AppArmor profile exchange

opensuse10.3's profiles

Distribution	Name	Profile	Created At	Changelog	View Count	Username
opensuse10.3	/sbin/dhclient	#include <tunables/global> /sbin/dhclient { #include <abstractions/base> capability net_bind_service, capability net_raw, network inet dgram, network packet packet, /etc/dhclient.conf r, /etc/resolv.conf w, /etc/resolv.conf.saved.by.dhclient rw, /proc/net/dev r, /sbin/dhclient mr, /sbin/dhclient-script Px, /var/lib/dhcp/dhclient-.leases rw, /var/lib/dhcp/dhclient.leases rw, /var/run/dhclient-.pid rw, /var/run/dhclient.pid rw, /var/run/nscd/services r, /var/run/nscd/socket w, }	11 months ago	none	23	cinimod	Edit	History
opensuse10.3	/usr/sbin/vmware-serverd	#include <tunables/global> /usr/sbin/vmware-serverd flags=(complain) { #include <abstractions/base> /usr/sbin/vmware-serverd mr, }	about 1 year ago	vmware_server_delta	47	jfernandez	Edit	History
opensuse10.3	/etc/X11/xinit/xinitrc.d/sabayon-xinitrc.sh	#include <tunables/global> /etc/X11/xinit/xinitrc.d/sabayon-xinitrc.sh flags=(complain) { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> /bin/bash ixr, /etc/X11/xinit/xinitrc.d/sabayon-xinitrc.sh mr, /proc/meminfo r, /usr/sbin/sabayon-apply Px, }	about 1 year ago	few more changes to get gnome session working elsewhere	99	jmichael	Edit	History
opensuse10.3	/opt/kde3/bin/kmail	#include <tunables/global> /opt/kde3/bin/kmail flags=(complain) { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/kde> #include <abstractions/nameservice> / r, /bin/bash ixr, /cur/tmp/ lrw, /dat/dMisc/KMail/ w, /dat/dMisc/KMail/ lrw, /etc/* r, /etc/X11/* r, /home//* rw, /home//.gnupg/pubring.kbx.lock lrw, /home//.kde/share/** lrw, /home//.qt/ krw, /opt/kde3/ r, /opt/kde3/bin/kaddressbook Ux, /opt/kde3/bin/kioexec px, /opt/kde3/bin/kleopatra Px, /opt/kde3/bin/kmail mr, /opt/kde3/bin/kmailcvt Px, /opt/kde3/bin/kwatchgnupg Px, /opt/kde3/lib/ mr, /proc/ r, /usr/bin/aspell Ux, /usr/bin/gpg2 Px, /usr/bin/gpgsm mpxr, /usr/share/ r, /var/cache/** r, }	3 months ago	internet radio u.a.	16	shivver-fox	Edit	History
opensuse10.3	/usr/lib/gnome-panel/mixer_applet2	#include <tunables/global> /usr/lib/gnome-panel/mixer_applet2 flags=(complain) { #include <abstractions/audio> #include <abstractions/base> #include <abstractions/fonts> #include <abstractions/gnome> #include <abstractions/kde> #include <abstractions/nameservice> /etc/gnome-vfs-2.0/modules/ r, /etc/sound/events/gtk-events-2.soundlist r, /home//.Xauthority r, /home//.esd_auth r, /home//.fontconfig/ r, /home//.gnome2_private/ w, /home//.gstreamer-0.10/registry.i686.xml r, /home//.icons/ r, /home//.local/share/icons/ r, /proc/meminfo r, /tmp/orbit-*/bonobo-activation-register.lock klrw, /usr/bin/bug-buddy ixr, /usr/lib/gnome-panel/mixer_applet2 mr, /usr/share/gnome-2.0/ui/GNOME_MixerApplet.xml r, }	about 1 year ago	some bug-buddy rules and other misc updates	72	jmichael	Edit	History
opensuse10.3	/usr/bin/gnome-open	#include <tunables/global> /usr/bin/gnome-open { #include <abstractions/base> /usr/bin/gnome-open mr, }	11 months ago	none	27	cinimod	Edit	History
opensuse10.3	/opt/kde3/bin/kaffeine	#include <tunables/global> /opt/kde3/bin/kaffeine { #include <abstractions/base> #include <abstractions/nameservice> / r, /bin/ r, /boot/ r, /dev/ r, /dev/snd/* rw, /dev/sr0 r, /etc/ r, /etc/X11/kstylerc r, /etc/X11/qt_plugins_3.3rc r, /etc/X11/qtrc r, /etc/exports r, /etc/fonts/ r, /etc/fstab r, /etc/kde3rc r, /etc/mtab r, /etc/opt/kde3/share/config/kioslaverc r, /etc/opt/kde3/share/icons// r, /etc/rpc r, /etc/security/fileshare.conf r, /home/ r, /home//* r, /home//.dvdcss/ rw, /home//.kde/share/apps/kaffeine/* rw, /home//.kde/share/config/ lrw, /home//.qt/ krw, /home//.xine/catalog.cache rw, /home//.xine/config rw, /home//.xine/config~ w, /lib/ r, /lib64/ r, /media/ r, /media/* r, /mnt/ r, /opt/ r, /opt/kde3/bin/kaffeine mr, /opt/kde3/lib/kde3/plugins/styles/ r, /opt/kde3/lib64/* mr, /opt/kde3/lib64/kde3/* mr, /opt/kde3/lib64/kde3/plugins/styles/ r, /opt/kde3/lib64/kde3/plugins/styles/* mr, /opt/kde3/share/apps/kaffeine/ r, /opt/kde3/share/config/kdeglobals r, /opt/kde3/share/config/profilerc r, /opt/kde3/share/config/ui/ui_standards.rc r, /opt/kde3/share/icons/ r, /opt/kde3/share/locale-bundle/nb/LC_MESSAGES/* r, /opt/kde3/share/locale/nb/LC_MESSAGES/* r, /proc/ r, /sbin/ r, /srv/ r, /sys/ r, /tmp/ r, /tmp/.ICE-unix/* w, /tmp/.X11-unix/* w, /tmp/ksocket-n5/* w, /usr/ r, /usr/lib64/** mr, /usr/share/X11/* r, /usr/share/X11/locale/* r, /usr/share/X11/locale/en_US.UTF-8/* r, /usr/share/alsa/ r, /usr/share/desktop-data/qtrc r, /usr/share/fonts/ r, /usr/share/icons/ r, /usr/share/xine/ r, /var/ r, /var/cache/fontconfig/* r, /var/cache/libx11/compose/* r, /var/tmp/kdecache-n5/ksycoca r, /vol/ r, /vol/** r, /windows/ r, }	about 1 year ago		152	kijo387	Edit	History
opensuse10.3	/usr/bin/metacity	#include <tunables/global> /usr/bin/metacity flags=(complain) { #include <abstractions/base> #include <abstractions/gnome> #include <abstractions/nameservice> /home//.ICEauthority r, /home//.Xauthority r, /home//.fontconfig/ r, /home//.metacity/sessions/ w, /proc/meminfo r, /usr/bin/bug-buddy ixr, /usr/bin/metacity mr, }	about 1 year ago	some bug-buddy rules and other misc updates	71	jmichael	Edit	History
opensuse10.3	/usr/bin/net	#include <tunables/global> /usr/bin/net { #include <abstractions/base> network inet dgram, /etc/samba/dhcp.conf r, /etc/samba/smb.conf r, /usr/bin/net mr, }	11 months ago	none	45	cinimod	Edit	History
opensuse10.3	/sbin/dhclient	#include <tunables/global> /sbin/dhclient { #include <abstractions/base> capability net_bind_service, capability net_raw, network inet dgram, network packet packet, /etc/dhclient.conf r, /etc/resolv.conf w, /etc/resolv.conf.saved.by.dhclient rw, /proc/net/dev r, /sbin/dhclient mr, /sbin/dhclient-script Px, /var/lib/dhcp/dhclient-.leases rw, /var/lib/dhcp/dhclient.leases rw, /var/run/dhclient-.pid rw, /var/run/dhclient.pid rw, /var/run/nscd/services r, /var/run/nscd/socket w, }	about 1 year ago	Import of jmichaels profiles	30	dominic	Edit	History
opensuse10.3	/opt/google-earth/googleearth-bin	#include <tunables/global> /opt/google-earth/googleearth-bin { #include <abstractions/base> /opt/google-earth/googleearth-bin mr, /opt/google-earth/libQt3Support.so.* mr, /opt/google-earth/libQtCore.so.* mr, /opt/google-earth/libQtGui.so.* mr, /opt/google-earth/libQtNetwork.so.* mr, /opt/google-earth/libQtSql.so.* mr, /opt/google-earth/libQtXml.so.* r, /opt/google-earth/libQtXml.so.4 mr, /opt/google-earth/libbase.so r, /opt/google-earth/libgcc_s.so.* mr, /opt/google-earth/libgoogleearth_lib.so mr, /opt/google-earth/libstdc\+\+.so.* r, /opt/google-earth/libstdc\+\+.so.6 mr, }	2 months ago		8	mathias	Edit	History
opensuse10.3	/usr/bin/gnome-volume-manager	#include <tunables/global> /usr/bin/gnome-volume-manager { #include <abstractions/base> #include <abstractions/dbus> #include <abstractions/gnome> #include <abstractions/nameservice> /etc/gnome-vfs-2.0/modules/ r, /etc/sound/events/gtk-events-2.soundlist r, /home//.Xauthority r, /home//.gnome2_private/ w, /proc/*/mounts r, /usr/bin/bug-buddy ixr, /usr/bin/gnome-volume-manager mr, /var/run/resmgr/classes/desktop/ r, }	11 months ago	none	19	cinimod	Edit	History
opensuse10.3	/usr/bin/gnome-open	#include <tunables/global> /usr/bin/gnome-open { #include <abstractions/base> /usr/bin/gnome-open mr, }	about 1 year ago	Import of jmichaels profiles	42	dominic	Edit	History
opensuse10.3	/usr/bin/ncftp	#include <tunables/global> /usr/bin/ncftp { #include <abstractions/base> /usr/bin/ncftp mr, }	7 months ago	ncftp2	18	SamCurt	Edit	History
opensuse10.3	/usr/bin/net	#include <tunables/global> /usr/bin/net { #include <abstractions/base> network inet dgram, /etc/samba/dhcp.conf r, /etc/samba/smb.conf r, /usr/bin/net mr, }	about 1 year ago	Import of jmichaels profiles	58	dominic	Edit	History
opensuse10.3	/usr/lib/GConf/2/gconfd-2	# $Id: usr.lib.GConf.2.gconfd-2 735 2007-06-11 05:17:30Z seth_arnold $ # ------------------------------------------------------------------ # # Copyright (C) 2002-2005 Novell/SUSE # # This program is free software; you can redistribute it and/or # modify it under the terms of version 2 of the GNU General Public # License published by the Free Software Foundation. # # ------------------------------------------------------------------ #include <tunables/global> /usr/lib/GConf/2/gconfd-2 flags=(complain) { #include <abstractions/base> #include <abstractions/nameservice> #include <abstractions/user-tmp> /cur/tmp/ r, /cur/tmp/ klrw, /etc/gconf/ r, /home// r, /usr/lib/GConf/2/gconfd-2 rmix, /usr/lib/GConf/2/libgconfbackend-xml.so mr, /usr/lib64/GConf/2/libgconfbackend-xml.so mr, /usr/share/locale/ r, @{HOME}/.gconf r, @{HOME}/.gconf/ lrw, @{HOME}/.gconfd/ lrw, }	3 months ago	internet radio u.a.	15	shivver-fox	Edit	History
opensuse10.3	/usr/lib/evolution/2.12/evolution-alarm-notify	#include <tunables/global> /usr/lib/evolution/2.12/evolution-alarm-notify { #include <abstractions/base> /usr/lib/evolution/2.12/evolution-alarm-notify mr, }	11 months ago	none	37	cinimod	Edit	History
opensuse10.3	/usr/bin/gnome-volume-manager	#include <tunables/global> /usr/bin/gnome-volume-manager { #include <abstractions/base> #include <abstractions/dbus> #include <abstractions/gnome> #include <abstractions/nameservice> /etc/gnome-vfs-2.0/modules/ r, /etc/sound/events/gtk-events-2.soundlist r, /home//.Xauthority r, /home//.gnome2_private/ w, /proc/*/mounts r, /usr/bin/bug-buddy ixr, /usr/bin/gnome-volume-manager mr, /var/run/resmgr/classes/desktop/ r, }	about 1 year ago	Import of jmichaels profiles	27	dominic	Edit	History
opensuse10.3	/usr/bin/xfs	#include <tunables/global> /usr/bin/xfs { #include <abstractions/base> capability setgid, capability setuid, network inet, network inet6, /etc/X11/fontpath.d rk, /etc/X11/fontpath.d/ rk, /etc/X11/fontpath.d/** r, /etc/X11/fs/config r, /etc/group r, /etc/ld.so.preload r, /etc/nsswitch.conf r, /etc/passwd r, /etc/services r, /home//.fontconfig r, /home//.fonts/ r, /tmp/ rw, /tmp/.font-unix rwlk, /tmp/.font-unix/ rwlk, /tmp/.font-unix/ rwlk, /usr/bin/xfs mr, /usr/share/fonts/ r, /usr/share/lilypond/2.11.40/fonts/ r, /var/db/nscd/group r, /var/db/nscd/passwd r, /var/db/nscd/services r, /var/fonts2/** r, /var/run/dbus/system_bus_socket rw, /var/run/nscd/services r, /var/run/nscd/socket rw, /var/run/xfs.pid rwl, }	about 20 hours ago		0	hello	Edit	History
opensuse10.3	/usr/bin/totem-video-thumbnailer	#include <tunables/global> /usr/bin/totem-video-thumbnailer flags=(complain) { #include <abstractions/base> #include <abstractions/gnome> #include <abstractions/nameservice> /etc/gnome-vfs-2.0/modules/ r, /home//.gstreamer-0.10/registry.i686.xml r, /home//Desktop/** r, /usr/bin/totem-video-thumbnailer mr, }	about 1 year ago	argh, switch things back to complain for a while	72	jmichael	Edit	History
