix/deferred/1/100091AF41CB rw, /var/spool/postfix/deferred/4/ r, /var/spool/postfix/deferred/4/4BE3E1AF41C1 rw, /var/spool/postfix/deferred/4/4CE981AF41C2 rw, /var/spool/postfix/deferred/6/ r, /var/spool/postfix/deferred/6/644E71AF41C4 rw, /var/spool/postfix/deferred/A/ r, /var/spool/postfix/deferred/A/A3C3F1AF41B0 rw, /var/spool/postfix/deferred/B/ r, /var/spool/postfix/deferred/B/BDB231AF41B6 rw, /var/spool/postfix/deferred/C/ r, /var/spool/postfix/deferred/C/CAE441AF41C0 rw, /var/spool/postfix/flush/ r, /var/spool/postfix/hold/ r, /var/spool/postfix/incoming/ r, /var/spool/postfix/maildrop/ r, /var/spool/postfix/pid/master.pid krw, /var/spool/postfix/pid/unix.defer krw, /var/spool/postfix/pid/unix.retry krw, /var/spool/postfix/pid/unix.smtp krw, /var/spool/postfix/private/ r, /var/spool/postfix/private/anvil w, /var/spool/postfix/private/bounce w, /var/spool/postfix/private/bsmtp w, /var/spool/postfix/private/cyrus w, /var/spool/postfix/private/defer w, /var/spool/postfix/private/discard w, /var/spool/postfix/private/error w, /var/spool/postfix/private/ifmail w, /var/spool/postfix/private/lmtp w, /var/spool/postfix/private/local w, /var/spool/postfix/private/maildrop w, /var/spool/postfix/private/procmail w, /var/spool/postfix/private/proxymap w, /var/spool/postfix/private/relay w, /var/spool/postfix/private/retry w, /var/spool/postfix/private/rewrite w, /var/spool/postfix/private/scache w, /var/spool/postfix/private/smtp w, /var/spool/postfix/private/trace w, /var/spool/postfix/private/uucp w, /var/spool/postfix/private/verify w, /var/spool/postfix/private/virtual w, /var/spool/postfix/public/ r, /var/spool/postfix/public/cleanup w, /var/spool/postfix/public/flush w, /var/spool/postfix/public/pickup rw, /var/spool/postfix/public/qmgr rw, /var/spool/postfix/public/showq w, /var/spool/postfix/trace/ r, } over 2 years ago dazuko 396 overwrite Edit History
opensuse10.3 /usr/bin/gnome-keyring-daemon #include <tunables/global> /usr/bin/gnome-keyring-daemon flags=(complain) { #include <abstractions/base> #include <abstractions/nameservice> capability sys_ptrace, /home/*/.gnome2/keyrings/ r, /home/*/.gnome2/keyrings/.keyring* rw, /home/*/.gnome2/keyrings/default.keyring rw, /tmp/keyring-*/ w, /tmp/keyring-*/socket w, /usr/bin/gnome-keyring-daemon mr, /usr/lib/gnome-keyring-1/gnome-keyring-ask Px, } over 2 years ago argh, switch things back to complain for a while 122 jmichael Edit History
opensuse10.3 /etc/NetworkManager/dispatcher.d/nfs #include <tunables/global> /etc/NetworkManager/dispatcher.d/nfs { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> /bin/bash ixr, /bin/ls ixmr, /etc/NetworkManager/dispatcher.d/nfs mr, /etc/init.d/rc5.d/ r, /proc/meminfo r, /sbin/runlevel Px, } about 1 year ago none 96 cinimod Edit History
opensuse10.3 /bin/netstat #include <tunables/global> /bin/netstat flags=(complain) { #include <abstractions/base> #include <abstractions/nameservice> capability dac_override, capability sys_ptrace, /bin/netstat mr, /proc/ r, /proc/*/cmdline r, /proc/*/fd/ r, /proc/net/ r, /proc/net/* r, } about 1 year ago 110 overwrite Edit History
opensuse10.3 /bin/dbus-daemon #include <tunables/global> /bin/dbus-daemon flags=(complain) { #include <abstractions/base> #include <abstractions/dbus> #include <abstractions/nameservice> capability dac_override, capability setgid, capability setuid, /bin/dbus-daemon mr, /etc/dbus-1/session.conf r, /etc/dbus-1/system.conf r, /etc/dbus-1/system.d/ r, /etc/dbus-1/system.d/*.conf r, /usr/bin/helix-dbus-server Px, /usr/lib/control-center-2.0/gnome-settings-daemon Px, /usr/lib/gnome-vfs-2.0/gnome-vfs-daemon Px, /usr/lib/notification-daemon-1.0/notification-daemon Px, /usr/share/dbus-1/services/ r, /usr/share/dbus-1/services/*.service r, /var/run/dbus/pid w, } over 2 years ago argh, switch things back to complain for a while 131 jmichael Edit History
opensuse10.3 /usr/local/BGDialupWiFiAgent/wifi_agent.sh #include <tunables/global> /usr/local/BGDialupWiFiAgent/wifi_agent.sh flags=(complain) { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/nameservice> #include <abstractions/perl> capability net_admin, capability net_raw, network inet raw, /bin/bash ixr, /bin/date ixr, /bin/echo ixr, /dev/tty rw, /etc/SuSE-release r, /etc/fonts/** r, /etc/sysconfig/clock r, /proc/*/fd/ r, /proc/*/maps r, /proc/meminfo r, /proc/net/if_inet6 r, /proc/net/ipv6_route r, /proc/net/psched r, /proc/stat r, /proc/sys/net/ipv4/ip_forward w, /root/.Xauthority r, /sbin/arp Ux, /tmp/ r, /tmp/** mrw, /usr/bin/perl ix, /usr/bin/readlink ixr, /usr/lib64/** mr, /usr/lib64/jvm/java-1.6.0.u4-sun-1.6.0.u4/jre/bin/java ixr, /usr/lib64/jvm/java-1.6.0.u4-sun-1.6.0.u4/jre/bin/java.bin ixr, /usr/local/BGDialupWiFiAgent/** mrw, /usr/local/BGDialupWiFiAgent/init.sh ixr, /usr/local/BGDialupWiFiAgent/init_manad.sh ixr, /usr/local/BGDialupWiFiAgent/iptables.sh ixr, /usr/local/BGDialupWiFiAgent/login.sh ixr, /usr/local/BGDialupWiFiAgent/logout.sh ixr, /usr/local/BGDialupWiFiAgent/tell_manad.pl ixr, /usr/local/BGDialupWiFiAgent/wifi_manad.pl ixr, /usr/sbin/iptables mrux, /usr/sbin/tc mrux, /usr/share/X11/locale/en_US.UTF-8/XLC_LOCALE r, /usr/share/X11/locale/locale.alias r, /usr/share/X11/locale/locale.dir r, /usr/share/fonts/** r, /usr/share/ghostscript/fonts/** r, /usr/share/icons/Industrial/cursors/right_ptr r, /usr/share/zoneinfo/ r, /var/cache/fontconfig/17090aa38d5c6f09fb8c5c354938f1d7-x86-64.cache-2 mr, /var/cache/fontconfig/17eac1165263be9f8c818b6f419cf6e6-x86-64.cache-2 mr, /var/cache/fontconfig/2d31a572ce6667f6a0da9c8dc611898b-x86-64.cache-2 r, /var/cache/fontconfig/30786aca7a961ef9f9799e540455831d-x86-64.cache-2 r, /var/cache/fontconfig/3830d5c3ddfd5cd38a049b759396e72e-x86-64.cache-2 r, /var/cache/fontconfig/4b172ca7f111e3cffadc3636415fead9-x86-64.cache-2 r, /var/cache/fontconfig/5582bcdff229c67b5fec2ece77d58e8f-x86-64.cache-2 r, /var/cache/fontconfig/5ca8086aeacc9c68e81a71e7ef846b3b-x86-64.cache-2 r, /var/cache/fontconfig/77e41c5059666d75f92e318d4be8c21e-x86-64.cache-2 mr, /var/cache/fontconfig/7975540dee8a6ff17f6798a1cba5e67e-x86-64.cache-2 mr, /var/cache/fontconfig/7ef2298fde41cc6eeb7af42e48b7d293-x86-64.cache-2 mr, /var/cache/fontconfig/8d4af663993b81a124ee82e610bb31f9-x86-64.cache-2 mr, /var/cache/fontconfig/96694e2e5c96306c7f07acd6d3b454e6-x86-64.cache-2 mr, /var/cache/fontconfig/a1c95d6dfc9a7b34f44445cf81166004-x86-64.cache-2 r, /var/cache/fontconfig/d458be102e54cf534d1eef0dcbb02d07-x86-64.cache-2 mr, /var/cache/fontconfig/d62e99ef547d1d24cdb1bd22ec1a2976-x86-64.cache-2 mr, /var/cache/fontconfig/df311e82a1a24c41a75c2c930223552e-x86-64.cache-2 mr, /var/run/manad.pid w, } about 1 year ago andrew 70 gankov Edit History
opensuse10.3 /usr/bin/gnome-screensaver-command #include <tunables/global> /usr/bin/gnome-screensaver-command { #include <abstractions/base> /usr/bin/gnome-screensaver-command mr, } about 1 year ago Import of jmichaels profiles 91 dominic Edit History
opensuse10.3 /usr/local/BGBillingServer/scheduler.sh #include <tunables/global> /usr/local/BGBillingServer/scheduler.sh flags=(complain) { #include <abstractions/base> #include <abstractions/bash> /bin/bash ixr, /dev/tty rw, /usr/bin/nohup ixr, /usr/lib64/jvm/java-1.6.0.u4-sun-1.6.0.u4/jre/bin/java px, /usr/local/BGBillingServer/log/scheduler.out w, /usr/local/BGBillingServer/scheduler.sh mr, } about 1 year ago andrew 157 gankov Edit History
opensuse10.3 /usr/sbin/saslauthd #include <tunables/global> /usr/sbin/saslauthd { #include <abstractions/base> #include <abstractions/nameservice> capability dac_override, /etc/saslauthd.conf r, /usr/sbin/saslauthd mr, /var/run/sasl2/* krw, } about 1 year ago 354 arclyde Edit History
opensuse10.3 /usr/lib/control-center-2.0/novell-sysconfig-proxy-helper #include <tunables/global> /usr/lib/control-center-2.0/novell-sysconfig-proxy-helper flags=(complain) { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> /bin/bash ixr, /etc/sysconfig/proxy r, /proc/meminfo r, /proc/sys/kernel/ngroups_max r, /usr/lib/control-center-2.0/novell-sysconfig-proxy-helper mr, } over 2 years ago argh, switch things back to complain for a while 145 jmichael Edit History
opensuse10.3 /etc/gdm/Xsession #include <tunables/global> /etc/gdm/Xsession { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> /bin/bash ixr, /etc/X11/xdm/Xsession Px, /etc/gdm/Xsession mr, /proc/meminfo r, } about 1 year ago Import of jmichaels profiles 114 dominic Edit History
opensuse10.3 /etc/gdm/PreSession/Default #include <tunables/global> /etc/gdm/PreSession/Default { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> capability setgid, capability setuid, /bin/bash ixr, /bin/sed ixr, /etc/gdm/PreSession/Default mr, /usr/bin/gdmflexiserver Px, /usr/bin/xsetroot Px, } about 1 year ago Import of jmichaels profiles 79 dominic Edit History
opensuse10.3 /opt/firefox/firefox #include <tunables/global> /opt/firefox/firefox { #include <abstractions/base> #include <abstractions/bash> /bin/bash ix, /opt/firefox/firefox mr, } 8 months ago Firefox Browser 59 tom Edit History
opensuse10.3 /usr/bin/gnome-screensaver-command #include <tunables/global> /usr/bin/gnome-screensaver-command { #include <abstractions/base> /usr/bin/gnome-screensaver-command mr, } about 1 year ago none 84 cinimod Edit History
opensuse10.3 /usr/bin/Azureus.sh #include <tunables/global> /usr/bin/Azureus.sh flags=(complain) { #include <abstractions/base> #include <abstractions/bash> /bin/bash ix, /usr/bin/Azureus.sh mr, } about 1 year ago installer 101 Lanecamper Edit History
opensuse10.3 /etc/X11/xdm/sys.xsession #include <tunables/global> /etc/X11/xdm/sys.xsession { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/user-tmp> capability sys_ptrace, /bin/bash ixr, /etc/X11/xdm/sys.xsession mr, /etc/X11/xinit/xinitrc r, /etc/X11/xinit/xinitrc.common r, /etc/X11/xinit/xinitrc.d/ r, /etc/X11/xinit/xinitrc.d/sabayon-xinitrc.sh Px, /home/*/.gnupg/agent.info rw, /home/*/.gnupg/agent.pid rw, /proc/ r, /proc/*/stat r, /proc/*/statm r, /proc/meminfo r, /proc/sys/kernel/ngroups_max r, /sbin/checkproc ixr, /usr/bin/dbus-launch Px, /usr/bin/gpg-agent Pxr, /usr/bin/ssh-agent ixr, /usr/lib/ssh/x11-ssh-askpass Px, } about 1 year ago Import of jmichaels profiles 89 dominic Edit History
opensuse10.3 /bin/su #include <tunables/global> /bin/su flags=(complain) { #include <abstractions/base> /bin/su mr, } about 1 year ago /prg/milos/su.log 97 gomi Edit History
opensuse10.3 Marcel I`am a Linux Newbie about 1 year ago 91 doggy29 Edit History
opensuse10.3 /etc/gdm/Xsession #include <tunables/global> /etc/gdm/Xsession { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> /bin/bash ixr, /etc/X11/xdm/Xsession Px, /etc/gdm/Xsession mr, /proc/meminfo r, } about 1 year ago none 101 cinimod Edit History
opensuse10.3 /etc/gdm/PreSession/Default #include <tunables/global> /etc/gdm/PreSession/Default { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> capability setgid, capability setuid, /bin/bash ixr, /bin/sed ixr, /etc/gdm/PreSession/Default mr, /usr/bin/gdmflexiserver Px, /usr/bin/xsetroot Px, } about 1 year ago none 72 cinimod Edit History
opensuse10.3 /etc/X11/xdm/sys.xsession #include <tunables/global> /etc/X11/xdm/sys.xsession { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/user-tmp> capability sys_ptrace, /bin/bash ixr, /etc/X11/xdm/sys.xsession mr, /etc/X11/xinit/xinitrc r, /etc/X11/xinit/xinitrc.common r, /etc/X11/xinit/xinitrc.d/ r, /etc/X11/xinit/xinitrc.d/sabayon-xinitrc.sh Px, /home/*/.gnupg/agent.info rw, /home/*/.gnupg/agent.pid rw, /proc/ r, /proc/*/stat r, /proc/*/statm r, /proc/meminfo r, /proc/sys/kernel/ngroups_max r, /sbin/checkproc ixr, /usr/bin/dbus-launch Px, /usr/bin/gpg-agent Pxr, /usr/bin/ssh-agent ixr, /usr/lib/ssh/x11-ssh-askpass Px, } about 1 year ago none 88 cinimod Edit History
opensuse10.3 /sbin/ldconfig #include <tunables/global> /sbin/ldconfig { #include <abstractions/base> /etc/ld.so.cache mrw, /etc/ld.so.cache~ rw, /etc/ld.so.conf r, /etc/ld.so.conf.d/ r, /etc/ld.so.conf.d/* r, /lib/ r, /opt/kde3/lib/ r, /sbin/ldconfig mr, /usr/X11R6/lib/ r, /usr/lib/ r, /usr/local/lib/ r, /var/cache/ldconfig/aux-cache rw, /var/cache/ldconfig/aux-cache~ rw, } about 1 year ago Import of jmichaels profiles 126 dominic Edit History
opensuse10.3 /etc/sysconfig/network/scripts/SuSEfirewall2 #include <tunables/global> /etc/sysconfig/network/scripts/SuSEfirewall2 flags=(complain) { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> /bin/bash ixr, /etc/sysconfig/network/config r, /etc/sysconfig/network/ifcfg-* r, /etc/sysconfig/network/scripts/SuSEfirewall2 mr, /proc/meminfo r, } over 2 years ago argh, switch things back to complain for a while 119 jmichael Edit History
opensuse10.3 /usr/bin/VirtualBox #include <tunables/global> /usr/bin/VirtualBox flags=(complain) { #include <abstractions/base> /usr/bin/VirtualBox mr, } about 1 year ago Rich 86 ruscorp Edit History
opensuse10.3 /usr/sbin/mysqld # ------------------------------------------------------------------ # # Copyright (C) 2002-2005 Novell/SUSE # # This program is free software; you can redistribute it and/or # modify it under the terms of version 2 of the GNU General Public # License published by the Free Software Foundation. # # ------------------------------------------------------------------ #include <tunables/global> /usr/sbin/mysqld flags=(complain) { #include <abstractions/base> #include <abstractions/nameservice> #include <abstractions/user-tmp> capability dac_override, capability setgid, capability setuid, /etc/hosts.deny r, /etc/my.cnf r, /usr/sbin/mysqld r, /usr/share/mysql/** r, /var/lib/mysql/** klrw, } about 1 year ago mysql2 96 eviled Edit History
opensuse10.3 /opt/j2sdk1.4.2_16/bin/java #include <tunables/global> /opt/j2sdk1.4.2_16/bin/java flags=(complain) { #include <abstractions/X> #include <abstractions/base> #include <abstractions/nameservice> #include <abstractions/user-tmp> /dev/* krw, /etc/* r, /etc/sysconfig/* r, /home/** mrw, /opt/j2sdk1.4.2_16/** mr, /opt/j2sdk1.4.2_16/bin/java ixr, /proc/** r, /tmp/** lmrw, /usr/share/** r, /var/run/** mr, } about 1 year ago jdk1.4.2 115 drepkine Edit History
opensuse10.3 /usr/bin/totem-video-indexer #include <tunables/global> /usr/bin/totem-video-indexer flags=(complain) { #include <abstractions/base> #include <abstractions/gnome> #include <abstractions/nameservice> /etc/gnome-vfs-2.0/modules/ r, /home/*/.gstreamer-0.10/registry.i686.xml mr, /usr/bin/totem-video-indexer mr, /var/cache/beagle/.gstreamer-0.10/registry.i686.xml mr, } over 2 years ago couple minor changes 123 jmichael Edit History
opensuse10.3 /sbin/ldconfig #include <tunables/global> /sbin/ldconfig { #include <abstractions/base> /etc/ld.so.cache mrw, /etc/ld.so.cache~ rw, /etc/ld.so.conf r, /etc/ld.so.conf.d/ r, /etc/ld.so.conf.d/* r, /lib/ r, /opt/kde3/lib/ r, /sbin/ldconfig mr, /usr/X11R6/lib/ r, /usr/lib/ r, /usr/local/lib/ r, /var/cache/ldconfig/aux-cache rw, /var/cache/ldconfig/aux-cache~ rw, } about 1 year ago none 95 cinimod Edit History
opensuse10.3 /usr/lib/thunderbird/thunderbird.sh #include <tunables/global> /usr/lib/thunderbird/thunderbird.sh { #include <abstractions/base> #include <abstractions/bash> /bin/basename Px, /bin/bash ix, /usr/bin/aoss px, /usr/bin/which px, /usr/lib/thunderbird/thunderbird.sh mr, } over 2 years ago 20071015 127 davepl Edit History
opensuse10.3 /sbin/yast2 #include <tunables/global> /sbin/yast2 flags=(complain) { #include <abstractions/base> #include <abstractions/bash> /bin/bash ix, /sbin/yast2 mr, } about 1 year ago jlee 77 jlee Edit History
opensuse10.3 /sbin/portmap #include <tunables/global> /sbin/portmap flags=(complain) { #include <abstractions/base> #include <abstractions/nameservice> #include <abstractions/nis> capability net_bind_service, capability setgid, capability setuid, /sbin/portmap mr, /var/run/portmap_mapping rw, } over 2 years ago 145 sebastian Edit History
opensuse10.3 /usr/bin/helix-dbus-server #include <tunables/global> /usr/bin/helix-dbus-server flags=(complain) { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> /bin/bash ixr, /proc/meminfo r, /usr/bin/helix-dbus-server mr, /usr/lib/helix-dbus-server/helix-dbus-server.bin px, } over 2 years ago argh, switch things back to complain for a while 116 jmichael Edit History
opensuse10.3 /usr/bin/mailx #include <tunables/global> /usr/bin/mailx flags=(complain) { #include <abstractions/base> /usr/bin/mailx mr, } about 1 year ago mail-aaprofile 78 serg Edit History
opensuse10.3 /usr/lib/GConf/2/gconfd-2 # $Id: usr.lib.GConf.2.gconfd-2 735 2007-06-11 05:17:30Z seth_arnold $ # ------------------------------------------------------------------ # # Copyright (C) 2002-2005 Novell/SUSE # # This program is free software; you can redistribute it and/or # modify it under the terms of version 2 of the GNU General Public # License published by the Free Software Foundation. # # ------------------------------------------------------------------ #include <tunables/global> /usr/lib/GConf/2/gconfd-2 { #include <abstractions/base> #include <abstractions/nameservice> #include <abstractions/user-tmp> /etc/gconf/2/path r, /etc/gconf/gconf.xml.defaults r, /etc/gconf/gconf.xml.defaults/** r, /etc/gconf/gconf.xml.defaults/schemas/** r, /etc/gconf/gconf.xml.mandatory r, /usr/lib/GConf/2/gconfd-2 rmix, /usr/lib/GConf/2/libgconfbackend-xml.so mr, /usr/lib64/GConf/2/libgconfbackend-xml.so mr, /usr/share/locale/** r, @{HOME}/.gconf r, @{HOME}/.gconf/** lrw, @{HOME}/.gconfd/** lrw, } over 2 years ago 20071015 119 davepl Edit History
opensuse10.3 /usr/bin/metacity #include <tunables/global> /usr/bin/metacity { #include <abstractions/base> #include <abstractions/gnome> #include <abstractions/nameservice> /home/*/.ICEauthority r, /home/*/.Xauthority r, /home/*/.fontconfig/* r, /home/*/.metacity/sessions/* w, /proc/meminfo r, /usr/bin/bug-buddy ixr, /usr/bin/metacity mr, } about 1 year ago none 80 cinimod Edit History
opensuse10.3 /usr/bin/tty #include <tunables/global> /usr/bin/tty flags=(complain) { #include <abstractions/base> /usr/bin/tty mr, } about 1 year ago 81 arturk Edit History
opensuse10.3 /bin/sleep #include <tunables/global> /bin/sleep flags=(complain) { #include <abstractions/base> /bin/sleep mr, } over 2 years ago argh, switch things back to complain for a while 108 jmichael Edit History
opensuse10.3 /usr/Powerware/LanSafe/Bin/PowerMonitor #include <tunables/global> /usr/Powerware/LanSafe/Bin/PowerMonitor { #include <abstractions/base> #include <abstractions/consoles> #include <abstractions/nameservice> #include <abstractions/user-tmp> capability dac_override, capability dac_read_search, /usr/Powerware/LanSafe/Bin/PowerMonitor mr, /usr/Powerware/LanSafe/Config/* rw, } about 1 year ago 162 arclyde Edit History
opensuse10.3 /usr/lib64/jvm/java-1.6.0.u4-sun-1.6.0.u4/jre/bin/java #include <tunables/global> /usr/lib64/jvm/java-1.6.0.u4-sun-1.6.0.u4/jre/bin/java flags=(complain) { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/nameservice> /bin/bash ixr, /dev/tty rw, /etc/sysconfig/clock r, /proc/*/maps r, /proc/meminfo r, /proc/net/if_inet6 r, /proc/net/ipv6_route r, /proc/stat r, /tmp/** mrw, /usr/bin/readlink ixr, /usr/lib64/** mr, /usr/lib64/jvm/java-1.6.0.u4-sun-1.6.0.u4/jre/bin/java.bin ixr, /usr/local/BGBillingServer/data/data.properties r, /usr/local/BGBillingServer/data/log4j.properties r, /usr/local/BGBillingServer/lib/ r, /usr/local/BGBillingServer/lib/activation.jar mr, /usr/local/BGBillingServer/lib/annotations-api.jar mr, /usr/local/BGBillingServer/lib/avalon-framework.jar mr, /usr/local/BGBillingServer/lib/batik.jar mr, /usr/local/BGBillingServer/lib/bsh-1.3.0.jar mr, /usr/local/BGBillingServer/lib/call.jar mr, /usr/local/BGBillingServer/lib/catalina.jar mr, /usr/local/BGBillingServer/lib/commons-beanutils.jar mr, /usr/local/BGBillingServer/lib/commons-chain.jar mr, /usr/local/BGBillingServer/lib/commons-collections.jar mr, /usr/local/BGBillingServer/lib/commons-dbcp-1.1.jar mr, /usr/local/BGBillingServer/lib/commons-digester.jar mr, /usr/local/BGBillingServer/lib/commons-el.jar mr, /usr/local/BGBillingServer/lib/commons-logging.jar mr, /usr/local/BGBillingServer/lib/commons-pool-1.1.jar mr, /usr/local/BGBillingServer/lib/cos.jar mr, /usr/local/BGBillingServer/lib/dialup.jar mr, /usr/local/BGBillingServer/lib/fop-hyph.jar mr, /usr/local/BGBillingServer/lib/fop.jar mr, /usr/local/BGBillingServer/lib/gnu-crypto.jar mr, /usr/local/BGBillingServer/lib/image-filters.jar mr, /usr/local/BGBillingServer/lib/jasper-compiler-jdt.jar mr, /usr/local/BGBillingServer/lib/jasper-compiler.jar mr, /usr/local/BGBillingServer/lib/jasper-jdt.jar mr, /usr/local/BGBillingServer/lib/jasper-runtime.jar mr, /usr/local/BGBillingServer/lib/jasper.jar mr, /usr/local/BGBillingServer/lib/jasperreports.jar mr, /usr/local/BGBillingServer/lib/jcommon.jar mr, /usr/local/BGBillingServer/lib/jetty-util.jar mr, /usr/local/BGBillingServer/lib/jetty.jar mr, /usr/local/BGBillingServer/lib/jfreechart.jar mr, /usr/local/BGBillingServer/lib/jsch.jar mr, /usr/local/BGBillingServer/lib/jstl.jar mr, /usr/local/BGBillingServer/lib/ldap.jar mr, /usr/local/BGBillingServer/lib/log4j-1.2.8.jar mr, /usr/local/BGBillingServer/lib/mail.jar mr, /usr/local/BGBillingServer/lib/mysql-5.0.3.jar mr, /usr/local/BGBillingServer/lib/npay.jar mr, /usr/local/BGBillingServer/lib/reports.jar mr, /usr/local/BGBillingServer/lib/serializer.jar mr, /usr/local/BGBillingServer/lib/server.jar mr, /usr/local/BGBillingServer/lib/servlet.jar mr, /usr/local/BGBillingServer/lib/smack.jar mr, /usr/local/BGBillingServer/lib/smackx.jar mr, /usr/local/BGBillingServer/lib/snmp4_13.jar mr, /usr/local/BGBillingServer/lib/standard.jar mr, /usr/local/BGBillingServer/lib/struts-core.jar mr, /usr/local/BGBillingServer/lib/struts-taglib.jar mr, /usr/local/BGBillingServer/lib/struts-tiles.jar mr, /usr/local/BGBillingServer/lib/tomcat-coyote.jar mr, /usr/local/BGBillingServer/lib/tomcat-juli.jar mr, /usr/local/BGBillingServer/lib/xalan.jar mr, /usr/local/BGBillingServer/lib/xercesImpl.jar mr, /usr/local/BGBillingServer/log/dataloader.log w, /usr/local/BGBillingServer/log/scheduler.log w, /usr/local/BGBillingServer/log/scheduler.out w, /usr/local/BGBillingServer/log/script.log w, /usr/local/BGBillingServer/log/server.log w, /usr/share/zoneinfo/ r, } about 1 year ago andrew 85 gankov Edit History
opensuse10.3 /usr/bin/ssh #include <tunables/global> /usr/bin/ssh flags=(complain) { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/nameservice> #include <abstractions/user-tmp> capability setgid, capability setuid, /bin/bash ixr, /etc/gai.conf r, /etc/ssh/ssh_config r, /home/*/.ssh/known_hosts ar, /proc/meminfo r, /root/.Xauthority rw, /root/.Xauthority-c w, /root/.Xauthority-l lw, /root/.ssh/ w, /root/.ssh/known_hosts rw, /usr/bin/ssh mr, /usr/bin/xauth ixr, /var/run/nscd/* r, } about 1 year ago Initial Setup 99 PsychoDad Edit History
