forked from I2P_Developers/i2p.i2p
49 lines
1.6 KiB
Plaintext
49 lines
1.6 KiB
Plaintext
# Last Modified: Thu Jan 29 03:17:01 2015
|
|
# vim:syntax=apparmor et ts=8 sw=4
|
|
|
|
#include <tunables/global>
|
|
|
|
/usr/bin/i2prouter {
|
|
#include <abstractions/i2p>
|
|
capability sys_ptrace,
|
|
|
|
/usr/bin/i2prouter r,
|
|
|
|
@{PROC}/[0-9]*/stat r,
|
|
@{PROC}/[0-9]*/cmdline r,
|
|
@{PROC}/uptime r,
|
|
@{PROC}/sys/kernel/pid_max r,
|
|
|
|
/bin/{,b,d}ash rix,
|
|
/bin/cat rix,
|
|
/bin/grep rix,
|
|
/bin/mkdir rix,
|
|
/bin/ps rix,
|
|
/bin/rm rix,
|
|
/bin/sed rix,
|
|
/bin/sleep rix,
|
|
/bin/uname rix,
|
|
/bin/which rix,
|
|
|
|
/usr/bin/{,g,m}awk rix,
|
|
/usr/bin/cut rix,
|
|
/usr/bin/dirname rix,
|
|
/usr/bin/expr rix,
|
|
/usr/bin/id rix,
|
|
/usr/bin/ldd rix,
|
|
/usr/bin/tail rix,
|
|
/usr/bin/tr rix,
|
|
|
|
@{HOME}/.java/fonts/** r,
|
|
owner @{HOME}/.i2p/ rw,
|
|
owner @{HOME}/.i2p/** rwk,
|
|
|
|
# Prevent spamming the logs
|
|
deny owner @{HOME}/.java/ wk,
|
|
deny @{HOME}/.fontconfig/ wk,
|
|
deny @{HOME}/.java/fonts/** wk,
|
|
|
|
# Site-specific additions and overrides. See local/README for details.
|
|
#include <local/usr.bin.i2prouter>
|
|
}
|