opensuse10.3	/usr/local/BGRadiusDialup/radius.sh	#include <tunables/global> /usr/local/BGRadiusDialup/radius.sh flags=(complain) { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/nameservice> /bin/bash ixr, /dev/tty rw, /etc/sysconfig/clock r, /proc//maps r, /proc/meminfo r, /proc/net/if_inet6 r, /proc/net/ipv6_route r, /proc/stat r, /tmp/* mrw, /usr/bin/nohup ixr, /usr/bin/readlink ixr, /usr/lib64/** mr, /usr/lib64/jvm/java-1.6.0.u4-sun-1.6.0.u4/jre/bin/java ixr, /usr/lib64/jvm/java-1.6.0.u4-sun-1.6.0.u4/jre/bin/java.bin ixr, /usr/local/BGRadiusDialup/dictionary.xml r, /usr/local/BGRadiusDialup/lib/ r, /usr/local/BGRadiusDialup/lib/activation.jar mr, /usr/local/BGRadiusDialup/lib/bsh-1.3.0.jar mr, /usr/local/BGRadiusDialup/lib/commons-collections.jar mr, /usr/local/BGRadiusDialup/lib/commons-dbcp-1.1.jar mr, /usr/local/BGRadiusDialup/lib/commons-pool-1.1.jar mr, /usr/local/BGRadiusDialup/lib/dialup.jar mr, /usr/local/BGRadiusDialup/lib/dnsjava.jar mr, /usr/local/BGRadiusDialup/lib/gnu-crypto.jar mr, /usr/local/BGRadiusDialup/lib/log4j-1.2.8.jar mr, /usr/local/BGRadiusDialup/lib/mail.jar mr, /usr/local/BGRadiusDialup/lib/mysql-5.0.3.jar mr, /usr/local/BGRadiusDialup/lib/snmp4_13.jar mr, /usr/local/BGRadiusDialup/lib/xalan.jar mr, /usr/local/BGRadiusDialup/lib/xercesImpl.jar mr, /usr/local/BGRadiusDialup/log/collector.log w, /usr/local/BGRadiusDialup/log/connection.log w, /usr/local/BGRadiusDialup/log/netflow.log w, /usr/local/BGRadiusDialup/log/processor.log w, /usr/local/BGRadiusDialup/log/radius.log w, /usr/local/BGRadiusDialup/log/radius.out w, /usr/local/BGRadiusDialup/log/script.log w, /usr/local/BGRadiusDialup/log4j_radius.properties r, /usr/local/BGRadiusDialup/radius.properties r, /usr/local/BGRadiusDialup/radius.sh mr, /usr/share/zoneinfo/ r, }	6 months ago	andrew	22	gankov	Edit	History
opensuse10.3	/usr/lib/firefox/firefox.sh	#include <tunables/global> /usr/lib/firefox/firefox.sh flags=(complain) { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/user-tmp> /bin/basename Px, /bin/bash ixr, /bin/grep ixr, /bin/mktemp ixr, /etc/magic r, /home//.gdbinit r, /home//.inputrc r, /proc//auxv r, /proc//mem r, /proc/*/status r, /proc/meminfo r, /proc/sys/kernel/ngroups_max r, /usr/bin/file ixr, /usr/bin/gdb ixr, /usr/lib/firefox/firefox-bin Pxr, /usr/lib/firefox/firefox.sh mr, /usr/share/misc/magic.mgc r, }	about 1 year ago	allow -d gdb option for firefox plus other misc updates	57	jmichael	Edit	History
opensuse10.3	/usr/bin/Xgl	#include <tunables/global> /usr/bin/Xgl { #include <abstractions/X> #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/fonts> #include <abstractions/freedesktop.org> #include <abstractions/user-tmp> capability dac_override, capability ipc_owner, capability setgid, capability setuid, capability sys_admin, /bin/bash ixr, /dev/dri/card* rw, /etc/sysconfig/displaymanager r, /home//.gnome2/share/cursor-fonts/fonts.dir r, /home//.gnome2/share/fonts/fonts.dir r, /home/jesse/.gnome2/share/fonts/** r, /proc/meminfo r, /usr/bin/Xgl mr, /usr/bin/Xorg Px, /usr/bin/xkbcomp Px, /usr/lib/dri/.so mr, /var/lib/gdm/ r, /var/lib/xkb/compiled/.xkm rw, /var/log/Xgl..log rw, /var/log/Xgl..log.old w, /var/log/gdm/.log w, }	about 1 year ago	Import of jmichaels profiles	64	dominic	Edit	History
opensuse10.3	/usr/bin/gnome-open	#include <tunables/global> /usr/bin/gnome-open flags=(complain) { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/nameservice> /bin/basename ixr, /bin/bash ixr, /bin/grep ixr, /bin/netstat ixr, /bin/ps ixr, /dev/snd/controlC0 rw, /dev/snd/controlC1 rw, /dev/snd/pcmC0D0p rw, /dev/tty rw, /etc/fonts/** r, /etc/gnome-vfs-2.0/modules/ r, /etc/gnome-vfs-2.0/modules/default-modules.conf r, /etc/gnome-vfs-2.0/modules/font-method.conf r, /etc/gnome-vfs-2.0/modules/mapping-modules.conf r, /etc/gnome-vfs-2.0/modules/smb-module.conf r, /etc/gnome-vfs-2.0/modules/ssl-modules.conf r, /etc/gnome-vfs-2.0/modules/theme-method.conf r, /etc/gtk-2.0/gdk-pixbuf.loaders r, /etc/gtk-2.0/gtk.immodules r, /etc/gtk-2.0/gtkrc r, /etc/magic r, /etc/mailcap r, /etc/mime.types r, /etc/opt/kde3/share/applications/ r, /etc/opt/kde3/share/applications/mimeinfo.cache r, /etc/pango/pango.modules r, /etc/sound/events/gtk-events-2.soundlist r, /home//.ICEauthority r, /home//.Xauthority r, /home//.esd_auth r, /home//.fontconfig/a739e0075b4b5d92542755c278dde193-x86.cache-2 r, /home//.gnome2_private/ w, /home//.local/share/applications/ r, /home//.local/share/applications/mimeinfo.cache r, /home//.local/share/mime/aliases r, /home//.local/share/mime/globs r, /home//.local/share/mime/magic r, /home//.local/share/mime/subclasses r, /home//.macromedia/Flash_Player/#SharedObjects/ r, /home//.macromedia/Flash_Player/#SharedObjects/VD9JQJ6E/skype.com/ rw, /home//.macromedia/Flash_Player/#SharedObjects/VD9JQJ6E/skype.com/#user/ rw, /home//.macromedia/Flash_Player/#SharedObjects/VD9JQJ6E/skype.com/#user/session.sxx w, /home//.macromedia/Flash_Player/macromedia.com/support/flashplayer/sys/#skype.com/ w, /home//.macromedia/Flash_Player/macromedia.com/support/flashplayer/sys/#skype.com/settings.sol rw, /home//.macromedia/Flash_Player/macromedia.com/support/flashplayer/sys/#skype.com/settings.sxx rw, /home//.macromedia/Flash_Player/macromedia.com/support/flashplayer/sys/settings.sol rw, /home//.macromedia/Flash_Player/macromedia.com/support/flashplayer/sys/settings.sxx rw, /home//.mailcap r, /home//.mozilla/firefox/3749x1bh.default/ r, /home//.mozilla/firefox/3749x1bh.default/.parentlock kw, /home//.mozilla/firefox/3749x1bh.default/Cache.Trash/ rw, /home//.mozilla/firefox/3749x1bh.default/Cache.Trash/Trash/ rw, /home//.mozilla/firefox/3749x1bh.default/Cache.Trash/Trash/Cache/ rw, /home//.mozilla/firefox/3749x1bh.default/Cache.Trash/Trash/Cache/ w, /home//.mozilla/firefox/3749x1bh.default/Cache/ rw, /home//.mozilla/firefox/3749x1bh.default/Cache/* rw, /home//.mozilla/firefox/3749x1bh.default/XPC.mfasl r, /home//.mozilla/firefox/3749x1bh.default/XUL.mfasl r, /home//.mozilla/firefox/3749x1bh.default/bookmarkbackups/ r, /home//.mozilla/firefox/3749x1bh.default/bookmarks-1.html rw, /home//.mozilla/firefox/3749x1bh.default/bookmarks.bak w, /home//.mozilla/firefox/3749x1bh.default/bookmarks.html rw, /home//.mozilla/firefox/3749x1bh.default/cert8.db rw, /home//.mozilla/firefox/3749x1bh.default/compatibility.ini r, /home//.mozilla/firefox/3749x1bh.default/compreg.dat r, /home//.mozilla/firefox/3749x1bh.default/cookies-1.txt rw, /home//.mozilla/firefox/3749x1bh.default/cookies.txt rw, /home//.mozilla/firefox/3749x1bh.default/downloads.rdf r, /home//.mozilla/firefox/3749x1bh.default/extensions.cache r, /home//.mozilla/firefox/3749x1bh.default/extensions.ini r, /home//.mozilla/firefox/3749x1bh.default/extensions/ r, /home//.mozilla/firefox/3749x1bh.default/formhistory.dat rw, /home//.mozilla/firefox/3749x1bh.default/history.dat rw, /home//.mozilla/firefox/3749x1bh.default/hostperm.1 r, /home//.mozilla/firefox/3749x1bh.default/key3.db rw, /home//.mozilla/firefox/3749x1bh.default/localstore-1.rdf rw, /home//.mozilla/firefox/3749x1bh.default/localstore.rdf rw, /home//.mozilla/firefox/3749x1bh.default/lock w, /home//.mozilla/firefox/3749x1bh.default/mimeTypes.rdf rw, /home//.mozilla/firefox/3749x1bh.default/prefs-1.js rw, /home//.mozilla/firefox/3749x1bh.default/prefs.js rw, /home//.mozilla/firefox/3749x1bh.default/search.sqlite krw, /home//.mozilla/firefox/3749x1bh.default/secmod.db r, /home//.mozilla/firefox/3749x1bh.default/sessionstore-1.js rw, /home//.mozilla/firefox/3749x1bh.default/sessionstore.js rw, /home//.mozilla/firefox/3749x1bh.default/urlclassifier2.sqlite rw, /home//.mozilla/firefox/3749x1bh.default/urlclassifier2.sqlite-journal w, /home//.mozilla/firefox/3749x1bh.default/webappsstore.sqlite rw, /home//.mozilla/firefox/3749x1bh.default/webappsstore.sqlite-journal w, /home//.mozilla/firefox/3749x1bh.default/xpti.dat r, /home//.mozilla/firefox/pluginreg.dat rw, /home//.mozilla/firefox/profiles.ini r, /opt/kde3/share/applications/ r, /opt/kde3/share/applications/mimeinfo.cache r, /proc/ r, /proc//cmdline r, /proc//maps r, /proc//stat r, /proc//status r, /proc/meminfo r, /proc/net/ r, /proc/net/dev r, /proc/net/unix r, /proc/stat r, /proc/sys/kernel/ngroups_max r, /proc/sys/kernel/pid_max r, /proc/uptime r, /tmp/ r, /tmp/* rw, /tmp/.ICE-unix/3510 w, /tmp/.ICE-unix/3664 w, /tmp/.ICE-unix/3665 w, /tmp/.ICE-unix/4499 w, /tmp/.X11-unix/X0 w, /tmp/.esd/socket rw, /tmp/gconfd-overwrite/lock/ior r, /tmp/orbit-overwrite/ w, /tmp/orbit-overwrite/* w, /tmp/orbit-somebody/ w, /usr/bin/bug-buddy ixr, /usr/bin/expr ixr, /usr/bin/file ixr, /usr/bin/gnome-open mr, /usr/lib/ mr, /usr/lib/firefox/firefox-bin ixr, /usr/lib/firefox/firefox.sh ixr, /usr/share/X11/locale/compose.dir r, /usr/share/X11/locale/en_US.UTF-8/Compose r, /usr/share/X11/locale/en_US.UTF-8/XLC_LOCALE r, /usr/share/X11/locale/locale.alias r, /usr/share/X11/locale/locale.dir r, /usr/share/alsa/alsa.conf r, /usr/share/alsa/cards/EMU10K1.conf r, /usr/share/alsa/cards/VIA8237.conf r, /usr/share/alsa/cards/aliases.conf r, /usr/share/alsa/pcm/center_lfe.conf r, /usr/share/alsa/pcm/default.conf r, /usr/share/alsa/pcm/dmix.conf r, /usr/share/alsa/pcm/dsnoop.conf r, /usr/share/alsa/pcm/front.conf r, /usr/share/alsa/pcm/iec958.conf r, /usr/share/alsa/pcm/rear.conf r, /usr/share/alsa/pcm/surround40.conf r, /usr/share/alsa/pcm/surround41.conf r, /usr/share/alsa/pcm/surround50.conf r, /usr/share/alsa/pcm/surround51.conf r, /usr/share/applications/ r, /usr/share/applications/mimeinfo.cache r, /usr/share/fonts/ r, /usr/share/gdm/applications/ r, /usr/share/gdm/applications/mimeinfo.cache r, /usr/share/ghostscript/fonts/** r, /usr/share/icons/Industrial/cursors/fleur r, /usr/share/icons/Industrial/cursors/hand2 r, /usr/share/icons/Industrial/cursors/left_ptr r, /usr/share/icons/Industrial/cursors/xterm r, /usr/share/icons/Industrial/index.theme r, /usr/share/icons/Tango/index.theme r, /usr/share/icons/crystalblue/cursors/hand r, /usr/share/icons/crystalblue/cursors/left_ptr r, /usr/share/icons/crystalblue/cursors/left_ptr_watch r, /usr/share/icons/crystalblue/cursors/xterm r, /usr/share/icons/crystalblue/index.theme r, /usr/share/icons/crystalblue_nonanim/cursors/left_ptr_watch r, /usr/share/icons/crystalblue_nonanim/index.theme r, /usr/share/icons/gnome/index.theme r, /usr/share/locale-bundle/de/LC_MESSAGES/glib20.mo r, /usr/share/locale-bundle/de/LC_MESSAGES/gtk20-properties.mo r, /usr/share/locale-bundle/de/LC_MESSAGES/gtk20.mo r, /usr/share/locale-bundle/de/LC_MESSAGES/libbonobo-2.0.mo r, /usr/share/locale-bundle/de/LC_MESSAGES/libgnome-2.0.mo r, /usr/share/mime/aliases r, /usr/share/mime/globs r, /usr/share/mime/magic r, /usr/share/mime/subclasses r, /usr/share/misc/magic.mgc r, /usr/share/themes/Clearlooks/gtk-2.0/gtkrc r, /usr/share/themes/Default/gtk-2.0-key/gtkrc r, /usr/share/themes/bluebubble/gtk-2.0/bc-dark.png r, /usr/share/themes/bluebubble/gtk-2.0/bc-light.png r, /usr/share/themes/bluebubble/gtk-2.0/bc.png r, /usr/share/themes/bluebubble/gtk-2.0/bubble-blue-prelight.png r, /usr/share/themes/bluebubble/gtk-2.0/bubble-blue-pressed.png r, /usr/share/themes/bluebubble/gtk-2.0/bubble-blue.png r, /usr/share/themes/bluebubble/gtk-2.0/gtkrc r, /usr/share/themes/bluebubble/gtk-2.0/lines_background_const.png r, /var/cache/fontconfig/* r, /var/cache/gnome-vfs/defaults.list r, /var/cache/libx11/compose/l4_024_313cb605_00280cc0 r, /var/run/dbus/system_bus_socket w, /var/tmp/ r, }	about 1 year ago		73	overwrite	Edit	History