opensuse10.3 /usr/bin/metacity #include <tunables/global> /usr/bin/metacity { #include <abstractions/base> #include <abstractions/gnome> #include <abstractions/nameservice> /home/*/.ICEauthority r, /home/*/.Xauthority r, /home/*/.fontconfig/* r, /home/*/.metacity/sessions/* w, /proc/meminfo r, /usr/bin/bug-buddy ixr, /usr/bin/metacity mr, } about 1 year ago Import of jmichaels profiles 113 dominic Edit History
opensuse10.3 /usr/lib/gnome-panel/mixer_applet2 #include <tunables/global> /usr/lib/gnome-panel/mixer_applet2 { #include <abstractions/audio> #include <abstractions/base> #include <abstractions/fonts> #include <abstractions/gnome> #include <abstractions/kde> #include <abstractions/nameservice> /etc/gnome-vfs-2.0/modules/ r, /etc/sound/events/gtk-events-2.soundlist r, /home/*/.Xauthority r, /home/*/.esd_auth r, /home/*/.fontconfig/* r, /home/*/.gnome2_private/ w, /home/*/.gstreamer-0.10/registry.i686.xml r, /home/*/.icons/ r, /home/*/.local/share/icons/ r, /proc/meminfo r, /tmp/orbit-*/bonobo-activation-register.lock klrw, /usr/bin/bug-buddy ixr, /usr/lib/gnome-panel/mixer_applet2 mr, /usr/share/gnome-2.0/ui/GNOME_MixerApplet.xml r, } about 1 year ago Import of jmichaels profiles 107 dominic Edit History
opensuse10.3 /home/dominic/bin/test_lock.pl #include <tunables/global> /home/dominic/bin/test_lock.pl flags=(complain) { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/nameservice> /bin/bash ixr, /bin/ls ixmr, /home/dominic/bin/test_lock.pl mr, /home/dominic/lock_test kw, /home/dominic/src/svn/ r, /home/dominic/src/svn/novell/ r, /home/dominic/src/svn/novell/trunk.dev/** r, /tmp/ r, /usr/bin/flock ixr, /var/tmp/ r, } over 2 years ago stuff 110 dominic_2 Edit History
opensuse10.3 /usr/sbin/httpd2-prefork #include <tunables/global> /usr/sbin/httpd2-prefork { #include <abstractions/base> /usr/sbin/httpd2-prefork mr, } /usr/sbin/httpd2-prefork//DEFAULT_URI { } /usr/sbin/httpd2-prefork//HANDLING_UNTRUSTED_INPUT { } about 1 month ago 13 taher Edit History
opensuse10.3 /usr/bin/skype #include <tunables/global> /usr/bin/skype { #include <abstractions/base> #include <abstractions/fonts> #include <abstractions/freedesktop.org> #include <abstractions/kde> #include <abstractions/nameservice> /dev/snd/controlC0 rw, /dev/snd/pcmC0D0c mrw, /dev/snd/pcmC0D0p mrw, /dev/snd/pcmC0D1c mrw, /dev/snd/pcmC0D1p mrw, /dev/snd/timer r, /dev/video0 rw, /etc/gai.conf r, /home/*/ r, /home/*/* krw, /home/*/.Skype/ rw, /home/*/.Skype/** krw, /home/*/.config/Trolltech.conf krw, /home/*/.fontconfig/** r, /home/*/.kde/share/config/kioslaverc r, /proc/interrupts r, /proc/net/route r, /proc/sys/kernel/osrelease r, /proc/sys/kernel/ostype r, /usr/*/ooo-2.0/share/fonts/** mr, /usr/bin/gconftool-2 ux, /usr/bin/skype mr, /usr/bin/xdg-open Ux, /usr/lib/** mr, /usr/share/alsa/** r, /usr/share/fonts/** mr, /usr/share/ghostscript/fonts/** mr, /usr/share/locale/** mr, /usr/share/skype/ r, /usr/share/skype/** kmr, } about 1 year ago 86 woro Edit History
opensuse10.3 /sbin/unix2_chkpwd #include <tunables/global> /sbin/unix2_chkpwd { #include <abstractions/authentication> #include <abstractions/base> #include <abstractions/nameservice> /sbin/unix2_chkpwd mr, } about 1 year ago none 100 cinimod Edit History
opensuse10.3 /sbin/ldconfig #include <tunables/global> /sbin/ldconfig flags=(complain) { #include <abstractions/base> /etc/ld.so.cache mrw, /etc/ld.so.cache~ rw, /etc/ld.so.conf r, /etc/ld.so.conf.d/ r, /etc/ld.so.conf.d/* r, /lib/ r, /opt/kde3/lib/ r, /sbin/ldconfig mr, /usr/X11R6/lib/ r, /usr/lib/ r, /usr/lib/** mrw, /usr/local/lib/ r, /var/cache/ldconfig/aux-cache rw, /var/cache/ldconfig/aux-cache~ rw, } about 1 year ago 120 overwrite Edit History
opensuse10.3 /usr/sbin/alias_manager.pl #include <tunables/global> /usr/sbin/alias_manager.pl { #include <abstractions/base> #include <abstractions/nameservice> #include <abstractions/perl> /etc/sympa/ r, /etc/sympa/auth.conf r, /etc/sympa/sympa.conf r, /etc/sympa/wwsympa.conf r, /usr/bin/CAS.pm r, /usr/bin/Conf.pm r, /usr/bin/Language.pm r, /usr/bin/Log.pm r, /usr/bin/Version.pm r, /usr/bin/perl ix, /usr/bin/tools.pl r, /usr/bin/tt2.pl r, /usr/bin/wwslib.pm r, /usr/sbin/alias_manager.pl mr, /usr/share/sympa/* r, /var/log/apache2/error_log w, } about 1 year ago 96 arclyde Edit History
opensuse10.3 /usr/bin/amule #include <tunables/global> /usr/bin/amule flags=(complain) { #include <abstractions/base> /usr/bin/amule mr, } about 1 year ago 93 caidoberco Edit History
opensuse10.3 /usr/bin/pidgin #include <tunables/global> /usr/bin/pidgin { #include <abstractions/base> #include <abstractions/dbus> #include <abstractions/fonts> #include <abstractions/gnome> #include <abstractions/kde> #include <abstractions/nameservice> /bin/netstat Px, /etc/gai.conf r, /home/*/.ICEauthority r, /home/*/.Xauthority r, /home/*/.fontconfig/* r, /home/*/.gstreamer-0.10/registry.i686.xml rw, /home/*/.gstreamer-0.10/registry.i686.xml.tmp* rw, /home/*/.icons/ r, /home/*/.local/share/icons/ r, /home/*/.purple/ r, /home/*/.purple/** rw, /home/*/.purple/cap.db krw, /proc/meminfo r, /usr/bin/gconftool-2 Px, /usr/bin/gnome-open Px, /usr/bin/pidgin mr, /usr/lib/pidgin/*.so mr, /usr/lib/purple-2/*.so mr, /usr/share/tcl/tcl*/encoding/*.enc r, /var/cache/libx11/compose/* r, } about 1 year ago Import of jmichaels profiles 120 dominic Edit History
opensuse10.3 /usr/lib/gnome-panel/mixer_applet2 #include <tunables/global> /usr/lib/gnome-panel/mixer_applet2 { #include <abstractions/audio> #include <abstractions/base> #include <abstractions/fonts> #include <abstractions/gnome> #include <abstractions/kde> #include <abstractions/nameservice> /etc/gnome-vfs-2.0/modules/ r, /etc/sound/events/gtk-events-2.soundlist r, /home/*/.Xauthority r, /home/*/.esd_auth r, /home/*/.fontconfig/* r, /home/*/.gnome2_private/ w, /home/*/.gstreamer-0.10/registry.i686.xml r, /home/*/.icons/ r, /home/*/.local/share/icons/ r, /proc/meminfo r, /tmp/orbit-*/bonobo-activation-register.lock klrw, /usr/bin/bug-buddy ixr, /usr/lib/gnome-panel/mixer_applet2 mr, /usr/share/gnome-2.0/ui/GNOME_MixerApplet.xml r, } about 1 year ago none 84 cinimod Edit History
opensuse10.3 /usr/bin/compiz #include <tunables/global> /usr/bin/compiz { #include <abstractions/X> #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/freedesktop.org> #include <abstractions/nameservice> #include <abstractions/user-tmp> /bin/bash ixr, /home/*/ r, /home/*/.ICEauthority r, /home/*/.Xauthority r, /proc/meminfo r, /proc/sys/kernel/ngroups_max r, /usr/bin/compiz ixmr, /usr/bin/gtk-window-decorator Px, /usr/share/compiz/*.png r, /usr/share/compiz/*.xml r, } about 1 year ago Import of jmichaels profiles 116 dominic Edit History
opensuse10.3 /sbin/unix2_chkpwd #include <tunables/global> /sbin/unix2_chkpwd { #include <abstractions/authentication> #include <abstractions/base> #include <abstractions/nameservice> /sbin/unix2_chkpwd mr, } about 1 year ago Import of jmichaels profiles 112 dominic Edit History
opensuse10.3 /usr/bin/beagled #include <tunables/global> /usr/bin/beagled flags=(complain) { #include <abstractions/X> #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/nameservice> #include <abstractions/user-tmp> /bin/bash ixr, /bin/ps Px, /bin/sleep Px, /etc/fstab r, /etc/mono/2.0/machine.config r, /etc/mono/config r, /home/** rw, /home/*/.beagle/Indexes/**.db krw, /home/*/.beagle/TextCache/TextCache.db krw, /home/*/.wapi/shared_data-* mrw, /home/*/.wapi/shared_fileshare-* mrw, /proc/*/maps r, /proc/*/status r, /proc/acpi/ac_adapter/AC/state r, /proc/loadavg r, /proc/meminfo r, /proc/stat r, /proc/sys/fs/inotify/max_queued_events r, /proc/sys/fs/inotify/max_user_instances r, /proc/sys/fs/inotify/max_user_watches r, /proc/sys/kernel/ngroups_max r, /proc/uptime r, /tmp/orbit-*/bonobo-activation-register.lock klrw, /usr/bin/beagled mr, /usr/bin/mono ixr, /usr/bin/totem-video-indexer Px, /usr/lib/beagle/*.dll mr, /usr/lib/beagle/Backends/*.dll mr, /usr/lib/beagle/BeagleDaemon.exe mr, /usr/lib/beagle/Filters/*.dll mr, /usr/lib/beagle/beagled-index-helper Px, /usr/lib/mono/2.0/mscorlib.dll mr, /usr/lib/mono/gac/**.dll mr, /var/cache/beagle/indexes/ r, /var/cache/beagle/indexes/applications/Locks/ r, /var/cache/beagle/indexes/applications/fingerprint r, /var/cache/beagle/indexes/applications/version r, /var/cache/beagle/indexes/documentation/Locks/ r, /var/cache/beagle/indexes/documentation/fingerprint r, /var/cache/beagle/indexes/documentation/version r, /var/tmp/ rw, } over 2 years ago argh, switch things back to complain for a while 144 jmichael Edit History
opensuse10.3 /usr/sbin/traceroute # $Id: usr.sbin.traceroute 697 2007-05-25 03:09:30Z steve-beattie $ # ------------------------------------------------------------------ # # Copyright (C) 2002-2005 Novell/SUSE # # This program is free software; you can redistribute it and/or # modify it under the terms of version 2 of the GNU General Public # License published by the Free Software Foundation. # # ------------------------------------------------------------------ #include <tunables/global> /usr/sbin/traceroute { #include <abstractions/base> #include <abstractions/consoles> #include <abstractions/nameservice> capability net_raw, /usr/sbin/traceroute rmix, @{PROC}/net/route r, } over 2 years ago Initial Revision 140 novell Edit History
opensuse10.3 /usr/bin/pidgin #include <tunables/global> /usr/bin/pidgin { #include <abstractions/base> #include <abstractions/dbus> #include <abstractions/fonts> #include <abstractions/gnome> #include <abstractions/kde> #include <abstractions/nameservice> /bin/netstat Px, /etc/gai.conf r, /home/*/.ICEauthority r, /home/*/.Xauthority r, /home/*/.fontconfig/* r, /home/*/.gstreamer-0.10/registry.i686.xml rw, /home/*/.gstreamer-0.10/registry.i686.xml.tmp* rw, /home/*/.icons/ r, /home/*/.local/share/icons/ r, /home/*/.purple/ r, /home/*/.purple/** rw, /home/*/.purple/cap.db krw, /proc/meminfo r, /usr/bin/gconftool-2 Px, /usr/bin/gnome-open Px, /usr/bin/pidgin mr, /usr/lib/pidgin/*.so mr, /usr/lib/purple-2/*.so mr, /usr/share/tcl/tcl*/encoding/*.enc r, /var/cache/libx11/compose/* r, } about 1 year ago none 84 cinimod Edit History
opensuse10.3 /usr/lib/firefox/firefox.sh #include <tunables/global> /usr/lib/firefox/firefox.sh { #include <abstractions/base> #include <abstractions/bash> capability dac_override, /bin/basename ixr, /bin/bash ixr, /bin/grep ixr, /dev/tty rw, /etc/magic r, /usr/bin/file ixr, /usr/lib/firefox/firefox Pxr, /usr/lib/firefox/firefox.sh mr, /usr/share/misc/magic.mgc r, } about 1 year ago changelog 73 tro Edit History
opensuse10.3 /usr/bin/compiz #include <tunables/global> /usr/bin/compiz { #include <abstractions/X> #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/freedesktop.org> #include <abstractions/nameservice> #include <abstractions/user-tmp> /bin/bash ixr, /home/*/ r, /home/*/.ICEauthority r, /home/*/.Xauthority r, /proc/meminfo r, /proc/sys/kernel/ngroups_max r, /usr/bin/compiz ixmr, /usr/bin/gtk-window-decorator Px, /usr/share/compiz/*.png r, /usr/share/compiz/*.xml r, } about 1 year ago none 92 cinimod Edit History
opensuse10.3 /usr/lib/firefox/firefox.sh #include <tunables/global> /usr/lib/firefox/firefox.sh flags=(complain) { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/user-tmp> /bin/basename Px, /bin/bash ixr, /bin/grep ixr, /bin/mktemp ixr, /etc/magic r, /home/*/.gdbinit r, /home/*/.inputrc r, /proc/*/auxv r, /proc/*/mem r, /proc/*/status r, /proc/meminfo r, /proc/sys/kernel/ngroups_max r, /usr/bin/file ixr, /usr/bin/gdb ixr, /usr/lib/firefox/firefox-bin Pxr, /usr/lib/firefox/firefox.sh mr, /usr/share/misc/magic.mgc r, } about 1 year ago firefox 83 vojta Edit History
opensuse10.3 /home/dominic/bin/test_lock.pl #include <tunables/global> /home/dominic/bin/test_lock.pl { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/nameservice> /bin/bash ixr, /bin/ls ixmr, /home/dominic/bin/test_lock.pl mr, /home/dominic/lock_test kw, /home/dominic/src/svn/ r, /home/dominic/src/svn/novell/ r, /home/dominic/src/svn/novell/trunk.dev/** r, /tmp/ r, /usr/bin/flock ixr, /var/tmp/ r, } about 1 year ago none 84 cinimod Edit History
opensuse10.3 /usr/bin/pidgin #include <tunables/global> /usr/bin/pidgin { #include <abstractions/audio> #include <abstractions/base> #include <abstractions/dbus> #include <abstractions/fonts> #include <abstractions/gnome> #include <abstractions/kde> #include <abstractions/nameservice> /home/*/.Xauthority r, /home/*/.fontconfig/* r, /home/*/.gnome2/** rw, /home/*/.gstreamer-0.10/*.xml r, /home/*/.icons/ r, /home/*/.purple/accels rw, /home/*/.purple/accounts.xml rw, /home/*/.purple/accounts.xml.save rw, /home/*/.purple/blist.xml rw, /home/*/.purple/blist.xml.save rw, /home/*/.purple/certificates/x509/tls_peers/im.novell.com r, /home/*/.purple/logs/** rw, /home/*/.purple/prefs.xml rw, /home/*/.purple/prefs.xml.save rw, /home/*/.purple/smileys/ r, /home/*/.purple/status.xml rw, /home/*/.purple/status.xml.save rw, /home/CRibeiro/.ICEauthority r, /usr/bin/gconftool-2 ixr, /usr/bin/gnome-open ixr, /usr/bin/pidgin mr, /usr/lib/** mr, /usr/share/tcl/tcl8.4/encoding/iso8859-1.enc r, } about 1 year ago 96 CRibeiro Edit History
opensuse10.3 /usr/bin/eog #include <tunables/global> /usr/bin/eog { #include <abstractions/X> #include <abstractions/base> #include <abstractions/gnome> #include <abstractions/kde> #include <abstractions/nameservice> #include <abstractions/user-tmp> /etc/gnome-vfs-2.0/modules/ r, /etc/mtab r, /etc/opt/kde3/share/applications/ r, /etc/opt/kde3/share/applications/mimeinfo.cache r, /etc/sound/events/gtk-events-2.soundlist r, /home/*/.esd_auth r, /home/*/.fontconfig/* r, /home/*/.gnome2/accels/eog rw, /home/*/.gnome2_private/ w, /home/*/.icons/ r, /home/*/.local/share/applications/ r, /home/*/.local/share/applications/*.desktop r, /home/*/.local/share/applications/defaults.list r, /home/*/.local/share/applications/mimeinfo.cache r, /home/*/.local/share/icons/ r, /home/*/.recently-used.xbel rw, /home/*/.recently-used.xbel.* rw, /home/*/.thumbnails/** rw, /home/*/Desktop/** r, /opt/kde3/share/applications/ r, /opt/kde3/share/applications/mimeinfo.cache r, /usr/bin/eog mr, /usr/share/applications/ r, /usr/share/applications/*.desktop r, /usr/share/applications/mimeinfo.cache r, /usr/share/eog/** r, /usr/share/gdm/applications/ r, /var/cache/gnome-vfs/defaults.list r, /var/cache/libx11/compose/* r, } about 1 year ago Import of jmichaels profiles 106 dominic Edit History
opensuse10.3 /usr/bin/totem-video-thumbnailer #include <tunables/global> /usr/bin/totem-video-thumbnailer { #include <abstractions/base> #include <abstractions/gnome> #include <abstractions/nameservice> /etc/gnome-vfs-2.0/modules/ r, /home/*/.gstreamer-0.10/registry.i686.xml r, /home/*/Desktop/** r, /usr/bin/totem-video-thumbnailer mr, } about 1 year ago Import of jmichaels profiles 110 dominic Edit History
opensuse10.3 /sbin/portmap #include <tunables/global> /sbin/portmap flags=(complain) { #include <abstractions/base> #include <abstractions/nameservice> #include <abstractions/nis> capability net_bind_service, capability setgid, capability setuid, /sbin/portmap mr, /var/run/portmap_mapping rw, } about 1 year ago portmap_changelog 122 security Edit History
opensuse10.3 /usr/lib/firefox/firefox.sh #include <tunables/global> /usr/lib/firefox/firefox.sh { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/user-tmp> /bin/basename Px, /bin/bash ixr, /bin/grep ixr, /bin/mktemp ixr, /etc/magic r, /home/*/.gdbinit r, /home/*/.inputrc r, /proc/*/auxv r, /proc/*/mem r, /proc/*/status r, /proc/meminfo r, /proc/sys/kernel/ngroups_max r, /usr/bin/file ixr, /usr/bin/gdb ixr, /usr/lib/firefox/firefox-bin Pxr, /usr/lib/firefox/firefox.sh mr, /usr/share/misc/magic.mgc r, } about 1 year ago Testing 85 dominic Edit History
opensuse10.3 /usr/sbin/httpd2-prefork # $Id: usr.sbin.httpd2-prefork 706 2007-05-31 06:58:22Z steve-beattie $ # ------------------------------------------------------------------ # # Copyright (C) 2002-2005 Novell/SUSE # # This program is free software; you can redistribute it and/or # modify it under the terms of version 2 of the GNU General Public # License published by the Free Software Foundation. # # ------------------------------------------------------------------ #include <tunables/global> /usr/sbin/httpd2-prefork flags=(complain) { #include <abstractions/base> #include <abstractions/consoles> #include <abstractions/kerberosclient> #include <abstractions/nameservice> #include <abstractions/perl> capability kill, capability net_bind_service, capability setgid, capability setuid, capability sys_tty_config, /dev/random r, /etc/apache2/*.conf r, /etc/apache2/magic r, /etc/apache2/mod_perl-startup.pl r, /etc/apache2/ssl.crt/*.crt r, /etc/apache2/ssl.key/*.key r, /etc/apache2/{conf,sysconfig,vhosts}.d/ r, /etc/apache2/{conf,sysconfig,vhosts}.d/* r, /etc/fstab r, /etc/mime.types r, /etc/mtab r, /etc/odbcinst.ini r, /etc/php.d/ r, /etc/php.d/** r, /etc/php.ini r, /srv/www/htdocs r, /srv/www/htdocs/** r, /srv/www/icons/*.{gif,jpg,png} r, /srv/www/vhosts r, /srv/www/vhosts/** r, /tmp/auth_ldap_cache.sem wl, /tmp/session_mm_apache0.sem wl, /tmp/session_mm_apache2handler0.sem wl, /usr/X11R6/lib/lib*.so* mr, /usr/X11R6/lib64/lib*.so* mr, /usr/apache2/error/* r, /usr/lib/apache2-leader/{lib,mod_}*.so* mr, /usr/lib/apache2-metuxmpm/{lib,mod_}*.so* mr, /usr/lib/apache2-prefork/{lib,mod_}*.so* mr, /usr/lib/apache2-worker/{lib,mod_}*.so* mr, /usr/lib/apache2/modules/{lib,mod_}*.so* mr, /usr/lib/apache2/{lib,mod_}*.so mr, /usr/lib/mysql/libmysql*.so* mr, /usr/lib/php/extensions/*.so mr, /usr/lib/php4/*.so mr, /usr/lib/python[12].[0-9]/**.{py,pyc,pth,so} mr, /usr/lib/python[12].[0-9]/site-packages r, /usr/lib/qt3/lib/lib*.so* mr, /usr/lib64/apache2-leader/{lib,mod_}*.so* mr, /usr/lib64/apache2-metuxmpm/{lib,mod_}*.so* mr, /usr/lib64/apache2-prefork/{lib,mod_}*.so* mr, /usr/lib64/apache2-worker/{lib,mod_}*.so* mr, /usr/lib64/apache2/modules/{lib,mod_}*.so* mr, /usr/lib64/apache2/{lib,mod_}*.so* mr, /usr/lib64/mysql/libmysql*.so* mr, /usr/lib64/php/extensions/*.so mr, /usr/lib64/php4/*.so mr, /usr/lib64/python[12].[0-9]/**.{py,pyc,pth,so} mr, /usr/lib64/python[12].[0-9]/site-packages r, /usr/lib64/qt3/lib/lib*.so* mr, /usr/local/tomcat/conf/mod_jk.conf r, /usr/local/tomcat/conf/workers-ajp12.properties r, /usr/sbin/httpd2-prefork r, /usr/sbin/suexec2 mixr, /usr/share/apache2/** r, /usr/share/apache2/error/* r, /usr/share/apache2/error/include/* r, /usr/share/misc/magic.mime r, /usr/share/snmp/mibs r, /usr/share/snmp/mibs/*.{txt,mib} r, /usr/share/snmp/mibs/.index wr, /usr/share/ssl/openssl.cnf r, /var/lib/php/sess_* rwl, /var/lock/httpd2.lock.* wl, /var/log/apache2/* rwl, /var/log/apache2/** rwl, /var/log/httpd/ssl_scache.dir r, /var/log/httpd/ssl_scache.pag r, /var/run/httpd2.mm.* wl, /var/run/httpd2.pid wl, /var/www/error/* r, /var/www/html/** r, /var/www/icons/*.{gif,jpg,png} r, @{HOME}/public_html r, @{HOME}/public_html/** r, } /usr/sbin/httpd2-prefork//DEFAULT_URI flags=(complain) { #include <abstractions/base> #include <abstractions/nameservice> /srv/www/htdocs r, /srv/www/htdocs/** r, /srv/www/icons/*.{gif,jpg,png} r, /srv/www/vhosts r, /srv/www/vhosts/** r, /usr/sbin/suexec2 mixr, /usr/share/apache2/** r, /var/lib/php/sess_* rwl, /var/log/apache2/** rwl, /var/www/error/* r, /var/www/html/** r, /var/www/icons/*.{gif,jpg,png} r, @{HOME}/public_html r, @{HOME}/public_html/** r, } /usr/sbin/httpd2-prefork//HANDLING_UNTRUSTED_INPUT flags=(complain) { #include <abstractions/nameservice> /**.htaccess r, /var/log/apache2/* w, } over 2 years ago 141 kungfu Edit History
opensuse10.3 /usr/bin/eog #include <tunables/global> /usr/bin/eog { #include <abstractions/X> #include <abstractions/base> #include <abstractions/gnome> #include <abstractions/kde> #include <abstractions/nameservice> #include <abstractions/user-tmp> /etc/gnome-vfs-2.0/modules/ r, /etc/mtab r, /etc/opt/kde3/share/applications/ r, /etc/opt/kde3/share/applications/mimeinfo.cache r, /etc/sound/events/gtk-events-2.soundlist r, /home/*/.esd_auth r, /home/*/.fontconfig/* r, /home/*/.gnome2/accels/eog rw, /home/*/.gnome2_private/ w, /home/*/.icons/ r, /home/*/.local/share/applications/ r, /home/*/.local/share/applications/*.desktop r, /home/*/.local/share/applications/defaults.list r, /home/*/.local/share/applications/mimeinfo.cache r, /home/*/.local/share/icons/ r, /home/*/.recently-used.xbel rw, /home/*/.recently-used.xbel.* rw, /home/*/.thumbnails/** rw, /home/*/Desktop/** r, /opt/kde3/share/applications/ r, /opt/kde3/share/applications/mimeinfo.cache r, /usr/bin/eog mr, /usr/share/applications/ r, /usr/share/applications/*.desktop r, /usr/share/applications/mimeinfo.cache r, /usr/share/eog/** r, /usr/share/gdm/applications/ r, /var/cache/gnome-vfs/defaults.list r, /var/cache/libx11/compose/* r, } about 1 year ago none 85 cinimod Edit History
opensuse10.3 /usr/bin/totem-video-thumbnailer #include <tunables/global> /usr/bin/totem-video-thumbnailer { #include <abstractions/base> #include <abstractions/gnome> #include <abstractions/nameservice> /etc/gnome-vfs-2.0/modules/ r, /home/*/.gstreamer-0.10/registry.i686.xml r, /home/*/Desktop/** r, /usr/bin/totem-video-thumbnailer mr, } about 1 year ago none 85 cinimod Edit History
opensuse10.3 /home/dominic/bin/test2_lock.pl #include <tunables/global> /home/dominic/bin/test2_lock.pl { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/nameservice> /bin/bash ixr, /bin/ls ixmr, /home/dominic/bin/test2_lock.pl mr, /home/dominic/lock_test kw, /home/dominic/src/svn/ r, /home/dominic/src/svn/novell/ r, /home/dominic/src/svn/novell/**/ r, /home/dominic/src/svn/novell/trunk.dev/** r, /tmp/ r, /usr/bin/flock ixr, /var/tmp/ r, } about 1 year ago none 88 cinimod Edit History
opensuse10.3 /usr/bin/manpath #include <tunables/global> /usr/bin/manpath flags=(complain) { #include <abstractions/base> /etc/manpath.config r, /usr/bin/manpath mr, } over 2 years ago argh, switch things back to complain for a while 117 jmichael Edit History
opensuse10.3 /usr/lib/bonobo/bonobo-activation-server #include <tunables/global> /usr/lib/bonobo/bonobo-activation-server flags=(complain) { #include <abstractions/base> #include <abstractions/nameservice> #include <abstractions/user-tmp> /etc/bonobo-activation/bonobo-activation-config.xml r, /usr/bin/tomboy-panel Px, /usr/lib/bonobo/bonobo-activation-server mr, /usr/lib/gnome-main-menu/main-menu Px, /usr/lib/gnome-panel/mixer_applet2 Px, } over 2 years ago few more profile tweaks 148 jmichael Edit History
opensuse10.3 /usr/lib/firefox/firefox.sh #include <tunables/global> /usr/lib/firefox/firefox.sh { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/user-tmp> /bin/basename Px, /bin/bash ixr, /bin/grep ixr, /bin/mktemp ixr, /etc/magic r, /home/*/.gdbinit r, /home/*/.inputrc r, /proc/*/auxv r, /proc/*/mem r, /proc/*/status r, /proc/meminfo r, /proc/sys/kernel/ngroups_max r, /usr/bin/file ixr, /usr/bin/gdb ixr, /usr/lib/firefox/firefox-bin Pxr, /usr/lib/firefox/firefox.sh mr, /usr/share/misc/magic.mgc r, } about 1 year ago none 86 cinimod Edit History
