wallenstein/void-packages
1
0
Fork 0
mirror of https://github.com/void-linux/void-packages.git synced 2025-07-29 08:52:56 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

apparmor: run dhcpcd hook wrapper unconfined (#222)

Browse source
This commit is contained in:
Olivier Mauras 2018-06-20 09:10:16 +00:00 committed by Andrea Brancaleoni
parent af2895df63
commit b28a023f94
2 changed files with 3 additions and 41 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

42
srcpkgs/apparmor/files/profiles/usr.bin.dhcpcd
View file

@ -39,51 +39,13 @@ profile dhcpcd /{usr/,}bin/dhcpcd {
/usr/lib/ld-*.so m, /usr/lib/ld-*.so m,
/usr/lib/libc-*.so m, /usr/lib/libc-*.so m,
# Transition to a child profile for hooks # Trust hooks and run the wrapper unconfined
/usr/libexec/dhcpcd-run-hooks Cx -> dhcpcd_run_hooks, /usr/libexec/dhcpcd-run-hooks CUx,
/var/db/dhcpcd-*.lease rw, /var/db/dhcpcd-*.lease rw,
/var/db/dhcpcd/** rw, /var/db/dhcpcd/** rw,
/{usr/,}bin/dhcpcd mrix, /{usr/,}bin/dhcpcd mrix,
# Child profile for hooks
profile dhcpcd_run_hooks {
#include <abstractions/base>
#include <abstractions/nameservice>
capability sys_admin,
capability sys_tty_config,
/etc/chrony.conf rw,
/etc/ntpd.conf rw,
/etc/resolv.conf rw,
/etc/wpa_supplicant/wpa_supplicant*.conf r,
/{var/,}run/dhcpcd/ rw,
/{var/,}run/dhcpcd/{ntp,resolv}.conf.** rw,
/{var/,}run/dhcpcd/{ntp,resolv}.conf/ rw,
/{var/,}run/dhcpcd/{ntp,resolv}.conf/*.dhcp rw,
/usr/bin/cat mrix,
/usr/bin/chmod mrix,
/usr/bin/cmp mrix,
/usr/bin/dash mr,
/usr/bin/hostname-coreutils mrix,
/usr/bin/mkdir mrix,
/usr/bin/rm mrix,
/usr/bin/sed mrix,
/usr/bin/util-linux-logger mrix,
/usr/bin/wpa_supplicant CUx,
/usr/bin/wpa_cli CUx,
/usr/bin/resolvconf CUx,
/usr/libexec/dhcpcd-hooks/ r,
/usr/libexec/dhcpcd-hooks/* r,
/usr/libexec/dhcpcd-run-hooks r,
/usr/share/dhcpcd/hooks/* r,
}
# Site-specific additions and overrides. See local/README for details. # Site-specific additions and overrides. See local/README for details.
#include <local/usr.bin.dhcpcd> #include <local/usr.bin.dhcpcd>
} }

2
srcpkgs/apparmor/template
View file

@ -1,7 +1,7 @@
# Template file for 'apparmor' # Template file for 'apparmor'
pkgname=apparmor pkgname=apparmor
version=2.13.0 version=2.13.0
revision=1 revision=2
_short_ver=${version%\.*} _short_ver=${version%\.*}
wrksrc="${pkgname}-v${_short_ver}" wrksrc="${pkgname}-v${_short_ver}"
configure_args="--prefix=/usr --with-perl --with-python" configure_args="--prefix=/usr --with-perl --with-python"