opensuse10.3	/usr/bin/amule	#include <tunables/global> /usr/bin/amule flags=(complain) { #include <abstractions/base> /usr/bin/amule mr, }	about 1 year ago	amule	25	spiky781	Edit	History
opensuse10.3	/usr/lib/helix-dbus-server/helix-dbus-server.bin	#include <tunables/global> /usr/lib/helix-dbus-server/helix-dbus-server.bin { #include <abstractions/audio> #include <abstractions/base> #include <abstractions/nameservice> /proc/cpuinfo r, /usr/lib/RealPlayer10/**.so mr, /usr/lib/helix-dbus-server/helix-dbus-server.bin mr, }	11 months ago	none	18	cinimod	Edit	History
opensuse10.3	/usr/bin/manpath	#include <tunables/global> /usr/bin/manpath { #include <abstractions/base> /etc/manpath.config r, /usr/bin/manpath mr, }	about 1 year ago	Import of jmichaels profiles	41	dominic	Edit	History
opensuse10.3	/usr/sbin/httpd2-prefork	#include <tunables/global> /usr/sbin/httpd2-prefork flags=(complain) { #include <abstractions/base> #include <abstractions/nameservice> #include <abstractions/nis> capability dac_override, capability net_bind_service, capability setgid, capability setuid, /etc/apache2/conf.d/ r, /etc/apache2/conf.d/mod_fcgid.conf r, /etc/apache2/conf.d/mod_mono.conf r, /etc/apache2/conf.d/mod_perl.conf r, /etc/apache2/conf.d/php5.conf r, /etc/apache2/conf.d/phpmyadmin.conf r, /etc/apache2/default-server.conf r, /etc/apache2/errors.conf r, /etc/apache2/httpd.conf r, /etc/apache2/listen.conf r, /etc/apache2/mod_autoindex-defaults.conf r, /etc/apache2/mod_info.conf r, /etc/apache2/mod_log_config.conf r, /etc/apache2/mod_mime-defaults.conf r, /etc/apache2/mod_status.conf r, /etc/apache2/mod_userdir.conf r, /etc/apache2/mod_usertrack.conf r, /etc/apache2/server-tuning.conf r, /etc/apache2/ssl-global.conf r, /etc/apache2/sysconfig.d/global.conf r, /etc/apache2/sysconfig.d/include.conf r, /etc/apache2/sysconfig.d/loadmodule.conf r, /etc/apache2/uid.conf r, /etc/apache2/vhosts.d/ r, /etc/gai.conf r, /etc/mime.types r, /etc/php5/apache2/php.ini r, /etc/php5/conf.d/ r, /etc/php5/conf.d/bcmath.ini r, /etc/php5/conf.d/bz2.ini r, /etc/php5/conf.d/calendar.ini r, /etc/php5/conf.d/ctype.ini r, /etc/php5/conf.d/curl.ini r, /etc/php5/conf.d/dba.ini r, /etc/php5/conf.d/dom.ini r, /etc/php5/conf.d/exif.ini r, /etc/php5/conf.d/gd.ini r, /etc/php5/conf.d/gmp.ini r, /etc/php5/conf.d/hash.ini r, /etc/php5/conf.d/iconv.ini r, /etc/php5/conf.d/json.ini r, /etc/php5/conf.d/mbstring.ini r, /etc/php5/conf.d/mcrypt.ini r, /etc/php5/conf.d/mysql.ini r, /etc/php5/conf.d/mysqli.ini r, /etc/php5/conf.d/ncurses.ini r, /etc/php5/conf.d/odbc.ini r, /etc/php5/conf.d/openssl.ini r, /etc/php5/conf.d/pcntl.ini r, /etc/php5/conf.d/pdo.ini r, /etc/php5/conf.d/pdo_mysql.ini r, /etc/php5/conf.d/pdo_odbc.ini r, /etc/php5/conf.d/pdo_sqlite.ini r, /etc/php5/conf.d/posix.ini r, /etc/php5/conf.d/pspell.ini r, /etc/php5/conf.d/readline.ini r, /etc/php5/conf.d/shmop.ini r, /etc/php5/conf.d/snmp.ini r, /etc/php5/conf.d/soap.ini r, /etc/php5/conf.d/sockets.ini r, /etc/php5/conf.d/sqlite.ini r, /etc/php5/conf.d/suhosin.ini r, /etc/php5/conf.d/tidy.ini r, /etc/php5/conf.d/tokenizer.ini r, /etc/php5/conf.d/wddx.ini r, /etc/php5/conf.d/xmlreader.ini r, /etc/php5/conf.d/xmlrpc.ini r, /etc/php5/conf.d/xmlwriter.ini r, /etc/php5/conf.d/xsl.ini r, /etc/php5/conf.d/zip.ini r, /etc/php5/conf.d/zlib.ini r, /proc//attr/current w, /tmp/.wapi/ w, /tmp/mod_mono_dashboard_XXGLOBAL_1 rw, /usr/bin/mod-mono-server px, /usr/lib64/* mr, /usr/sbin/httpd2-prefork mr, /usr/share/snmp/mibs/.index r, /usr/share/snmp/mibs/DISMAN-EVENT-MIB.txt r, /usr/share/snmp/mibs/DISMAN-SCHEDULE-MIB.txt r, /usr/share/snmp/mibs/HOST-RESOURCES-MIB.txt r, /usr/share/snmp/mibs/HOST-RESOURCES-TYPES.txt r, /usr/share/snmp/mibs/IANA-RTPROTO-MIB.txt r, /usr/share/snmp/mibs/IANAifType-MIB.txt r, /usr/share/snmp/mibs/IF-MIB.txt r, /usr/share/snmp/mibs/INET-ADDRESS-MIB.txt r, /usr/share/snmp/mibs/IP-FORWARD-MIB.txt r, /usr/share/snmp/mibs/IP-MIB.txt r, /usr/share/snmp/mibs/IPV6-ICMP-MIB.txt r, /usr/share/snmp/mibs/IPV6-MIB.txt r, /usr/share/snmp/mibs/IPV6-TC.txt r, /usr/share/snmp/mibs/IPV6-TCP-MIB.txt r, /usr/share/snmp/mibs/IPV6-UDP-MIB.txt r, /usr/share/snmp/mibs/LM-SENSORS-MIB.txt r, /usr/share/snmp/mibs/NET-SNMP-AGENT-MIB.txt r, /usr/share/snmp/mibs/NET-SNMP-EXTEND-MIB.txt r, /usr/share/snmp/mibs/NET-SNMP-MIB.txt r, /usr/share/snmp/mibs/NET-SNMP-VACM-MIB.txt r, /usr/share/snmp/mibs/NOTIFICATION-LOG-MIB.txt r, /usr/share/snmp/mibs/RFC1155-SMI.txt r, /usr/share/snmp/mibs/RFC1213-MIB.txt r, /usr/share/snmp/mibs/SNMP-COMMUNITY-MIB.txt r, /usr/share/snmp/mibs/SNMP-FRAMEWORK-MIB.txt r, /usr/share/snmp/mibs/SNMP-MPD-MIB.txt r, /usr/share/snmp/mibs/SNMP-NOTIFICATION-MIB.txt r, /usr/share/snmp/mibs/SNMP-TARGET-MIB.txt r, /usr/share/snmp/mibs/SNMP-USER-BASED-SM-MIB.txt r, /usr/share/snmp/mibs/SNMP-VIEW-BASED-ACM-MIB.txt r, /usr/share/snmp/mibs/SNMPv2-MIB.txt r, /usr/share/snmp/mibs/SNMPv2-SMI.txt r, /usr/share/snmp/mibs/SNMPv2-TC.txt r, /usr/share/snmp/mibs/SNMPv2-TM.txt r, /usr/share/snmp/mibs/TCP-MIB.txt r, /usr/share/snmp/mibs/UCD-DEMO-MIB.txt r, /usr/share/snmp/mibs/UCD-DISKIO-MIB.txt r, /usr/share/snmp/mibs/UCD-DLMOD-MIB.txt r, /usr/share/snmp/mibs/UCD-IPFWACC-MIB.txt r, /usr/share/snmp/mibs/UCD-SNMP-MIB.txt r, /usr/share/snmp/mibs/UDP-MIB.txt r, /usr/share/terminfo/v/vt100 r, /var/lib/php5/session_mm_apache2handler0.sem kw, /var/log/apache2/access_log a, /var/log/apache2/error_log a, /var/run/httpd2.pid w, /var/run/nscd/services r, } /usr/sbin/httpd2-prefork///egroupware/login.php flags=(complain) { #include <abstractions/nameservice> /dev/urandom r, /proc//attr/current w, /srv/www/htdocs/egroupware/header.inc.php r, /srv/www/htdocs/egroupware/login.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/adodb/adodb-iterator.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/adodb/adodb-time.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/adodb/adodb.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/adodb/drivers/adodb-mysql.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.Template.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.accounts.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.accounts_sql.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.acl.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.applications.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.auth.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.auth_sql.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.browser.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.common.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.config.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.contenthistory.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.crypto.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.dragdrop.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.egw.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.egw_datetime.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.egw_db.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.egw_framework.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.error.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.errorlog.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.hooks.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.html.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.javascript.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.preferences.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.sessions.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.sessions_php4.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.tplsavant2.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/class.translation.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/common_functions.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/functions.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/savant2/Savant2.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/soap_functions.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/xajax.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/xajaxResponse.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/inc/xml_functions.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/js/jsapi/jsapi.js r, /srv/www/htdocs/egroupware/phpgwapi/setup/setup.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/setup/tables_current.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/templates/default/head.tpl r, /srv/www/htdocs/egroupware/phpgwapi/templates/default/images/ r, /srv/www/htdocs/egroupware/phpgwapi/templates/default/login.tpl r, /srv/www/htdocs/egroupware/phpgwapi/templates/idots/class.idots_framework.inc.php r, /srv/www/htdocs/egroupware/phpgwapi/templates/idots/images/ r, /var/lib/mysql/mysql.sock w, /var/log/apache2/access_log w, } "/usr/sbin/httpd2-prefork///egroupware/phpgwapi/templates/default/images/DPC LOGO TIFF.tif" flags=(complain) { #include <abstractions/nameservice> /proc//attr/current w, "/srv/www/htdocs/egroupware/phpgwapi/templates/default/images/DPC LOGO TIFF.tif" r, /var/log/apache2/access_log w, } /usr/sbin/httpd2-prefork///webERP/index.php flags=(complain) { #include <abstractions/nameservice> /dev/urandom r, /proc//attr/current w, /srv/www/htdocs/webERP/config.php r, /srv/www/htdocs/webERP/includes/ConnectDB.inc r, /srv/www/htdocs/webERP/includes/ConnectDB_mysqli.inc r, /srv/www/htdocs/webERP/includes/DateFunctions.inc r, /srv/www/htdocs/webERP/includes/GetConfig.php r, /srv/www/htdocs/webERP/includes/LanguageSetup.php r, /srv/www/htdocs/webERP/includes/MiscFunctions.php r, /srv/www/htdocs/webERP/includes/footer.inc r, /srv/www/htdocs/webERP/includes/header.inc r, /srv/www/htdocs/webERP/includes/php-gettext/gettext.php r, /srv/www/htdocs/webERP/includes/php-gettext/streams.php r, /srv/www/htdocs/webERP/includes/session.inc r, /srv/www/htdocs/webERP/index.php r, /srv/www/htdocs/webERP/locale/en_US/LC_MESSAGES/messages.mo r, /usr/share/mysql/charsets/Index.xml r, /var/lib/mysql/mysql.sock w, /var/lib/php5/sess_4srj8ot0k3dg4i4cfh382evemsc9jshf krw, /var/log/apache2/access_log w, } /usr/sbin/httpd2-prefork//DEFAULT_URI flags=(complain) { /var/log/apache2/error_log w, } /usr/sbin/httpd2-prefork//HANDLING_UNTRUSTED_INPUT flags=(complain) { #include <abstractions/nameservice> /proc//attr/current w, }	8 months ago	egroupware	73	kent	Edit	History