opensuse10.3 /usr/sbin/traceroute # $Id: usr.sbin.traceroute 933 2007-08-17 22:46:56Z DominicReynolds_ $ # ------------------------------------------------------------------ # # Copyright (C) 2002-2005 Novell/SUSE # # This program is free software; you can redistribute it and/or # modify it under the terms of version 2 of the GNU General Public # License published by the Free Software Foundation. # # ------------------------------------------------------------------ #include <tunables/global> /usr/sbin/traceroute { #include <abstractions/base> #include <abstractions/consoles> #include <abstractions/nameservice> capability net_raw, /usr/sbin/traceroute rmix, @{PROC}/net/route r, } about 1 year ago none 81 cinimod Edit History
opensuse10.3 /usr/bin/which #include <tunables/global> /usr/bin/which { #include <abstractions/base> /usr/bin/which mrpx, } 6 months ago /usr/lib/seamonkey/seamonkey-bin 61 internet2 Edit History
opensuse10.3 /usr/sbin/cupsd #include <tunables/global> /usr/sbin/cupsd flags=(complain) { #include <abstractions/authentication> #include <abstractions/base> #include <abstractions/nameservice> capability chown, capability dac_override, capability fsetid, capability net_bind_service, network inet dgram, network inet stream, network inet6 dgram, network inet6 stream, /etc/cups/ r, /etc/cups/* r, /etc/gai.conf r, /etc/printcap w, /proc/net/ r, /proc/net/unix r, /usr/lib/cups/filter/rastertoz600 ixr, /usr/lib/cups/notifier/ r, /usr/sbin/cupsd mr, /usr/share/cups/** r, /var/cache/cups/job.cache rw, /var/cache/cups/remote.cache rw, /var/log/cups/access_log rw, /var/log/cups/error_log rw, /var/run/cups/certs/* w, /var/run/cups/cups.sock w, /var/run/nscd/services r, /var/spool/cups/tmp/ r, } about 1 year ago changes 99 security Edit History
opensuse10.3 /bin/netstat #include <tunables/global> /bin/netstat { #include <abstractions/base> #include <abstractions/nameservice> capability dac_override, capability sys_ptrace, /bin/netstat mr, /etc/networks r, /proc/ r, /proc/*/cmdline r, /proc/*/fd/ r, /proc/net/ r, /proc/net/* r, } about 1 year ago firefox 86 vojta Edit History
opensuse10.3 /usr/local/bin/mkntpwd #include <tunables/global> /usr/local/bin/mkntpwd { #include <abstractions/base> /usr/local/bin/mkntpwd mr, } about 1 year ago 113 arclyde Edit History
opensuse10.3 /usr/bin/mkfontscale #include <tunables/global> /usr/bin/mkfontscale { #include <abstractions/base> /home/*/ r, /home/*/.fonts/ r, /home/*/.fonts/fonts.dir rw, /usr/bin/mkfontscale mr, } about 1 year ago none 77 cinimod Edit History
opensuse10.3 /home/dominic/bin/mytest #include <tunables/global> /home/dominic/bin/mytest { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/nameservice> /bin/bash ixr, /home/dominic/bin/mycat Px, /home/dominic/bin/myls Px, /home/dominic/bin/mytest mr, } over 2 years ago stuff 175 dominic_2 Edit History
opensuse10.3 /etc/sysconfig/network/scripts/ifup-services #include <tunables/global> /etc/sysconfig/network/scripts/ifup-services { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> /bin/bash ixr, /etc/sysconfig/network/config r, /etc/sysconfig/network/scripts/functions r, /etc/sysconfig/network/scripts/functions.common r, /etc/sysconfig/network/scripts/ifup-services mr, /proc/meminfo r, } about 1 year ago none 83 cinimod Edit History
opensuse10.3 /usr/bin/pidgin #include <tunables/global> /usr/bin/pidgin { #include <abstractions/audio> #include <abstractions/base> #include <abstractions/dbus> #include <abstractions/fonts> #include <abstractions/gnome> #include <abstractions/kde> #include <abstractions/nameservice> / r, /Archiv/** r, /bin/mount Ux, /bin/netstat Px, /etc/gai.conf r, /etc/gnome-vfs-2.0/modules/ r, /etc/mtab r, /home/ r, /home/*/ r, /home/*/.ICEauthority r, /home/*/.Xauthority r, /home/*/.bash_history r, /home/*/.bashrc r, /home/*/.beagle/socket w, /home/*/.cedegarc r, /home/*/.config/gtk-2.0/* rw, /home/*/.dmrc r, /home/*/.dvipsrc r, /home/*/.emacs r, /home/*/.exrc r, /home/*/.fontconfig/* r, /home/*/.gpilotd.pid r, /home/*/.gstreamer-0.10/registry.i686.xml rw, /home/*/.gstreamer-0.10/registry.i686.xml.tmp* rw, /home/*/.gtkrc-1.2-gnome2 r, /home/*/.icons/ r, /home/*/.inputrc r, /home/*/.kermrc r, /home/*/.local/share/icons/ r, /home/*/.local/share/icons/75c6_vampire.0.xpm r, /home/*/.local/share/mime/aliases r, /home/*/.local/share/mime/globs r, /home/*/.local/share/mime/magic r, /home/*/.local/share/mime/subclasses r, /home/*/.mailcap r, /home/*/.muttrc r, /home/*/.opensuse-updater-gnome r, /home/*/.profile r, /home/*/.purple/ r, /home/*/.purple/** rw, /home/*/.purple/cap.db krw, /home/*/.realplayerrc r, /home/*/.recently-used r, /home/*/.recently-used.xbel.* rw, /home/*/.urlview r, /home/*/.viminfo r, /home/*/.windows-label r, /home/*/.xcoralrc r, /home/*/.xim.template r, /home/*/.xinitrc.template r, /home/*/.xsession-errors r, /home/*/.xtalkrc r, /home/*/Desktop/ w, /home/*/Desktop/* rw, /proc/meminfo r, /tmp/orbit-overwrite/bonobo-activation-register.lock klrw, /usr/bin/bug-buddy ixr, /usr/bin/gconftool-2 Px, /usr/bin/gnome-mount ixr, /usr/bin/gnome-open Px, /usr/bin/pidgin mr, /usr/lib/pidgin/*.so mr, /usr/lib/purple-2/*.so mr, /usr/share/** r, /var/cache/libx11/compose/* r, } about 1 year ago 115 overwrite Edit History
opensuse10.3 /usr/lib/gnome-vfs-2.0/gnome-vfs-daemon #include <tunables/global> /usr/lib/gnome-vfs-2.0/gnome-vfs-daemon flags=(complain) { #include <abstractions/base> #include <abstractions/dbus> #include <abstractions/gnome> #include <abstractions/nameservice> /etc/ r, /etc/fstab r, /etc/gnome-vfs-2.0/modules/ r, /etc/mtab r, /proc/*/mounts r, /usr/lib/gnome-vfs-2.0/gnome-vfs-daemon mr, } over 2 years ago argh, switch things back to complain for a while 122 jmichael Edit History
opensuse10.3 /bin/basename #include <tunables/global> /bin/basename { #include <abstractions/base> /bin/basename mr, } about 1 year ago none 87 cinimod Edit History
opensuse10.3 /usr/lib/gnome-screensaver/gnome-screensaver-gl-helper #include <tunables/global> /usr/lib/gnome-screensaver/gnome-screensaver-gl-helper flags=(complain) { #include <abstractions/X> #include <abstractions/base> #include <abstractions/nameservice> /home/*/.Xauthority r, /usr/lib/gnome-screensaver/gnome-screensaver-gl-helper mr, } over 2 years ago argh, switch things back to complain for a while 110 jmichael Edit History
opensuse10.3 /usr/bin/gsf-office-thumbnailer #include <tunables/global> /usr/bin/gsf-office-thumbnailer { #include <abstractions/base> /home/*/Documents/** r, /usr/bin/gsf-office-thumbnailer mr, } about 1 year ago none 80 cinimod Edit History
opensuse10.3 /etc/sysconfig/network/scripts/ifup-services #include <tunables/global> /etc/sysconfig/network/scripts/ifup-services { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> /bin/bash ixr, /etc/sysconfig/network/config r, /etc/sysconfig/network/scripts/functions r, /etc/sysconfig/network/scripts/functions.common r, /etc/sysconfig/network/scripts/ifup-services mr, /proc/meminfo r, } about 1 year ago Import of jmichaels profiles 116 dominic Edit History
opensuse10.3 /bin/basename #include <tunables/global> /bin/basename { #include <abstractions/base> /bin/basename mr, } about 1 year ago Import of jmichaels profiles 106 dominic Edit History
opensuse10.3 /usr/bin/gnome-screensaver-preferences #include <tunables/global> /usr/bin/gnome-screensaver-preferences flags=(complain) { #include <abstractions/base> /usr/bin/gnome-screensaver-preferences mr, } over 2 years ago argh, switch things back to complain for a while 126 jmichael Edit History
opensuse10.3 /usr/lib64/firefox/firefox-bin #include <tunables/global> /usr/lib64/firefox/firefox-bin flags=(complain) { #include <abstractions/base> #include <abstractions/nameservice> /bin/netstat ixr, /etc/esd.conf r, /etc/fonts/** r, /etc/gai.conf r, /etc/gconf/2/path r, /etc/gconf/gconf.xml.defaults/ r, /etc/gconf/gconf.xml.mandatory/ r, /etc/gconf/gconf.xml.schemas/ r, /etc/gconf/gconf.xml.schemas/desktop/ r, /etc/gconf/gconf.xml.schemas/desktop/gnome/ r, /etc/gconf/gconf.xml.schemas/desktop/gnome/interface/%gconf.xml r, /etc/gconf/gconf.xml.schemas/desktop/gnome/sound/%gconf.xml r, /etc/gconf/gconf.xml.schemas/schemas/ r, /etc/gconf/gconf.xml.schemas/schemas/desktop/ r, /etc/gconf/gconf.xml.schemas/schemas/desktop/gnome/ r, /etc/gconf/gconf.xml.schemas/schemas/desktop/gnome/interface/%gconf.xml r, /etc/gconf/gconf.xml.schemas/schemas/desktop/gnome/sound/%gconf.xml r, /etc/gnome-vfs-2.0/modules/ r, /etc/gnome-vfs-2.0/modules/default-modules.conf r, /etc/gnome-vfs-2.0/modules/smb-module.conf r, /etc/gnome-vfs-2.0/modules/ssl-modules.conf r, /etc/gtk-2.0/gdk-pixbuf64.loaders r, /etc/gtk-2.0/gtk64.immodules r, /etc/gtk-2.0/gtkrc r, /etc/mailcap r, /etc/mime.types r, /etc/mtab r, /etc/opt/kde3/share/applications/ r, /etc/opt/kde3/share/applications/mimeinfo.cache r, /etc/sound/events/gtk-events-2.soundlist r, /home/*/.ICEauthority r, /home/*/.Xauthority r, /home/*/.beagle/ToIndex/* w, /home/*/.config/qtcurvestylerc r, /home/*/.fontconfig/d35b326329d1d49bdbe169c31d59d502-x86-64.cache-2 r, /home/*/.gconf/ r, /home/*/.gconf/.testing.writeability w, /home/*/.gconfd/saved_state rw, /home/*/.gconfd/saved_state.orig w, /home/*/.gconfd/saved_state.tmp rw, /home/*/.gnome2_private/ w, /home/*/.kde/share/config/gtkrc-2.0 r, /home/*/.kde/share/config/gtkrc-qtc rw, /home/*/.kde/share/config/kdeglobals r, /home/*/.local/share/applications/ r, /home/*/.mozilla/firefox/pluginreg.dat rw, /home/*/.mozilla/firefox/profiles.ini r, /home/*/.mozilla/firefox/r33mdq18.default/ r, /home/*/.mozilla/firefox/r33mdq18.default/** krw, /home/*/.qt/qtrc r, /opt/kde3/share/applications/ r, /opt/kde3/share/applications/mimeinfo.cache r, /proc/*/cmdline r, /proc/net/ r, /proc/net/dev r, /proc/net/if_inet6 r, /proc/net/unix r, /tmp/ r, /tmp/.ICE-unix/3628 w, /tmp/.X11-unix/X0 w, /tmp/gconfd-n5/ r, /tmp/gconfd-n5/lock/ w, /tmp/gconfd-n5/lock/* klrw, /tmp/orbit-n5/ w, /tmp/orbit-n5/* w, /tmp/plugtmp/ rw, /tmp/plugtmp/s w, /usr/lib/GConf/2/gconfd-2 ixr, /usr/lib64/** mr, /usr/share/X11/locale/compose.dir r, /usr/share/X11/locale/en_US.UTF-8/Compose r, /usr/share/X11/locale/en_US.UTF-8/XLC_LOCALE r, /usr/share/X11/locale/locale.alias r, /usr/share/X11/locale/locale.dir r, /usr/share/applications/ r, /usr/share/applications/mimeinfo.cache r, /usr/share/fonts/** r, /usr/share/ghostscript/fonts/** r, /usr/share/icons/DMZ/* r, /usr/share/icons/DMZ/cursors/hand2 r, /usr/share/icons/DMZ/cursors/left_ptr r, /usr/share/icons/DMZ/cursors/left_ptr_watch r, /usr/share/icons/DMZ/cursors/xterm r, /usr/share/locale-bundle/nb/LC_MESSAGES/* r, /usr/share/mime/aliases r, /usr/share/mime/application/* r, /usr/share/mime/globs r, /usr/share/mime/magic r, /usr/share/mime/subclasses r, /usr/share/themes/QtCurve/gtk-2.0/gtkrc r, /usr/share/themes/QtCurve/gtk-2.0/gtkrc-kde3 r, /var/cache/fontconfig/* r, /var/cache/gnome-vfs/defaults.list r, /var/cache/libx11/compose/* r, /var/run/dbus/system_bus_socket w, /var/tmp/ r, } over 2 years ago 214 kijo387 Edit History
opensuse10.3 /usr/bin/gsf-office-thumbnailer #include <tunables/global> /usr/bin/gsf-office-thumbnailer { #include <abstractions/base> /home/*/Documents/** r, /usr/bin/gsf-office-thumbnailer mr, } about 1 year ago Import of jmichaels profiles 110 dominic Edit History
opensuse10.3 /usr/sbin/NetworkManagerDispatcher #include <tunables/global> /usr/sbin/NetworkManagerDispatcher flags=(complain) { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/dbus> /bin/bash ixr, /etc/NetworkManager/dispatcher.d/ r, /etc/NetworkManager/dispatcher.d/autofs Px, /etc/NetworkManager/dispatcher.d/netcontrol_global_hooks Px, /etc/NetworkManager/dispatcher.d/netcontrol_services Px, /etc/NetworkManager/dispatcher.d/nfs Px, /etc/NetworkManager/dispatcher.d/privoxy Px, /proc/meminfo r, /usr/sbin/NetworkManagerDispatcher mr, /var/run/NetworkManagerDispatcher.pid w, } over 2 years ago argh, switch things back to complain for a while 138 jmichael Edit History
opensuse10.3 /etc/init.d/ntp #include <tunables/global> /etc/init.d/ntp { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/nameservice> #include <abstractions/nis> #include <abstractions/wutmp> capability kill, capability net_bind_service, capability setgid, capability setuid, capability sys_chroot, capability sys_ptrace, capability sys_time, capability sys_tty_config, /bin/bash ixr, /bin/cp ixr, /bin/rm ixr, /bin/stty ixr, /dev/blog w, /etc/gai.conf r, /etc/init.d/ntp ixr, /etc/ntp.conf r, /etc/rc.status r, /etc/sysconfig/ntp r, /proc/ r, /proc/*/stat r, /proc/*/statm r, /proc/meminfo r, /proc/net/if_inet6 r, /sbin/checkproc ixr, /sbin/killproc ixr, /sbin/startproc ixr, /usr/sbin/ntpd Pxmr, /usr/sbin/ntpdate Px, /var/lib/ntp/drift/ntp.drift r, /var/lib/ntp/etc/localtime w, /var/lib/ntp/var/run/ntp/ntpd.pid rw, /var/log/ntp a, /var/run/nscd/services r, } about 1 year ago none 72 cinimod Edit History
opensuse10.3 /home/roma/bin/Neliesti,netrinti/CONON PIXMA MP140/WWUFORedirectTarget.do #include <tunables/global> "/home/roma/bin/Neliesti,netrinti/CONON PIXMA MP140/WWUFORedirectTarget.do" flags=(complain) { #include <abstractions/base> "/home/roma/bin/Neliesti,netrinti/CONON PIXMA MP140/WWUFORedirectTarget.do" mr, } about 1 year ago roma 70 roma Edit History
opensuse10.3 /usr/bin/ekiga #include <tunables/global> /usr/bin/ekiga flags=(complain) { #include <abstractions/audio> #include <abstractions/base> #include <abstractions/dbus> #include <abstractions/fonts> #include <abstractions/gnome> #include <abstractions/kde> #include <abstractions/nameservice> /dev/ r, /dev/** r, /etc/gai.conf r, /etc/gnome-vfs-2.0/modules/ r, /etc/mtab r, /etc/sound/events/gtk-events-2.soundlist r, /home/*/.ICEauthority r, /home/*/.Xauthority r, /home/*/.beagle/socket w, /home/*/.config/qtcurvestylerc r, /home/*/.esd_auth r, /home/*/.fontconfig/* r, /home/*/.gnome2/gnomemeeting rw, /home/*/.gnome2_private/ w, /home/*/.icons/ r, /home/*/.kde/share/config/gtkrc-2.0 r, /home/*/.local/share/icons/ r, /home/*/.recently-used.xbel rw, /home/*/.recently-used.xbel.* rw, /opt/gnome/share/icons/ r, /opt/gnome/share/icons/Tango/icon-theme.cache r, /opt/gnome/share/icons/gnome/icon-theme.cache r, /opt/gnome/share/icons/hicolor/icon-theme.cache r, /opt/gnome/share/pixmaps/ r, /opt/kde3/share/pixmaps/ r, /proc/*/cmdline r, /proc/meminfo r, /proc/net/if_inet6 r, /tmp/orbit-*/bonobo-activation-register.lock klrw, /usr/bin/ekiga mr, /usr/lib/pwlib/devices/sound/*.so mr, /usr/lib/pwlib/devices/videoinput/*.so mr, /usr/lib64/** mr, /usr/local/share/icons/ r, /usr/local/share/icons/hicolor/icon-theme.cache r, /usr/local/share/pixmaps/ r, /usr/share/mime/**.xml r, /var/cache/libx11/compose/* r, } about 1 year ago ekiga-changelog 85 HutcH Edit History
opensuse10.3 /usr/sbin/httpd2-prefork #include <tunables/global> /usr/sbin/httpd2-prefork { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/nameservice> #include <abstractions/python> capability dac_override, capability kill, capability net_bind_service, capability setgid, capability setuid, / r, /bin/bash ixr, /etc/apache2/**.conf r, /etc/apache2/conf.d/ r, /etc/apache2/vhosts.d/ r, /etc/mime.types r, /etc/php5/apache2/php.ini r, /etc/php5/conf.d/ r, /etc/php5/conf.d/*.ini r, /proc/*/attr/current w, /repo/ r, /repo/gallery/ rw, /repo/gallery/** rw, /session_mm_apache2handler0.sem w, /srv/www/htdocs/** krw, /tmp/* rw, /usr/bin/unzip Px, /usr/bin/zip Px, /usr/lib/**.so mr, /usr/sbin/httpd2-prefork mr, /usr/share/apache2/error/HTTP_FORBIDDEN.html.var r, /usr/share/apache2/error/HTTP_NOT_FOUND.html.var r, /usr/share/apache2/error/contact.html.var r, /usr/share/apache2/error/include/bottom.html r, /usr/share/apache2/error/include/top.html r, /usr/share/mysql/charsets/Index.xml r, /usr/share/snmp/mibs/ r, /usr/share/snmp/mibs/*.txt r, /usr/share/snmp/mibs/.index r, /var/lib/mysql/mysql.sock w, /var/lib/php5/ w, /var/lib/php5/* krw, /var/log/apache2/access_log w, /var/log/apache2/error_log w, /var/run/httpd2.pid w, /var/run/nscd/services r, } /usr/sbin/httpd2-prefork///manual { /proc/*/attr/current w, /var/log/apache2/error_log w, } /usr/sbin/httpd2-prefork///~dominic/thinking-rock.ics { /home/*/public_html/thinking-rock.ics r, /proc/*/attr/current w, /var/log/apache2/access_log w, } /usr/sbin/httpd2-prefork//DEFAULT_URI { #include <abstractions/nameservice> /dev/urandom r, /home/*/**.html r, /proc/*/attr/current w, /srv/www/htdocs/** r, /usr/lib/locale/** r, /usr/share/**.var r, /usr/share/apache2/error/**.html r, /usr/share/locale/** r, /var/log/apache2/access_log w, /var/log/apache2/error_log w, } /usr/sbin/httpd2-prefork//HANDLING_UNTRUSTED_INPUT { #include <abstractions/nameservice> /proc/*/attr/current w, } over 2 years ago 273 alsuki Edit History
opensuse10.3 /sbin/ip #include <tunables/global> /sbin/ip { #include <abstractions/base> capability sys_module, /etc/iproute2/rt_scopes r, /proc/net/ r, /proc/net/unix r, /sbin/ip mr, } about 1 year ago none 90 cinimod Edit History
opensuse10.3 /usr/bin/xscreensaver #include <tunables/global> /usr/bin/xscreensaver { #include <abstractions/base> /usr/bin/xscreensaver mr, } about 1 year ago Import of jmichaels profiles 77 dominic Edit History
opensuse10.3 /etc/init.d/ntp #include <tunables/global> /etc/init.d/ntp { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/nameservice> #include <abstractions/nis> #include <abstractions/wutmp> capability kill, capability net_bind_service, capability setgid, capability setuid, capability sys_chroot, capability sys_ptrace, capability sys_time, capability sys_tty_config, /bin/bash ixr, /bin/cp ixr, /bin/rm ixr, /bin/stty ixr, /dev/blog w, /etc/gai.conf r, /etc/init.d/ntp ixr, /etc/ntp.conf r, /etc/rc.status r, /etc/sysconfig/ntp r, /proc/ r, /proc/*/stat r, /proc/*/statm r, /proc/meminfo r, /proc/net/if_inet6 r, /sbin/checkproc ixr, /sbin/killproc ixr, /sbin/startproc ixr, /usr/sbin/ntpd Pxmr, /usr/sbin/ntpdate Px, /var/lib/ntp/drift/ntp.drift r, /var/lib/ntp/etc/localtime w, /var/lib/ntp/var/run/ntp/ntpd.pid rw, /var/log/ntp a, /var/run/nscd/services r, } about 1 year ago Import of jmichaels profiles 82 dominic Edit History
opensuse10.3 /usr/lib/GConf/2/gconf-sanity-check-2 #include <tunables/global> /usr/lib/GConf/2/gconf-sanity-check-2 flags=(complain) { #include <abstractions/X> #include <abstractions/base> #include <abstractions/nameservice> #include <abstractions/user-tmp> /home/*/.Xauthority r, /tmp/gconf-test-locking-file-* klrw, /usr/lib/GConf/2/gconf-sanity-check-2 mr, } over 2 years ago argh, switch things back to complain for a while 114 jmichael Edit History
opensuse10.3 /usr/bin/package-manager #include <tunables/global> /usr/bin/package-manager { #include <abstractions/base> #include <abstractions/bash> /bin/bash ix, /usr/bin/package-manager mr, } about 1 year ago Import of jmichaels profiles 102 dominic Edit History
opensuse10.3 /sbin/ip #include <tunables/global> /sbin/ip { #include <abstractions/base> capability sys_module, /etc/iproute2/rt_scopes r, /proc/net/ r, /proc/net/unix r, /sbin/ip mr, } about 1 year ago Import of jmichaels profiles 99 dominic Edit History
opensuse10.3 /home/dominic/bin/test2_lock.pl #include <tunables/global> /home/dominic/bin/test2_lock.pl flags=(complain) { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/nameservice> /bin/bash ixr, /bin/ls ixmr, /home/dominic/bin/test2_lock.pl mr, /home/dominic/lock_test kw, /home/dominic/src/svn/ r, /home/dominic/src/svn/novell/ r, /home/dominic/src/svn/novell/**/ r, /home/dominic/src/svn/novell/trunk.dev/** r, /tmp/ r, /usr/bin/flock ixr, /var/tmp/ r, } over 2 years ago new stuff 126 dominic_2 Edit History
opensuse10.3 /usr/bin/xscreensaver #include <tunables/global> /usr/bin/xscreensaver { #include <abstractions/base> /usr/bin/xscreensaver mr, } about 1 year ago none 110 cinimod Edit History
opensuse10.3 /usr/bin/gnome-terminal #include <tunables/global> /usr/bin/gnome-terminal { #include <abstractions/base> #include <abstractions/consoles> #include <abstractions/fonts> #include <abstractions/gnome> #include <abstractions/kde> #include <abstractions/nameservice> capability sys_ptrace, /bin/bash Ux, /dev/ptmx rw, /etc/gnome-vfs-2.0/modules/ r, /etc/sound/events/gtk-events-2.soundlist r, /home/*/.ICEauthority r, /home/*/.Xauthority r, /home/*/.esd_auth r, /home/*/.fontconfig/* r, /home/*/.gnome2_private/ w, /proc/meminfo r, /tmp/orbit-*/bonobo-activation-register.lock klrw, /usr/bin/bug-buddy ixr, /usr/bin/gnome-terminal mr, /usr/lib/vte/gnome-pty-helper Px, /usr/share/terminfo/** r, /usr/share/vte/termcap/* r, /var/cache/libx11/compose/* r, } about 1 year ago Import of jmichaels profiles 88 dominic Edit History
opensuse10.3 /usr/bin/git #include <tunables/global> /usr/bin/git { #include <abstractions/base> /usr/bin/git mr, } over 2 years ago enforce mode 120 dominic Edit History
opensuse10.3 /usr/share/amsn/amsn #include <tunables/global> /usr/share/amsn/amsn flags=(complain) { #include <abstractions/base> #include <abstractions/bash> /bin/bash ix, /usr/share/amsn/amsn mr, } about 1 year ago 87 caidoberco Edit History
opensuse10.3 /usr/bin/opera # $Id: usr.bin.opera 725 2007-06-11 05:07:41Z seth_arnold $ # ------------------------------------------------------------------ # # Copyright (C) 2002-2005 Novell/SUSE # # This program is free software; you can redistribute it and/or # modify it under the terms of version 2 of the GNU General Public # License published by the Free Software Foundation. # # ------------------------------------------------------------------ #include <tunables/global> /usr/bin/opera flags=(complain) { #include <abstractions/X> #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/kde> #include <abstractions/nameservice> #include <abstractions/user-download> #include <abstractions/user-write> capability dac_override, / r, /bin/bash mix, /bin/sed mixr, /bin/true mixr, /etc/SuSE-release r, /etc/X11/.qt_plugins_3.3rc.lock rw, /etc/X11/.qtrc.lock rw, /etc/cups/client.conf r, /etc/cups/lpoptions r, /etc/opera6rc rw, /etc/opera6rc.fixed rw, /opt r, /opt/kde3/lib/kde3/plugins/integration/*.so mr, /usr r, /usr/bin/acroread rPx, /usr/bin/opera r, /usr/lib r, /usr/lib/RealPlayer10/realplay rPx, /usr/lib/RealPlayer10/realplay.bin rPx, /usr/lib/browser-plugins r, /usr/lib/browser-plugins/* mr, /usr/lib/jvm/** mr, /usr/lib/opera/** mixr, /usr/local r, /usr/share/** r, /usr/share/opera/** r, /var/run/.resmgr_socket w, /var/spool/cups/tmp/* lrw, @{HOME} r, @{HOME}/.fonts r, @{HOME}/.fonts.cache-* r, @{HOME}/.fonts/** r, @{HOME}/.kde/share/** r, @{HOME}/.opera r, @{HOME}/.opera/** lrw, @{HOME}/OperaDownloads/* rw, @{PROC}/[0-9]*/stat r, @{PROC}/net/if_inet6 r, @{PROC}/sys/vm/heap-stack-gap r, } about 1 year ago opera1 83 mmm Edit History
