AppArmor profile exchange

Find profiles by name | Find profiles by author | Find profiles by name and author | List all profiles | List all users | My profiles | New profile | Anonymous | Login

liviudm's profiles

Distribution Name Profile Created At Changelog View Count Username
opensuse11.0 /usr/sbin/sshd # $Id: usr.sbin.sshd 697 2007-05-25 03:09:30Z steve-beattie $ # ------------------------------------------------------------------ # # Copyright (C) 2002-2005 Novell/SUSE # # This program is free software; you can redistribute it and/or # modify it under the terms of version 2 of the GNU General Public # License published by the Free Software Foundation. # # ------------------------------------------------------------------ # will need to revalidate this profile once we finish re-architecting # the change_hat patch. # #include <tunables/global> /usr/sbin/sshd flags=(complain) { #include <abstractions/authentication> #include <abstractions/base> #include <abstractions/consoles> #include <abstractions/nameservice> #include <abstractions/wutmp> capability chown, capability fowner, capability kill, capability net_bind_service, capability setgid, capability setuid, capability sys_chroot, capability sys_tty_config, /bin/ash Ux, /bin/bash Ux, /bin/bash2 Ux, /bin/bsh Ux, /bin/csh Ux, /bin/ksh Ux, /bin/sh Ux, /bin/tcsh Ux, /bin/zsh Ux, /dev/ptmx rw, /dev/pts/[0-9]* rw, /dev/urandom r, /etc/environment r, /etc/hosts.allow r, /etc/hosts.deny r, /etc/modules.conf r, /etc/motd r, /etc/ssh/* r, /etc/ssh/moduli r, /sbin/nologin Ux, /tmp/ssh-*/agent.[0-9]* rwl, /tmp/ssh-*[0-9]*/ w, /usr/sbin/sshd mrix, /var/run w, /var/run/sshd{,.init}.pid wl, @{HOME}/.ssh/authorized_keys{,2} r, @{PROC}/[0-9]*/fd/ r, @{PROC}/[0-9]*/loginuid w, @{PROC}/[0-9]*/mounts r, ^AUTHENTICATED flags=(complain) { #include <abstractions/authentication> #include <abstractions/consoles> #include <abstractions/nameservice> #include <abstractions/wutmp> capability setgid, capability setuid, capability sys_tty_config, /dev/log w, /dev/ptmx rw, /etc/default/passwd r, /etc/localtime r, /etc/login.defs r, /etc/motd r, /tmp/ssh-*/agent.[0-9]* rwl, /tmp/ssh-*[0-9]*/ w, } ^EXEC flags=(complain) { #include <abstractions/base> /bin/ash Ux, /bin/bash Ux, /bin/bash2 Ux, /bin/bsh Ux, /bin/csh Ux, /bin/ksh Ux, /bin/sh Ux, /bin/tcsh Ux, /bin/zsh Ux, /sbin/nologin Ux, } ^PRIVSEP flags=(complain) { #include <abstractions/base> #include <abstractions/nameservice> capability setgid, capability setuid, capability sys_chroot, } ^PRIVSEP_MONITOR flags=(complain) { #include <abstractions/authentication> #include <abstractions/base> #include <abstractions/nameservice> #include <abstractions/wutmp> capability chown, capability setgid, capability setuid, /dev/ptmx rw, /dev/pts/[0-9]* rw, /dev/urandom r, /etc/hosts.allow r, /etc/hosts.deny r, /etc/ssh/moduli r, @{HOME}/.ssh/authorized_keys{,2} r, @{PROC}/[0-9]*/mounts r, } } 7 months ago 76 liviudm Edit History
opensuse11.0 /usr/bin/pidgin #include <tunables/global> /usr/bin/pidgin { #include <abstractions/base> #include <abstractions/nameservice> /proc/*/mounts r, /tmp/.X11-unix/X0 w, /usr/bin/pidgin r, /usr/share/locale-bundle/ru/LC_MESSAGES/gtk20-properties.mo r, /usr/share/locale-bundle/ru/LC_MESSAGES/gtk20.mo r, } 7 months ago 33 liviudm Edit History