opensuse10.3	/usr/bin/ekiga	#include <tunables/global> /usr/bin/ekiga flags=(complain) { #include <abstractions/audio> #include <abstractions/base> #include <abstractions/dbus> #include <abstractions/fonts> #include <abstractions/gnome> #include <abstractions/kde> #include <abstractions/nameservice> /dev/ r, /dev/** r, /etc/gnome-vfs-2.0/modules/ r, /etc/mtab r, /etc/sound/events/gtk-events-2.soundlist r, /home//.ICEauthority r, /home//.Xauthority r, /home//.beagle/socket w, /home//.esd_auth r, /home//.fontconfig/ r, /home//.gnome2/gnomemeeting rw, /home//.gnome2_private/ w, /home//.icons/ r, /home//.local/share/icons/ r, /home//.recently-used.xbel rw, /home//.recently-used.xbel.* rw, /proc/meminfo r, /proc/net/if_inet6 r, /tmp/orbit-/bonobo-activation-register.lock klrw, /usr/bin/ekiga mr, /usr/lib/pwlib/devices/sound/.so mr, /usr/lib/pwlib/devices/videoinput/.so mr, /usr/share/mime/.xml r, /var/cache/libx11/compose/ r, }	about 1 year ago	argh, switch things back to complain for a while	55	jmichael	Edit	History
opensuse10.3	/usr/bin/Xgl	#include <tunables/global> /usr/bin/Xgl { #include <abstractions/X> #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/fonts> #include <abstractions/freedesktop.org> #include <abstractions/user-tmp> capability dac_override, capability ipc_owner, capability setgid, capability setuid, capability sys_admin, /bin/bash ixr, /dev/dri/card* rw, /etc/sysconfig/displaymanager r, /home//.gnome2/share/cursor-fonts/fonts.dir r, /home//.gnome2/share/fonts/fonts.dir r, /home/jesse/.gnome2/share/fonts/** r, /proc/meminfo r, /usr/bin/Xgl mr, /usr/bin/Xorg Px, /usr/bin/xkbcomp Px, /usr/lib/dri/.so mr, /var/lib/gdm/ r, /var/lib/xdm/authdir/authfiles/* r, /var/lib/xkb/compiled/.xkm rw, /var/log/Xgl..log rw, /var/log/Xgl..log.old w, /var/log/gdm/.log w, }	11 months ago	none	38	cinimod	Edit	History
opensuse10.3	/usr/lib/beagle/beagled-index-helper	#include <tunables/global> /usr/lib/beagle/beagled-index-helper flags=(complain) { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/nameservice> #include <abstractions/user-tmp> /bin/bash ixr, /etc/mono/2.0/machine.config r, /etc/mono/config r, /home// rw, /home//.beagle/** krw, /home//.local/share/mime/mime.cache mr, /home//.wapi/shared_data-* mrw, /home//.wapi/shared_fileshare- mrw, /home//Desktop/ r, /proc//maps r, /proc//status r, /proc/meminfo r, /proc/stat r, /proc/sys/kernel/ngroups_max r, /usr/bin/mono ixr, /usr/bin/totem-video-indexer Px, /usr/lib/beagle/.dll mr, /usr/lib/beagle/Filters/.dll mr, /usr/lib/beagle/IndexHelper.exe mr, /usr/lib/beagle/beagled-index-helper mr, /usr/lib/mono/2.0/mscorlib.dll mr, /usr/lib/mono/gac/**.dll mr, /usr/share/mime/mime.cache mr, /var/tmp/ rw, }	about 1 year ago	argh, switch things back to complain for a while	81	jmichael	Edit	History
opensuse10.3	/usr/bin/skype	#include <tunables/global> /usr/bin/skype flags=(complain) { #include <abstractions/base> /usr/bin/skype mr, }	about 1 year ago		121	draglor	Edit	History
opensuse10.3	/var/lib/distccd/flashgot.m384mqii.default/flashgot-1.fgt	#include <tunables/global> /var/lib/distccd/flashgot.m384mqii.default/flashgot-1.fgt { #include <abstractions/base> /var/lib/distccd/flashgot.m384mqii.default/flashgot-1.fgt mr, }	23 days ago		3	hello	Edit	History
opensuse10.3	/usr/sbin/httpd2-prefork	# $Id: usr.sbin.httpd2-prefork 706 2007-05-31 06:58:22Z steve-beattie $ # ------------------------------------------------------------------ # # Copyright (C) 2002-2005 Novell/SUSE # # This program is free software; you can redistribute it and/or # modify it under the terms of version 2 of the GNU General Public # License published by the Free Software Foundation. # # ------------------------------------------------------------------ #include <tunables/global> /usr/sbin/httpd2-prefork flags=(complain) { #include <abstractions/base> #include <abstractions/consoles> #include <abstractions/kerberosclient> #include <abstractions/nameservice> #include <abstractions/perl> capability dac_override, capability kill, capability net_bind_service, capability setgid, capability setuid, capability sys_tty_config, /dev/random r, /etc/apache2/.conf r, /etc/apache2/.digest r, /etc/apache2/magic r, /etc/apache2/mod_perl-startup.pl r, /etc/apache2/ssl.crt/.crt r, /etc/apache2/ssl.key/.key r, /etc/apache2/{conf,sysconfig,vhosts}.d/ r, /etc/apache2/{conf,sysconfig,vhosts}.d/ r, /etc/fstab r, /etc/gai.conf r, /etc/mime.types r, /etc/mtab r, /etc/odbcinst.ini r, /etc/php.d/ r, /etc/php.d/** r, /etc/php.ini r, /etc/php5/apache2/php.ini r, /etc/php5/conf.d/ r, /etc/php5/conf.d/ctype.ini r, /etc/php5/conf.d/dom.ini r, /etc/php5/conf.d/hash.ini r, /etc/php5/conf.d/iconv.ini r, /etc/php5/conf.d/json.ini r, /etc/php5/conf.d/pdo.ini r, /etc/php5/conf.d/pdo_sqlite.ini r, /etc/php5/conf.d/sqlite.ini r, /etc/php5/conf.d/tokenizer.ini r, /etc/php5/conf.d/xmlreader.ini r, /etc/php5/conf.d/xmlwriter.ini r, /home// r, /srv/www/htdocs r, /srv/www/htdocs/* r, /srv/www/icons/.{gif,jpg,png} r, /srv/www/vhosts r, /srv/www/vhosts/* r, /tmp/auth_ldap_cache.sem wl, /tmp/session_mm_apache0.sem wl, /tmp/session_mm_apache2handler0.sem wl, /usr/X11R6/lib/lib.so mr, /usr/X11R6/lib64/lib.so mr, /usr/apache2/error/* r, /usr/lib/apache2-leader/{lib,mod_}.so mr, /usr/lib/apache2-metuxmpm/{lib,mod_}.so mr, /usr/lib/apache2-prefork/{lib,mod_}.so mr, /usr/lib/apache2-worker/{lib,mod_}.so mr, /usr/lib/apache2/modules/{lib,mod_}.so mr, /usr/lib/apache2/{lib,mod_}.so mr, /usr/lib/mysql/libmysql.so* mr, /usr/lib/php/extensions/.so mr, /usr/lib/php4/.so mr, /usr/lib/python[12].[0-9]/*.{py,pyc,pth,so} mr, /usr/lib/python[12].[0-9]/site-packages r, /usr/lib/qt3/lib/lib.so* mr, /usr/lib64/** mr, /usr/lib64/apache2-leader/{lib,mod_}.so mr, /usr/lib64/apache2-metuxmpm/{lib,mod_}.so mr, /usr/lib64/apache2-prefork/{lib,mod_}.so mr, /usr/lib64/apache2-worker/{lib,mod_}.so mr, /usr/lib64/apache2/modules/{lib,mod_}.so mr, /usr/lib64/apache2/{lib,mod_}.so mr, /usr/lib64/python[12].[0-9]/.{py,pyc,pth,so} mr, /usr/local/tomcat/conf/mod_jk.conf r, /usr/local/tomcat/conf/workers-ajp12.properties r, /usr/sbin/httpd2-prefork r, /usr/sbin/suexec2 mixr, /usr/share/apache2/ r, /usr/share/apache2/error/* r, /usr/share/apache2/error/include/* r, /usr/share/misc/magic.mime r, /usr/share/snmp/mibs r, /usr/share/snmp/mibs/.{txt,mib} r, /usr/share/snmp/mibs/.index wr, /usr/share/ssl/openssl.cnf r, /var/dav/lock/lockdb.dir krw, /var/dav/lock/lockdb.pag rw, /var/lib/php/sess_ rwl, /var/lib/php5/session_mm_apache2handler0.sem kw, /var/lock/httpd2.lock.* wl, /var/log/apache2/* rwl, /var/log/apache2/** rwl, /var/log/httpd/ssl_scache.dir r, /var/log/httpd/ssl_scache.pag r, /var/run/httpd2.mm.* wl, /var/run/httpd2.pid wl, /var/www/error/* r, /var/www/html/** r, /var/www/icons/.{gif,jpg,png} r, @{HOME}/public_html r, @{HOME}/public_html/* r, } /usr/sbin/httpd2-prefork//DEFAULT_URI flags=(complain) { #include <abstractions/base> #include <abstractions/nameservice> /srv/www/htdocs r, /srv/www/htdocs/** r, /srv/www/icons/.{gif,jpg,png} r, /srv/www/vhosts r, /srv/www/vhosts/* r, /usr/sbin/suexec2 mixr, /usr/share/apache2/** r, /var/lib/php/sess_* rwl, /var/log/apache2/** rwl, /var/www/error/* r, /var/www/html/** r, /var/www/icons/.{gif,jpg,png} r, @{HOME}/public_html r, @{HOME}/public_html/* r, } /usr/sbin/httpd2-prefork//HANDLING_UNTRUSTED_INPUT flags=(complain) { #include <abstractions/nameservice> /*.htaccess r, /var/log/apache2/ w, }	7 months ago		35	ytakeda	Edit	History
opensuse10.3	/usr/lib/helix-dbus-server/helix-dbus-server.bin	#include <tunables/global> /usr/lib/helix-dbus-server/helix-dbus-server.bin { #include <abstractions/audio> #include <abstractions/base> #include <abstractions/nameservice> /proc/cpuinfo r, /usr/lib/RealPlayer10/**.so mr, /usr/lib/helix-dbus-server/helix-dbus-server.bin mr, }	about 1 year ago	Import of jmichaels profiles	37	dominic	Edit	History
opensuse10.3	/usr/bin/manpath	#include <tunables/global> /usr/bin/manpath { #include <abstractions/base> /etc/manpath.config r, /usr/bin/manpath mr, }	11 months ago	none	27	cinimod	Edit	History
opensuse10.3	/etc/X11/xdm/Xsession	#include <tunables/global> /etc/X11/xdm/Xsession { #include <abstractions/X> #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/nameservice> capability sys_ptrace, /bin/bash ixr, /bin/grep ixr, /bin/hostname Px, /bin/ls ixmr, /bin/uname Px, /etc/X11/Xresources r, /etc/X11/xdm/Xsession mr, /etc/X11/xdm/sys.xsession Px, /etc/X11/xinit/xinitrc.common r, /etc/opt/ r, /etc/shells r, /etc/sysconfig/console r, /etc/sysconfig/language r, /etc/sysconfig/mail r, /etc/sysconfig/news r, /etc/sysconfig/proxy r, /etc/sysconfig/suseconfig r, /etc/sysconfig/windowmanager r, /home//.Xdefaults r, /home//.bashrc r, /home//.profile r, /opt/ r, /proc/ r, /proc//cmdline r, /proc//mounts r, /proc//stat r, /proc/meminfo r, /proc/sys/kernel/ngroups_max r, /sbin/killall5 ixr, /usr/bin/dircolors ixmr, /usr/bin/manpath Px, /usr/bin/tty ixr, /usr/bin/xrdb Px, /usr/lib/jvm/java-1.5.0-sun-1.5.0_update12/jre/bin/java ixr, /var/log/Xorg.*.log r, }	about 1 year ago	Import of jmichaels profiles	61	dominic	Edit	History
opensuse10.3	/usr/lib/gnome-keyring-1/gnome-keyring-ask	#include <tunables/global> /usr/lib/gnome-keyring-1/gnome-keyring-ask flags=(complain) { #include <abstractions/base> #include <abstractions/fonts> #include <abstractions/gnome> #include <abstractions/kde> #include <abstractions/nameservice> /home//.Xauthority r, /home//.fontconfig/* r, /home//.icons/ r, /home//.local/share/icons/ r, /proc/meminfo r, /usr/lib/gnome-keyring-1/gnome-keyring-ask mr, }	about 1 year ago	argh, switch things back to complain for a while	50	jmichael	Edit	History
opensuse10.3	/sbin/ip	#include <tunables/global> /sbin/ip flags=(complain) { #include <abstractions/base> capability sys_module, /etc/iproute2/rt_scopes r, /proc/net/ r, /proc/net/unix r, /sbin/ip mr, }	about 1 year ago	argh, switch things back to complain for a while	79	jmichael	Edit	History
opensuse10.3	/usr/bin/evolution	#include <tunables/global> /usr/bin/evolution flags=(complain) { #include <abstractions/base> /usr/bin/evolution mr, }	12 months ago	Appevolution	24	vmbaumgaertel	Edit	History