opensuse10.3 /usr/lib/cups/backend/lpd #include <tunables/global> /usr/lib/cups/backend/lpd flags=(complain) { #include <abstractions/base> /usr/lib/cups/backend/lpd mr, } over 2 years ago cups testing 127 dominic Edit History
opensuse10.3 /usr/bin/nm-applet #include <tunables/global> /usr/bin/nm-applet flags=(complain) { #include <abstractions/base> #include <abstractions/dbus> #include <abstractions/gnome> #include <abstractions/kde> #include <abstractions/nameservice> /etc/gnome-vfs-2.0/modules/ r, /etc/sound/events/gtk-events-2.soundlist r, /home/*/.ICEauthority r, /home/*/.Xauthority r, /home/*/.esd_auth r, /home/*/.fontconfig/* r, /home/*/.gnome2_private/ w, /home/*/.icons/ r, /home/*/.local/share/icons/ r, /usr/bin/bug-buddy ixr, /usr/bin/nm-applet mr, /usr/share/nm-applet/*.glade r, } over 2 years ago some bug-buddy rules and other misc updates 139 jmichael Edit History
opensuse10.3 /usr/lib/vte/gnome-pty-helper #include <tunables/global> /usr/lib/vte/gnome-pty-helper flags=(complain) { #include <abstractions/base> #include <abstractions/consoles> #include <abstractions/nameservice> /dev/ptmx rw, /usr/lib/vte/gnome-pty-helper mr, /var/log/wtmp kw, /var/run/utmp krw, } over 2 years ago argh, switch things back to complain for a while 116 jmichael Edit History
opensuse10.3 /usr/sbin/vsftpd # $Id: usr.sbin.vsftpd 697 2007-05-25 03:09:30Z steve-beattie $ # ------------------------------------------------------------------ # # Copyright (C) 2002-2005 Novell/SUSE # # This program is free software; you can redistribute it and/or # modify it under the terms of version 2 of the GNU General Public # License published by the Free Software Foundation. # # ------------------------------------------------------------------ #include <tunables/global> /usr/sbin/vsftpd flags=(complain) { #include <abstractions/authentication> #include <abstractions/base> #include <abstractions/nameservice> / r, /dev/urandom r, /etc/fstab r, /etc/hosts.allow r, /etc/hosts.deny r, /etc/mtab r, /etc/shells r, /etc/vsftpd.* r, /etc/vsftpd/* r, /srv/ftp/ r, /srv/ftp/** wr, /usr/sbin/vsftpd rmix, /var/log/vsftpd.log w, /var/log/xferlog w, @{HOMEDIRS} r, @{HOME}/** rwl, } about 1 year ago andrew 93 gankov Edit History
opensuse10.3 /usr/bin/gnome-terminal #include <tunables/global> /usr/bin/gnome-terminal { #include <abstractions/base> #include <abstractions/consoles> #include <abstractions/fonts> #include <abstractions/gnome> #include <abstractions/kde> #include <abstractions/nameservice> capability sys_ptrace, /bin/bash Ux, /dev/ptmx rw, /etc/gnome-vfs-2.0/modules/ r, /etc/sound/events/gtk-events-2.soundlist r, /home/*/.ICEauthority r, /home/*/.Xauthority r, /home/*/.esd_auth r, /home/*/.fontconfig/* r, /home/*/.gnome2_private/ w, /proc/meminfo r, /tmp/orbit-*/bonobo-activation-register.lock klrw, /usr/bin/bug-buddy ixr, /usr/bin/gnome-terminal mr, /usr/lib/vte/gnome-pty-helper Px, /usr/share/terminfo/** r, /usr/share/vte/termcap/* r, /var/cache/libx11/compose/* r, } about 1 year ago none 72 cinimod Edit History
opensuse10.3 /usr/lib/kde4/libexec/drkonqi #include <tunables/global> /usr/lib/kde4/libexec/drkonqi { #include <abstractions/base> /usr/lib/kde4/libexec/drkonqi mr, } about 1 year ago kde4 rc2 tests 95 dominic Edit History
opensuse10.3 /usr/bin/xsetroot #include <tunables/global> /usr/bin/xsetroot flags=(complain) { #include <abstractions/X> #include <abstractions/base> #include <abstractions/freedesktop.org> /usr/bin/xsetroot mr, /var/lib/gdm/* r, } over 2 years ago argh, switch things back to complain for a while 112 jmichael Edit History
opensuse10.3 /usr/bin/package-manager #include <tunables/global> /usr/bin/package-manager { #include <abstractions/base> #include <abstractions/bash> /bin/bash ix, /usr/bin/package-manager mr, } about 1 year ago none 85 cinimod Edit History
opensuse10.3 /home/suselinux1/Programmi/firefox_3/firefox/firefox #include <tunables/global> /home/suselinux1/Programmi/firefox_3/firefox/firefox { #include <abstractions/base> #include <abstractions/bash> /bin/bash ix, /home/suselinux1/Programmi/firefox_3/firefox/firefox mr, } about 1 year ago 67 suselinux1 Edit History
opensuse10.3 /opt/kde3/bin/amarok #include <tunables/global> /opt/kde3/bin/amarok flags=(complain) { #include <abstractions/base> /opt/kde3/bin/amarok mr, /opt/kde3/lib/lib*so* mr, } about 1 year ago 128 voices Edit History
opensuse10.3 /home/dominic/bin/mytest #include <tunables/global> /home/dominic/bin/mytest { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/nameservice> /bin/bash ixr, /bin/ping Px, /home/dominic/bin/mycat Pxmr, /home/dominic/bin/myls Px, /home/dominic/bin/mytest mr, } about 1 year ago none 74 cinimod Edit History
opensuse10.3 /usr/bin/xkbcomp #include <tunables/global> /usr/bin/xkbcomp flags=(complain) { #include <abstractions/X> #include <abstractions/base> /usr/bin/xkbcomp mr, /var/lib/xkb/compiled/*.xkm w, } over 2 years ago argh, switch things back to complain for a while 111 jmichael Edit History
opensuse10.3 /usr/lib/firefox/firefox-bin #include <tunables/global> /usr/lib/firefox/firefox-bin { #include <abstractions/audio> #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/dbus> #include <abstractions/fonts> #include <abstractions/gnome> #include <abstractions/kde> #include <abstractions/nameservice> /bin/bash ixr, /bin/grep ixr, /bin/netstat Px, /bin/ps Px, /etc/gai.conf r, /etc/gnome-vfs-2.0/modules/ r, /etc/mailcap r, /etc/mime.types r, /etc/mtab r, /etc/opt/kde3/share/applications/ r, /etc/opt/kde3/share/applications/mimeinfo.cache r, /etc/sound/events/gtk-events-2.soundlist r, /home/*/.ICEauthority r, /home/*/.Xauthority r, /home/*/.adobe/Flash_Player/** r, /home/*/.beagle/socket w, /home/*/.bookmarks.html rw, /home/*/.config/gtk-2.0/gtkfilechooser.ini rw, /home/*/.config/gtk-2.0/gtkfilechooser.ini.* rw, /home/*/.esd_auth r, /home/*/.fontconfig/* r, /home/*/.gnome2_private/ w, /home/*/.icons/ r, /home/*/.local/share/applications/ r, /home/*/.local/share/applications/*.desktop r, /home/*/.local/share/applications/defaults.list r, /home/*/.local/share/applications/mimeinfo.cache r, /home/*/.local/share/icons/ r, /home/*/.macromedia/Flash_Player/** r, /home/*/.mailcap r, /home/*/.mozilla/firefox/** rw, /home/*/.mozilla/firefox/*/.parentlock krw, /home/*/.mozilla/firefox/*/urlclassifier2.sqlite krw, /home/*/.mozilla/plugins/ r, /home/*/.mozilla/plugins/libflashplayer.so mr, /home/*/.recently-used.xbel r, /home/*/Desktop/ r, /home/*/Desktop/** rw, /home/*/Documents/** rw, /opt/kde3/bin/gwenview Px, /opt/kde3/share/applications/ r, /opt/kde3/share/applications/mimeinfo.cache r, /proc/*/maps r, /proc/cpuinfo r, /proc/meminfo r, /proc/sys/kernel/ngroups_max r, /usr/bin/acroread Px, /usr/bin/eog Px, /usr/bin/evince Px, /usr/bin/file-roller Px, /usr/bin/gimp-remote-2.2 Px, /usr/bin/gvim-normal ixr, /usr/bin/mplayer Px, /usr/lib/Acrobat7/Browser/intellinux/*.so mr, /usr/lib/firefox/firefox-bin ixr, /usr/lib/firefox/firefox.sh Px, /usr/share/applications/ r, /usr/share/applications/*.desktop r, /usr/share/applications/mimeinfo.cache r, /usr/share/dist/icons/suse-help.svg r, /usr/share/gdm/applications/ r, /usr/share/mime/**.xml r, /var/cache/gnome-vfs/defaults.list r, /var/cache/libx11/compose/* r, } about 1 year ago none 70 cinimod Edit History
opensuse10.3 /bin/uname #include <tunables/global> /bin/uname flags=(complain) { #include <abstractions/base> /bin/uname mr, /proc/cpuinfo r, } over 2 years ago argh, switch things back to complain for a while 120 jmichael Edit History
opensuse10.3 /home/dominic/bin/mytest #include <tunables/global> /home/dominic/bin/mytest { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/nameservice> capability dac_override, capability net_raw, capability setuid, network inet raw, /bin/bash ixr, /bin/ping Pxmr, /home/**/ r, /home/dominic/bin/mycat Pxmr, /home/dominic/bin/myls Pxmr, /home/dominic/bin/mytest mr, /proc/mdstat r, /proc/meminfo r, } about 1 year ago Import of jmichaels profiles 74 dominic Edit History
opensuse10.3 /usr/lib/GConf/2/gconfd-2 #include <tunables/global> /usr/lib/GConf/2/gconfd-2 { #include <abstractions/base> #include <abstractions/nameservice> #include <abstractions/user-tmp> /etc/gconf/2/path r, /etc/gconf/gconf.xml.defaults/ r, /etc/gconf/gconf.xml.mandatory/ r, /etc/gconf/gconf.xml.schemas/ r, /etc/gconf/gconf.xml.schemas/** r, /home/*/.gconf/ rw, /home/*/.gconf/** rw, /home/*/.gconfd/ w, /home/*/.gconfd/saved_state rw, /home/*/.gconfd/saved_state.orig w, /home/*/.gconfd/saved_state.tmp rw, /tmp/gconfd-*/lock/* klrw, /usr/lib/GConf/2/gconfd-2 mr, } about 1 year ago firefox 78 Holger Raade Edit History
opensuse10.3 /usr/lib/firefox/firefox-bin #include <tunables/global> /usr/lib/firefox/firefox-bin { #include <abstractions/audio> #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/dbus> #include <abstractions/fonts> #include <abstractions/gnome> #include <abstractions/kde> #include <abstractions/nameservice> /bin/bash ixr, /bin/grep ixr, /bin/netstat Px, /bin/ps Px, /etc/gai.conf r, /etc/gnome-vfs-2.0/modules/ r, /etc/mailcap r, /etc/mime.types r, /etc/mtab r, /etc/opt/kde3/share/applications/ r, /etc/opt/kde3/share/applications/mimeinfo.cache r, /etc/sound/events/gtk-events-2.soundlist r, /home/*/.ICEauthority r, /home/*/.Xauthority r, /home/*/.adobe/Flash_Player/** r, /home/*/.beagle/ToIndex/* w, /home/*/.beagle/socket w, /home/*/.bookmarks.html rw, /home/*/.config/* r, /home/*/.config/gtk-2.0/gtkfilechooser.ini rw, /home/*/.config/gtk-2.0/gtkfilechooser.ini.* rw, /home/*/.esd_auth r, /home/*/.fontconfig/* r, /home/*/.gnome2_private/ w, /home/*/.icons/ r, /home/*/.kde/share/config/* r, /home/*/.kde/share/config/gtkrc-qtc rw, /home/*/.local/share/applications/ r, /home/*/.local/share/applications/*.desktop r, /home/*/.local/share/applications/defaults.list r, /home/*/.local/share/applications/mimeinfo.cache r, /home/*/.local/share/icons/ r, /home/*/.macromedia/Flash_Player/** rw, /home/*/.mailcap r, /home/*/.mozilla/firefox/** rw, /home/*/.mozilla/firefox/*/.parentlock krw, /home/*/.mozilla/firefox/*/search.sqlite krw, /home/*/.mozilla/firefox/*/urlclassifier2.sqlite krw, /home/*/.mozilla/plugins/ r, /home/*/.mozilla/plugins/libflashplayer.so mr, /home/*/.recently-used.xbel r, /home/*/Desktop/ r, /home/*/Desktop/** rw, /home/*/Documents/** rw, /opt/kde3/bin/gwenview Px, /opt/kde3/share/applications/ r, /opt/kde3/share/applications/kde/*.desktop r, /opt/kde3/share/applications/mimeinfo.cache r, /proc/*/cmdline r, /proc/*/maps r, /proc/cpuinfo r, /proc/meminfo r, /proc/sys/kernel/ngroups_max r, /usr/bin/acroread Px, /usr/bin/eog Px, /usr/bin/evince Px, /usr/bin/file-roller Px, /usr/bin/gimp-remote-2.2 Px, /usr/bin/gvim-normal ixr, /usr/bin/mplayer Px, /usr/bin/vlc Px, /usr/lib/Acrobat7/Browser/intellinux/*.so mr, /usr/lib/firefox/firefox-bin ixr, /usr/lib/firefox/firefox.sh Px, /usr/share/applications/ r, /usr/share/applications/*.desktop r, /usr/share/applications/kde4/*.desktop r, /usr/share/applications/mimeinfo.cache r, /usr/share/dist/icons/suse-help.svg r, /usr/share/gdm/applications/ r, /usr/share/mime/**.xml r, /var/cache/gnome-vfs/defaults.list r, /var/cache/libx11/compose/* r, } about 1 year ago Running ff on kde tests. 79 dominic Edit History
opensuse10.3 /opt/kde3/bin/kontact #include <tunables/global> /opt/kde3/bin/kontact flags=(complain) { #include <abstractions/base> /opt/kde3/bin/kontact mr, /opt/kde3/lib/lib*so* mr, /usr/lib/qt3/lib/lib*so* mr, } over 2 years ago 1 96 robsn81 Edit History
opensuse10.3 /sbin/dhclient-script #include <tunables/global> /sbin/dhclient-script { #include <abstractions/base> #include <abstractions/bash> /bin/bash ix, /bin/dbus-send Px, /bin/egrep Px, /bin/grep ixr, /sbin/dhclient-script mr, /usr/bin/env Px, } about 1 year ago changes 4 91 security Edit History
opensuse10.3 /usr/lib/postfix/local # $Id: usr.lib.postfix.local 741 2007-06-11 22:55:56Z seth_arnold $ # ------------------------------------------------------------------ # # Copyright (C) 2002-2006 Novell/SUSE # # This program is free software; you can redistribute it and/or # modify it under the terms of version 2 of the GNU General Public # License published by the Free Software Foundation. # # ------------------------------------------------------------------ #include <tunables/global> /usr/lib/postfix/local { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/kerberosclient> #include <abstractions/nameservice> #include <abstractions/user-mail> #include <program-chunks/postfix-common> /bin/bash mixr, /bin/date mixr, /dev/tty rw, /etc/gai.conf r, /etc/postfix/lists.db r, /etc/postfix/virtual.db r, /etc/{postfix/,}aliases.db krw, /usr/bin/mlmmj-recieve Px, /usr/bin/procmail Px, /usr/lib/mailman/mail/mailman Px, /usr/lib/postfix/local rmix, /var/lib/mailman/data/aliases.db r, /var/mailman/mail/wrapper Px, /var/spool/mail/* klrw, /var/spool/postfix/** krw, /{var/spool/postfix/,}active/[0-9A-F]/ rw, /{var/spool/postfix/,}active/[0-9A-F]/[0-9A-F]/ rw, /{var/spool/postfix/,}active/[0-9A-F]/[0-9A-F]/* rw, /{var/spool/postfix/,}pid/unix.local rw, /{var/spool/postfix/,}private/{bounce,defer,flush,lmtp,rewrite} rw, /{var/spool/postfix/,}public/{cleanup,flush} rw, } about 1 year ago ssh needed the ability to create /root/.ssh, and assorted CUPS fixes 95 crispin Edit History
opensuse10.3 /usr/bin/fvwm #include <tunables/global> /usr/bin/fvwm flags=(complain) { #include <abstractions/base> /usr/bin/fvwm mr, } over 2 years ago argh, switch things back to complain for a while 119 jmichael Edit History
opensuse10.3 /etc/gdm/Init/Default #include <tunables/global> /etc/gdm/Init/Default { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> /bin/bash ixr, /bin/uname Px, /etc/gdm/Init/Default mr, /proc/meminfo r, /usr/bin/setxkbmap Px, /usr/bin/xmodmap Px, /usr/bin/xrdb Px, } about 1 year ago Import of jmichaels profiles 109 dominic Edit History
opensuse10.3 /usr/lib/RealPlayer10/realplay # $Id: usr.lib.RealPlayer10.realplay 725 2007-06-11 05:07:41Z seth_arnold $ # ------------------------------------------------------------------ # # Copyright (C) 2002-2005 Novell/SUSE # # This program is free software; you can redistribute it and/or # modify it under the terms of version 2 of the GNU General Public # License published by the Free Software Foundation. # # ------------------------------------------------------------------ #include <tunables/global> /usr/lib/RealPlayer10/realplay flags=(complain) { #include <abstractions/X> #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/fonts> #include <abstractions/gnome> #include <abstractions/kde> #include <abstractions/nameservice> #include <abstractions/user-download> /bin/bash ixmr, /bin/sed mixr, /bin/true mixr, /dev/dsp0 w, /etc/lsb-release r, /etc/pango/pango.modules r, /proc/** r, /usr/bin/aoss px, /usr/bin/opera Pxr, /usr/lib/RealPlayer10/** mr, /usr/lib/RealPlayer10/realplay.bin Pxr, /usr/lib/firefox/firefox.sh Pxr, /usr/share/icons r, /usr/share/icons/** r, /usr/share/pixmaps r, /usr/share/pixmaps/** r, /usr/share/themes/** r, @{HOME} r, @{HOME}/ r, @{HOME}/.fonts.cache-* r, @{HOME}/.mailcap rw, @{HOME}/.realplayerrc rw, } about 1 year ago internet radio, u.a. 68 shivver-fox Edit History
opensuse10.3 /etc/init.d/privoxy #include <tunables/global> /etc/init.d/privoxy { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/nameservice> capability kill, capability sys_ptrace, capability sys_tty_config, /bin/basename Px, /bin/bash ixr, /bin/cp ixr, /bin/rm ixr, /bin/stty ixr, /dev/blog w, /etc/init.d/privoxy ixr, /etc/rc.status r, /proc/*/stat r, /proc/*/statm r, /proc/meminfo r, /sbin/checkproc ixr, /sbin/killproc ixr, /usr/sbin/privoxy Pxr, /var/lib/privoxy/ r, /var/lib/privoxy/etc/* w, /var/lib/privoxy/lib/ r, /var/lib/privoxy/lib/lib*so* w, /var/run/privoxy.pid rw, } about 1 year ago Import of jmichaels profiles 98 dominic Edit History
opensuse10.3 /opt/share/amsn/amsn #include <tunables/global> /opt/share/amsn/amsn flags=(complain) { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/nameservice> /bin/* ixr, /dev/tty rw, /etc/fonts/** r, /etc/gai.conf r, /home/*/.Xauthority r, /home/*/.amsn/fayaboom_hotmail_com/abook.xml rw, /home/*/.amsn/fayaboom_hotmail_com/config.xml rw, /home/*/.amsn/fayaboom_hotmail_com/config.xml.temp rw, "/home/*/.amsn/fayaboom_hotmail_com/displaypic/Chris (3).png" r, /home/*/.amsn/fayaboom_hotmail_com/displaypic/cache/abismal_5@hotmail.com/4507b2f414e4778515443747766585976746e4a7439576e6756403d3.png r, /home/*/.amsn/fayaboom_hotmail_com/displaypic/cache/ah-leen@hotmail.com/363653d69754d4056687e68435a52374678536b424f28386b46554d3.png r, /home/*/.amsn/fayaboom_hotmail_com/displaypic/cache/bambouseraie@hotmail.com/03662364175426650776d4e42397677676f477c49634662685b637d3.png r, /home/*/.amsn/fayaboom_hotmail_com/displaypic/cache/clavry@hotmail.com/1515f4c454a73407245524a4b2371737867733f6874695a6448437d3.png r, /home/*/.amsn/fayaboom_hotmail_com/displaypic/cache/dawait_the_one@hotmail.com/e48446979684a5f4e44367b4a6c437874375956545e483e61746d4d3.png r, /home/*/.amsn/fayaboom_hotmail_com/displaypic/cache/didierransau@live.fr/67645316869577d6e6f6c4a6f2d677c68473873507664777970594d3.png r, /home/*/.amsn/fayaboom_hotmail_com/displaypic/cache/dominikqq@hotmail.com/37b6872566a41575c487163615146556b6233467b464c49534a4f6d3.png r, /home/*/.amsn/fayaboom_hotmail_com/displaypic/cache/doriskkk@hotmail.com/23d613f4b293a6a7331543a67486b2c49465468746470334152695d3.png r, /home/*/.amsn/fayaboom_hotmail_com/displaypic/cache/dragonsmd@hotmail.com/03f463157584037505766796447546877377b237b2335526f25454d3.png r, /home/*/.amsn/fayaboom_hotmail_com/displaypic/cache/ewajy@hotmail.fr/46750365a566276484439676071724b216b6e657b295c465051536d3.png r, /home/*/.amsn/fayaboom_hotmail_com/displaypic/cache/faboolook@hotmail.com/66376334f2a6a585b28736e67376177343d653e454775456d41783d3.png r, /home/*/.amsn/fayaboom_hotmail_com/displaypic/cache/fcharbonnier@hotmail.com/7723a5147775448386a5f4a5a527967716a46576964434a4e63615d3.png r, /home/*/.amsn/fayaboom_hotmail_com/displaypic/cache/kohane@hotmail.fr/248584e6946363a4551366b635772636a705831767343776878336d3.png r, /home/*/.amsn/fayaboom_hotmail_com/displaypic/cache/lailaine24@hotmail.com/a5c4f2548474e4d42687751585a4f41633130577277594f2752736d3.png r, /home/*/.amsn/fayaboom_hotmail_com/displaypic/cache/lasensuelle1@hotmail.com/75a54513d4a494a683a71755d4744374b44475b407a5a5675443d4d3.png r, /home/*/.amsn/fayaboom_hotmail_com/displaypic/cache/le_tigre65@hotmail.com/3514366785d4a47414f65643a5d687755626b48573358747b226d4d3.png r, /home/*/.amsn/fayaboom_hotmail_com/displaypic/cache/lilithe971@hotmail.com/3625b44466c654b6134563a77654541663832567c6f67674343515d3.png r, /home/*/.amsn/fayaboom_hotmail_com/displaypic/cache/lisebruneau2@hotmail.com/5554b696c4e473779754f405234353d43564d463a5847375a486f6d3.png r, /home/*/.amsn/fayaboom_hotmail_com/displaypic/cache/lorenj972@hotmail.com/46f457b4f6541694c64584f2d42305f6654794170305b273c487b6d3.png r, /home/*/.amsn/fayaboom_hotmail_com/displaypic/cache/maitre_rod@hotmail.com/6617b6544767a4635745f47313a564a78416b2b68556a4133493d4d3.png r, /home/*/.amsn/fayaboom_hotmail_com/displaypic/cache/manoj711@msn.com/259627874397073647937385b4c447642346f6e427b2e6f2855315d3.png r, /home/*/.amsn/fayaboom_hotmail_com/displaypic/cache/melinajamonita@hotmail.com/46750365a566276484439676071724b216b6e657b295c465051536d3.png r, /home/*/.amsn/fayaboom_hotmail_com/displaypic/cache/misraim31@hotmail.com/46d68617a59707c425e614e47716b223c44663a585241543234454d3.png r, /home/*/.amsn/fayaboom_hotmail_com/displaypic/cache/monchador@hotmail.fr/1313643577a6535515339486b463d426454727b42673d4c427f4d4d3.png r, /home/*/.amsn/fayaboom_hotmail_com/displaypic/cache/mr_rigolo971@hotmail.com/9505a44574d433d6530544b4a675951435a595f44486e61374a536d3.png r, /home/*/.amsn/fayaboom_hotmail_com/displaypic/cache/nigelcwilliams@hotmail.com/b2736417853655451573b494548414b61744a7a4b6262354960795d3.png r, /home/*/.amsn/fayaboom_hotmail_com/displaypic/cache/nketty@hotmail.com/565465871335279386b27536c634c667a766d6a7a7d43436448777d3.png r, /home/*/.amsn/fayaboom_hotmail_com/displaypic/cache/pamybima@hotmail.com/1617568355536745258307a7173635c4e6a735a443e61314f26577d3.png r, /home/*/.amsn/fayaboom_hotmail_com/displaypic/cache/philippechailloux979@msn.com/4356f4b6e62483751687e403677367557314263493634605758414d3.png r, /home/*/.amsn/fayaboom_hotmail_com/displaypic/cache/regismerault@hotmail.com/2314c4377697034485f47643377643372724a41337058437131643d3.png r, /home/*/.amsn/fayaboom_hotmail_com/displaypic/cache/roussasdavid@hotmail.fr/63b43644a74683d673335763637334379636c695857675e4944695d3.png r, /home/*/.amsn/fayaboom_hotmail_com/displaypic/cache/scorpion97-one@hotmail.fr/737756c624a5656713c66436f405851623354703f2b6b273d48515d3.png r, /home/*/.amsn/fayaboom_hotmail_com/displaypic/cache/sianindustries@msn.com/a587e6832584d4542395179337231684a74424678426574687e636d3.png r, /home/*/.amsn/fayaboom_hotmail_com/displaypic/cache/smonnel972@hotmail.fr/a4b243a59475c6f29674a78566a6a61347374556f4e61494575455d3.png r, /home/*/.amsn/fayaboom_hotmail_com/displaypic/cache/squalfe@hotmail.com/56b494862347c465374494445767a727966696c664749334a617b6d3.png r, /home/*/.amsn/fayaboom_hotmail_com/displaypic/cache/yanico2@hotmail.fr/f2a754d6276476756695e6752645e436839646d687c62467647555d3.png r, /home/*/.amsn/fayaboom_hotmail_com/displaypic/cache/yannick16@msn.com/96435505658493e663a564163366630347971626079636d4350577d3.png r, /home/*/.amsn/fayaboom_hotmail_com/displaypic/cache/yoseirismadera07@hotmail.com/449327d4740757b634a667e43357e4a47743258446158636a5f2d4d3.png r, /home/*/.amsn/fayaboom_hotmail_com/plugins.xml rw, /home/*/.amsn/fayaboom_hotmail_com/smileys/lol1.png r, /home/*/.amsn/fayaboom_hotmail_com/states.xml r, /home/*/.amsn/gconfig.xml rw, /home/*/.amsn/langlist.xml r, /home/*/.amsn/plugins/ r, /home/*/.amsn/plugins/tls1.50/libtls1.50.so mr, /home/*/.amsn/plugins/tls1.50/pkgIndex.tcl r, /home/*/.amsn/plugins/tls1.50/tls.tcl r, /home/*/.amsn/profiles rw, /home/*/.fontconfig/7219ee1c04aed23722a5986d12452f2a-x86.cache-2 r, /home/*/.fonts.conf r, /opt/kde3/bin/kdialog ixr, /opt/share/amsn/BWidget_mods.tcl r, /opt/share/amsn/abook.tcl r, /opt/share/amsn/addressbook.tcl r, /opt/share/amsn/alarm.tcl r, /opt/share/amsn/amsn mr, /opt/share/amsn/amsn_des.tcl r, /opt/share/amsn/amsncore.tcl r, /opt/share/amsn/assistant.tcl r, /opt/share/amsn/audio.tcl r, /opt/share/amsn/auth.tcl r, /opt/share/amsn/automsg.tcl r, /opt/share/amsn/autoupdate.tcl r, /opt/share/amsn/balloon.tcl r, /opt/share/amsn/bugs.tcl r, /opt/share/amsn/chatwindow.tcl r, /opt/share/amsn/config.tcl r, /opt/share/amsn/ctthemes.tcl r, /opt/share/amsn/dock.tcl r, /opt/share/amsn/groups.tcl r, /opt/share/amsn/gui.tcl r, /opt/share/amsn/guicontactlist.tcl r, /opt/share/amsn/hotmail.tcl r, /opt/share/amsn/lang.tcl r, /opt/share/amsn/lang/langen r, /opt/share/amsn/lang/langfr r, /opt/share/amsn/login_screen.tcl r, /opt/share/amsn/loging.tcl r, /opt/share/amsn/migmd5.tcl