[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] r36137 - gnunet/contrib/apparmor
|
From: |
gnunet |
|
Subject: |
[GNUnet-SVN] r36137 - gnunet/contrib/apparmor |
|
Date: |
Tue, 28 Jul 2015 16:56:33 +0200 |
Author: jmorvan
Date: 2015-07-28 16:56:33 +0200 (Tue, 28 Jul 2015)
New Revision: 36137
Added:
gnunet/contrib/apparmor/usr.local.bin.gnunet-arm
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-daemon-exit
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-daemon-hostlist
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-daemon-latency-logger
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-daemon-pt
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-daemon-regexprofiler
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-daemon-testbed-blacklist
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-daemon-testbed-underlay
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-daemon-topology
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-dns2gns
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-gns-proxy
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-helper-audio-playback
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-helper-audio-record
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-helper-dns
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-helper-exit
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-helper-fs-publish
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-helper-nat-client
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-helper-nat-server
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-helper-testbed
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-helper-transport-wlan
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-helper-transport-wlan-dummy
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-helper-vpn
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-namestore-fcfsd
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-arm
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-ats
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-cadet
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-conversation
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-core
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-datastore
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-dht
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-dns
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-fs
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-gns
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-identity
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-mesh
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-namecache
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-namestore
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-nse
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-peerinfo
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-peerstore
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-regex
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-resolver
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-revocation
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-scalarproduct-alice
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-scalarproduct-bob
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-set
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-statistics
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-template
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-testbed
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-testbed-logger
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-transport
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-vpn