opensuse10.3	/usr/sbin/snmpd	#include <tunables/global> /usr/sbin/snmpd { #include <abstractions/base> #include <abstractions/nameservice> capability net_admin, /dev/md* r, /dev/sd* r, /etc/hosts.allow r, /etc/hosts.deny r, /etc/mtab r, /etc/rpm/ r, /etc/rpm/macros.gconf2 r, /etc/rpm/macros.mkinitrd r, /etc/sensors.conf r, /etc/snmp/snmpd.conf r, /proc/ r, /proc//cmdline r, /proc//mounts r, /proc//stat r, /proc//status r, /proc/cmdline r, /proc/loadavg r, /proc/net/arp r, /proc/net/dev r, /proc/net/if_inet6 r, /proc/net/ipv6_route r, /proc/net/route r, /proc/net/snmp r, /proc/net/snmp6 r, /proc/net/tcp r, /proc/net/tcp6 r, /proc/net/udp r, /proc/net/udp6 r, /proc/sys/net/ipv4/ipfrag_time r, /proc/sys/net/ipv4/neigh/eth0/retrans_time_ms r, /proc/sys/net/ipv4/neigh/eth1/retrans_time_ms r, /proc/sys/net/ipv4/neigh/lo/retrans_time_ms r, /proc/sys/net/ipv6/conf/all/forwarding r, /proc/sys/net/ipv6/conf/default/hop_limit r, /proc/sys/net/ipv6/conf/eth0/forwarding r, /proc/sys/net/ipv6/conf/eth1/forwarding r, /proc/sys/net/ipv6/conf/lo/forwarding r, /proc/sys/net/ipv6/neigh/eth0/base_reachable_time_ms r, /proc/sys/net/ipv6/neigh/eth0/retrans_time_ms r, /proc/sys/net/ipv6/neigh/eth1/base_reachable_time_ms r, /proc/sys/net/ipv6/neigh/eth1/retrans_time_ms r, /proc/sys/net/ipv6/neigh/lo/base_reachable_time_ms r, /proc/sys/net/ipv6/neigh/lo/retrans_time_ms r, /proc/uptime r, /proc/vmstat r, /sys/class/hwmon/ r, /sys/class/i2c-adapter/ r, /sys/devices/pci0000:00/0000:00:1f.3/i2c-adapter/i2c-0/name r, /sys/devices/platform/coretemp.[0-9]/name r, /sys/devices/platform/coretemp.[0-9]/temp1_input r, /sys/devices/platform/coretemp.[0-9]/temp1_label r, /usr/sbin/snmpd mr, /usr/share/snmp/mibs/ r, /usr/share/snmp/mibs/* r, /var/lib/net-snmp/snmpd.0.conf w, /var/lib/net-snmp/snmpd.conf rw, /var/lib/rpm/ w, /var/lib/rpm/Packages kr, /var/log/net-snmpd.log rw, /var/run/snmpd.pid w, /var/run/utmp krw, }	9 months ago		204	arclyde	Edit	History
opensuse10.3	/etc/X11/xdm/Xsession	#include <tunables/global> /etc/X11/xdm/Xsession { #include <abstractions/X> #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/nameservice> capability sys_ptrace, /bin/bash ixr, /bin/grep ixr, /bin/hostname Px, /bin/ls ixmr, /bin/uname Px, /etc/X11/Xresources r, /etc/X11/xdm/Xsession mr, /etc/X11/xdm/sys.xsession Px, /etc/X11/xim r, /etc/X11/xinit/xinitrc.common r, /etc/opt/ r, /etc/shells r, /etc/sysconfig/console r, /etc/sysconfig/language r, /etc/sysconfig/mail r, /etc/sysconfig/news r, /etc/sysconfig/proxy r, /etc/sysconfig/suseconfig r, /etc/sysconfig/windowmanager r, /home//.Xdefaults r, /home//.bashrc r, /home//.profile r, /home//.xsession-errors w, /opt/ r, /proc/ r, /proc//cmdline r, /proc//mounts r, /proc//stat r, /proc/meminfo r, /proc/sys/kernel/ngroups_max r, /sbin/killall5 ixr, /usr/bin/dircolors ixmr, /usr/bin/manpath Px, /usr/bin/printenv ixr, /usr/bin/tty ixr, /usr/bin/xrdb Px, /usr/lib/jvm/java-1.5.0-sun-1.5.0_update12/jre/bin/java ixr, /usr/lib/jvm/java-1.6.0.u3.sr2-sun-1.6.0.u3/bin/java ixr, /usr/lib/jvm/java-1.6.0.u3.sr2-sun-1.6.0.u3/bin/javac ixr, /usr/lib/jvm/java-1.6.0.u3.sr2-sun-1.6.0.u3/jre/bin/java ixr, /var/log/Xorg..log r, }	11 months ago	none	42	cinimod	Edit	History
opensuse10.3	/usr/lib/cyrus/bin/cyr_expire	#include <tunables/global> /usr/lib/cyrus/bin/cyr_expire { #include <abstractions/base> /etc/imapd.* r, /mnt/mail/config/ rw, /usr/lib/cyrus/bin/cyr_expire mr, /var/lib/imap/ rw, }	9 months ago		48	arclyde	Edit	History
opensuse10.3	/usr/sbin/apxs2	#include <tunables/global> /usr/sbin/apxs2 { #include <abstractions/base> #include <abstractions/perl> /usr/bin/perl ix, /usr/sbin/apxs2 mr, }	4 months ago	1	23	kungfu	Edit	History
opensuse10.3	/usr/bin/strigidaemon	#include <tunables/global> /usr/bin/strigidaemon { #include <abstractions/base> #include <abstractions/user-tmp> /etc/opt/kde3/share/ r, /home// r, /home//.local/share/ r, /home//.strigi/.conf rw, /home//.strigi/clucene/ r, /home//.strigi/lock kw, /home//.strigi/socket w, /opt/kde3/share/ r, /usr/bin/strigidaemon mr, /usr/lib/strigi/.so mr, /usr/share/strigi/* r, }	about 1 year ago	kde4 testing	22	dominic	Edit	History
opensuse10.3	/usr/lib/control-center-2.0/novell-sysconfig-proxy-helper	#include <tunables/global> /usr/lib/control-center-2.0/novell-sysconfig-proxy-helper { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> /bin/bash ixr, /etc/sysconfig/proxy r, /proc/meminfo r, /proc/sys/kernel/ngroups_max r, /usr/lib/control-center-2.0/novell-sysconfig-proxy-helper mr, }	about 1 year ago	Import of jmichaels profiles	54	dominic	Edit	History
opensuse10.3	/usr/lib/cups/daemon/cups-deviced	#include <tunables/global> /usr/lib/cups/daemon/cups-deviced flags=(complain) { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/nameservice> #include <abstractions/perl> #include <abstractions/python> capability setgid, capability setuid, /bin/bash ixr, /dev/bus/usb/ r, /dev/bus/usb/** rw, /dev/lp0 rw, /dev/ttyS0 w, /dev/tty{} w, /proc/meminfo r, /root/.hplip/hplip.conf r, /usr/bin/env ixr, /usr/bin/perl ix, /usr/bin/python2.5 ixr, /usr/bin/smbspool ixr, /usr/lib/cups/backend/beh ixr, /usr/lib/cups/backend/canon ixr, /usr/lib/cups/backend/epson ixr, /usr/lib/cups/backend/hal ixr, /usr/lib/cups/backend/hp ixr, /usr/lib/cups/backend/hpfax ixr, /usr/lib/cups/backend/ipp ixr, /usr/lib/cups/backend/lpd ixr, /usr/lib/cups/backend/parallel ixr, /usr/lib/cups/backend/pipe ixr, /usr/lib/cups/backend/scsi ixr, /usr/lib/cups/backend/serial ixr, /usr/lib/cups/backend/snmp ixr, /usr/lib/cups/backend/socket ixr, /usr/lib/cups/backend/usb ixr, /usr/lib/cups/daemon/cups-deviced mr, /usr/share/hplip/.py r, /usr/share/hplip/*.pyc r, }	about 1 year ago		33	dhughes	Edit	History
opensuse10.3	/usr/sbin/httpd2-prefork	# $Id: usr.sbin.httpd2-prefork 706 2007-05-31 06:58:22Z steve-beattie $ # ------------------------------------------------------------------ # # Copyright (C) 2002-2005 Novell/SUSE # # This program is free software; you can redistribute it and/or # modify it under the terms of version 2 of the GNU General Public # License published by the Free Software Foundation. # # ------------------------------------------------------------------ #include <tunables/global> /usr/sbin/httpd2-prefork flags=(complain) { #include <abstractions/base> #include <abstractions/consoles> #include <abstractions/kerberosclient> #include <abstractions/nameservice> #include <abstractions/perl> capability kill, capability net_bind_service, capability setgid, capability setuid, capability sys_tty_config, /dev/random r, /etc/apache2/.conf r, /etc/apache2/magic r, /etc/apache2/mod_perl-startup.pl r, /etc/apache2/ssl.crt/.crt r, /etc/apache2/ssl.key/.key r, /etc/apache2/{conf,sysconfig,vhosts}.d/ r, /etc/apache2/{conf,sysconfig,vhosts}.d/ r, /etc/fstab r, /etc/mime.types r, /etc/mtab r, /etc/odbcinst.ini r, /etc/php.d/ r, /etc/php.d/ r, /etc/php.ini r, /srv/www/htdocs r, /srv/www/htdocs/ r, /srv/www/icons/.{gif,jpg,png} r, /srv/www/vhosts r, /srv/www/vhosts/* r, /tmp/auth_ldap_cache.sem wl, /tmp/session_mm_apache0.sem wl, /tmp/session_mm_apache2handler0.sem wl, /usr/X11R6/lib/lib.so mr, /usr/X11R6/lib64/lib.so mr, /usr/apache2/error/* r, /usr/lib/apache2-leader/{lib,mod_}.so mr, /usr/lib/apache2-metuxmpm/{lib,mod_}.so mr, /usr/lib/apache2-prefork/{lib,mod_}.so mr, /usr/lib/apache2-worker/{lib,mod_}.so mr, /usr/lib/apache2/modules/{lib,mod_}.so mr, /usr/lib/apache2/{lib,mod_}.so mr, /usr/lib/mysql/libmysql.so* mr, /usr/lib/php/extensions/.so mr, /usr/lib/php4/.so mr, /usr/lib/python[12].[0-9]/*.{py,pyc,pth,so} mr, /usr/lib/python[12].[0-9]/site-packages r, /usr/lib/qt3/lib/lib.so* mr, /usr/lib64/apache2-leader/{lib,mod_}.so mr, /usr/lib64/apache2-metuxmpm/{lib,mod_}.so mr, /usr/lib64/apache2-prefork/{lib,mod_}.so mr, /usr/lib64/apache2-worker/{lib,mod_}.so mr, /usr/lib64/apache2/modules/{lib,mod_}.so mr, /usr/lib64/apache2/{lib,mod_}.so mr, /usr/lib64/mysql/libmysql.so mr, /usr/lib64/php/extensions/.so mr, /usr/lib64/php4/.so mr, /usr/lib64/python[12].[0-9]/*.{py,pyc,pth,so} mr, /usr/lib64/python[12].[0-9]/site-packages r, /usr/lib64/qt3/lib/lib.so* mr, /usr/local/tomcat/conf/mod_jk.conf r, /usr/local/tomcat/conf/workers-ajp12.properties r, /usr/sbin/httpd2-prefork r, /usr/sbin/suexec2 mixr, /usr/share/apache2/** r, /usr/share/apache2/error/* r, /usr/share/apache2/error/include/* r, /usr/share/misc/magic.mime r, /usr/share/snmp/mibs r, /usr/share/snmp/mibs/.{txt,mib} r, /usr/share/snmp/mibs/.index wr, /usr/share/ssl/openssl.cnf r, /var/lib/php/sess_ rwl, /var/lock/httpd2.lock.* wl, /var/log/apache2/* rwl, /var/log/apache2/** rwl, /var/log/httpd/ssl_scache.dir r, /var/log/httpd/ssl_scache.pag r, /var/run/httpd2.mm.* wl, /var/run/httpd2.pid wl, /var/www/error/* r, /var/www/html/** r, /var/www/icons/.{gif,jpg,png} r, @{HOME}/public_html r, @{HOME}/public_html/* r, } /usr/sbin/httpd2-prefork//DEFAULT_URI flags=(complain) { #include <abstractions/base> #include <abstractions/nameservice> /srv/www/htdocs r, /srv/www/htdocs/** r, /srv/www/icons/.{gif,jpg,png} r, /srv/www/vhosts r, /srv/www/vhosts/* r, /usr/sbin/suexec2 mixr, /usr/share/apache2/** r, /var/lib/php/sess_* rwl, /var/log/apache2/** rwl, /var/www/error/* r, /var/www/html/** r, /var/www/icons/.{gif,jpg,png} r, @{HOME}/public_html r, @{HOME}/public_html/* r, } /usr/sbin/httpd2-prefork//HANDLING_UNTRUSTED_INPUT flags=(complain) { #include <abstractions/nameservice> /*.htaccess r, /var/log/apache2/ w, }	6 months ago		30	hbree	Edit	History
opensuse10.3	/bin/uname	#include <tunables/global> /bin/uname { #include <abstractions/base> /bin/uname mr, /proc/cpuinfo r, }	about 1 year ago	Import of jmichaels profiles	60	dominic	Edit	History
opensuse10.3	/bin/ps	#include <tunables/global> /bin/ps flags=(complain) { #include <abstractions/base> #include <abstractions/consoles> #include <abstractions/nameservice> capability dac_override, capability sys_admin, capability sys_ptrace, /bin/ps mr, /proc/ r, /proc//attr/current r, /proc//cmdline r, /proc//stat r, /proc//status r, /proc/meminfo r, /proc/stat r, /proc/sys/kernel/pid_max r, /proc/tty/drivers r, /proc/uptime r, }	about 1 year ago	argh, switch things back to complain for a while	58	jmichael	Edit	History
opensuse10.3	/usr/bin/gpgsm	#include <tunables/global> /usr/bin/gpgsm flags=(complain) { #include <abstractions/base> /home//.gnupg/ lrw, /usr/bin/gpgsm mr, }	3 months ago	internet radio, u.a.	9	shivver-fox	Edit	History
opensuse10.3	/usr/lib/cups/backend/usb	#include <tunables/global> /usr/lib/cups/backend/usb flags=(complain) { #include <abstractions/base> /usr/lib/cups/backend/usb mr, }	about 1 year ago	cups testing	69	dominic	Edit	History
opensuse10.3	/bin/basename	#include <tunables/global> /bin/basename flags=(complain) { #include <abstractions/base> /bin/basename mr, }	about 1 year ago		68	overwrite	Edit	History
opensuse10.3	/usr/lib/control-center-2.0/novell-sysconfig-proxy-helper	#include <tunables/global> /usr/lib/control-center-2.0/novell-sysconfig-proxy-helper { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> /bin/bash ixr, /etc/sysconfig/proxy r, /proc/meminfo r, /proc/sys/kernel/ngroups_max r, /usr/lib/control-center-2.0/novell-sysconfig-proxy-helper mr, }	11 months ago	none	38	cinimod	Edit	History