r, /opt/share/amsn/msncam.tcl r, /opt/share/amsn/msngames.tcl r, /opt/share/amsn/msnp2p.tcl r, /opt/share/amsn/mutex.tcl r, /opt/share/amsn/picture.tcl r, /opt/share/amsn/plugins.tcl r, /opt/share/amsn/plugins/ r, /opt/share/amsn/plugins/ColoredNicks/colorednicks.tcl r, /opt/share/amsn/plugins/ColoredNicks/lang/langen r, /opt/share/amsn/plugins/ColoredNicks/lang/langfr r, /opt/share/amsn/plugins/ColoredNicks/plugininfo.xml r, /opt/share/amsn/plugins/MSNGameTTT/plugininfo.xml r, /opt/share/amsn/plugins/Notes/notes.tcl r, /opt/share/amsn/plugins/Notes/plugininfo.xml r, /opt/share/amsn/plugins/Nudge/Nudge.tcl r, /opt/share/amsn/plugins/Nudge/lang/langen r, /opt/share/amsn/plugins/Nudge/lang/langfr r, /opt/share/amsn/plugins/Nudge/plugininfo.xml r, /opt/share/amsn/plugins/PowerTool/plugininfo.xml r, /opt/share/amsn/plugins/Restore/plugininfo.xml r, /opt/share/amsn/plugins/Restore/restore.tcl r, /opt/share/amsn/plugins/SearchContact/lang/langen r, /opt/share/amsn/plugins/SearchContact/lang/langfr r, /opt/share/amsn/plugins/SearchContact/pixmaps/clear.png r, /opt/share/amsn/plugins/SearchContact/pixmaps/search.png r, /opt/share/amsn/plugins/SearchContact/plugininfo.xml r, /opt/share/amsn/plugins/SearchContact/searchcontact.tcl r, /opt/share/amsn/plugins/WebcamShooter/camshoot.tcl r, /opt/share/amsn/plugins/WebcamShooter/lang/langen r, /opt/share/amsn/plugins/WebcamShooter/lang/langfr r, /opt/share/amsn/plugins/WebcamShooter/plugininfo.xml r, /opt/share/amsn/plugins/amsnplus/plugininfo.xml r, /opt/share/amsn/plugins/desktop_integration/desktop_integration.tcl r, /opt/share/amsn/plugins/desktop_integration/plugininfo.xml r, /opt/share/amsn/plugins/games/plugininfo.xml r, /opt/share/amsn/plugins/gnotify/gnotify.tcl r, /opt/share/amsn/plugins/gnotify/lang/langen r, /opt/share/amsn/plugins/gnotify/lang/langfr r, /opt/share/amsn/plugins/gnotify/plugininfo.xml r, /opt/share/amsn/plugins/inkdraw/plugininfo.xml r, /opt/share/amsn/plugins/msntranslator/plugininfo.xml r, /opt/share/amsn/plugins/music/infoamarok r, /opt/share/amsn/plugins/music/lang/langen r, /opt/share/amsn/plugins/music/lang/langfr r, /opt/share/amsn/plugins/music/music.tcl r, /opt/share/amsn/plugins/music/plugininfo.xml r, /opt/share/amsn/plugins/pop3/plugininfo.xml r, /opt/share/amsn/plugins/pop3/pop3.tcl r, /opt/share/amsn/plugins/remind/lang/langen r, /opt/share/amsn/plugins/remind/lang/langfr r, /opt/share/amsn/plugins/remind/plugininfo.xml r, /opt/share/amsn/plugins/remind/remind.tcl r, /opt/share/amsn/plugins/whatis/plugininfo.xml r, /opt/share/amsn/plugins/winks/lang/langen r, /opt/share/amsn/plugins/winks/lang/langfr r, /opt/share/amsn/plugins/winks/plugininfo.xml r, /opt/share/amsn/plugins/winks/winks.tcl r, /opt/share/amsn/plugins/winskin/plugininfo.xml r, /opt/share/amsn/pluginslog.tcl r, /opt/share/amsn/preferences.tcl r, /opt/share/amsn/progressbar.tcl r, /opt/share/amsn/protocol.tcl r, /opt/share/amsn/proxy.tcl r, /opt/share/amsn/remote.tcl r, /opt/share/amsn/roaming.tcl r, /opt/share/amsn/searchdialog.tcl r, /opt/share/amsn/sip.tcl r, /opt/share/amsn/skins.tcl r, /opt/share/amsn/skins/** r, /opt/share/amsn/smileys.tcl r, /opt/share/amsn/soap.tcl r, /opt/share/amsn/socks.tcl r, /opt/share/amsn/spaces.tcl r, /opt/share/amsn/sxml.tcl r, /opt/share/amsn/trayicon.tcl r, /opt/share/amsn/utils/ r, /opt/share/amsn/utils/** mr, /proc/ r, /proc/* r, /proc/*/cmdline r, /proc/*/stat r, /proc/*/status r, /proc/sys/kernel/* r, /proc/tty/drivers r, /tmp/* w, /tmp/.X11-unix/X0 w, /usr/bin/cabextract ixr, /usr/bin/which ixr, /usr/local/bin/wish8.5 ixr, /usr/local/lib/ r, /usr/local/lib/lib*so* mr, /usr/local/lib/tcl8.5/ r, /usr/local/lib/tcl8.5/** r, /usr/local/lib/tcl8/*/ r, /usr/local/lib/tcl8/8.4/http-2.7.tm r, /usr/local/lib/tcl8/8.5/msgcat-1.4.2.tm r, /usr/local/lib/tk8.5/ r, /usr/local/lib/tk8.5/** r, /usr/share/X11/XKeysymDB r, /usr/share/X11/locale/** r, /usr/share/fonts/** r, /usr/share/ghostscript/fonts/** r, /usr/share/icons/DMZ/** r, /var/cache/fontconfig/* r, /var/cache/libx11/compose/l4_024_313cb605_00280cc0 r, } about 1 year ago amsn 106 Chris Edit History
opensuse10.3 /usr/bin/amule #include <tunables/global> /usr/bin/amule flags=(complain) { #include <abstractions/base> #include <abstractions/nameservice> /usr/bin/amule mr, } over 2 years ago 1 96 optix Edit History
opensuse10.3 /usr/bin/opensuse-updater-gnome-applet #include <tunables/global> /usr/bin/opensuse-updater-gnome-applet { #include <abstractions/base> #include <abstractions/fonts> #include <abstractions/gnome> #include <abstractions/kde> #include <abstractions/nameservice> /home/*/.Xauthority r, /home/*/.fontconfig/* r, /home/*/.opensuse-updater-gnome rw, /proc/meminfo r, /usr/bin/bug-buddy ixr, /usr/bin/opensuse-updater-gnome-applet mr, /usr/sbin/zypp-checkpatches-wrapper Px, /usr/share/opensuse-updater-gnome/glade/*.glade r, /usr/share/opensuse-updater-gnome/images/** r, } about 1 year ago Import of jmichaels profiles 69 dominic Edit History
opensuse10.3 /etc/gdm/Init/Default #include <tunables/global> /etc/gdm/Init/Default { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> /bin/bash ixr, /bin/uname Px, /etc/gdm/Init/Default mr, /proc/meminfo r, /usr/bin/setxkbmap Px, /usr/bin/xmodmap Px, /usr/bin/xrdb Px, } about 1 year ago none 88 cinimod Edit History
opensuse10.3 /usr/lib/cyrus/bin/ctl_cyrusdb #include <tunables/global> /usr/lib/cyrus/bin/ctl_cyrusdb { #include <abstractions/base> /etc/imapd.* r, /mnt/mail/config/** rw, /usr/lib/cyrus/bin/ctl_cyrusdb mr, /var/lib/imap/* rw, /var/lib/imap/*/ rw, /var/lib/imap/db.backup1/* w, /var/lib/imap/db.backup2/* w, /var/lib/imap/db/* rw, } about 1 year ago 97 arclyde Edit History
opensuse10.3 /usr/sbin/iwconfig #include <tunables/global> /usr/sbin/iwconfig { #include <abstractions/base> #include <abstractions/nameservice> capability net_admin, /proc/net/dev r, /usr/sbin/iwconfig mr, } about 1 year ago Import of jmichaels profiles 105 dominic Edit History
opensuse10.3 /etc/init.d/privoxy #include <tunables/global> /etc/init.d/privoxy { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/nameservice> capability kill, capability sys_ptrace, capability sys_tty_config, /bin/basename Px, /bin/bash ixr, /bin/cp ixr, /bin/rm ixr, /bin/stty ixr, /dev/blog w, /etc/init.d/privoxy ixr, /etc/rc.status r, /proc/*/stat r, /proc/*/statm r, /proc/meminfo r, /sbin/checkproc ixr, /sbin/killproc ixr, /usr/sbin/privoxy Pxr, /var/lib/privoxy/ r, /var/lib/privoxy/etc/* w, /var/lib/privoxy/lib/ r, /var/lib/privoxy/lib/lib*so* w, /var/run/privoxy.pid rw, } about 1 year ago none 84 cinimod Edit History
opensuse10.3 /usr/bin/test #include <tunables/global> /usr/bin/test { #include <abstractions/base> /usr/bin/test mr, } over 2 years ago test 95 root Edit History
opensuse10.3 /etc/NetworkManager/dispatcher.d/nfs #include <tunables/global> /etc/NetworkManager/dispatcher.d/nfs flags=(complain) { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> /bin/bash ixr, /bin/ls ixmr, /etc/NetworkManager/dispatcher.d/nfs mr, /etc/init.d/rc5.d/ r, /proc/meminfo r, /sbin/runlevel Px, } over 2 years ago argh, switch things back to complain for a while 102 jmichael Edit History
opensuse10.3 /usr/bin/gtk-window-decorator #include <tunables/global> /usr/bin/gtk-window-decorator flags=(complain) { #include <abstractions/base> #include <abstractions/fonts> #include <abstractions/gnome> #include <abstractions/nameservice> /home/*/.Xauthority r, /home/*/.fontconfig/* r, /proc/meminfo r, /usr/bin/bug-buddy ixr, /usr/bin/gtk-window-decorator mr, } over 2 years ago minor changes for 10.3 rc2 initial gnome launch 115 jmichael Edit History
opensuse10.3 /usr/bin/opensuse-updater-gnome-applet #include <tunables/global> /usr/bin/opensuse-updater-gnome-applet { #include <abstractions/base> #include <abstractions/fonts> #include <abstractions/gnome> #include <abstractions/kde> #include <abstractions/nameservice> /home/*/.Xauthority r, /home/*/.fontconfig/* r, /home/*/.opensuse-updater-gnome rw, /proc/meminfo r, /usr/bin/bug-buddy ixr, /usr/bin/opensuse-updater-gnome-applet mr, /usr/sbin/zypp-checkpatches-wrapper Px, /usr/share/opensuse-updater-gnome/glade/*.glade r, /usr/share/opensuse-updater-gnome/images/** r, } about 1 year ago none 62 cinimod Edit History
opensuse10.3 /usr/bin/mplayer #include <tunables/global> /usr/bin/mplayer { #include <abstractions/X> #include <abstractions/audio> #include <abstractions/base> #include <abstractions/fonts> #include <abstractions/freedesktop.org> #include <abstractions/nameservice> /etc/mplayer/input.conf r, /etc/mplayer/mplayer.conf r, /home/*/.Xauthority r, /home/*/.mplayer/* rw, /home/*/Desktop/ r, /home/*/Desktop/** r, /home/*/Documents/ r, /home/*/Documents/** r, /opt/kde3/lib/lib*so* mr, /usr/bin/mplayer mr, /usr/lib/win32/*.dll mr, /usr/share/terminfo/** r, } about 1 year ago Import of jmichaels profiles 94 dominic Edit History
opensuse10.3 /usr/sbin/iwconfig #include <tunables/global> /usr/sbin/iwconfig { #include <abstractions/base> #include <abstractions/nameservice> capability net_admin, /proc/net/dev r, /usr/sbin/iwconfig mr, } about 1 year ago none 89 cinimod Edit History
opensuse10.3 /usr/lib/ooo-2.0/program/soffice #include <tunables/global> /usr/lib/ooo-2.0/program/soffice { #include <abstractions/base> #include <abstractions/bash> /bin/basename Px, /bin/bash ix, /bin/uname ixr, /usr/lib/ooo-2.0/program/javaldx Px, /usr/lib/ooo-2.0/program/oosplash.bin Px, /usr/lib/ooo-2.0/program/soffice mr, } about 1 year ago openoffice+java 71 helsil Edit History
opensuse10.3 /opt/kde3/bin/ktorrent #include <tunables/global> /opt/kde3/bin/ktorrent { #include <abstractions/base> network all, /home/*/.DCOPserver_linux__0 r, /home/*/.ICEauthority r, /opt/kde3/bin/ktorrent mr, /opt/kde3/lib/lib*so* mr, /tmp/.ICE-unix/dcop2923-1200365524 w, } about 1 year ago 69 Jena Edit History
opensuse10.3 /usr/bin/gnome-screensaver-command #include <tunables/global> /usr/bin/gnome-screensaver-command flags=(complain) { #include <abstractions/base> /usr/bin/gnome-screensaver-command mr, } over 2 years ago argh, switch things back to complain for a while 126 jmichael Edit History
opensuse10.3 /usr/bin/gimp-remote-2.2 #include <tunables/global> /usr/bin/gimp-remote-2.2 flags=(complain) { #include <abstractions/base> /usr/bin/gimp-remote-2.2 mr, } over 2 years ago argh, switch things back to complain for a while 93 jmichael Edit History
opensuse10.3 /usr/bin/mplayer #include <tunables/global> /usr/bin/mplayer { #include <abstractions/X> #include <abstractions/audio> #include <abstractions/base> #include <abstractions/fonts> #include <abstractions/freedesktop.org> #include <abstractions/nameservice> /etc/mplayer/input.conf r, /etc/mplayer/mplayer.conf r, /home/*/.Xauthority r, /home/*/.mplayer/* rw, /home/*/Desktop/ r, /home/*/Desktop/** r, /home/*/Documents/ r, /home/*/Documents/** r, /opt/kde3/lib/lib*so* mr, /usr/bin/mplayer mr, /usr/lib/win32/*.dll mr, /usr/share/terminfo/** r, } about 1 year ago none 84 cinimod Edit History
opensuse10.3 /usr/bin/ekiga #include <tunables/global> /usr/bin/ekiga { #include <abstractions/base> /usr/bin/ekiga mr, } about 1 year ago apparmor.log 71 danny Edit History
opensuse10.3 /usr/antivir-workstation-pers-2.1.10-15/bin/antivir #include <tunables/global> /usr/antivir-workstation-pers-2.1.10-15/bin/antivir flags=(complain) { #include <abstractions/base> /usr/antivir-workstation-pers-2.1.10-15/bin/antivir mr, } about 1 year ago cris 75 crimarova64 Edit History
opensuse10.3 /etc/X11/xdm/sys.xsession #include <tunables/global> /etc/X11/xdm/sys.xsession flags=(complain) { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/user-tmp> capability sys_ptrace, /bin/bash ixr, /etc/X11/xdm/sys.xsession mr, /etc/X11/xinit/xinitrc r, /etc/X11/xinit/xinitrc.common r, /etc/X11/xinit/xinitrc.d/ r, /etc/X11/xinit/xinitrc.d/sabayon-xinitrc.sh Px, /home/*/.gnupg/agent.info rw, /home/*/.gnupg/agent.pid rw, /proc/ r, /proc/*/stat r, /proc/*/statm r, /proc/meminfo r, /proc/sys/kernel/ngroups_max r, /sbin/checkproc ixr, /usr/bin/dbus-launch Px, /usr/bin/gpg-agent Pxr, /usr/bin/ssh-agent ixr, /usr/lib/ssh/x11-ssh-askpass Px, } over 2 years ago let xsession run sabayon-xinitrc 88 jmichael Edit History
opensuse10.3 /usr/bin/gnome-cups-icon #include <tunables/global> /usr/bin/gnome-cups-icon flags=(complain) { #include <abstractions/base> #include <abstractions/gnome> #include <abstractions/nameservice> /etc/gnome-vfs-2.0/modules/ r, /etc/sound/events/gtk-events-2.soundlist r, /home/*/.ICEauthority r, /home/*/.Xauthority r, /home/*/.cups/lpoptions r, /home/*/.gnome2_private/ w, /tmp/orbit-*/bonobo-activation-register.lock klrw, /usr/bin/bug-buddy ixr, /usr/bin/gnome-cups-icon mr, /var/run/cups/cups.sock w, /var/run/nscd/services r, } over 2 years ago some bug-buddy rules and other misc updates 116 jmichael Edit History
opensuse10.3 /usr/lib/NetworkManager/nm-crash-logger #include <tunables/global> /usr/lib/NetworkManager/nm-crash-logger { #include <abstractions/base> /usr/lib/NetworkManager/nm-crash-logger mr, } about 1 year ago Import of jmichaels profiles 72 dominic Edit History
opensuse10.3 /FYP/FileReadWrite5 #include <tunables/global> /FYP/FileReadWrite5 flags=(complain) { #include <abstractions/base> /FYP/FileReadWrite5 mr, /FYP/data/prices.dat wr, } about 1 year ago 84 FYPJ Edit History
opensuse10.3 /usr/bin/amule #include <tunables/global> /usr/bin/amule { #include <abstractions/audio> #include <abstractions/base> #include <abstractions/bash> #include <abstractions/fonts> #include <abstractions/gnome> #include <abstractions/kde> #include <abstractions/nameservice> /bin/bash ixr, /bin/uname ixr, /etc/gnome-vfs-2.0/modules/ r, /etc/sound/events/gtk-events-2.soundlist r, /home/*/*.MK80ZT rw, /home/*/.ICEauthority r, /home/*/.Xauthority r, /home/*/.aMule/ rw, /home/*/.aMule/** krw, /home/*/.esd_auth r, /home/*/.fontconfig/*.cache-2 r, /home/*/.gnome2/Totem/* w, /home/*/.gnome2/Totem/state.ini rw, /home/*/.gnome2/Totem/state.ini.MBLUZT rw, /home/*/.gnome2/Totem/xine_config r, /home/*/.gnome2_private/ w, /home/*/.gstreamer-0.10/registry.i686.xml r, /home/*/.icons/ r, /home/*/.recently-used.xbel rw, /home/*/.xine/*.cache rw, /proc/meminfo r, /proc/sys/kernel/ngroups_max r, /usr/bin/amule mr, /usr/bin/bug-buddy ixr, /usr/bin/totem ixr, /usr/lib/** mr, /usr/lib/GConf/2/gconfd-2 ixr, /usr/share/amule/*/ r, /usr/share/bug-buddy/bug-buddy.gtkbuilder r, /usr/share/locale-bundle/de/**.mo r, /usr/share/totem/* r, /var/cache/libx11/compose/* r, } over 2 years ago 81 anonymus1 Edit History
opensuse10.3 /usr/lib/GConf/2/gconfd-2 #include <tunables/global> /usr/lib/GConf/2/gconfd-2 { #include <abstractions/base> #include <abstractions/nameservice> #include <abstractions/user-tmp> /etc/gconf/2/path r, /etc/gconf/gconf.xml.defaults/ r, /etc/gconf/gconf.xml.mandatory/ r, /etc/gconf/gconf.xml.schemas/ r, /etc/gconf/gconf.xml.schemas/** r, /home/*/.gconf/ rw, /home/*/.gconf/** rw, /home/*/.gconfd/ w, /home/*/.gconfd/saved_state rw, /home/*/.gconfd/saved_state.orig w, /home/*/.gconfd/saved_state.tmp rw, /tmp/gconfd-*/lock/* klrw, /usr/lib/GConf/2/gconfd-2 mr, } about 1 year ago Import of jmichaels profiles 103 dominic Edit History
opensuse10.3 /usr/bin/whois #include <tunables/global> /usr/bin/whois flags=(complain) { #include <abstractions/base> /usr/bin/whois mr, } 10 months ago 48 prolaser Edit History
opensuse10.3 /usr/bin/ssh #include <tunables/global> /usr/bin/ssh flags=(complain) { #include <abstractions/base> /usr/bin/ssh mr, } 10 months ago first 43 optimus Edit History
opensuse10.3 /usr/bin/gnome-keyring-daemon #include <tunables/global> /usr/bin/gnome-keyring-daemon { #include <abstractions/base> #include <abstractions/nameservice> capability sys_ptrace, /home/*/.gnome2/keyrings/ r, /home/*/.gnome2/keyrings/.keyring* rw, /home/*/.gnome2/keyrings/default.keyring rw, /tmp/keyring-*/ w, /tmp/keyring-*/socket w, /usr/bin/gnome-keyring-daemon mr, /usr/lib/gnome-keyring-1/gnome-keyring-ask Px, } about 1 year ago none 63 cinimod Edit History
opensuse10.3 /usr/lib/gnome-main-menu/main-menu #include <tunables/global> /usr/lib/gnome-main-menu/main-menu { #include <abstractions/base> #include <abstractions/dbus> #include <abstractions/fonts> #include <abstractions/gnome> #include <abstractions/kde> #include <abstractions/nameservice> /etc/gnome-vfs-2.0/modules/ r, /etc/mtab r, /etc/opt/kde3/share/applications/ r, /etc/opt/kde3/share/applications/mimeinfo.cache r, /etc/sound/events/gtk-events-2.soundlist r, /home/*/ r, /home/*/.ICEauthority r, /home/*/.Xauthority r, /home/*/.config/ w, /home/*/.config/gnome-main-menu/ w, /home/*/.config/gnome-main-menu/showable_files_migrated w, /home/*/.esd_auth r, /home/*/.fontconfig/* r, /home/*/.gnome2_private/ w, /home/*/.icons/ r, /home/*/.local/share/applications/ r, /home/*/.local/share/applications/*.desktop r, /home/*/.local/share/applications/defaults.list r, /home/*/.local/share/applications/mimeinfo.cache r, /home/*/.local/share/icons/ r, /home/*/.local/share/mime/aliases r, /home/*/.local/share/mime/globs r, /home/*/.local/share/mime/magic r, /home/*/.local/share/mime/subclasses r, /home/*/.recently-used.xbel r, /home/*/.recently-used.xbel.* rw, /home/*/.thumbnails/ w, /home/*/.thumbnails/** rw, /home/*/Desktop/** r, /home/*/Documents/* rw, /opt/kde3/share/applications/ r, /opt/kde3/share/applications/mimeinfo.cache r, /proc/*/mounts r, /proc/meminfo r, /proc/net/dev r, /proc/partitions r, /proc/stat r, /sys/block/**/stat r, /sys/devices/**/net/*/statistics/* r, /tmp/orbit-*/bonobo-activation-register.lock klrw, /usr/bin/beagle-search Px, /usr/bin/bug-buddy ixr, /usr/bin/evince-thumbnailer Px, /usr/bin/gnome-screensaver-command Px, /usr/bin/gsf-office-thumbnailer Px, /usr/bin/package-manager Px, /usr/bin/totem-video-thumbnailer Px, /usr/lib/gnome-main-menu/main-menu mr, /usr/share/applications/ r, /usr/share/applications/**.desktop r, /usr/share/applications/mimeinfo.cache r, /usr/share/f-spot/icons/**.png r, /usr/share/gdm/applications/ r, /usr/share/gnome-2.0/ui/*.xml r, /usr/share/gnome-main-menu/ r, /usr/share/gnome-main-menu/*.glade r, /usr/share/gnome-main-menu/*.xbel r, /usr/share/gnome-main-menu/empty.ods r, /usr/share/mime/**.xml r, /var/cache/gnome-vfs/defaults.list r, /var/cache/libx11/compose/* r, } about 1 year ago none 77 cinimod Edit History
opensuse10.3 /usr/bin/evince #include <tunables/global> /usr/bin/evince flags=(complain) { #include <abstractions/base> #include <abstractions/gnome> #include <abstractions/kde> #include <abstractions/nameservice> /etc/gnome-vfs-2.0/modules/ r, /etc/mtab r, /etc/sound/events/gtk-events-2.soundlist r, /etc/xpdfrc r, /etc/xpdfrc-cjk r, /etc/xpdfrc-cjk-auto r, /etc/xpdfrc-cjk.sjis r, /home/*/.ICEauthority r, /home/*/.Xauthority r, /home/*/.esd_auth r, /home/*/.fontconfig/* r, /home/*/.gnome2/accels/evince rw, /home/*/.gnome2/evince/ev-metadata.xml rw, /home/*/.gnome2_private/ w, /home/*/.icons/ r, /home/*/.local/share/icons/ r, /home/*/.recently-used.xbel rw, /home/*/.recently-used.xbel.* rw, /home/*/Desktop/**.pdf r, /proc/meminfo r, /usr/bin/evince mr, /usr/share/evince/evince-toolbar.xml r, /usr/share/evince/evince-ui.xml r, /usr/share/evince/icons/ r, /usr/share/evince/icons/hicolor/** r, /usr/share/xpdf/** r, /var/cache/libx11/compose/* r, } over 2 years ago few extra changes 110 jmichael Edit History
opensuse10.3 /usr/lib/NetworkManager/nm-crash-logger #include <tunables/global> /usr/lib/NetworkManager/nm-crash-logger { #include <abstractions/base> /usr/lib/NetworkManager/nm-crash-logger mr, } about 1 year ago none 67 cinimod Edit History
opensuse10.3 /usr/lib/GConf/2/gconfd-2 #include <tunables/global> /usr/lib/GConf/2/gconfd-2 { #include <abstractions/base> #include <abstractions/nameservice> #include <abstractions/user-tmp> /etc/gconf/2/path r, /etc/gconf/gconf.xml.defaults/ r, /etc/gconf/gconf.xml.mandatory/ r, /etc/gconf/gconf.xml.schemas/ r, /etc/gconf/gconf.xml.schemas/** r, /home/*/.gconf/ rw, /home/*/.gconf/** rw, /home/*/.gconfd/ w, /home/*/.gconfd/saved_state rw, /home/*/.gconfd/saved_state.orig w, /home/*/.gconfd/saved_state.tmp rw, /tmp/gconfd-*/lock/* klrw, /usr/lib/GConf/2/gconfd-2 mr, } about 1 year ago none 81 cinimod Edit History
opensuse10.3 /usr/bin/mod-mono-server #include <tunables/global> /usr/bin/mod-mono-server { #include <abstractions/base> #include <abstractions/bash> /bin/bash ixr, /dev/tty rw, /etc/mono/1.0/machine.config r, /etc/mono/config r, /proc/*/maps r, /proc/meminfo r, /proc/stat r, /tmp/.wapi/shared_data-linux-kent-Linux-x86_64-328-11-0 rw, /tmp/.wapi/shared_fileshare-linux-kent-Linux-x86_64-40-11-0 rw, /tmp/mod_mono_server_global w, /tmp/mod_mono_server_global_1651471482 w, /usr/bin/mod-mono-server mr, /usr/bin/mono ixr, /usr/lib/** mr, /var/run/nscd/passwd r, /var/run/nscd/socket w, } about 1 year ago egroupware 78 kent Edit History
opensuse10.3 /usr/bin/gnome-keyring-daemon #include <tunables/global> /usr/bin/gnome-keyring-daemon { #include <abstractions/base> #include <abstractions/nameservice> capability sys_ptrace, /home/*/.gnome2/keyrings/ r, /home/*/.gnome2/keyrings/.keyring* rw, /home/*/.gnome2/keyrings/default.keyring rw, /tmp/keyring-*/ w, /tmp/keyring-*/socket w, /usr/bin/gnome-keyring-daemon mr, /usr/lib/gnome-keyring-1/gnome-keyring-ask Px, } about 1 year ago Import of jmichaels profiles 83 dominic Edit History
opensuse10.3 /usr/lib64/thunderbird/thunderbird.sh #include <tunables/global> /usr/lib64/thunderbird/thunderbird.sh flags=(complain) { #include <abstractions/base> #include <abstractions/bash> /bin/bash ix, /usr/lib64/thunderbird/thunderbird.sh mr, } about 1 year ago changelogthunder 60 Serpico Edit History
opensuse10.3 /usr/lib/gnome-main-menu/main-menu #include <tunables/global> /usr/lib/gnome-main-menu/main-menu { #include <abstractions/base> #include <abstractions/dbus> #include <abstractions/fonts> #include <abstractions/gnome> #include <abstractions/kde> #include <abstractions/nameservice> /etc/gnome-vfs-2.0/modules/ r, /etc/mtab r, /etc/opt/kde3/share/applications/ r, /etc/opt/kde3/share/applications/mimeinfo.cache r, /etc/sound/events/gtk-events-2.soundlist r, /home/*/ r, /home/*/.ICEauthority r, /home/*/.Xauthority r, /home/*/.config/ w, /home/*/.config/gnome-main-menu/ w, /home/*/.config/gnome-main-menu/showable_files_migrated w, /home/*/.esd_auth r, /home/*/.fontconfig/* r, /home/*/.gnome2_private/ w, /home/*/.icons/ r, /home/*/.local/share/applications/ r, /home/*/.local/share/applications/*.desktop r, /home/*/.local/share/applications/defaults.list r, /home/*/.local/share/applications/mimeinfo.cache r, /home/*/.local/share/icons/ r, /home/*/.local/share/mime/aliases r, /home/*/.local/share/mime/globs r, /home/*/.local/share/mime/magic r, /home/*/.local/share/mime/subclasses r, /home/*/.recently-used.xbel r, /home/*/.recently-used.xbel.* rw, /home/*/.thumbnails/ w, /home/*/.thumbnails/** rw, /home/*/Desktop/** r, /home/*/Documents/* rw, /opt/kde3/share/applications/ r, /opt/kde3/share/applications/mimeinfo.cache r, /proc/*/mounts r, /proc/meminfo r, /proc/net/dev r, /proc/partitions r, /proc/stat r, /sys/block/**/stat r, /sys/devices/**/net/*/statistics/* r, /tmp/orbit-*/bonobo-activation-register.lock klrw, /usr/bin/beagle-search Px, /usr/bin/bug-buddy ixr, /usr/bin/evince-thumbnailer Px, /usr/bin/gnome-screensaver-command Px, /usr/bin/gsf-office-thumbnailer Px, /usr/bin/package-manager Px, /usr/bin/totem-video-thumbnailer Px, /usr/lib/gnome-main-menu/main-menu mr, /usr/share/applications/ r, /usr/share/applications/**.desktop r, /usr/share/applications/mimeinfo.cache r, /usr/share/f-spot/icons/**.png r, /usr/share/gdm/applications/ r, /usr/share/gnome-2.0/ui/*.xml r, /usr/share/gnome-main-menu/ r, /usr/share/gnome-main-menu/*.glade r, /usr/share/gnome-main-menu/*.xbel r, /usr/share/gnome-main-menu/empty.ods r, /usr/share/mime/**.xml r, /var/cache/gnome-vfs/defaults.list r, /var/cache/libx11/compose/* r, } about 1 year ago Import of jmichaels profiles 93 dominic Edit History