Log:
Add AppArmor profiles
Added: gnunet/contrib/apparmor/usr.local.bin.gnunet-arm
===================================================================
--- gnunet/contrib/apparmor/usr.local.bin.gnunet-arm
(rev 0)
+++ gnunet/contrib/apparmor/usr.local.bin.gnunet-arm 2015-07-28 14:56:33 UTC
(rev 36137)
@@ -0,0 +1,27 @@
+#/usr/local/lib Last Modified: Fri Jul 3 14:48:33 2015
+#include <tunables/global>
+
+/usr/local/bin/gnunet-arm {
+ #include <abstractions/gnunet-common>
+
+ /usr/local/bin/gnunet-arm mr,
+
+ /usr/lib/gconv/gconv-modules r,
+
+ /usr/local/lib/libgnunetarm.so.* mr,
+
+ /dev/null ra,
+
+ /usr/lib/locale/locale-archive r,
+
+ /usr/share/locale/locale.alias r,
+ /usr/share/locale/fr/LC_MESSAGES/libc.mo r,
+
+ #Gnunet service
+ /usr/local/lib/gnunet/libexec/gnunet-service-arm Px ,
+
+ /tmp/gnunet-*-runtime/ rw,
+ /tmp/gnunet-*-runtime/gnunet-service-arm.sock rw,
+
+ #/tmp/gnunet-gnunet-runtime/* rw,
+}
Added: gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-daemon-exit
===================================================================
--- gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-daemon-exit
(rev 0)
+++ gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-daemon-exit
2015-07-28 14:56:33 UTC (rev 36137)
@@ -0,0 +1,23 @@
+# Last Modified: Mon Jul 27 15:57:50 2015
+#include <tunables/global>
+
+/usr/local/lib/gnunet/libexec/gnunet-daemon-exit {
+ #include <abstractions/gnunet-common>
+
+ /usr/lib/ld-*.so r,
+
+ /usr/lib/locale/locale-archive r,
+
+ /usr/local/lib/gnunet/libexec/gnunet-daemon-exit mr,
+
+ #Gnunet librairies
+ /usr/local/lib/libgnunetcadet.so.* mr,
+ /usr/local/lib/libgnunetdht.so.* mr,
+ /usr/local/lib/libgnunetdnsstub.so.* mr,
+ /usr/local/lib/libgnunetregex.so.* mr,
+ /usr/local/lib/libgnunetstatistics.so.* mr,
+ /usr/local/lib/libgnunettun.so.* mr,
+
+ /usr/share/locale/locale.alias r,
+
+}
Added:
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-daemon-hostlist
===================================================================
--- gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-daemon-hostlist
(rev 0)
+++ gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-daemon-hostlist
2015-07-28 14:56:33 UTC (rev 36137)
@@ -0,0 +1,65 @@
+# Last Modified: Fri Jul 10 10:43:55 2015
+#include <tunables/global>
+
+/usr/local/lib/gnunet/libexec/gnunet-daemon-hostlist {
+ #include <abstractions/gnunet-common>
+
+ /etc/gai.conf r,
+ /etc/host.conf r,
+ /etc/hosts r,
+ /etc/nsswitch.conf r,
+ /etc/resolv.conf r,
+
+ /usr/lib/gconv/gconv-modules r,
+
+ #Librairies
+ /usr/lib/ld-*.so r,
+ /usr/lib/libacl.so.* mr,
+ /usr/lib/libattr.so.* mr,
+ /usr/lib/libcap.so.* mr,
+ /usr/lib/libcom_err.so.* mr,
+ /usr/lib/libcrypto.so.* mr,
+ /usr/lib/libffi.so.* mr,
+ /usr/lib/libgmp.so.* mr,
+ /usr/lib/libgnurl.so.* mr,
+ /usr/lib/libgnutls.so.* mr,
+ /usr/lib/libgssapi_krb5.so.* mr,
+ /usr/lib/libhogweed.so.* mr,
+ /usr/lib/libidn.so.* mr,
+ /usr/lib/libk5crypto.so.* mr,
+ /usr/lib/libkeyutils.so.* mr,
+ /usr/lib/libkrb5.so.* mr,
+ /usr/lib/libkrb5support.so.* mr,
+ /usr/lib/liblz4.so.* mr,
+ /usr/lib/liblzma.so.* mr,
+ /usr/lib/libmicrohttpd.so.* mr,
+ /usr/lib/libnettle.so.* mr,
+ /usr/lib/libnss_dns-*.so mr,
+ /usr/lib/libnss_files-*.so mr,
+ /usr/lib/libnss_gns.so.* mr,
+ /usr/lib/libnss_myhostname.so.* mr,
+ /usr/lib/libp11-kit.so.* mr,
+ /usr/lib/libpthread-*.so mr,
+ /usr/lib/libresolv-*.so mr,
+ /usr/lib/librt-*.so mr,
+ /usr/lib/libseccomp.so.* mr,
+ /usr/lib/libssh2.so.* mr,
+ /usr/lib/libssl.so.* mr,
+ /usr/lib/libtasn1.so.* mr,
+
+ /usr/lib/locale/locale-archive r,
+
+ /usr/local/lib/gnunet/libexec/gnunet-daemon-hostlist mr,
+
+ #Gnunet librairies
+ /usr/local/lib/libgnunetats.so.* mr,