opensuse10.3	/usr/bin/xscreensaver	#include <tunables/global> /usr/bin/xscreensaver flags=(complain) { #include <abstractions/base> /usr/bin/xscreensaver mr, }	about 1 year ago	argh, switch things back to complain for a while	62	jmichael	Edit	History
opensuse10.3	/usr/lib/cups/daemon/cups-deviced	#include <tunables/global> /usr/lib/cups/daemon/cups-deviced flags=(complain) { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/nameservice> capability setgid, capability setuid, /bin/bash ixr, /proc/meminfo r, /usr/bin/smbspool Px, /usr/lib/cups/backend/ r, /usr/lib/cups/backend/beh Px, /usr/lib/cups/backend/hal Px, /usr/lib/cups/backend/ipp Px, /usr/lib/cups/backend/lpd Px, /usr/lib/cups/backend/novell Px, /usr/lib/cups/backend/parallel Px, /usr/lib/cups/backend/pipe Px, /usr/lib/cups/backend/scsi Px, /usr/lib/cups/backend/serial Px, /usr/lib/cups/backend/snmp Px, /usr/lib/cups/backend/socket Px, /usr/lib/cups/backend/usb Px, /usr/lib/cups/daemon/cups-deviced mr, }	about 1 year ago	cups testing	58	dominic	Edit	History
opensuse10.3	/usr/lib/firefox/firefox-bin	#include <tunables/global> /usr/lib/firefox/firefox-bin flags=(complain) { #include <abstractions/audio> #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/dbus> #include <abstractions/fonts> #include <abstractions/gnome> #include <abstractions/kde> #include <abstractions/nameservice> /bin/bash ixr, /bin/grep ixr, /bin/netstat Px, /bin/ps Px, /etc/gai.conf r, /etc/gnome-vfs-2.0/modules/ r, /etc/mailcap r, /etc/mime.types r, /etc/mtab r, /etc/opt/kde3/share/applications/ r, /etc/opt/kde3/share/applications/mimeinfo.cache r, /etc/sound/events/gtk-events-2.soundlist r, /home//.ICEauthority r, /home//.Xauthority r, /home//.adobe/Flash_Player/* r, /home//.beagle/socket w, /home//.bookmarks.html rw, /home//.config/gtk-2.0/gtkfilechooser.ini rw, /home//.config/gtk-2.0/gtkfilechooser.ini.* rw, /home//.esd_auth r, /home//.fontconfig/* r, /home//.gnome2_private/ w, /home//.icons/ r, /home//.local/share/applications/ r, /home//.local/share/applications/.desktop r, /home//.local/share/applications/defaults.list r, /home//.local/share/applications/mimeinfo.cache r, /home//.local/share/icons/ r, /home//.macromedia/Flash_Player/* r, /home//.mailcap r, /home//.mozilla/firefox/** rw, /home//.mozilla/firefox//.parentlock krw, /home//.mozilla/firefox//urlclassifier2.sqlite krw, /home//.mozilla/plugins/ r, /home//.mozilla/plugins/libflashplayer.so mr, /home//.recently-used.xbel r, /home//Desktop/ r, /home//Desktop/* rw, /home//Documents/* rw, /opt/kde3/bin/gwenview Px, /opt/kde3/share/applications/ r, /opt/kde3/share/applications/mimeinfo.cache r, /proc//maps r, /proc/cpuinfo r, /proc/meminfo r, /proc/sys/kernel/ngroups_max r, /usr/bin/acroread Px, /usr/bin/eog Px, /usr/bin/evince Px, /usr/bin/file-roller Px, /usr/bin/gimp-remote-2.2 Px, /usr/bin/gvim-normal ixr, /usr/bin/mplayer Px, /usr/lib/Acrobat7/Browser/intellinux/.so mr, /usr/lib/firefox/firefox-bin ixr, /usr/lib/firefox/firefox.sh Px, /usr/share/applications/ r, /usr/share/applications/.desktop r, /usr/share/applications/mimeinfo.cache r, /usr/share/dist/icons/suse-help.svg r, /usr/share/gdm/applications/ r, /usr/share/mime/.xml r, /var/cache/gnome-vfs/defaults.list r, /var/cache/libx11/compose/ r, }	about 1 year ago	allow -d gdb option for firefox plus other misc updates	43	jmichael	Edit	History
opensuse10.3	/usr/bin/bug-buddy	#include <tunables/global> /usr/bin/bug-buddy { #include <abstractions/base> /usr/bin/bug-buddy mr, }	8 months ago		40	FYPJ	Edit	History
opensuse10.3	/opt/kde3/bin/kopete	#include <tunables/global> /opt/kde3/bin/kopete { #include <abstractions/base> /opt/kde3/bin/kopete mr, /opt/kde3/lib/libso mr, /usr/lib/qt3/lib/libso mr, }	about 1 year ago	1	60	robsn81	Edit	History
opensuse10.3	/bin/dbus-daemon	#include <tunables/global> /bin/dbus-daemon { #include <abstractions/base> #include <abstractions/dbus> #include <abstractions/nameservice> capability dac_override, capability setgid, capability setuid, /bin/dbus-daemon mr, /etc/dbus-1/session.conf r, /etc/dbus-1/system.conf r, /etc/dbus-1/system.d/ r, /etc/dbus-1/system.d/.conf r, /usr/bin/helix-dbus-server Px, /usr/lib/control-center-2.0/gnome-settings-daemon Px, /usr/lib/gnome-vfs-2.0/gnome-vfs-daemon Px, /usr/lib/notification-daemon-1.0/notification-daemon Px, /usr/share/dbus-1/services/ r, /usr/share/dbus-1/services/.service r, /var/run/dbus/pid w, }	11 months ago	none	42	cinimod	Edit	History
opensuse10.3	/usr/bin/gconftool-2	#include <tunables/global> /usr/bin/gconftool-2 { #include <abstractions/base> #include <abstractions/nameservice> #include <abstractions/user-tmp> capability kill, capability sys_ptrace, /etc/gconf/gconf.xml.defaults/ r, /etc/gconf/gconf.xml.defaults/.testing.writeability w, /etc/gconf/gconf.xml.schemas/ r, /etc/gconf/gconf.xml.schemas/ rw, /etc/gconf/schema-install-source r, /etc/gconf/schemas/.schemas r, /etc/gconf/schemas/.entries r, /proc/ r, /proc//cmdline r, /proc/*/stat r, /usr/bin/gconftool-2 mr, /usr/bin/killall ixr, /usr/lib/GConf/2/gconfd-2 Px, }	11 months ago	none	25	cinimod	Edit	History
opensuse10.3	/bin/uname	#include <tunables/global> /bin/uname { #include <abstractions/base> /bin/uname mr, /proc/cpuinfo r, }	11 months ago	none	34	cinimod	Edit	History
opensuse10.3	/usr/lib/GConf/2/gconf-sanity-check-2	#include <tunables/global> /usr/lib/GConf/2/gconf-sanity-check-2 { #include <abstractions/X> #include <abstractions/base> #include <abstractions/nameservice> #include <abstractions/user-tmp> /home//.Xauthority r, /tmp/gconf-test-locking-file- klrw, /usr/lib/GConf/2/gconf-sanity-check-2 mr, }	about 1 year ago	Import of jmichaels profiles	33	dominic	Edit	History
opensuse10.3	/usr/bin/php5	#include <tunables/global> /usr/bin/php5 { #include <abstractions/base> #include <abstractions/consoles> #include <abstractions/nameservice> #include <abstractions/php5> capability dac_override, /etc/php5/cli/* r, /root/.pearrc r, /tmp/* rw, /tmp/pear// w, /usr/bin/php5 ixr, /usr/share/kolab/scripts/resmgr/ r, /usr/share/php5/** krw, /var/lib/php5/session_mm_* klrw, }	about 1 year ago		34	haris	Edit	History
opensuse10.3	/usr/sbin/lisa	#include <tunables/global> /usr/sbin/lisa { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/nameservice> #include <abstractions/winbind> capability net_raw, capability setuid, network inet raw, /bin/bash ixr, /etc/lisarc r, /proc/meminfo r, /usr/bin/nmblookup ixr, /usr/sbin/lisa mr, /var/lib/samba/unexpected.tdb r, }	about 1 year ago		68	JaMm	Edit	History
opensuse10.3	/bin/dbus-daemon	#include <tunables/global> /bin/dbus-daemon { #include <abstractions/base> #include <abstractions/dbus> #include <abstractions/nameservice> #include <abstractions/user-tmp> capability dac_override, capability setgid, capability setuid, /bin/dbus-daemon mr, /etc/dbus-1/session.conf r, /etc/dbus-1/system.conf r, /etc/dbus-1/system.d/ r, /etc/dbus-1/system.d/.conf r, /etc/opt/kde3/share/ r, /home// r, /home//.local/share/ r, /home//.strigi/.conf rw, /home//.strigi/clucene/* r, /home//.strigi/lock kw, /home//.strigi/socket w, /opt/kde3/share/ r, /usr/bin/helix-dbus-server Px, /usr/bin/knotify4 Px, /usr/bin/strigidaemon Pxmr, /usr/lib/control-center-2.0/gnome-settings-daemon Px, /usr/lib/gnome-vfs-2.0/gnome-vfs-daemon Px, /usr/lib/notification-daemon-1.0/notification-daemon Px, /usr/lib/strigi/.so mr, /usr/share/dbus-1/services/ r, /usr/share/dbus-1/services/.service r, /usr/share/strigi/** r, /var/run/dbus/pid w, }	about 1 year ago		43	dominic	Edit	History
opensuse10.3	/usr/bin/gconftool-2	#include <tunables/global> /usr/bin/gconftool-2 { #include <abstractions/base> #include <abstractions/nameservice> #include <abstractions/user-tmp> capability kill, capability sys_ptrace, /etc/gconf/gconf.xml.defaults/ r, /etc/gconf/gconf.xml.defaults/.testing.writeability w, /etc/gconf/gconf.xml.schemas/ r, /etc/gconf/gconf.xml.schemas/ rw, /etc/gconf/schema-install-source r, /etc/gconf/schemas/.schemas r, /etc/gconf/schemas/.entries r, /proc/ r, /proc//cmdline r, /proc/*/stat r, /usr/bin/gconftool-2 mr, /usr/bin/killall ixr, /usr/lib/GConf/2/gconfd-2 Px, }	about 1 year ago	Import of jmichaels profiles	22	dominic	Edit	History
opensuse10.3	/usr/lib/GConf/2/gconf-sanity-check-2	#include <tunables/global> /usr/lib/GConf/2/gconf-sanity-check-2 { #include <abstractions/X> #include <abstractions/base> #include <abstractions/nameservice> #include <abstractions/user-tmp> /home//.Xauthority r, /tmp/gconf-test-locking-file- klrw, /usr/lib/GConf/2/gconf-sanity-check-2 mr, }	11 months ago	none	23	cinimod	Edit	History
opensuse10.3	/usr/bin/cal	#include <tunables/global> /usr/bin/cal { #include <abstractions/base> /usr/bin/cal mr, }	7 months ago	/var/log/apparmor/reports/cal/log	31	doknisa	Edit	History
opensuse10.3	/usr/bin/opensuse-updater-gnome-applet	#include <tunables/global> /usr/bin/opensuse-updater-gnome-applet flags=(complain) { #include <abstractions/base> #include <abstractions/fonts> #include <abstractions/gnome> #include <abstractions/kde> #include <abstractions/nameservice> /home//.Xauthority r, /home//.fontconfig/* r, /home//.opensuse-updater-gnome rw, /proc/meminfo r, /usr/bin/bug-buddy ixr, /usr/bin/opensuse-updater-gnome-applet mr, /usr/sbin/zypp-checkpatches-wrapper Px, /usr/share/opensuse-updater-gnome/glade/.glade r, /usr/share/opensuse-updater-gnome/images/** r, }	about 1 year ago	minor changes for 10.3 rc2 initial gnome launch	87	jmichael	Edit	History