opensuse10.3 /bin/hostname #include <tunables/global> /bin/hostname flags=(complain) { #include <abstractions/base> /bin/hostname mr, } about 1 year ago k 83 erich Edit History
opensuse10.3 /etc/webmin/start #include <tunables/global> /etc/webmin/start flags=(complain) { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/nameservice> #include <abstractions/perl> capability chown, capability dac_override, capability kill, capability net_admin, capability net_raw, capability setgid, capability setuid, network inet raw, /bin/bash ixr, /bin/cat ixr, /bin/chown ixr, /bin/cp ixr, /bin/df ixr, /bin/hostname ixr, /bin/ps ixr, /bin/pwd ixr, /bin/uname ixr, /dev/mapper/pdc_cffi_part5 r, /dev/mapper/pdc_cffi_part7 r, /dev/mapper/pdc_cffi_part8 r, /dev/tty rw, /etc/SuSE-release r, /etc/at.deny r, /etc/auto.master r, /etc/cron.d/ r, /etc/cron.deny r, /etc/crontab r, /etc/fstab r, /etc/init.d/ r, /etc/init.d/boot.d/ r, /etc/init.d/rc0.d/ r, /etc/init.d/rc1.d/ r, /etc/init.d/rc2.d/ r, /etc/init.d/rc3.d/ r, /etc/init.d/rc4.d/ r, /etc/init.d/rc5.d/ r, /etc/init.d/rc6.d/ r, /etc/init.d/rcS.d/ r, /etc/inittab r, /etc/issue r, /etc/rpc r, /etc/shadow r, /etc/sysconfig/network/ r, /etc/sysconfig/network/ifcfg-eth0 r, /etc/sysconfig/network/ifcfg-eth1 r, /etc/sysconfig/network/ifcfg-lo r, /etc/syslog-ng/syslog-ng.conf rw, /etc/syslog-ng/syslog-ng.conf.lock kw, /etc/syslog-ng/syslog-ng.conf.webmintmp.5849 rw, /etc/syslog-ng/syslog-ng.conf.webmintmp.5883 rw, /etc/syslog-ng/syslog-ng.conf.webmintmp.5915 rw, /etc/webmin/** krw, /etc/webmin/bandwidth/rotate.pl ixr, /etc/webmin/start mr, /etc/xinetd.conf r, /etc/xinetd.d/ r, /etc/xinetd.d/* r, /proc/ r, /proc/*/cmdline r, /proc/*/stat r, /proc/cpuinfo r, /proc/loadavg r, /proc/meminfo r, /proc/net/ip_tables_names r, /proc/swaps r, /proc/uptime r, /sbin/e2label ixr, /sbin/ifconfig Uxr, /sbin/syslog-ng Pxr, /tmp/* rw, /tmp/.webmin/* rw, /usr/bin/crontab ixr, /usr/bin/cvs ixr, /usr/bin/perl ix, /usr/bin/uptime ixr, /usr/libexec/webmin/ r, /usr/libexec/webmin/** r, /usr/libexec/webmin/bandwidth/rotate.pl ixr, /usr/libexec/webmin/cron/cron_editor.pl ixr, /usr/libexec/webmin/miniserv.pl ixr, /usr/sbin/iptables px, /usr/sbin/iptables-save ixr, /usr/sbin/logrotate ixr, /var/log/bandwidth rw, /var/run/nscd/services r, /var/run/syslog-ng.pid r, /var/run/utmp krw, /var/spool/atjobs/ r, /var/spool/cron/tabs/ rw, /var/spool/cron/tabs/root rw, /var/spool/cron/tabs/root.lock kw, /var/spool/cron/tabs/tmp.XXXX9PTJEu rw, /var/spool/cron/tabs/tmp.XXXXKt2zRJ rw, /var/spool/cron/tabs/tmp.XXXXi0auhf rw, /var/webmin/* rw, } about 1 year ago andrew 158 gankov Edit History
opensuse10.3 /etc/gdm/PostSession/Default #include <tunables/global> /etc/gdm/PostSession/Default { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> capability setgid, capability setuid, /bin/bash ixr, /etc/gdm/PostSession/Default mr, /proc/meminfo r, } about 1 year ago none 88 cinimod Edit History
opensuse10.3 /usr/sbin/httpd2-prefork # $Id: usr.sbin.httpd2-prefork 706 2007-05-31 06:58:22Z steve-beattie $ # ------------------------------------------------------------------ # # Copyright (C) 2002-2005 Novell/SUSE # # This program is free software; you can redistribute it and/or # modify it under the terms of version 2 of the GNU General Public # License published by the Free Software Foundation. # # ------------------------------------------------------------------ #include <tunables/global> /usr/sbin/httpd2-prefork flags=(complain) { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/kerberosclient> #include <abstractions/nameservice> #include <abstractions/perl> capability dac_override, capability ipc_owner, capability kill, capability net_bind_service, capability setgid, capability setuid, capability sys_admin, capability sys_tty_config, /bin/bash ixr, /dev/random r, /etc/apache2/*.conf r, /etc/apache2/magic r, /etc/apache2/mod_perl-startup.pl r, /etc/apache2/ssl.crt/*.crt r, /etc/apache2/ssl.key/*.key r, /etc/apache2/{conf,sysconfig,vhosts}.d/ r, /etc/apache2/{conf,sysconfig,vhosts}.d/* r, /etc/fstab r, /etc/gai.conf r, /etc/mime.types r, /etc/mono/1.0/machine.config r, /etc/mono/config r, /etc/mtab r, /etc/odbcinst.ini r, /etc/php.d/ r, /etc/php.d/** r, /etc/php.ini r, /etc/php5/apache2/php.ini r, /etc/php5/conf.d/ r, /etc/php5/conf.d/* r, /proc/*/attr/current w, /proc/*/maps r, /proc/meminfo r, /proc/stat r, /proc/uptime r, /srv/www/htdocs r, /srv/www/htdocs/** r, /srv/www/icons/*.{gif,jpg,png} r, /srv/www/vhosts r, /srv/www/vhosts/** r, /tmp/* rw, /tmp/.wapi/ w, /tmp/.wapi/* rw, /tmp/auth_ldap_cache.sem wl, /tmp/session_mm_apache0.sem wl, /tmp/session_mm_apache2handler0.sem wl, /usr/X11R6/lib/lib*.so* mr, /usr/X11R6/lib64/lib*.so* mr, /usr/apache2/error/* r, /usr/bin/mod-mono-server ixr, /usr/bin/mono ixr, /usr/lib/** mr, /usr/lib/apache2-leader/{lib,mod_}*.so* mr, /usr/lib/apache2-metuxmpm/{lib,mod_}*.so* mr, /usr/lib/apache2-prefork/{lib,mod_}*.so* mr, /usr/lib/apache2-worker/{lib,mod_}*.so* mr, /usr/lib/apache2/modules/{lib,mod_}*.so* mr, /usr/lib/apache2/{lib,mod_}*.so mr, /usr/lib/python[12].[0-9]/**.{py,pyc,pth,so} mr, /usr/lib64/** mr, /usr/lib64/apache2-leader/{lib,mod_}*.so* mr, /usr/lib64/apache2-metuxmpm/{lib,mod_}*.so* mr, /usr/lib64/apache2-prefork/{lib,mod_}*.so* mr, /usr/lib64/apache2-worker/{lib,mod_}*.so* mr, /usr/lib64/apache2/modules/{lib,mod_}*.so* mr, /usr/lib64/apache2/{lib,mod_}*.so* mr, /usr/lib64/python[12].[0-9]/**.{py,pyc,pth,so} mr, /usr/local/tomcat/conf/mod_jk.conf r, /usr/local/tomcat/conf/workers-ajp12.properties r, /usr/sbin/httpd2-prefork r, /usr/sbin/suexec2 mixr, /usr/share/apache2/** r, /usr/share/apache2/error/* r, /usr/share/apache2/error/include/* r, /usr/share/misc/magic.mime r, /usr/share/snmp/mibs r, /usr/share/snmp/mibs/*.{txt,mib} r, /usr/share/snmp/mibs/.index wr, /usr/share/ssl/openssl.cnf r, /var/lib/php/sess_* rwl, /var/lib/php5/* kw, /var/lock/httpd2.lock.* wl, /var/log/apache2/* rwl, /var/log/apache2/** rwl, /var/log/httpd/ssl_scache.dir r, /var/log/httpd/ssl_scache.pag r, /var/run/httpd2.mm.* wl, /var/run/httpd2.pid wl, /var/run/nscd/services r, /var/www/error/* r, /var/www/html/** r, /var/www/icons/*.{gif,jpg,png} r, @{HOME}/public_html r, @{HOME}/public_html/** r, } /usr/sbin/httpd2-prefork/// flags=(complain) { #include <abstractions/nameservice> /dev/urandom r, /proc/*/attr/current w, /proc/meminfo r, /srv/www/htdocs/* r, /srv/www/roundcubemail/** r, /usr/share/locale/** r, /usr/share/mysql/charsets/* r, /usr/share/zoneinfo/ r, /usr/share/zoneinfo/** r, /var/lib/mysql/mysql.sock w, /var/log/apache2/* w, } /usr/sbin/httpd2-prefork///error/HTTP_FORBIDDEN.html.var flags=(complain) { #include <abstractions/nameservice> /proc/*/attr/current w, /usr/share/apache2/error/** r, /var/log/apache2/* w, } /usr/sbin/httpd2-prefork///error/HTTP_NOT_FOUND.html.var flags=(complain) { #include <abstractions/nameservice> /proc/*/attr/current w, /usr/share/apache2/** r, /var/log/apache2/* w, } /usr/sbin/httpd2-prefork///favicon.ico flags=(complain) { #include <abstractions/nameservice> /proc/*/attr/current w, /srv/www/htdocs/* r, /var/log/apache2/* w, } /usr/sbin/httpd2-prefork///phpMyAdmin flags=(complain) { #include <abstractions/nameservice> /proc/*/attr/* w, /var/log/apache2/* w, } /usr/sbin/httpd2-prefork///phpMyAdmin/ flags=(complain) { #include <abstractions/nameservice> /dev/urandom r, /proc/*/attr/current w, /srv/www/htdocs/** r, /var/lib/php5/* krw, /var/log/apache2/access_log w, /var/log/apache2/error_log w, } /usr/sbin/httpd2-prefork///phpMyAdmin/favicon.ico flags=(complain) { /proc/*/attr/current w, /var/log/apache2/error_log w, } /usr/sbin/httpd2-prefork///phpMyAdmin/phpmyadmin.css.php flags=(complain) { #include <abstractions/nameservice> /dev/urandom r, /proc/*/attr/current w, /srv/www/htdocs/** r, /var/lib/php5/* krw, /var/log/apache2/* w, } /usr/sbin/httpd2-prefork///phpMyAdmin/print.css flags=(complain) { /proc/*/attr/current w, /var/log/apache2/* w, } /usr/sbin/httpd2-prefork///phpMyAdmin/themes/original/img/b_help.png flags=(complain) { #include <abstractions/nameservice> /proc/*/attr/current w, /srv/www/htdocs/** r, /var/log/apache2/access_log w, } /usr/sbin/httpd2-prefork///phpMyAdmin/themes/original/img/b_info.png flags=(complain) { #include <abstractions/nameservice> /proc/*/attr/current w, /srv/www/htdocs/** r, /var/log/apache2/* w, } /usr/sbin/httpd2-prefork///phpMyAdmin/themes/original/img/logo_right.png flags=(complain) { #include <abstractions/nameservice> /proc/*/attr/current w, /srv/www/htdocs/** r, /var/log/apache2/* w, } /usr/sbin/httpd2-prefork///phpMyAdmin/themes/original/img/s_notice.png flags=(complain) { #include <abstractions/nameservice> /proc/*/attr/* w, /srv/www/htdocs/** r, /var/log/apache2/* w, } /usr/sbin/httpd2-prefork///phpmyadmin flags=(complain) { /proc/*/attr/current w, /var/log/apache2/error_log w, } /usr/sbin/httpd2-prefork///program/js/app.js flags=(complain) { #include <abstractions/nameservice> /proc/*/attr/current w, /srv/www/roundcubemail/** r, /var/log/apache2/* w, } /usr/sbin/httpd2-prefork///program/js/common.js flags=(complain) { #include <abstractions/nameservice> /proc/*/attr/current w, /srv/www/roundcubemail/** r, /var/log/apache2/* w, } /usr/sbin/httpd2-prefork///roundcube/ flags=(complain) { #include <abstractions/nameservice> /dev/urandom r, /proc/*/attr/current w, /proc/meminfo r, /srv/www/roundcubemail/** r, /usr/share/locale/** r, /usr/share/mysql/charsets/* r, /usr/share/zoneinfo/ r, /usr/share/zoneinfo/** r, /var/lib/mysql/mysql.sock w, /var/log/apache2/* w, } /usr/sbin/httpd2-prefork///roundcube/program/js/app.js flags=(complain) { #include <abstractions/nameservice> /proc/*/attr/current w, /srv/www/roundcubemail/** r, /var/log/apache2/* w, } /usr/sbin/httpd2-prefork///roundcube/program/js/common.js flags=(complain) { #include <abstractions/nameservice> /proc/*/attr/current w, /srv/www/roundcubemail/** r, /var/log/apache2/* w, } /usr/sbin/httpd2-prefork///roundcube/skins/default/common.css flags=(complain) { #include <abstractions/nameservice> /proc/*/attr/current w, /srv/www/roundcubemail/** r, /var/log/apache2/* w, } /usr/sbin/httpd2-prefork///roundcube/skins/default/images/buttons/bg.gif flags=(complain) { #include <abstractions/nameservice> /proc/*/attr/current w, /srv/www/roundcubemail/** r, /var/log/apache2/* w, } /usr/sbin/httpd2-prefork///roundcube/skins/default/images/listheader_aqua.gif flags=(complain) { #include <abstractions/nameservice> /proc/*/attr/current w, /srv/www/roundcubemail/** r, /var/log/apache2/* w, } /usr/sbin/httpd2-prefork///roundcube/skins/default/images/roundcube_logo.png flags=(complain) { #include <abstractions/nameservice> /proc/*/attr/current w, /srv/www/roundcubemail/** r, /var/log/apache2/* w, } /usr/sbin/httpd2-prefork///skins/default/common.css flags=(complain) { #include <abstractions/nameservice> /proc/*/attr/current w, /srv/www/roundcubemail/** r, /var/log/apache2/* w, } /usr/sbin/httpd2-prefork///skins/default/images/buttons/bg.gif flags=(complain) { #include <abstractions/nameservice> /proc/*/attr/current w, /srv/www/roundcubemail/** r, /var/log/apache2/* w, } /usr/sbin/httpd2-prefork///skins/default/images/favicon.ico flags=(complain) { #include <abstractions/nameservice> /proc/*/attr/current w, /srv/www/roundcubemail/** r, /var/log/apache2/* w, } /usr/sbin/httpd2-prefork///skins/default/images/listheader_aqua.gif flags=(complain) { #include <abstractions/nameservice> /proc/*/attr/current w, /srv/www/roundcubemail/** r, /var/log/apache2/access_log w, } /usr/sbin/httpd2-prefork///skins/default/images/roundcube_logo.png flags=(complain) { #include <abstractions/nameservice> /proc/*/attr/current w, /srv/www/roundcubemail/** r, /var/log/apache2/* w, } /usr/sbin/httpd2-prefork///sqla flags=(complain) { /proc/*/attr/current w, /var/log/apache2/* w, } /usr/sbin/httpd2-prefork//DEFAULT_URI flags=(complain) { #include <abstractions/base> #include <abstractions/nameservice> /srv/www/htdocs r, /srv/www/htdocs/** r, /srv/www/icons/*.{gif,jpg,png} r, /srv/www/vhosts r, /srv/www/vhosts/** r, /usr/sbin/suexec2 mixr, /usr/share/apache2/** r, /var/lib/php/sess_* rwl, /var/log/apache2/** rwl, /var/www/error/* r, /var/www/html/** r, /var/www/icons/*.{gif,jpg,png} r, @{HOME}/public_html r, @{HOME}/public_html/** r, } /usr/sbin/httpd2-prefork//HANDLING_UNTRUSTED_INPUT flags=(complain) { #include <abstractions/nameservice> /**.htaccess r, /proc/*/attr/current w, /var/log/apache2/* w, } /usr/sbin/httpd2-prefork//myadmin flags=(complain) { #include <abstractions/nameservice> /dev/urandom r, /proc/*/attr/current w, /srv/www/htdocs/** r, /usr/share/apache2/error/** r, /var/lib/php5/* krw, /var/log/apache2/* w, } about 1 year ago work in progress 88 diavlon Edit History
opensuse10.3 /etc/gdm/PostSession/Default #include <tunables/global> /etc/gdm/PostSession/Default { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> capability setgid, capability setuid, /bin/bash ixr, /etc/gdm/PostSession/Default mr, /proc/meminfo r, } about 1 year ago Import of jmichaels profiles 110 dominic Edit History
opensuse10.3 /sbin/checkproc #include <tunables/global> /sbin/checkproc flags=(complain) { #include <abstractions/base> capability dac_override, capability sys_ptrace, /dev/blog w, /home/*/.gnupg/agent.pid r, /proc/ r, /proc/*/stat r, /proc/*/statm r, /sbin/checkproc mr, /usr/bin/gpg-agent r, /usr/sbin/NetworkManager r, /usr/sbin/NetworkManagerDispatcher r, /usr/sbin/automount r, /usr/sbin/dhcdbd r, /usr/sbin/ntpd r, /var/run/NetworkManager.pid r, /var/run/NetworkManagerDispatcher.pid r, /var/run/dhcdbd.pid r, } over 2 years ago few more profile changes 104 jmichael Edit History
opensuse10.3 /usr/bin/cedega #include <tunables/global> /usr/bin/cedega { #include <abstractions/base> #include <abstractions/bash> /bin/bash ix, /usr/bin/cedega mr, } about 1 year ago cedega 80 darkufo Edit History
opensuse10.3 /FYP/FileReadWrite1 #include <tunables/global> /FYP/FileReadWrite1 flags=(complain) { #include <abstractions/base> /FYP/FileReadWrite1 mr, /FYP/prices.dat rw, } about 1 year ago 11111 74 FYPJ Edit History
opensuse10.3 /bin/uname #include <tunables/global> /bin/uname flags=(complain) { #include <abstractions/base> /bin/uname mr, /proc/cpuinfo r, } about 1 year ago 106 overwrite Edit History
opensuse10.3 /usr/bin/devede #include <tunables/global> /usr/bin/devede flags=(complain) { #include <abstractions/base> /usr/bin/devede mr, /usr/bin/env ix, } about 1 year ago 80 mikael Edit History
opensuse10.3 /usr/sbin/cupsd #include <tunables/global> /usr/sbin/cupsd flags=(complain) { #include <abstractions/authentication> #include <abstractions/base> #include <abstractions/nameservice> capability chown, capability dac_override, capability fsetid, capability net_bind_service, network inet dgram, network inet stream, network inet6 dgram, network inet6 stream, /etc/cups/ r, /etc/cups/* r, /etc/printcap w, /proc/net/ r, /proc/net/unix r, /usr/lib/cups/notifier/ r, /usr/sbin/cupsd mr, /usr/share/cups/** r, /var/cache/cups/job.cache rw, /var/cache/cups/remote.cache rw, /var/log/cups/access_log rw, /var/log/cups/error_log rw, /var/run/cups/certs/* w, /var/run/cups/cups.sock w, /var/run/nscd/services r, /var/spool/cups/tmp/ r, } over 2 years ago 123 sebastian Edit History
opensuse10.3 /usr/lib/control-center-2.0/gnome-settings-daemon #include <tunables/global> /usr/lib/control-center-2.0/gnome-settings-daemon { #include <abstractions/audio> #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/gnome> #include <abstractions/kde> #include <abstractions/nameservice> /bin/bash ixr, /etc/gnome-vfs-2.0/modules/ r, /etc/opt/kde3/share/applications/ r, /etc/opt/kde3/share/applications/mimeinfo.cache r, /etc/sound/events/ r, /etc/sound/events/gnome-2.soundlist r, /etc/sound/events/gtk-events-2.soundlist r, /etc/sysconfig/ r, /home/*/ r, /home/*/.Xauthority r, /home/*/.Xdefaults r, /home/*/.esd_auth r, /home/*/.gnome2/share/ rw, /home/*/.gnome2/share/cursor-fonts/ rw, /home/*/.gnome2/share/cursor-fonts/* rw, /home/*/.gnome2/share/fonts/ rw, /home/*/.gnome2/share/fonts/fonts.dir rw, /home/*/.gnome2_private/ w, /home/*/.gstreamer-0.10/ w, /home/*/.gstreamer-0.10/registry.i686.xml rw, /home/*/.gstreamer-0.10/registry.i686.xml.tmp* rw, /home/*/.gtkrc-1.2-gnome2 rw, /home/*/.gtkrc-1.2-gnome2.new rw, /home/*/.icons/ r, /home/*/.local/share/applications/ r, /home/*/.local/share/applications/defaults.list r, /home/*/.local/share/applications/mimeinfo.cache r, /home/*/.local/share/icons/ r, /home/*/.local/share/mime/aliases r, /home/*/.local/share/mime/globs r, /home/*/.local/share/mime/magic r, /home/*/.local/share/mime/subclasses r, /home/jesse/.gnome2/share/fonts/** rw, /opt/kde3/share/applications/ r, /opt/kde3/share/applications/mimeinfo.cache r, /proc/meminfo r, /usr/bin/gnome-screensaver Px, /usr/bin/mkfontdir ixr, /usr/bin/mkfontscale ixr, /usr/bin/xrdb Px, /usr/bin/xscreensaver Px, /usr/lib/control-center-2.0/gnome-settings-daemon mr, /usr/lib/control-center-2.0/novell-sysconfig-proxy-helper Px, /usr/lib/nautilus-cd-burner/mapping-daemon Pxmr, /usr/share/applications/ r, /usr/share/applications/mimeinfo.cache r, /usr/share/gdm/applications/ r, /usr/share/gnome-control-center/** r, /var/cache/gnome-vfs/defaults.list r, } about 1 year ago Import of jmichaels profiles 120 dominic Edit History
opensuse10.3 /usr/bin/beagle-search #include <tunables/global> /usr/bin/beagle-search { #include <abstractions/base> #include <abstractions/bash> /bin/bash ix, /usr/bin/beagle-search mr, } about 1 year ago none 69 cinimod Edit History
opensuse10.3 /bin/hostname #include <tunables/global> /bin/hostname flags=(complain) { #include <abstractions/base> #include <abstractions/nameservice> capability sys_admin, /bin/hostname mr, } over 2 years ago argh, switch things back to complain for a while 105 jmichael Edit History
opensuse10.3 /usr/lib/control-center-2.0/gnome-settings-daemon #include <tunables/global> /usr/lib/control-center-2.0/gnome-settings-daemon { #include <abstractions/audio> #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/gnome> #include <abstractions/kde> #include <abstractions/nameservice> /bin/bash ixr, /etc/gnome-vfs-2.0/modules/ r, /etc/opt/kde3/share/applications/ r, /etc/opt/kde3/share/applications/mimeinfo.cache r, /etc/sound/events/ r, /etc/sound/events/gnome-2.soundlist r, /etc/sound/events/gtk-events-2.soundlist r, /etc/sysconfig/ r, /home/*/ r, /home/*/.Xauthority r, /home/*/.Xdefaults r, /home/*/.esd_auth r, /home/*/.gnome2/share/ rw, /home/*/.gnome2/share/cursor-fonts/ rw, /home/*/.gnome2/share/cursor-fonts/* rw, /home/*/.gnome2/share/fonts/ rw, /home/*/.gnome2/share/fonts/fonts.dir rw, /home/*/.gnome2_private/ w, /home/*/.gstreamer-0.10/ w, /home/*/.gstreamer-0.10/registry.i686.xml rw, /home/*/.gstreamer-0.10/registry.i686.xml.tmp* rw, /home/*/.gtkrc-1.2-gnome2 rw, /home/*/.gtkrc-1.2-gnome2.new rw, /home/*/.icons/ r, /home/*/.local/share/applications/ r, /home/*/.local/share/applications/defaults.list r, /home/*/.local/share/applications/mimeinfo.cache r, /home/*/.local/share/icons/ r, /home/*/.local/share/mime/aliases r, /home/*/.local/share/mime/globs r, /home/*/.local/share/mime/magic r, /home/*/.local/share/mime/subclasses r, /home/jesse/.gnome2/share/fonts/** rw, /opt/kde3/share/applications/ r, /opt/kde3/share/applications/mimeinfo.cache r, /proc/meminfo r, /usr/bin/gnome-screensaver Px, /usr/bin/mkfontdir ixr, /usr/bin/mkfontscale ixr, /usr/bin/xrdb Px, /usr/bin/xscreensaver Px, /usr/lib/control-center-2.0/gnome-settings-daemon mr, /usr/lib/control-center-2.0/novell-sysconfig-proxy-helper Px, /usr/lib/nautilus-cd-burner/mapping-daemon Pxmr, /usr/share/applications/ r, /usr/share/applications/mimeinfo.cache r, /usr/share/gdm/applications/ r, /usr/share/gnome-control-center/** r, /var/cache/gnome-vfs/defaults.list r, } about 1 year ago none 97 cinimod Edit History
opensuse10.3 /usr/bin/hal-find-by-property #include <tunables/global> /usr/bin/hal-find-by-property flags=(complain) { #include <abstractions/base> #include <abstractions/dbus> /usr/bin/hal-find-by-property mr, } over 2 years ago argh, switch things back to complain for a while 116 jmichael Edit History
opensuse10.3 /sbin/checkproc #include <tunables/global> /sbin/checkproc { #include <abstractions/base> capability dac_override, capability sys_ptrace, /dev/blog w, /home/*/.gnupg/agent.pid r, /opt/kde3/bin/kdm r, /proc/ r, /proc/*/stat r, /proc/*/statm r, /sbin/checkproc mr, /sbin/udevd r, /usr/bin/gpg-agent r, /usr/sbin/* r, /var/run/*.pid r, /var/spool/**.pid r, } about 1 year ago changes-3 86 security Edit History
opensuse10.3 /usr/bin/beagle-search #include <tunables/global> /usr/bin/beagle-search { #include <abstractions/base> #include <abstractions/bash> /bin/bash ix, /usr/bin/beagle-search mr, } about 1 year ago Import of jmichaels profiles 77 dominic Edit History
opensuse10.3 /usr/lib/cups/backend/serial #include <tunables/global> /usr/lib/cups/backend/serial flags=(complain) { #include <abstractions/base> capability sys_admin, /dev/ttyS* w, /usr/lib/cups/backend/serial mr, } over 2 years ago cups testing 132 dominic Edit History
opensuse10.3 /usr/sbin/wpa_supplicant #include <tunables/global> /usr/sbin/wpa_supplicant { #include <abstractions/base> capability net_admin, capability net_raw, capability sys_module, network inet dgram, network packet dgram, /proc/net/ r, /proc/net/unix r, /usr/sbin/wpa_supplicant mr, /var/run/NetworkManager/wpa_ctrl_* w, /var/run/wpa_supplicant-global w, /var/run/wpa_supplicant/ w, /var/run/wpa_supplicant/* w, } about 1 year ago none 68 cinimod Edit History
opensuse10.3 /etc/gdm/PostLogin/Default #include <tunables/global> /etc/gdm/PostLogin/Default flags=(complain) { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> /bin/bash ixr, /etc/gdm/PostLogin/Default mr, /proc/meminfo r, } over 2 years ago argh, switch things back to complain for a while 128 jmichael Edit History