+ /usr/local/lib/libgnunetcore.so.* mr,
+ /usr/local/lib/libgnunethello.so.* mr,
+ /usr/local/lib/libgnunetpeerinfo.so.* mr,
+ /usr/local/lib/libgnunetstatistics.so.* mr,
+ /usr/local/lib/libgnunettransport.so.* mr,
+ /usr/local/lib/libgnunetutil.so.* mr,
+
+ /usr/share/locale/fr/LC_MESSAGES/libc.mo r,
+ /usr/share/locale/locale.alias r,
+}
Added:
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-daemon-latency-logger
===================================================================
---
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-daemon-latency-logger
(rev 0)
+++
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-daemon-latency-logger
2015-07-28 14:56:33 UTC (rev 36137)
@@ -0,0 +1,16 @@
+# Last Modified: Mon Jul 27 16:25:08 2015
+#include <tunables/global>
+
+/usr/local/lib/gnunet/libexec/gnunet-daemon-latency-logger {
+ #include <abstractions/gnunet-common>
+
+ /usr/lib/ld-*.so r,
+ /usr/lib/libpthread-*.so mr,
+ /usr/lib/libsqlite3.so.* mr,
+ /usr/lib/locale/locale-archive r,
+ /usr/local/lib/gnunet/libexec/gnunet-daemon-latency-logger mr,
+ /usr/local/lib/libgnunetats.so.* mr,
+ /usr/local/lib/libgnunethello.so.* mr,
+ /usr/share/locale/locale.alias r,
+
+}
Added: gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-daemon-pt
===================================================================
--- gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-daemon-pt
(rev 0)
+++ gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-daemon-pt
2015-07-28 14:56:33 UTC (rev 36137)
@@ -0,0 +1,25 @@
+# Last Modified: Mon Jul 20 17:48:20 2015
+#include <tunables/global>
+
+/usr/local/lib/gnunet/libexec/gnunet-daemon-pt {
+ #include <abstractions/gnunet-common>
+
+ #Librairies
+ /usr/lib/ld-*.so r,
+ /usr/lib/libidn.so.* mr,
+
+ /usr/lib/locale/locale-archive r,
+
+ /usr/local/lib/gnunet/libexec/gnunet-daemon-pt mr,
+
+ #Gnunet librairies
+ /usr/local/lib/libgnunetcadet.so.* mr,
+ /usr/local/lib/libgnunetdht.so.* mr,
+ /usr/local/lib/libgnunetdns.so.* mr,
+ /usr/local/lib/libgnunetdnsparser.so.* mr,
+ /usr/local/lib/libgnunetmesh.so.* mr,
+ /usr/local/lib/libgnunetstatistics.so.* mr,
+ /usr/local/lib/libgnunetvpn.so.* mr,
+
+ /usr/share/locale/locale.alias r,
+}
Added:
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-daemon-regexprofiler
===================================================================
---
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-daemon-regexprofiler
(rev 0)
+++
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-daemon-regexprofiler
2015-07-28 14:56:33 UTC (rev 36137)
@@ -0,0 +1,12 @@
+# Last Modified: Tue Jul 28 11:42:58 2015
+#include <tunables/global>
+
+/usr/local/lib/gnunet/libexec/gnunet-daemon-regexprofiler flags=(complain) {
+ #include <abstractions/gnunet-common>
+
+ /usr/local/lib/gnunet/libexec/gnunet-daemon-regexprofiler mr,
+ /usr/local/lib/libgnunetdht.so.* mr,
+ /usr/local/lib/libgnunetregexblock.so.* mr,
+ /usr/local/lib/libgnunetstatistics.so.* mr,
+
+}
Added:
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-daemon-testbed-blacklist
===================================================================
---
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-daemon-testbed-blacklist
(rev 0)
+++
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-daemon-testbed-blacklist
2015-07-28 14:56:33 UTC (rev 36137)
@@ -0,0 +1,12 @@
+# Last Modified: Tue Jul 28 11:42:58 2015
+#include <tunables/global>
+
+/usr/local/lib/gnunet/libexec/gnunet-daemon-testbed-blacklist flags=(complain)
{
+ #include <abstractions/gnunet-common>
+
+ /usr/local/lib/gnunet/libexec/gnunet-daemon-testbed-blacklist mr,
+ /usr/local/lib/libgnunetats.so.* mr,
+ /usr/local/lib/libgnunethello.so.* mr,
+ /usr/local/lib/libgnunettransport.so.* mr,