opensuse10.3	/usr/sbin/httpd2-prefork	# $Id: usr.sbin.httpd2-prefork 706 2007-05-31 06:58:22Z steve-beattie $ # ------------------------------------------------------------------ # # Copyright (C) 2002-2005 Novell/SUSE # # This program is free software; you can redistribute it and/or # modify it under the terms of version 2 of the GNU General Public # License published by the Free Software Foundation. # # ------------------------------------------------------------------ #include <tunables/global> /usr/sbin/httpd2-prefork flags=(complain) { #include <abstractions/base> #include <abstractions/consoles> #include <abstractions/kerberosclient> #include <abstractions/nameservice> #include <abstractions/perl> capability dac_override, capability kill, capability net_bind_service, capability setgid, capability setuid, capability sys_tty_config, /dev/random r, /etc/apache2/.conf r, /etc/apache2/magic r, /etc/apache2/mod_perl-startup.pl r, /etc/apache2/ssl.crt/.crt r, /etc/apache2/ssl.key/.key r, /etc/apache2/{conf,sysconfig,vhosts}.d/ r, /etc/apache2/{conf,sysconfig,vhosts}.d/ r, /etc/fstab r, /etc/mime.types r, /etc/mtab r, /etc/odbcinst.ini r, /etc/php.d/ r, /etc/php.d/** r, /etc/php.ini r, /etc/php5/apache2/php.ini r, /etc/php5/conf.d/ r, /etc/php5/conf.d/bcmath.ini r, /etc/php5/conf.d/bz2.ini r, /etc/php5/conf.d/calendar.ini r, /etc/php5/conf.d/ctype.ini r, /etc/php5/conf.d/curl.ini r, /etc/php5/conf.d/dba.ini r, /etc/php5/conf.d/dbase.ini r, /etc/php5/conf.d/dom.ini r, /etc/php5/conf.d/exif.ini r, /etc/php5/conf.d/ftp.ini r, /etc/php5/conf.d/gd.ini r, /etc/php5/conf.d/gettext.ini r, /etc/php5/conf.d/gmp.ini r, /etc/php5/conf.d/hash.ini r, /etc/php5/conf.d/iconv.ini r, /etc/php5/conf.d/imap.ini r, /etc/php5/conf.d/json.ini r, /etc/php5/conf.d/mbstring.ini r, /etc/php5/conf.d/mcrypt.ini r, /etc/php5/conf.d/mhash.ini r, /etc/php5/conf.d/mysql.ini r, /etc/php5/conf.d/mysqli.ini r, /etc/php5/conf.d/openssl.ini r, /etc/php5/conf.d/pdo.ini r, /etc/php5/conf.d/pdo_mysql.ini r, /etc/php5/conf.d/pdo_sqlite.ini r, /etc/php5/conf.d/sqlite.ini r, /etc/php5/conf.d/suhosin.ini r, /etc/php5/conf.d/tidy.ini r, /etc/php5/conf.d/tokenizer.ini r, /etc/php5/conf.d/xmlreader.ini r, /etc/php5/conf.d/xmlwriter.ini r, /etc/php5/conf.d/xsl.ini r, /etc/php5/conf.d/zip.ini r, /etc/php5/conf.d/zlib.ini r, /proc//attr/current w, /srv/www/htdocs r, /srv/www/htdocs/* r, /srv/www/icons/.{gif,jpg,png} r, /srv/www/vhosts r, /srv/www/vhosts/* r, /tmp/auth_ldap_cache.sem wl, /tmp/session_mm_apache0.sem wl, /tmp/session_mm_apache2handler0.sem wl, /usr/X11R6/lib/lib.so mr, /usr/X11R6/lib64/lib.so mr, /usr/apache2/error/* r, /usr/lib/** mr, /usr/lib/apache2-leader/{lib,mod_}.so mr, /usr/lib/apache2-metuxmpm/{lib,mod_}.so mr, /usr/lib/apache2-prefork/{lib,mod_}.so mr, /usr/lib/apache2-worker/{lib,mod_}.so mr, /usr/lib/apache2/modules/{lib,mod_}.so mr, /usr/lib/apache2/{lib,mod_}.so mr, /usr/lib/python[12].[0-9]/.{py,pyc,pth,so} mr, /usr/lib64/apache2-leader/{lib,mod_}.so* mr, /usr/lib64/apache2-metuxmpm/{lib,mod_}.so mr, /usr/lib64/apache2-prefork/{lib,mod_}.so mr, /usr/lib64/apache2-worker/{lib,mod_}.so mr, /usr/lib64/apache2/modules/{lib,mod_}.so mr, /usr/lib64/apache2/{lib,mod_}.so mr, /usr/lib64/mysql/libmysql.so mr, /usr/lib64/php/extensions/.so mr, /usr/lib64/php4/.so mr, /usr/lib64/python[12].[0-9]/*.{py,pyc,pth,so} mr, /usr/lib64/python[12].[0-9]/site-packages r, /usr/lib64/qt3/lib/lib.so* mr, /usr/local/tomcat/conf/mod_jk.conf r, /usr/local/tomcat/conf/workers-ajp12.properties r, /usr/sbin/httpd2-prefork r, /usr/sbin/suexec2 mixr, /usr/share/apache2/** r, /usr/share/apache2/error/* r, /usr/share/apache2/error/include/* r, /usr/share/misc/magic.mime r, /usr/share/snmp/mibs r, /usr/share/snmp/mibs/.{txt,mib} r, /usr/share/snmp/mibs/.index wr, /usr/share/ssl/openssl.cnf r, /var/lib/php/sess_ rwl, /var/lib/php5/session_mm_apache2handler0.sem kw, /var/lock/httpd2.lock.* wl, /var/log/apache2/* rwl, /var/log/apache2/** rwl, /var/log/httpd/ssl_scache.dir r, /var/log/httpd/ssl_scache.pag r, /var/run/httpd2.mm.* wl, /var/run/httpd2.pid wl, /var/run/nscd/services r, /var/www/error/* r, /var/www/html/** r, /var/www/icons/.{gif,jpg,png} r, @{HOME}/public_html r, @{HOME}/public_html/* r, } /usr/sbin/httpd2-prefork/// flags=(complain) { #include <abstractions/nameservice> /proc//attr/current w, } /usr/sbin/httpd2-prefork///favicon.ico flags=(complain) { #include <abstractions/nameservice> /proc//attr/current w, /srv/www/htdocs/favicon.ico r, /var/log/apache2/access_log w, } /usr/sbin/httpd2-prefork///wordpress/ flags=(complain) { #include <abstractions/nameservice> /dev/urandom r, /proc//attr/current w, /srv/www/htdocs/wordpress/index.php r, /srv/www/htdocs/wordpress/wp-blog-header.php r, /srv/www/htdocs/wordpress/wp-includes/classes.php r, /srv/www/htdocs/wordpress/wp-includes/functions.php r, /srv/www/htdocs/wordpress/wp-includes/plugin.php r, /var/log/apache2/access_log w, } /usr/sbin/httpd2-prefork///wordpress/wp-admin/css/install.css flags=(complain) { #include <abstractions/nameservice> /srv/www/htdocs/wordpress/wp-admin/css/install.css r, /var/log/apache2/access_log w, } /usr/sbin/httpd2-prefork///wordpress/wp-admin/setup-config.php flags=(complain) { #include <abstractions/nameservice> /dev/urandom r, /proc//attr/current w, /srv/www/htdocs/wordpress/wp-admin/setup-config.php r, /srv/www/htdocs/wordpress/wp-config-sample.php r, /srv/www/htdocs/wordpress/wp-includes/classes.php r, /srv/www/htdocs/wordpress/wp-includes/compat.php r, /srv/www/htdocs/wordpress/wp-includes/functions.php r, /var/log/apache2/access_log w, } /usr/sbin/httpd2-prefork//DEFAULT_URI flags=(complain) { #include <abstractions/base> #include <abstractions/nameservice> /srv/www/htdocs r, /srv/www/htdocs/** r, /srv/www/icons/.{gif,jpg,png} r, /srv/www/vhosts r, /srv/www/vhosts/* r, /usr/sbin/suexec2 mixr, /usr/share/apache2/** r, /var/lib/php/sess_* rwl, /var/log/apache2/** rwl, /var/www/error/* r, /var/www/html/** r, /var/www/icons/.{gif,jpg,png} r, @{HOME}/public_html r, @{HOME}/public_html/* r, } /usr/sbin/httpd2-prefork//HANDLING_UNTRUSTED_INPUT flags=(complain) { #include <abstractions/nameservice> /*.htaccess r, /proc//attr/current w, /var/log/apache2/* w, }	8 months ago	httpd2	38	eviled	Edit	History
opensuse10.3	/usr/bin/nm-applet	#include <tunables/global> /usr/bin/nm-applet { #include <abstractions/base> #include <abstractions/dbus> #include <abstractions/gnome> #include <abstractions/kde> #include <abstractions/nameservice> /etc/gnome-vfs-2.0/modules/ r, /etc/sound/events/gtk-events-2.soundlist r, /home//.ICEauthority r, /home//.Xauthority r, /home//.esd_auth r, /home//.fontconfig/* r, /home//.gnome2_private/ w, /home//.icons/ r, /home//.local/share/icons/ r, /usr/bin/bug-buddy ixr, /usr/bin/nm-applet mr, /usr/share/nm-applet/.glade r, }	about 1 year ago	Import of jmichaels profiles	61	dominic	Edit	History
opensuse10.3	/bin/basename	#include <tunables/global> /bin/basename { #include <abstractions/base> /bin/basename mr, }	8 months ago	firefox2	35	vojta	Edit	History
opensuse10.3	/usr/lib/cups/backend/scsi	#include <tunables/global> /usr/lib/cups/backend/scsi flags=(complain) { #include <abstractions/base> /usr/lib/cups/backend/scsi mr, }	about 1 year ago	cups testing	55	dominic	Edit	History
opensuse10.3	/usr/sbin/postsuper	#include <tunables/global> /usr/sbin/postsuper flags=(complain) { #include <abstractions/base> /usr/sbin/postsuper mr, }	about 1 year ago	changes 6	43	security	Edit	History
opensuse10.3	/sbin/modprobe	#include <tunables/global> /sbin/modprobe { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/nameservice> capability net_raw, capability sys_module, /bin/bash ixr, /bin/true ixr, /etc/modprobe.conf r, /etc/modprobe.conf.local r, /etc/modprobe.d/ r, /etc/modprobe.d/* r, /lib/modules/*.ko krw, /lib/modules//modules.alias r, /lib/modules/*/modules.dep r, /proc/meminfo r, /proc/modules r, /sbin/modprobe ixr, }	about 1 year ago	Import of jmichaels profiles	59	dominic	Edit	History
opensuse10.3	/usr/bin/nm-applet	#include <tunables/global> /usr/bin/nm-applet { #include <abstractions/base> #include <abstractions/dbus> #include <abstractions/gnome> #include <abstractions/kde> #include <abstractions/nameservice> /etc/gnome-vfs-2.0/modules/ r, /etc/sound/events/gtk-events-2.soundlist r, /home//.ICEauthority r, /home//.Xauthority r, /home//.esd_auth r, /home//.fontconfig/* r, /home//.gnome2_private/ w, /home//.icons/ r, /home//.local/share/icons/ r, /usr/bin/bug-buddy ixr, /usr/bin/nm-applet mr, /usr/share/nm-applet/.glade r, }	11 months ago	none	36	cinimod	Edit	History
opensuse10.3	/bin/sleep	#include <tunables/global> /bin/sleep { #include <abstractions/base> /bin/sleep mr, }	about 1 year ago	Import of jmichaels profiles	25	dominic	Edit	History
opensuse10.3	/sbin/route	#include <tunables/global> /sbin/route { #include <abstractions/base> #include <abstractions/nameservice> capability net_admin, /proc/net/route r, /sbin/route mr, }	11 months ago	none	31	cinimod	Edit	History
opensuse10.3	/usr/bin/evince	#include <tunables/global> /usr/bin/evince { #include <abstractions/base> #include <abstractions/gnome> #include <abstractions/kde> #include <abstractions/nameservice> capability dac_override, capability setgid, capability setuid, / r, /Archiv/ r, /Archiv/** rw, /etc/gai.conf r, /etc/ghostscript/8.15/Fontmap r, /etc/ghostscript/8.15/Fontmap.X11-auto r, /etc/ghostscript/8.15/cidfmap r, /etc/ghostscript/8.15/xlatmap r, /etc/gnome-vfs-2.0/modules/ r, /etc/mtab r, /etc/sound/events/gtk-events-2.soundlist r, /etc/xpdfrc r, /etc/xpdfrc-cjk r, /etc/xpdfrc-cjk-auto r, /etc/xpdfrc-cjk.sjis r, /home// r, /home//.ICEauthority r, /home//.Xauthority r, /home//.bash_history r, /home//.bashrc r, /home//.beagle/socket w, /home//.cedegarc r, /home//.config/gtk-2.0/gtkfilechooser.ini rw, /home//.config/gtk-2.0/gtkfilechooser.ini.0S3G2T rw, /home//.config/gtk-2.0/gtkfilechooser.ini.66SB2T rw, /home//.config/gtk-2.0/gtkfilechooser.ini.9HHL1T rw, /home//.config/gtk-2.0/gtkfilechooser.ini.Q0VH2T rw, /home//.config/gtk-2.0/gtkfilechooser.ini.UPEH2T rw, /home//.dmrc r, /home//.dvipsrc r, /home//.emacs r, /home//.esd_auth r, /home//.exrc r, /home//.fontconfig/ r, /home//.gnome2/accels/evince rw, /home//.gnome2/evince/ev-metadata.xml rw, /home//.gnome2/evince/print-settings rw, /home//.gnome2/evince/print-settings.* rw, /home//.gnome2_private/ w, /home//.gpilotd.pid r, /home//.gtkrc-1.2-gnome2 r, /home//.icons/ r, /home//.inputrc r, /home//.kermrc r, /home//.local/share/icons/ r, /home//.local/share/mime/aliases r, /home//.local/share/mime/globs r, /home//.local/share/mime/magic r, /home//.local/share/mime/mime.cache r, /home//.local/share/mime/subclasses r, /home//.mailcap r, /home//.muttrc r, /home//.opensuse-updater-gnome r, /home//.profile r, /home//.realplayerrc r, /home//.recently-used r, /home//.recently-used.xbel rw, /home//.recently-used.xbel.* rw, /home//.urlview r, /home//.viminfo r, /home//.windows-label r, /home//.xcoralrc r, /home//.xim.template r, /home//.xinitrc.template r, /home//.xsession-errors r, /home//.xtalkrc r, /home//Desktop/ rw, /home//Desktop/*.pdf rw, /proc//mounts r, /proc/meminfo r, /root/.esd_auth r, /root/.gnome2/accels/evince rw, /root/.gnome2/evince/ w, /root/.gnome2_private/ w, /root/.local/share/mime/aliases r, /root/.local/share/mime/globs r, /root/.local/share/mime/magic r, /root/.local/share/mime/mime.cache r, /root/.local/share/mime/subclasses r, /root/.recently-used.xbel.FXVN3T rw, /root/.recently-used.xbel.WCCU3T rw, /root/.recently-used.xbel.X1XL3T rw, /root/.recently-used.xbel.XLCN3T rw, /root/.xauthQESsMm r, /usr/bin/bug-buddy ixr, /usr/bin/evince mr, /usr/bin/gs ixr, /usr/lib/ mr, /usr/share/evince/evince-toolbar.xml r, /usr/share/evince/evince-ui.xml r, /usr/share/evince/icons/ r, /usr/share/evince/icons/hicolor/ r, /usr/share/ghostscript/8.15/Resource/CMap/ r, /usr/share/ghostscript/8.15/lib/.ps r, /usr/share/ghostscript/8.15/lib/Fontmap.GS r, /usr/share/ghostscript/8.15/lib/Fontmap.rus r, /usr/share/ghostscript/8.15/lib/cjkv/.ps r, /usr/share/ghostscript/8.15/lib/escp_24.src r, /usr/share/locale-bundle/de/LC_MESSAGES/atk10.mo r, /usr/share/locale-bundle/de/LC_MESSAGES/evince.mo r, /usr/share/locale-bundle/de/LC_MESSAGES/glib20.mo r, /usr/share/locale-bundle/de/LC_MESSAGES/gnome-vfs-2.0.mo r, /usr/share/locale-bundle/de/LC_MESSAGES/gtk20-properties.mo r, /usr/share/locale-bundle/de/LC_MESSAGES/gtk20.mo r, /usr/share/locale-bundle/de/LC_MESSAGES/libbonobo-2.0.mo r, /usr/share/locale-bundle/de/LC_MESSAGES/libgnomeui-2.0.mo r, /usr/share/mime/application/octet-stream.xml r, /usr/share/mime/application/pdf.xml r, /usr/share/mime/application/vnd.oasis.opendocument.spreadsheet.xml r, /usr/share/mime/application/vnd.oasis.opendocument.text.xml r, /usr/share/mime/application/x-compressed-tar.xml r, /usr/share/mime/application/x-deb.xml r, /usr/share/mime/application/x-mozilla-bookmarks.xml r, /usr/share/mime/application/x-shellscript.xml r, /usr/share/mime/application/x-xbel.xml r, /usr/share/mime/application/xml.xml r, /usr/share/mime/application/zip.xml r, /usr/share/mime/inode/directory.xml r, /usr/share/mime/text/plain.xml r, /usr/share/mime/text/x-csrc.xml r, /usr/share/mime/text/x-log.xml r, /usr/share/xpdf/** r, /var/cache/libx11/compose/* r, /var/run/cups/cups.sock w, /var/run/nscd/services r, }	about 1 year ago		62	overwrite	Edit	History