opensuse10.3 /usr/bin/gtk-gnash #include <tunables/global> /usr/bin/gtk-gnash flags=(complain) { #include <abstractions/base> #include <abstractions/gnome> #include <abstractions/kde> #include <abstractions/nameservice> /cur/tmp/** w, /etc/* r, /home/*/** r, /home/*/.config/* rw, /proc/** r, /usr/bin/gtk-gnash mr, /usr/share/gnash/* r, } about 1 year ago 55 shivver-fox Edit History
opensuse10.3 /usr/bin/printenv #include <tunables/global> /usr/bin/printenv { #include <abstractions/base> /usr/bin/printenv mr, } about 1 year ago none 67 cinimod Edit History
opensuse10.3 /usr/bin/gnome #include <tunables/global> /usr/bin/gnome { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> /bin/bash ixr, /bin/cp ixr, /bin/mkdir ixr, /bin/touch ixr, /home/*/.skel/ w, /home/*/.skel/* w, /home/*/Desktop/ w, /home/*/Desktop/GnomeOnlineHelp.desktop w, /home/*/Desktop/SuSE.desktop w, /proc/meminfo r, /proc/sys/kernel/ngroups_max r, /usr/bin/gconftool-2 Px, /usr/bin/gnome mr, /usr/bin/gnome-session Px, /usr/share/dist/desktop-files/*.desktop r, } about 1 year ago none 72 cinimod Edit History
opensuse10.3 /sbin/portmap #include <tunables/global> /sbin/portmap flags=(complain) { #include <abstractions/base> #include <abstractions/nameservice> #include <abstractions/nis> capability net_bind_service, capability setgid, capability setuid, /sbin/portmap mr, /var/run/portmap_mapping rw, } over 2 years ago argh, switch things back to complain for a while 100 jmichael Edit History
opensuse10.3 /usr/sbin/clamd #include <tunables/global> /usr/sbin/clamd flags=(complain) { #include <abstractions/base> #include <abstractions/nameservice> capability setgid, capability setuid, /etc/clamd.conf r, /usr/sbin/clamd mr, /var/lib/clamav/ r, /var/lib/clamav/** krw, } about 1 year ago clamd 113 kaizer Edit History
opensuse10.3 /usr/bin/compiz #include <tunables/global> /usr/bin/compiz flags=(complain) { #include <abstractions/X> #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/freedesktop.org> #include <abstractions/nameservice> #include <abstractions/user-tmp> /bin/bash ixr, /home/*/ r, /home/*/.ICEauthority r, /home/*/.Xauthority r, /proc/meminfo r, /proc/sys/kernel/ngroups_max r, /usr/bin/compiz ixmr, /usr/bin/gtk-window-decorator Px, /usr/share/compiz/*.png r, /usr/share/compiz/*.xml r, } over 2 years ago minor changes for 10.3 rc2 initial gnome launch 102 jmichael Edit History
opensuse10.3 /usr/lib/gnome-vfs-2.0/gnome-vfs-daemon #include <tunables/global> /usr/lib/gnome-vfs-2.0/gnome-vfs-daemon { #include <abstractions/base> #include <abstractions/dbus> #include <abstractions/gnome> #include <abstractions/nameservice> /etc/ r, /etc/fstab r, /etc/gnome-vfs-2.0/modules/ r, /etc/mtab r, /proc/*/mounts r, /usr/lib/gnome-vfs-2.0/gnome-vfs-daemon mr, } about 1 year ago Import of jmichaels profiles 94 dominic Edit History
opensuse10.3 /usr/sbin/wpa_supplicant #include <tunables/global> /usr/sbin/wpa_supplicant { #include <abstractions/base> capability net_admin, capability net_raw, capability sys_module, network inet dgram, network packet dgram, /proc/net/ r, /proc/net/unix r, /usr/sbin/wpa_supplicant mr, /var/run/NetworkManager/wpa_ctrl_* w, /var/run/wpa_supplicant-global w, /var/run/wpa_supplicant/ w, /var/run/wpa_supplicant/* w, } about 1 year ago Import of jmichaels profiles 91 dominic Edit History
opensuse10.3 /usr/lib/gnome-screensaver/gnome-screensaver-gl-helper #include <tunables/global> /usr/lib/gnome-screensaver/gnome-screensaver-gl-helper { #include <abstractions/X> #include <abstractions/base> #include <abstractions/nameservice> /home/*/.Xauthority r, /usr/lib/gnome-screensaver/gnome-screensaver-gl-helper mr, } about 1 year ago Import of jmichaels profiles 87 dominic Edit History
opensuse10.3 /usr/bin/pidgin #include <tunables/global> /usr/bin/pidgin flags=(complain) { #include <abstractions/base> #include <abstractions/dbus> #include <abstractions/fonts> #include <abstractions/gnome> #include <abstractions/kde> #include <abstractions/nameservice> /bin/netstat Px, /etc/gai.conf r, /home/*/.ICEauthority r, /home/*/.Xauthority r, /home/*/.fontconfig/* r, /home/*/.gstreamer-0.10/registry.i686.xml rw, /home/*/.gstreamer-0.10/registry.i686.xml.tmp* rw, /home/*/.icons/ r, /home/*/.local/share/icons/ r, /home/*/.purple/ r, /home/*/.purple/** rw, /home/*/.purple/cap.db krw, /proc/meminfo r, /usr/bin/gconftool-2 Px, /usr/bin/gnome-open Px, /usr/bin/pidgin mr, /usr/lib/pidgin/*.so mr, /usr/lib/purple-2/*.so mr, /usr/share/tcl/tcl*/encoding/*.enc r, /var/cache/libx11/compose/* r, } over 2 years ago argh, switch things back to complain for a while 108 jmichael Edit History
opensuse10.3 /usr/bin/tomboy-panel #include <tunables/global> /usr/bin/tomboy-panel flags=(complain) { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/dbus> #include <abstractions/gnome> #include <abstractions/kde> #include <abstractions/nameservice> /bin/bash ixr, /etc/gnome-vfs-2.0/modules/ r, /etc/mono/2.0/machine.config r, /etc/mono/config r, /etc/sound/events/gtk-events-2.soundlist r, /home/*/.ICEauthority r, /home/*/.Xauthority r, /home/*/.esd_auth r, /home/*/.fontconfig/* r, /home/*/.gnome2_private/ w, /home/*/.icons/ r, /home/*/.local/share/icons/ r, /home/*/.tomboy.log w, /home/*/.tomboy/ rw, /home/*/.tomboy/** rw, /home/*/.wapi/shared_data-* mrw, /home/*/.wapi/shared_fileshare-* mrw, /proc/*/maps r, /proc/meminfo r, /proc/stat r, /proc/sys/kernel/ngroups_max r, /proc/uptime r, /tmp/orbit-*/bonobo-activation-register.lock klrw, /usr/bin/bug-buddy ixr, /usr/bin/mono ixr, /usr/bin/tomboy-panel mr, /usr/lib/aspell-0.60/*.rws mr, /usr/lib/mono/2.0/mscorlib.dll mr, /usr/lib/mono/gac/**.dll mr, /usr/lib/tomboy/*.dll mr, /usr/lib/tomboy/Tomboy.exe mr, /usr/lib/tomboy/addins/*.dll mr, /usr/share/fonts/** mr, /var/cache/libx11/compose/* mr, } over 2 years ago minor changes for 10.3 rc2 initial gnome launch 95 jmichael Edit History
opensuse10.3 /usr/bin/gnome #include <tunables/global> /usr/bin/gnome { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> /bin/bash ixr, /bin/cp ixr, /bin/mkdir ixr, /bin/touch ixr, /home/*/.skel/ w, /home/*/.skel/* w, /home/*/Desktop/ w, /home/*/Desktop/GnomeOnlineHelp.desktop w, /home/*/Desktop/SuSE.desktop w, /proc/meminfo r, /proc/sys/kernel/ngroups_max r, /usr/bin/gconftool-2 Px, /usr/bin/gnome mr, /usr/bin/gnome-session Px, /usr/share/dist/desktop-files/*.desktop r, } about 1 year ago Import of jmichaels profiles 99 dominic Edit History
opensuse10.3 /usr/bin/printenv #include <tunables/global> /usr/bin/printenv { #include <abstractions/base> /usr/bin/printenv mr, } about 1 year ago Import of jmichaels profiles 92 dominic Edit History
opensuse10.3 /usr/bin/zypper #include <tunables/global> /usr/bin/zypper { #include <abstractions/authentication> #include <abstractions/base> #include <abstractions/consoles> #include <abstractions/nameservice> #include <abstractions/user-tmp> capability fsetid, capability ipc_lock, /bin/cp ixr, /bin/rpm Ux, /etc/rpm/ r, /etc/rpm/macros.* r, /etc/sysconfig/proxy r, /etc/sysconfig/storage r, /etc/zypp/repos.d/ r, /etc/zypp/repos.d/*.repo r, /etc/zypp/zypp.conf r, /proc/*/mounts r, /proc/cpuinfo r, /proc/meminfo r, /proc/stat r, /sys/bus/ r, /usr/bin/gpg2 ixr, /usr/bin/zypper mr, /usr/share/zypp/schema/** r, /var/adm/mount/** rw, /var/cache/zypp/ r, /var/cache/zypp/raw/** rw, /var/cache/zypp/zypp.db krw, /var/cache/zypp/zypp.db-journal w, /var/lib/rpm/ w, /var/lib/rpm/Basenames r, /var/lib/rpm/Name r, /var/lib/rpm/Packages kr, /var/lib/zypp/db/languages/ r, /var/lib/zypp/db/patches/ r, /var/lib/zypp/db/patterns/ r, /var/lib/zypp/db/patterns/* r, /var/lib/zypp/db/products/ r, /var/lib/zypp/db/products/* r, /var/lib/zypp/db/selections/ r, /var/log/zypper.log w, /var/run/zypp.pid krw, /var/tmp/ rw, } about 1 year ago none 69 cinimod Edit History
opensuse10.3 /usr/sbin/mysqld-max #include <tunables/global> /usr/sbin/mysqld-max { #include <abstractions/base> #include <abstractions/nameservice> capability dac_override, capability setgid, capability setuid, network inet tcp, /etc/ld.so.preload r, /etc/my.cnf r, /usr/sbin/mysqld r, /usr/sbin/mysqld-max mr, /usr/share/mysql/** r, /var/db/nscd/passwd r, /var/lib/distccd/** lkrw, /var/lib/mysql/ r, /var/lib/mysql/** klrw, /var/run/mysqld/* lrw, } about 1 year ago 82 hello Edit History
opensuse10.3 /usr/lib/gnome-vfs-2.0/gnome-vfs-daemon #include <tunables/global> /usr/lib/gnome-vfs-2.0/gnome-vfs-daemon { #include <abstractions/base> #include <abstractions/dbus> #include <abstractions/gnome> #include <abstractions/nameservice> /etc/ r, /etc/fstab r, /etc/gnome-vfs-2.0/modules/ r, /etc/mtab r, /proc/*/mounts r, /usr/lib/gnome-vfs-2.0/gnome-vfs-daemon mr, } about 1 year ago none 73 cinimod Edit History
opensuse10.3 /usr/bin/dbus-launch #include <tunables/global> /usr/bin/dbus-launch { #include <abstractions/X> #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/kde> #include <abstractions/nameservice> capability sys_ptrace, /bin/bash ixr, /bin/cat ixr, /bin/dbus-daemon Px, /bin/grep ixr, /bin/mkdir ixr, /bin/sed ixr, /etc/SuSE-release r, /etc/sysconfig/proxy r, /etc/sysconfig/windowmanager r, /home/*/ r, /home/*/.DCOPserver_*_:* w, /home/*/.DCOPserver_*__* rw, /home/*/.ICEauthority lrw, /home/*/.ICEauthority-* lw, /home/*/.Xauthority r, /home/*/.fonts/ r, /home/*/.fonts/fonts.dir rw, /home/*/.kde/share/config/ w, /home/*/.kde/share/config/* rw, /home/*/.xsession-errors w, /opt/kde3/bin/dcopserver_shutdown Pxmr, /opt/kde3/bin/kapplymousetheme Pxmr, /opt/kde3/bin/kcheckrunning Pxmr, /opt/kde3/bin/kde-config Pxmr, /opt/kde3/bin/kde-open Pxr, /opt/kde3/bin/ksplashx Pxmr, /opt/kde3/bin/kstartupconfig Pxmr, /opt/kde3/bin/lnusertemp Pxmr, /opt/kde3/bin/startkde Pxr, /opt/kde3/env/ r, /opt/kde3/env/*.sh r, /opt/kde3/share/apps/ksplash/**/ r, /opt/kde3/share/apps/ksplash/Themes/** r, /proc/ r, /proc/*/cmdline r, /proc/*/mounts r, /proc/*/stat r, /proc/meminfo r, /proc/sys/** r, /sbin/killall5 ixr, /tmp/ rw, /usr/bin/dbus-launch mr, /usr/bin/gnome Px, /usr/bin/iceauth Pxmr, /usr/bin/mkfontdir Pxr, /usr/bin/mkfontscale Pxmr, /usr/bin/tr ixr, /usr/bin/xmodmap Pxmr, /usr/bin/xprop ixr, /usr/bin/xset ixr, /usr/bin/xsetroot Pxmr, /usr/share/hotkey-setup/hotkey-setup.xmodmap r, } about 1 year ago none 73 cinimod Edit History
opensuse10.3 /usr/lib/gnome-screensaver/gnome-screensaver-gl-helper #include <tunables/global> /usr/lib/gnome-screensaver/gnome-screensaver-gl-helper { #include <abstractions/X> #include <abstractions/base> #include <abstractions/nameservice> /home/*/.Xauthority r, /usr/lib/gnome-screensaver/gnome-screensaver-gl-helper mr, } about 1 year ago none 66 cinimod Edit History
opensuse10.3 /usr/sbin/sabayon-apply #include <tunables/global> /usr/sbin/sabayon-apply flags=(complain) { #include <abstractions/X> #include <abstractions/base> #include <abstractions/nameservice> #include <abstractions/python> /etc/xml/catalog r, /etc/xml/suse-catalog.xml r, /home/*/.Xauthority r, /proc/meminfo r, /usr/bin/env ixr, /usr/bin/python2.5 ixr, /usr/sbin/sabayon-apply mr, } over 2 years ago few more changes to get gnome session working elsewhere 148 jmichael Edit History
opensuse10.3 /opt/thunderbird/thunderbird #include <tunables/global> /opt/thunderbird/thunderbird flags=(complain) { #include <abstractions/base> #include <abstractions/bash> /bin/bash ix, /opt/thunderbird/thunderbird mr, } over 2 years ago genral 96 davepl Edit History
opensuse10.3 /usr/bin/xdpyinfo #include <tunables/global> /usr/bin/xdpyinfo { #include <abstractions/X> #include <abstractions/base> /home/*/.Xauthority r, /usr/bin/xdpyinfo mr, } about 1 year ago Import of jmichaels profiles 69 dominic Edit History
opensuse10.3 /usr/bin/esd #include <tunables/global> /usr/bin/esd { #include <abstractions/audio> #include <abstractions/base> #include <abstractions/nameservice> #include <abstractions/user-tmp> capability dac_override, capability kill, /dev/shm/ r, /dev/shm/pulse-shm-* rw, /etc/pulse/client.conf r, /home/*/.Xauthority r, /proc/cpuinfo r, /root/.pulse-cookie krw, /usr/bin/esd mr, /var/lib/run/pulse/native w, } 9 months ago 55 shimingzhou Edit History
opensuse10.3 /usr/bin/eog #include <tunables/global> /usr/bin/eog flags=(complain) { #include <abstractions/X> #include <abstractions/base> #include <abstractions/gnome> #include <abstractions/kde> #include <abstractions/nameservice> #include <abstractions/user-tmp> /etc/gnome-vfs-2.0/modules/ r, /etc/mtab r, /etc/opt/kde3/share/applications/ r, /etc/opt/kde3/share/applications/mimeinfo.cache r, /etc/sound/events/gtk-events-2.soundlist r, /home/*/.esd_auth r, /home/*/.fontconfig/* r, /home/*/.gnome2/accels/eog rw, /home/*/.gnome2_private/ w, /home/*/.icons/ r, /home/*/.local/share/applications/ r, /home/*/.local/share/applications/*.desktop r, /home/*/.local/share/applications/defaults.list r, /home/*/.local/share/applications/mimeinfo.cache r, /home/*/.local/share/icons/ r, /home/*/.recently-used.xbel rw, /home/*/.recently-used.xbel.* rw, /home/*/.thumbnails/** rw, /home/*/Desktop/** r, /opt/kde3/share/applications/ r, /opt/kde3/share/applications/mimeinfo.cache r, /usr/bin/eog mr, /usr/share/applications/ r, /usr/share/applications/*.desktop r, /usr/share/applications/mimeinfo.cache r, /usr/share/eog/** r, /usr/share/gdm/applications/ r, /var/cache/gnome-vfs/defaults.list r, /var/cache/libx11/compose/* r, } over 2 years ago flesh out the eog profile a little 113 jmichael Edit History
opensuse10.3 /bin/lstest #include <tunables/global> /bin/lstest flags=(complain) { #include <abstractions/base> /bin/lstest mr, } about 1 month ago addded lstest 13 danabr Edit History
opensuse10.3 /usr/bin/zypper #include <tunables/global> /usr/bin/zypper { #include <abstractions/authentication> #include <abstractions/base> #include <abstractions/consoles> #include <abstractions/nameservice> #include <abstractions/user-tmp> capability fsetid, capability ipc_lock, /bin/cp ixr, /bin/rpm Ux, /etc/rpm/ r, /etc/rpm/macros.* r, /etc/sysconfig/proxy r, /etc/sysconfig/storage r, /etc/zypp/repos.d/ r, /etc/zypp/repos.d/*.repo r, /etc/zypp/zypp.conf r, /proc/*/mounts r, /proc/cpuinfo r, /proc/meminfo r, /proc/stat r, /sys/bus/ r, /usr/bin/gpg2 ixr, /usr/bin/zypper mr, /usr/share/zypp/schema/** r, /var/adm/mount/** rw, /var/cache/zypp/ r, /var/cache/zypp/raw/** rw, /var/cache/zypp/zypp.db krw, /var/cache/zypp/zypp.db-journal w, /var/lib/rpm/ w, /var/lib/rpm/Basenames r, /var/lib/rpm/Name r, /var/lib/rpm/Packages kr, /var/lib/zypp/db/languages/ r, /var/lib/zypp/db/languages/* r, /var/lib/zypp/db/patches/ r, /var/lib/zypp/db/patches/* r, /var/lib/zypp/db/patterns/ r, /var/lib/zypp/db/patterns/* r, /var/lib/zypp/db/products/ r, /var/lib/zypp/db/products/* r, /var/lib/zypp/db/selections/ r, /var/log/zypper.log w, /var/run/zypp.pid krw, /var/tmp/ rw, } about 1 year ago testing package updates 69 dominic Edit History
opensuse10.3 /usr/bin/dbus-launch #include <tunables/global> /usr/bin/dbus-launch { #include <abstractions/X> #include <abstractions/base> /bin/dbus-daemon Px, /home/*/.Xauthority r, /usr/bin/dbus-launch mr, /usr/bin/gnome Px, } about 1 year ago Import of jmichaels profiles 90 dominic Edit History
opensuse10.3 /usr/lib/bonobo/bonobo-activation-server #include <tunables/global> /usr/lib/bonobo/bonobo-activation-server { #include <abstractions/base> #include <abstractions/nameservice> #include <abstractions/user-tmp> /etc/bonobo-activation/bonobo-activation-config.xml r, /usr/bin/tomboy-panel Px, /usr/lib/bonobo/bonobo-activation-server mr, /usr/lib/gnome-main-menu/main-menu Px, /usr/lib/gnome-panel/mixer_applet2 Px, } about 1 year ago none 77 cinimod Edit History
opensuse10.3 /usr/bin/xdpyinfo #include <tunables/global> /usr/bin/xdpyinfo { #include <abstractions/X> #include <abstractions/base> /home/*/.Xauthority r, /usr/bin/xdpyinfo mr, } about 1 year ago none 70 cinimod Edit History
opensuse10.3 /usr/lib/ssh/x11-ssh-askpass #include <tunables/global> /usr/lib/ssh/x11-ssh-askpass flags=(complain) { #include <abstractions/base> /usr/lib/ssh/x11-ssh-askpass mr, } over 2 years ago argh, switch things back to complain for a while 93 jmichael Edit History
opensuse10.3 /usr/sbin/mdnsd # $Id: usr.sbin.mdnsd 697 2007-05-25 03:09:30Z steve-beattie $ # ------------------------------------------------------------------ # # Copyright (C) 2002-2005 Novell/SUSE # # This program is free software; you can redistribute it and/or # modify it under the terms of version 2 of the GNU General Public # License published by the Free Software Foundation. # # ------------------------------------------------------------------ #include <tunables/global> /usr/sbin/mdnsd { #include <abstractions/base> #include <abstractions/consoles> #include <abstractions/nameservice> capability net_bind_service, capability setgid, capability setuid, capability sys_chroot, capability sys_resource, /usr/sbin/mdnsd rmix, /var/run/mdnsd lw, /var/run/mdnsd.pid w, @{PROC}/net/ r, @{PROC}/net/unix r, } about 1 year ago none 71 cinimod Edit History
opensuse10.3 /usr/local/bin/logsurfer #include <tunables/global> /usr/local/bin/logsurfer { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/nameservice> #include <abstractions/user-tmp> /bin/bash ixr, /bin/cat ixr, /bin/rm ixr, /etc/gai.conf r, /etc/logsurfer.conf r, /etc/postfix/dynamicmaps.cf r, /etc/postfix/main.cf r, /proc/meminfo r, /proc/net/if_inet6 r, /proc/sys/kernel/ngroups_max r, /usr/bin/tr ixr, /usr/local/bin/logsurfer mr, /usr/local/bin/start-mail ixr, /usr/sbin/postdrop ixr, /usr/sbin/sendmail ixr, /var/log/logsurfer r, /var/run/logsurfer/logsurfer.pid w, /var/spool/postfix/** rw, } about 1 year ago scanlogd 136 kaizer Edit History
opensuse10.3 /usr/bin/Xorg #include <tunables/global> /usr/bin/Xorg flags=(complain) { #include <abstractions/X> #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/fonts> #include <abstractions/nameservice> #include <abstractions/user-tmp> capability chown, capability dac_override, capability fsetid, capability ipc_owner, capability mknod, capability setgid, capability setuid, capability sys_admin, capability sys_rawio, capability sys_tty_config, /bin/bash ixr, /dev/agpgart rw, /dev/apm_bios rw, /dev/dri/ w, /dev/dri/card* rw, /dev/input/mice rw, /dev/mem mrw, /dev/tty* rw, /etc/X11/xorg.conf r, /home/*/.gnome2/share/cursor-fonts/fonts.dir r, /home/*/.gnome2/share/fonts/fonts.dir r, /proc/bus/pci/** rw, /proc/meminfo r, /proc/mtrr w, /proc/sys/kernel/modprobe r, /sbin/modprobe Px, /sys/bus/pci/devices/ r, /sys/devices/**/resource r, /sys/devices/**/rom rw, /usr/bin/Xorg mr, /usr/bin/xkbcomp Px, /usr/lib/xorg/modules/drivers/*.so mr, /usr/lib/xorg/modules/input/*.so mr, /var/lib/gdm/* r, /var/lib/xkb/compiled/*.xkm rw, /var/log/Xorg.*.log rw, /var/log/Xorg.*.log.old w, /var/log/gdm/*.log w, /var/run/acpid.socket w, } over 2 years ago argh, switch things back to complain for a while 97 jmichael Edit History
opensuse10.3 /usr/lib/bonobo/bonobo-activation-server #include <tunables/global> /usr/lib/bonobo/bonobo-activation-server { #include <abstractions/base> #include <abstractions/nameservice> #include <abstractions/user-tmp> /etc/bonobo-activation/bonobo-activation-config.xml r, /usr/bin/tomboy-panel Px, /usr/lib/bonobo/bonobo-activation-server mr, /usr/lib/gnome-main-menu/main-menu Px, /usr/lib/gnome-panel/mixer_applet2 Px, } about 1 year ago Import of jmichaels profiles 93 dominic Edit History
opensuse10.3 /usr/lib/firefox/firefox-bin # $Id: usr.lib.firefox.firefox-bin 725 2007-06-11 05:07:41Z seth_arnold $ # ------------------------------------------------------------------ # # Copyright (C) 2002-2005 Novell/SUSE # # This program is free software; you can redistribute it and/or # modify it under the terms of version 2 of the GNU General Public # License published by the Free Software Foundation. # # ------------------------------------------------------------------ #include <tunables/global> /usr/lib/firefox/firefox-bin { #include <abstractions/X> #include <abstractions/audio> #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/gnome> #include <abstractions/kde> #include <abstractions/nameservice> #include <abstractions/user-download> #include <abstractions/user-write> capability sys_nice, /bin/bash mixr, /bin/grep mixr, /bin/netstat Px, /bin/ps mixr, /etc/SuSE-release r, /etc/X11/.kstylerc.lock rw, /etc/X11/.qt_plugins_*rc.lock rw, /etc/X11/.qtrc.lock rw, /etc/X11/fs/config r, /etc/gai.conf r, /etc/gnome-vfs-*/modules r, /etc/gnome-vfs-*/modules/*.conf r, /etc/gnome-vfs-2.0/modules/ r, /etc/ld.so.cache mr, /etc/mailcap r, /etc/mime.types r, /etc/mozpluggerrc r, /etc/opt/kde3/share/applications/ r, /etc/opt/kde3/share/applications/mimeinfo.cache r, /etc/pango/* r, /etc/rpc r, /etc/sound/events/gtk-events-2.soundlist r, /etc/sysconfig/clock r, /home/*/.Xauthority r, /home/*/.fontconfig/76a62bcd5a316e4579cb35dcca3f9719-x86.cache-2 r, /home/*/.gnome2_private/ w, /home/*/.kde/share/config/gtkrc-2.0 r, /home/*/.kde/share/config/gtkrc-qtc rw, /home/*/.kde/share/config/kdeglobals r, /home/*/.local/share/applications/ r, /home/*/.mozilla/firefox/f9oos0y5.default/ r, /home/*/.mozilla/firefox/f9oos0y5.default/.parentlock kw, /home/*/.mozilla/firefox/f9oos0y5.default/Cache/0783A992d01 rw, /home/*/.mozilla/firefox/f9oos0y5.default/Cache/08DB64FEd01 w, /home/*/.mozilla/firefox/f9oos0y5.default/Cache/2A57D181d01 r, /home/*/.mozilla/firefox/f9oos0y5.default/Cache/3576DBA5d01 w, /home/*/.mozilla/firefox/f9oos0y5.default/Cache/83BAA541d01 rw, /home/*/.mozilla/firefox/f9oos0y5.default/Cache/A89F4DBCd01 rw, /home/*/.mozilla/firefox/f9oos0y5.default/Cache/A9C37D92d01 w, /home/*/.mozilla/firefox/f9oos0y5.default/Cache/C621475Dd01 w, /home/*/.mozilla/firefox/f9oos0y5.default/Cache/E043D734d01 w, /home/*/.mozilla/firefox/f9oos0y5.default/Cache/E2301344d01 w, /home/*/.mozilla/firefox/f9oos0y5.default/Cache/F66E0202d01 w, /home/*/.mozilla/firefox/f9oos0y5.default/Cache/_CACHE_001_ rw, /home/*/.mozilla/firefox/f9oos0y5.default/Cache/_CACHE_002_ rw, /home/*/.mozilla/firefox/f9oos0y5.default/Cache/_CACHE_003_ rw, /home/*/.mozilla/firefox/f9oos0y5.default/Cache/_CACHE_MAP_ rw, /home/*/.mozilla/firefox/f9oos0y5.default/XPC.mfasl r, /home/*/.mozilla/firefox/f9oos0y5.default/XUL.mfasl rw, /home/*/.mozilla/firefox/f9oos0y5.default/bookmarkbackups/ r, /home/*/.mozilla/firefox/f9oos0y5.default/bookmarks-1.html rw, /home/*/.mozilla/firefox/f9oos0y5.default/bookmarks.bak w, /home/*/.mozilla/firefox/f9oos0y5.default/bookmarks.html rw, /home/*/.mozilla/firefox/f9oos0y5.default/cert8.db rw, /home/*/.mozilla/firefox/f9oos0y5.default/compatibility.ini r, /home/*/.mozilla/firefox/f9oos0y5.default/compreg.dat r, /home/*/.mozilla/firefox/f9oos0y5.default/cookies-1.txt rw, /home/*/.mozilla/firefox/f9oos0y5.default/cookies.txt rw, /home/*/.mozilla/firefox/f9oos0y5.default/extensions.cache