From e4798b9ed85cbf6f6ed716582458a36a268155ab Mon Sep 17 00:00:00 2001
From: kytv <kytv@mail.i2p>
Date: Thu, 21 May 2015 16:46:19 +0000
Subject: [PATCH] allow user scripts installed to cgi-bin to be executed

---
 debian/apparmor/system_i2p        | 1 +
 debian/apparmor/usr.bin.i2prouter | 3 ++-
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/debian/apparmor/system_i2p b/debian/apparmor/system_i2p
index 9af33b5242..0645b5f858 100644
--- a/debian/apparmor/system_i2p
+++ b/debian/apparmor/system_i2p
@@ -5,6 +5,7 @@ profile system_i2p {
   #include <abstractions/i2p>
 
   owner /{,lib/live/mount/overlay/}var/lib/i2p/** rwkl,
+  owner /{,lib/live/mount/overlay/}var/lib/i2p/i2p-config/eepsite/cgi-bin rix,
   owner /{,lib/live/mount/overlay/}var/log/i2p/* rw,
 
   owner /{,var/}run/i2p/{i2p,routerjvm}.pid rw,
diff --git a/debian/apparmor/usr.bin.i2prouter b/debian/apparmor/usr.bin.i2prouter
index 9f871e7ed8..cf8f9a17b9 100644
--- a/debian/apparmor/usr.bin.i2prouter
+++ b/debian/apparmor/usr.bin.i2prouter
@@ -40,7 +40,8 @@
 
   @{HOME}/.java/fonts/**                r,
   owner  @{HOME}/.i2p/                  rw,
-  owner  @{HOME}/.i2p/**                rwk,
+  owner  @{HOME}/.i2p/**                rwkl,
+  owner  @{HOME}/.i2p/eepsite/cgi-bin/** rix,
 
   # Prevent spamming the logs
   deny owner @{HOME}/.java/             wk,
-- 
GitLab