opensuse10.3	/usr/bin/skype	#include <tunables/global> /usr/bin/skype { #include <abstractions/audio> #include <abstractions/base> #include <abstractions/fonts> #include <abstractions/freedesktop.org> #include <abstractions/kde> #include <abstractions/nameservice> /etc/gai.conf r, /home//.Skype/ rw, /home//.Skype/** krw, /home//.config/Trolltech.conf kr, /home//.fontconfig/** r, /home//.kde/share/config/kioslaverc r, /proc/interrupts r, /usr/bin/skype mr, /usr/share/skype/* kr, /var/cache/libx11/compose/l4_024_313cb605_00280cc0 r, }	about 1 year ago		47	orat	Edit	History
opensuse10.3	/sbin/modprobe	#include <tunables/global> /sbin/modprobe { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> #include <abstractions/nameservice> capability net_raw, capability sys_module, /bin/bash ixr, /bin/true ixr, /etc/modprobe.conf r, /etc/modprobe.conf.local r, /etc/modprobe.d/ r, /etc/modprobe.d/* r, /lib/modules/*.ko krw, /lib/modules//modules.alias r, /lib/modules/*/modules.dep r, /proc/meminfo r, /proc/modules r, /sbin/modprobe ixr, }	11 months ago	none	32	cinimod	Edit	History
opensuse10.3	/sbin/syslog-ng	# $Id$ # ------------------------------------------------------------------ # # Copyright (C) 2006 Novell/SUSE # Copyright (C) 2006 Christian Boltz # # This program is free software; you can redistribute it and/or # modify it under the terms of version 2 of the GNU General Public # License published by the Free Software Foundation. # # ------------------------------------------------------------------ #include <tunables/global> /sbin/syslog-ng { #include <abstractions/base> #include <abstractions/consoles> #include <abstractions/nameservice> capability chown, capability dac_override, capability fowner, capability fsetid, /dev/log w, /dev/tty10 rw, /dev/xconsole rw, /etc/syslog-ng/* r, /sbin/syslog-ng mr, /var/lib//dev/log w, /var/log/* w, /var/run/syslog-ng.pid w, }	about 1 year ago	Initial Revision	62	novell	Edit	History
opensuse10.3	/etc/sysconfig/network/scripts/50-ntp	#include <tunables/global> /etc/sysconfig/network/scripts/50-ntp flags=(complain) { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> /bin/bash ixr, /etc/init.d/ntp Px, /etc/sysconfig/network/scripts/50-ntp mr, /proc/meminfo r, /sbin/chkconfig Px, }	about 1 year ago	argh, switch things back to complain for a while	49	jmichael	Edit	History
opensuse10.3	/bin/sleep	#include <tunables/global> /bin/sleep { #include <abstractions/base> /bin/sleep mr, }	11 months ago	none	21	cinimod	Edit	History
opensuse10.3	/etc/apparmor/profiles/extras/usr.bin.opera	#include <tunables/global> /etc/apparmor/profiles/extras/usr.bin.opera flags=(complain) { #include <abstractions/base> /etc/apparmor/profiles/extras/usr.bin.opera mr, }	about 1 year ago	opera	65	gs222gs	Edit	History
opensuse10.3	/usr/lib/cups/backend/hal	#include <tunables/global> /usr/lib/cups/backend/hal flags=(complain) { #include <abstractions/base> /usr/lib/cups/backend/hal mr, }	about 1 year ago	cups testing	71	dominic	Edit	History
opensuse10.3	/sbin/route	#include <tunables/global> /sbin/route { #include <abstractions/base> #include <abstractions/nameservice> capability net_admin, /proc/net/route r, /sbin/route mr, }	about 1 year ago	Import of jmichaels profiles	55	dominic	Edit	History
opensuse10.3	/usr/bin/gnome-cups-icon	#include <tunables/global> /usr/bin/gnome-cups-icon { #include <abstractions/base> #include <abstractions/gnome> #include <abstractions/nameservice> /etc/gnome-vfs-2.0/modules/ r, /etc/sound/events/gtk-events-2.soundlist r, /home//.ICEauthority r, /home//.Xauthority r, /home//.cups/lpoptions r, /home//.gnome2_private/ w, /tmp/orbit-*/bonobo-activation-register.lock klrw, /usr/bin/bug-buddy ixr, /usr/bin/gnome-cups-icon mr, /var/run/cups/cups.sock w, /var/run/nscd/services r, }	about 1 year ago	Import of jmichaels profiles	51	dominic	Edit	History
opensuse10.3	usr/bin/file	#include <tunables/global> profile usr/bin/file { #include <abstractions/base> /etc/magic r, /usr/bin/file mr, /usr/share/misc/magic.mgc r, }	7 months ago	test profile - please don't use	14	jjohansen	Edit	History
opensuse10.3	/sbin/syslog-ng	# $Id$ # ------------------------------------------------------------------ # # Copyright (C) 2006 Novell/SUSE # Copyright (C) 2006 Christian Boltz # # This program is free software; you can redistribute it and/or # modify it under the terms of version 2 of the GNU General Public # License published by the Free Software Foundation. # # ------------------------------------------------------------------ #include <tunables/global> /sbin/syslog-ng { #include <abstractions/base> #include <abstractions/consoles> #include <abstractions/nameservice> capability chown, capability dac_override, capability fowner, capability fsetid, /dev/log w, /dev/tty10 rw, /dev/xconsole rw, /etc/syslog-ng/* r, /sbin/syslog-ng mr, /var/lib//dev/log w, /var/log/* w, /var/run/syslog-ng.pid w, }	11 months ago	none	23	cinimod	Edit	History
opensuse10.3	/usr/bin/top	#include <tunables/global> /usr/bin/top flags=(complain) { #include <abstractions/base> /proc/ r, /proc//stat r, /proc//statm r, /proc/loadavg r, /proc/sys/kernel/pid_max r, /proc/uptime r, /usr/bin/top mr, /usr/share/terminfo/x/xterm r, /var/run/nscd/passwd r, /var/run/nscd/socket w, /var/run/utmp kr, }	about 1 year ago	top-log	69	Sakthivel Rajan N	Edit	History
opensuse10.3	/usr/bin/evince	#include <tunables/global> /usr/bin/evince { #include <abstractions/base> #include <abstractions/gnome> #include <abstractions/kde> #include <abstractions/nameservice> /etc/gnome-vfs-2.0/modules/ r, /etc/mtab r, /etc/sound/events/gtk-events-2.soundlist r, /etc/xpdfrc r, /etc/xpdfrc-cjk r, /etc/xpdfrc-cjk-auto r, /etc/xpdfrc-cjk.sjis r, /home//.ICEauthority r, /home//.Xauthority r, /home//.esd_auth r, /home//.fontconfig/* r, /home//.gnome2/accels/evince rw, /home//.gnome2/evince/ev-metadata.xml rw, /home//.gnome2_private/ w, /home//.icons/ r, /home//.local/share/icons/ r, /home//.recently-used.xbel rw, /home//.recently-used.xbel. rw, /home//Desktop/.pdf r, /proc/meminfo r, /usr/bin/evince mr, /usr/share/evince/evince-toolbar.xml r, /usr/share/evince/evince-ui.xml r, /usr/share/evince/icons/ r, /usr/share/evince/icons/hicolor/* r, /usr/share/xpdf/** r, /var/cache/libx11/compose/* r, }	about 1 year ago	Import of jmichaels profiles	51	dominic	Edit	History
opensuse10.3	/usr/bin/gnome-power-manager	#include <tunables/global> /usr/bin/gnome-power-manager { #include <abstractions/base> #include <abstractions/dbus> #include <abstractions/gnome> #include <abstractions/kde> #include <abstractions/nameservice> /etc/gnome-vfs-2.0/modules/ r, /etc/sound/events/gtk-events-2.soundlist r, /home//.ICEauthority r, /home//.Xauthority r, /home//.esd_auth r, /home//.fontconfig/* r, /home//.gnome2/gnome-power-manager/ w, /home//.gnome2/gnome-power-manager/* rw, /home//.gnome2_private/ w, /home//.gstreamer-0.10/registry.i686.xml rw, /home//.gstreamer-0.10/registry.i686.xml.tmp rw, /home//.icons/ r, /home//.local/share/icons/ r, /proc/stat r, /usr/bin/bug-buddy ixr, /usr/bin/gnome-power-manager mr, /usr/lib/nautilus-cd-burner/mapping-daemon Px, /usr/share/gnome-power-manager/.glade r, /usr/share/gnome-power-manager/icons/ r, /usr/share/gnome-power-manager/icons/* r, }	11 months ago	none	34	cinimod	Edit	History
opensuse10.3	/usr/bin/gnome-cups-icon	#include <tunables/global> /usr/bin/gnome-cups-icon { #include <abstractions/base> #include <abstractions/gnome> #include <abstractions/nameservice> /etc/gnome-vfs-2.0/modules/ r, /etc/sound/events/gtk-events-2.soundlist r, /home//.ICEauthority r, /home//.Xauthority r, /home//.cups/lpoptions r, /home//.gnome2_private/ w, /tmp/orbit-*/bonobo-activation-register.lock klrw, /usr/bin/bug-buddy ixr, /usr/bin/gnome-cups-icon mr, /var/run/cups/cups.sock w, /var/run/nscd/services r, }	11 months ago	none	31	cinimod	Edit	History
opensuse10.3	/usr/lib/nautilus-cd-burner/mapping-daemon	#include <tunables/global> /usr/lib/nautilus-cd-burner/mapping-daemon flags=(complain) { #include <abstractions/base> #include <abstractions/nameservice> /tmp/mapping-* w, /tmp/virtual-*/ w, /usr/lib/nautilus-cd-burner/mapping-daemon mr, }	about 1 year ago	argh, switch things back to complain for a while	66	jmichael	Edit	History
opensuse10.3	/usr/sbin/saslauthd	#include <tunables/global> /usr/sbin/saslauthd { #include <abstractions/authentication> #include <abstractions/base> #include <abstractions/nameservice> capability dac_override, /etc/saslauthd.conf r, /usr/sbin/saslauthd mr, /var/run/sasl2/* krw, }	about 1 year ago		38	jco	Edit	History
opensuse10.3	/usr/lib/AntiVir/antivir-gui	#include <tunables/global> /usr/lib/AntiVir/antivir-gui { #include <abstractions/base> #include <abstractions/bash> /bin/bash ix, /usr/lib/AntiVir/antivir-gui mr, }	about 1 year ago	ChangeLog	34	tdanisi	Edit	History
opensuse10.3	/usr/sbin/iwconfig	#include <tunables/global> /usr/sbin/iwconfig flags=(complain) { #include <abstractions/base> #include <abstractions/nameservice> capability net_admin, /proc/net/dev r, /usr/sbin/iwconfig mr, }	about 1 year ago	argh, switch things back to complain for a while	66	jmichael	Edit	History
opensuse10.3	/sbin/ifconfig	#include <tunables/global> /sbin/ifconfig flags=(complain) { #include <abstractions/base> /sbin/ifconfig mr, }	10 months ago		34	AnThraxII	Edit	History
opensuse10.3	/usr/sbin/zypp-checkpatches-wrapper	#include <tunables/global> /usr/sbin/zypp-checkpatches-wrapper flags=(complain) { #include <abstractions/base> #include <abstra