r, /home/*/.mozilla/firefox/f9oos0y5.default/extensions.ini r, /home/*/.mozilla/firefox/f9oos0y5.default/extensions/ r, /home/*/.mozilla/firefox/f9oos0y5.default/formhistory.dat rw, /home/*/.mozilla/firefox/f9oos0y5.default/history.dat rw, /home/*/.mozilla/firefox/f9oos0y5.default/key3.db rw, /home/*/.mozilla/firefox/f9oos0y5.default/localstore-1.rdf rw, /home/*/.mozilla/firefox/f9oos0y5.default/localstore.rdf rw, /home/*/.mozilla/firefox/f9oos0y5.default/lock w, /home/*/.mozilla/firefox/f9oos0y5.default/mimeTypes.rdf rw, /home/*/.mozilla/firefox/f9oos0y5.default/prefs-1.js rw, /home/*/.mozilla/firefox/f9oos0y5.default/prefs.js rw, /home/*/.mozilla/firefox/f9oos0y5.default/search.sqlite krw, /home/*/.mozilla/firefox/f9oos0y5.default/secmod.db r, /home/*/.mozilla/firefox/f9oos0y5.default/sessionstore-1.js rw, /home/*/.mozilla/firefox/f9oos0y5.default/sessionstore.js w, /home/*/.mozilla/firefox/f9oos0y5.default/signons2.txt r, /home/*/.mozilla/firefox/f9oos0y5.default/urlclassifier2.sqlite rw, /home/*/.mozilla/firefox/f9oos0y5.default/urlclassifier2.sqlite-journal w, /home/*/.mozilla/firefox/f9oos0y5.default/xpti.dat r, /home/*/.mozilla/firefox/pluginreg.dat rw, /home/*/.mozilla/firefox/profiles.ini r, /home/*/.qt/qtrc r, /home/kladie/.ICEauthority r, /opt/kde3/bin/kde-config mixr, /opt/kde3/share/applications/ r, /opt/kde3/share/applications/**.desktop r, /opt/kde3/share/applications/mimeinfo.cache r, /proc/*/cmdline r, /proc/meminfo r, /tmp/hsperfdata_*/[0-9]* m, /usr/bin/m4 rmix, /usr/bin/mozplugger-helper rmix, /usr/java/jre*/plugin/*/ns*/libjavaplugin_oji.so mr, /usr/lib/GConf/2/gconfd-2 Px, /usr/lib/browser-extensions/firefox r, /usr/lib/browser-plugins r, /usr/lib/browser-plugins/*.so mr, /usr/lib/browser-plugins/*.xpt r, /usr/lib/firefox/** r, /usr/lib/firefox/**.so mr, /usr/lib/firefox/firefox-bin mixr, /usr/lib/gnome-vfs-*/modules/*.so mr, /usr/lib/gtk-*/**.so* mr, /usr/lib/jvm/java-*/** r, /usr/lib/jvm/java-*/**.so mr, /usr/lib/jvm/java-*/jre/bin/java_vm mixr, /usr/lib/ooo-*/share/fonts/** r, /usr/lib/pango/**.so mr, /usr/share/applications/ r, /usr/share/applications/*.desktop r, /usr/share/applications/defaults.list r, /usr/share/applications/mimeinfo.cache r, /usr/share/ghostscript/fonts r, /usr/share/icons r, /usr/share/icons/** r, /usr/share/locale-bundle/de/LC_MESSAGES/GConf2.mo r, /usr/share/locale-bundle/de/LC_MESSAGES/gtk20-properties.mo r, /usr/share/locale-bundle/de/LC_MESSAGES/gtk20.mo r, /usr/share/locale-bundle/de/LC_MESSAGES/libbonobo-2.0.mo r, /usr/share/locale-bundle/de/LC_MESSAGES/libgnome-2.0.mo r, /usr/share/locale/** r, /usr/share/mime/** r, /usr/share/pixmaps r, /usr/share/themes/** r, /usr/share/zoneinfo r, /var/X11R6/compose-cache/* r, /var/cache/gnome-vfs/defaults.list r, /var/cache/libx11/compose/l4_024_313cb605_00280cc0 r, /var/run/dbus/system_bus_socket w, @{HOME}/.fonts r, @{HOME}/.fonts.cache-1 r, @{HOME}/.gnome2_private w, @{HOME}/.gtk_qt_engine_rc lrw, @{HOME}/.icons r, @{HOME}/.java/deployment/* r, @{HOME}/.java/deployment/cache/javapi/** lrw, @{HOME}/.java/deployment/log/* lw, @{HOME}/.kde/share/config/* r, @{HOME}/.kde/share/config/gtkrc-* r, @{HOME}/.macromedia/** r, "@{HOME}/.macromedia/Macromedia/Flash Player/**" rw, @{HOME}/.mailcap r, @{HOME}/.mime.types r, @{HOME}/.mozilla/appreg rw, @{HOME}/.mozilla/firefox/** lrw, @{HOME}/.mozilla/plugins r, @{HOME}/.mozilla/plugins/** mlrw, @{PROC}/[0-9]*/cmdline r, @{PROC}/[0-9]*/maps r, @{PROC}/[0-9]*/stat r, @{PROC}/net/if_inet6 r, @{PROC}/sys/vm/heap-stack-gap r, } about 1 year ago aktualisierung 70 kladie Edit History
opensuse10.3 /usr/sbin/dhcdbd #include <tunables/global> /usr/sbin/dhcdbd flags=(complain) { #include <abstractions/base> #include <abstractions/dbus> /etc/HOSTNAME r, /etc/sysconfig/network/dhcp r, /sbin/dhclient Px, /usr/sbin/dhcdbd mr, /var/run/dhcdbd.pid w, } over 2 years ago argh, switch things back to complain for a while 117 jmichael Edit History
opensuse10.3 /usr/sbin/identd # $Id: usr.sbin.identd 697 2007-05-25 03:09:30Z steve-beattie $ # ------------------------------------------------------------------ # # Copyright (C) 2002-2005 Novell/SUSE # # This program is free software; you can redistribute it and/or # modify it under the terms of version 2 of the GNU General Public # License published by the Free Software Foundation. # # ------------------------------------------------------------------ #include <tunables/global> /usr/sbin/identd { #include <abstractions/base> #include <abstractions/nameservice> capability net_bind_service, capability setgid, capability setuid, /etc/identd.conf r, /etc/identd.key r, /etc/identd.pid w, /usr/sbin/identd rmix, /var/run/identd.pid w, @{PROC}/net/tcp r, @{PROC}/net/tcp6 r, } about 1 year ago none 66 cinimod Edit History
opensuse10.3 /usr/lib/firefox/firefox.sh #include <tunables/global> /usr/lib/firefox/firefox.sh flags=(complain) { #include <abstractions/base> #include <abstractions/bash> /bin/bash ix, /usr/lib/firefox/firefox.sh mr, } about 1 year ago firefox 74 sontaya Edit History
opensuse10.3 /usr/lib/vte/gnome-pty-helper #include <tunables/global> /usr/lib/vte/gnome-pty-helper { #include <abstractions/base> #include <abstractions/consoles> #include <abstractions/nameservice> /dev/ptmx rw, /usr/lib/vte/gnome-pty-helper mr, /var/log/wtmp kw, /var/run/utmp krw, } about 1 year ago none 82 cinimod Edit History
opensuse10.3 /usr/sbin/mdnsd # $Id: usr.sbin.mdnsd 697 2007-05-25 03:09:30Z steve-beattie $ # ------------------------------------------------------------------ # # Copyright (C) 2002-2005 Novell/SUSE # # This program is free software; you can redistribute it and/or # modify it under the terms of version 2 of the GNU General Public # License published by the Free Software Foundation. # # ------------------------------------------------------------------ #include <tunables/global> /usr/sbin/mdnsd { #include <abstractions/base> #include <abstractions/consoles> #include <abstractions/nameservice> capability net_bind_service, capability setgid, capability setuid, capability sys_chroot, capability sys_resource, /usr/sbin/mdnsd rmix, /var/run/mdnsd lw, /var/run/mdnsd.pid w, @{PROC}/net/ r, @{PROC}/net/unix r, } over 2 years ago Initial Revision 150 novell Edit History
opensuse10.3 /usr/bin/xsetroot #include <tunables/global> /usr/bin/xsetroot { #include <abstractions/X> #include <abstractions/base> #include <abstractions/freedesktop.org> /home/*/.Xauthority r, /usr/bin/xsetroot mr, /var/lib/gdm/* r, } about 1 year ago none 71 cinimod Edit History
opensuse10.3 /usr/lib/firefox/firefox.sh #include <tunables/global> /usr/lib/firefox/firefox.sh flags=(complain) { #include <abstractions/base> #include <abstractions/bash> /bin/bash ix, /usr/lib/firefox/firefox.sh mr, } about 1 year ago 64 hase Edit History
opensuse10.3 /usr/lib/cyrus/bin/imapd #include <tunables/global> /usr/lib/cyrus/bin/imapd { #include <abstractions/base> #include <abstractions/nameservice> /etc/hosts.allow r, /etc/hosts.deny r, /etc/imapd.* r, /etc/kolab/cert.pem r, /etc/kolab/key.pem r, /mnt/mail/config/** krw, /mnt/mail/spool/** klrw, /usr/lib/cyrus/bin/imapd mr, /var/lib/imap/** krw, /var/run/sasl2/mux w, /var/spool/imap/** krw, } about 1 year ago 91 arclyde Edit History
opensuse10.3 /opt/kde3/bin/konsole #include <tunables/global> /opt/kde3/bin/konsole flags=(complain) { #include <abstractions/base> /opt/kde3/bin/konsole mr, /opt/kde3/lib/lib*so* mr, } about 1 year ago 65 Zanmato Edit History
opensuse10.3 /usr/bin/fetchmail #include <tunables/global> /usr/bin/fetchmail { #include <abstractions/base> network all, /etc r, /etc/fetchmailrc r, /etc/passwd r, /etc/resolv.conf r, /usr/bin/fetchmail mr, /var/log/fetchmail Ux, /var/run/nscd/socket w, } about 1 year ago 57 gunter Edit History
opensuse10.3 /usr/bin/kde4 #include <tunables/global> /usr/bin/kde4 { #include <abstractions/base> #include <abstractions/bash> /bin/bash ix, /usr/bin/kde4 mr, } about 1 year ago none 78 cinimod Edit History
opensuse10.3 /usr/bin/setxkbmap #include <tunables/global> /usr/bin/setxkbmap flags=(complain) { #include <abstractions/base> /usr/bin/setxkbmap mr, } over 2 years ago argh, switch things back to complain for a while 121 jmichael Edit History
opensuse10.3 /usr/lib/vte/gnome-pty-helper #include <tunables/global> /usr/lib/vte/gnome-pty-helper { #include <abstractions/base> #include <abstractions/consoles> #include <abstractions/nameservice> /dev/ptmx rw, /usr/lib/vte/gnome-pty-helper mr, /var/log/wtmp kw, /var/run/utmp krw, } about 1 year ago Import of jmichaels profiles 74 dominic Edit History
opensuse10.3 /usr/bin/xsetroot #include <tunables/global> /usr/bin/xsetroot { #include <abstractions/X> #include <abstractions/base> #include <abstractions/freedesktop.org> /usr/bin/xsetroot mr, /var/lib/gdm/* r, } about 1 year ago Import of jmichaels profiles 72 dominic Edit History
opensuse10.3 /usr/sbin/xend #include <tunables/global> /usr/sbin/xend flags=(complain) { #include <abstractions/base> /usr/bin/env ix, /usr/sbin/xend mr, } about 1 year ago xend-jester 112 security Edit History
opensuse10.3 /usr/sbin/identd # $Id: usr.sbin.identd 697 2007-05-25 03:09:30Z steve-beattie $ # ------------------------------------------------------------------ # # Copyright (C) 2002-2005 Novell/SUSE # # This program is free software; you can redistribute it and/or # modify it under the terms of version 2 of the GNU General Public # License published by the Free Software Foundation. # # ------------------------------------------------------------------ #include <tunables/global> /usr/sbin/identd { #include <abstractions/base> #include <abstractions/nameservice> capability net_bind_service, capability setgid, capability setuid, /etc/identd.conf r, /etc/identd.key r, /etc/identd.pid w, /usr/sbin/identd rmix, /var/run/identd.pid w, @{PROC}/net/tcp r, @{PROC}/net/tcp6 r, } over 2 years ago Initial Revision 124 novell Edit History
opensuse10.3 /usr/lib/cups/backend/socket #include <tunables/global> /usr/lib/cups/backend/socket { #include <abstractions/base> #include <abstractions/nameservice> /usr/lib/cups/backend/socket mr, } about 1 year ago ssh needed the ability to create /root/.ssh, and assorted CUPS fixes 121 crispin Edit History
opensuse10.3 /usr/bin/opera #include <tunables/global> /usr/bin/opera flags=(complain) { #include <abstractions/base> #include <abstractions/bash> /bin/bash ix, /usr/bin/opera mr, } over 2 years ago 92 imru Edit History
opensuse10.3 /usr/sbin/NetworkManager #include <tunables/global> /usr/sbin/NetworkManager { #include <abstractions/base> #include <abstractions/dbus> #include <abstractions/nameservice> capability net_admin, capability net_raw, capability sys_module, network packet packet, /etc/resolv.conf w, /etc/resolv.conf.tmp rw, /etc/sysconfig/network/ r, /etc/sysconfig/network/dhcp r, /proc/net/psched r, /sbin/ip Px, /usr/lib/NetworkManager/nm-crash-logger Px, /usr/sbin/NetworkManager mr, /usr/sbin/nscd Px, /usr/sbin/wpa_supplicant Px, /var/run/NetworkManager.pid w, /var/run/NetworkManager/wpa_ctrl_* w, /var/run/wpa_supplicant-global w, /var/run/wpa_supplicant/* w, } about 1 year ago none 79 cinimod Edit History
opensuse10.3 /usr/bin/gnomesu #include <tunables/global> /usr/bin/gnomesu flags=(complain) { #include <abstractions/base> /usr/bin/gnomesu mr, } over 2 years ago argh, switch things back to complain for a while 123 jmichael Edit History
opensuse10.3 /bin/netstat # $Id: bin.netstat 697 2007-05-25 03:09:30Z steve-beattie $ # ------------------------------------------------------------------ # # Copyright (C) 2002-2005 Novell/SUSE # # This program is free software; you can redistribute it and/or # modify it under the terms of version 2 of the GNU General Public # License published by the Free Software Foundation. # # ------------------------------------------------------------------ # evolution, amongst other things, calls this program. I didn't want to # give evolution access to significant chunks of /proc # #include <tunables/global> /bin/netstat { #include <abstractions/base> #include <abstractions/consoles> #include <abstractions/nameservice> capability dac_override, capability dac_read_search, /bin/netstat rmix, /etc/networks r, /proc/*/fd/ r, /proc/net/ r, /proc/net/dev r, /proc/net/if_inet6 r, /proc/net/unix r, @{PROC} r, @{PROC}/[0-9]*/cmdline r, @{PROC}/[0-9]*/fd r, @{PROC}/net r, @{PROC}/net/* r, } about 1 year ago 2 110 FYPJ Edit History
opensuse10.3 /usr/sbin/httpd2-prefork #include <tunables/global> /usr/sbin/httpd2-prefork { #include <abstractions/base> #include <abstractions/nameservice> #include <abstractions/python> capability kill, capability net_bind_service, capability setgid, capability setuid, /etc/apache2/**.conf r, /etc/apache2/conf.d/ r, /etc/apache2/vhosts.d/ r, /etc/mime.types r, /proc/*/attr/current w, /usr/lib/**.so mr, /usr/sbin/httpd2-prefork mr, /var/log/apache2/access_log w, /var/log/apache2/error_log w, /var/run/httpd2.pid w, } /usr/sbin/httpd2-prefork///manual { /proc/*/attr/current w, /var/log/apache2/error_log w, } /usr/sbin/httpd2-prefork///~dominic/thinking-rock.ics { /home/*/public_html/thinking-rock.ics r, /proc/*/attr/current w, /var/log/apache2/access_log w, } /usr/sbin/httpd2-prefork//DEFAULT_URI { #include <abstractions/nameservice> /home/*/**.html r, /proc/*/attr/current w, /usr/share/**.var r, /usr/share/apache2/error/**.html r, /var/log/apache2/access_log w, /var/log/apache2/error_log w, } /usr/sbin/httpd2-prefork//HANDLING_UNTRUSTED_INPUT { #include <abstractions/nameservice> /proc/*/attr/current w, } over 2 years ago more tweaks 155 dominic_2 Edit History
opensuse10.3 /usr/sbin/mysqld #include <tunables/global> /usr/sbin/mysqld { #include <abstractions/base> #include <abstractions/nameservice> capability dac_override, capability setgid, capability setuid, network inet tcp, /etc/my.cnf r, /usr/sbin/mysqld mr, /usr/share/mysql/** r, /var/lib/mysql/ r, /var/lib/mysql/** klrw, /var/run/mysqld/* lrw, } about 1 year ago 61 hello Edit History
opensuse10.3 /usr/sbin/sshd #include <tunables/global> /usr/sbin/sshd flags=(complain) { #include <abstractions/base> #include <abstractions/bash> /bin/bash ixr, /bin/hostname Px, /bin/ping ixr, /bin/uname Px, /usr/bin/manpath px, /usr/bin/tput ixr, /usr/bin/tty Px, /usr/sbin/sshd mr, } about 1 year ago 68 arturk Edit History
opensuse10.3 /usr/lib/Acrobat7/Reader/intellinux/bin/acroread #include <tunables/global> /usr/lib/Acrobat7/Reader/intellinux/bin/acroread flags=(complain) { #include <abstractions/base> #include <abstractions/gnome> #include <abstractions/kde> #include <abstractions/nameservice> /etc/gnome-vfs-2.0/modules/ r, /etc/mtab r, /home/*/ r, /home/*/.Xauthority r, /home/*/.adobe/** krw, /home/*/.beagle/socket w, /home/*/.config/gtk-2.0/gtkfilechooser.ini rw, /home/*/.config/gtk-2.0/gtkfilechooser.ini.* rw, /home/*/.fontconfig/* mr, /home/*/.fonts/ r, /home/*/.icons/ r, /home/*/.local/share/icons/ r, /home/*/.recently-used.xbel r, /home/*/Desktop/ r, /home/*/Desktop/**.pdf w, /home/*/Desktop/*.desktop r, /proc/meminfo r, /usr/lib/Acrobat7/Reader/intellinux/bin/acroread mr, /usr/lib/Acrobat7/Reader/intellinux/plug_ins/Accessibility.api ixr, /usr/lib/Acrobat7/Reader/intellinux/plug_ins/AcroForm.api ixr, /usr/lib/Acrobat7/Reader/intellinux/plug_ins/Annots.api ixr, /usr/lib/Acrobat7/Reader/intellinux/plug_ins/DigSig.api ixr, /usr/lib/Acrobat7/Reader/intellinux/plug_ins/EFS.api ixr, /usr/lib/Acrobat7/Reader/intellinux/plug_ins/EScript.api ixr, /usr/lib/Acrobat7/Reader/intellinux/plug_ins/LegalPDF.api ixr, /usr/lib/Acrobat7/Reader/intellinux/plug_ins/MakeAccessible.api ixr, /usr/lib/Acrobat7/Reader/intellinux/plug_ins/PDDom.api ixr, /usr/lib/Acrobat7/Reader/intellinux/plug_ins/PPKLite.api ixr, /usr/lib/Acrobat7/Reader/intellinux/plug_ins/SOAP.api ixr, /usr/lib/Acrobat7/Reader/intellinux/plug_ins/SaveAsRTF.api ixr, /usr/lib/Acrobat7/Reader/intellinux/plug_ins/SearchFind.api ixr, /usr/lib/Acrobat7/Reader/intellinux/plug_ins/SendMail.api ixr, /usr/lib/Acrobat7/Reader/intellinux/plug_ins/Spelling.api ixr, /usr/lib/Acrobat7/Reader/intellinux/plug_ins/checkers.api ixr, /usr/lib/Acrobat7/Reader/intellinux/plug_ins/ewh.api ixr, /usr/lib/Acrobat7/Reader/intellinux/plug_ins/wwwlink.api ixr, /usr/lib/Acrobat7/Resource/** mr, /usr/share/dist/icons/suse-help.svg r, /usr/share/fonts/ r, /usr/share/fonts/** mr, /usr/share/mime/**.xml r, /var/cache/libx11/compose/* mr, } over 2 years ago initial acroread profile 99 jmichael Edit History
opensuse10.3 /usr/sbin/named #include <tunables/global> /usr/sbin/named flags=(complain) { #include <abstractions/base> #include <abstractions/nameservice> capability net_bind_service, capability setgid, capability setuid, capability sys_chroot, /usr/sbin/named mr, /var/lib/named/127.0.0.zone r, /var/lib/named/dev/random r, /var/lib/named/etc/localtime r, /var/lib/named/etc/named.conf r, /var/lib/named/etc/named.conf.include r, /var/lib/named/etc/rndc.key r, /var/lib/named/localhost.zone r, /var/lib/named/root.hint r, /var/lib/named/var/run/named/named.pid w, } 2 months ago 14 tonnylu Edit History
opensuse10.3 /usr/sbin/NetworkManager #include <tunables/global> /usr/sbin/NetworkManager { #include <abstractions/base> #include <abstractions/dbus> #include <abstractions/nameservice> capability net_admin, capability net_raw, capability sys_module, network packet packet, /etc/resolv.conf w, /etc/resolv.conf.tmp rw, /etc/sysconfig/network/ r, /etc/sysconfig/network/dhcp r, /proc/net/psched r, /sbin/ip Px, /usr/lib/NetworkManager/nm-crash-logger Px, /usr/sbin/NetworkManager mr, /usr/sbin/nscd Px, /usr/sbin/wpa_supplicant Px, /var/run/NetworkManager.pid w, /var/run/NetworkManager/wpa_ctrl_* w, /var/run/wpa_supplicant-global w, /var/run/wpa_supplicant/* w, } about 1 year ago Import of jmichaels profiles 102 dominic Edit History
opensuse10.3 /usr/bin/wireshark # $Id: usr.bin.wireshark 732 2007-06-11 05:14:29Z seth_arnold $ # ------------------------------------------------------------------ # # Copyright (C) 2002-2005 Novell/SUSE # # This program is free software; you can redistribute it and/or # modify it under the terms of version 2 of the GNU General Public # License published by the Free Software Foundation. # # ------------------------------------------------------------------ #include <tunables/global> /usr/bin/wireshark flags=(complain) { #include <abstractions/X> #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/gnome> #include <abstractions/kde> #include <abstractions/nameservice> #include <abstractions/user-write> capability net_raw, /etc/ethers r, /etc/pango/pango.modules r, /usr/bin/wireshark mixr, /usr/lib/firefox/firefox.sh rPx, /usr/lib/gtk-*/*/loaders/* mr, /usr/share/* r, /usr/share/icons r, /usr/share/icons/** r, /usr/share/mime/* r, /usr/share/snmp/mibs r, /usr/share/snmp/mibs/* r, /usr/share/snmp/mibs/.index rw, @{HOME}/.fonts.cache-* r, @{HOME}/.wireshark/* rw, } about 1 year ago 76 voshellc Edit History
opensuse10.3 /usr/bin/acroread #include <tunables/global> /usr/bin/acroread { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/nameservice> /bin/basename Px, /bin/bash ixr, /bin/cat ixr, /bin/grep ixr, /bin/ls ixmr, /bin/pwd ixr, /bin/sed ixr, /bin/uname Px, /home/*/.adobe/** w, /proc/meminfo r, /proc/sys/kernel/ngroups_max r, /sbin/ldconfig Px, /usr/bin/acroread mr, /usr/bin/dirname ixr, /usr/bin/expr ixr, /usr/bin/gconftool-2 Px, /usr/lib/Acrobat7/Reader/intellinux/bin/acroread Px, } about 1 year ago Import of jmichaels profiles 77 dominic Edit History
opensuse10.3 /usr/bin/php5 #include <tunables/global> /usr/bin/php5 { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/nameservice> #include <abstractions/php5> #include <abstractions/user-tmp> capability dac_override, /bin/bash ixr, /etc/php5/cli/* r, /proc/meminfo r, /root/.pearrc rw, /srv/www/htdocs/** r, /usr/bin/.tmppear rw, /usr/bin/cpp-4.2 px, /usr/bin/gpg2 ixr, /usr/bin/php5 ixr, /usr/include/* r, /usr/share/kolab/scripts/resmgr/* r, /usr/share/php5/** krw, /var/lib/kolab/kolab-filter/* r, /var/lib/pear/Kolab_Freebusy.xml r, /var/lib/php5/session_mm_* klrw, /var/log/kolab/filter/* w, /var/log/kolab/resmgr.log a, } about 1 year ago 96 arclyde Edit History
opensuse10.3 /usr/sbin/ntpdate #include <tunables/global> /usr/sbin/ntpdate { #include <abstractions/base> #include <abstractions/nameservice> capability net_bind_service, capability sys_nice, capability sys_time, /etc/gai.conf r, /proc/meminfo r, /usr/sbin/ntpdate mr, /var/run/nscd/services r, } about 1 year ago none 66 cinimod Edit History
opensuse10.3 /bin/egrep #include <tunables/global> /bin/egrep flags=(complain) { #include <abstractions/base> /bin/egrep mr, } about 1 year ago egrep_changelog 87 security Edit History
opensuse10.3 /usr/bin/xmodmap #include <tunables/global> /usr/bin/xmodmap flags=(complain) { #include <abstractions/X> #include <abstractions/base> /etc/X11/Xmodmap r, /usr/bin/xmodmap mr, /var/lib/gdm/* r, } over 2 years ago argh, switch things back to complain for a while 115 jmichael Edit History
opensuse10.3 /usr/sbin/httpd2-prefork #include <tunables/global> /usr/sbin/httpd2-prefork { #include <abstractions/base> #include <abstractions/nameservice> #include <abstractions/python> capability kill, capability net_bind_service, capability setgid, capability setuid, /etc/apache2/**.conf r, /etc/apache2/conf.d/ r, /etc/apache2/vhosts.d/ r, /etc/mime.types r, /proc/*/attr/current w, /usr/lib/**.so mr, /usr/sbin/httpd2-prefork mr, /var/log/apache2/access_log w, /var/log/apache2/error_log w, /var/run/httpd2.pid w, } /usr/sbin/httpd2-prefork///manual { /proc/*/attr/current w, /var/log/apache2/error_log w, } /usr/sbin/httpd2-prefork///~dominic/thinking-rock.ics { /home/*/public_html/thinking-rock.ics r, /proc/*/attr/current w, /var/log/apache2/access_log w, } /usr/sbin/httpd2-prefork//DEFAULT_URI { #include <abstractions/nameservice> /home/*/**.html r, /proc/*/attr/current w, /usr/share/**.var r, /usr/share/apache2/error/**.html r, /var/log/apache2/access_log w, /var/log/apache2/error_log w, } /usr/sbin/httpd2-prefork//HANDLING_UNTRUSTED_INPUT { #include <abstractions/nameservice> /proc/*/attr/current w, } about 1 year ago none 68 cinimod Edit History
opensuse10.3 /usr/bin/acroread #include <tunables/global> /usr/bin/acroread { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/nameservice> /bin/basename Px, /bin/bash ixr, /bin/cat ixr, /bin/grep ixr, /bin/ls ixmr, /bin/pwd ixr, /bin/sed ixr, /bin/uname Px, /home/*/.adobe/** w, /proc/meminfo r, /proc/sys/kernel/ngroups_max r, /sbin/ldconfig Px, /usr/bin/acroread mr, /usr/bin/dirname ixr, /usr/bin/expr ixr, /usr/bin/gconftool-2 Px, /usr/lib/Acrobat7/Reader/intellinux/bin/acroread Px, } about 1 year ago none 62 cinimod Edit History
opensuse10.3 /usr/lib/openldap/slapd #include <tunables/global> /usr/lib/openldap/slapd flags=(complain) { #include <abstractions/base> /usr/lib/openldap/slapd mr, } about 1 year ago Ldap neu 72 franksuess