+
+}
Added:
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-daemon-testbed-underlay
===================================================================
---
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-daemon-testbed-underlay
(rev 0)
+++
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-daemon-testbed-underlay
2015-07-28 14:56:33 UTC (rev 36137)
@@ -0,0 +1,22 @@
+# Last Modified: Mon Jul 27 16:37:03 2015
+#include <tunables/global>
+
+/usr/local/lib/gnunet/libexec/gnunet-daemon-testbed-underlay {
+ #include <abstractions/gnunet-common>
+
+ #Librairies
+ /usr/lib/ld-*.so r,
+ /usr/lib/libpthread-*.so mr,
+ /usr/lib/libsqlite3.so.* mr,
+
+ /usr/lib/locale/locale-archive r,
+
+ /usr/local/lib/gnunet/libexec/gnunet-daemon-testbed-underlay mr,
+
+ #Gnunet librairies
+ /usr/local/lib/libgnunetats.so.* mr,
+ /usr/local/lib/libgnunethello.so.* mr,
+ /usr/local/lib/libgnunettransport.so.* mr,
+
+ /usr/share/locale/locale.alias r,
+}
Added:
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-daemon-topology
===================================================================
--- gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-daemon-topology
(rev 0)
+++ gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-daemon-topology
2015-07-28 14:56:33 UTC (rev 36137)
@@ -0,0 +1,26 @@
+# Last Modified: Fri Jul 3 17:37:12 2015
+#include <tunables/global>
+
+/usr/local/lib/gnunet/libexec/gnunet-daemon-topology {
+ #include <abstractions/gnunet-common>
+
+ /usr/local/lib/gnunet/libexec/gnunet-daemon-topology mr,
+
+ #Gnunet librairies
+ /usr/local/lib/libgnunetats.so.* mr,
+ /usr/local/lib/libgnunetfriends.so.* mr,
+ /usr/local/lib/libgnunetcore.so.* mr,
+ /usr/local/lib/libgnunetpeerinfo.so.* mr,
+ /usr/local/lib/libgnunetstatistics.so.* mr,
+ /usr/local/lib/libgnunettransport.so.* mr,
+ /usr/local/lib/libgnunethello.so.* mr,
+
+ /usr/lib/ld-*.so r,
+
+ /usr/lib//locale/locale-archive r,
+
+ /usr/lib/gconv/gconv-modules r,
+
+ /usr/share/locale/locale.alias r,
+ /usr/share/locale/fr/LC_MESSAGES/libc.mo r,
+}
Added: gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-dns2gns
===================================================================
--- gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-dns2gns
(rev 0)
+++ gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-dns2gns
2015-07-28 14:56:33 UTC (rev 36137)
@@ -0,0 +1,25 @@
+# Last Modified: Tue Jul 21 16:45:05 2015
+#include <tunables/global>
+
+/usr/local/lib/gnunet/libexec/gnunet-dns2gns {
+ #include <abstractions/gnunet-common>
+
+ #Librairies
+ /usr/lib/ld-*.so r,
+ /usr/lib/libidn.so.* mr,
+
+ /usr/lib/locale/locale-archive r,
+
+ /usr/local/lib/gnunet/libexec/gnunet-dns2gns mr,
+
+ #Gnunet librairies
+ /usr/local/lib/libgnunetdnsparser.so.* mr,
+ /usr/local/lib/libgnunetdnsstub.so.* mr,
+ /usr/local/lib/libgnunetgns.so.* mr,
+ /usr/local/lib/libgnunetgnsrecord.so.* mr,
+ /usr/local/lib/libgnunetidentity.so.* mr,
+ /usr/local/lib/libgnunetnamestore.so.* mr,
+ /usr/local/lib/libgnunetstatistics.so.* mr,
+
+ /usr/share/locale/locale.alias r,
+}
Added: gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-gns-proxy
===================================================================
--- gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-gns-proxy
(rev 0)
+++ gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-gns-proxy
2015-07-28 14:56:33 UTC (rev 36137)
@@ -0,0 +1,49 @@
+# Last Modified: Tue Jul 21 16:35:07 2015
+#include <tunables/global>
+
+/usr/local/lib/gnunet/libexec/gnunet-gns-proxy {
+ #include <abstractions/gnunet-common>
+
+ /etc/ssl/openssl.cnf r,
+
+ @{HOME}/.local/share/gnunet/gns/gns_ca_cert.pem r,
+
+ #Librairies
+ /usr/lib/gconv/gconv-modules r,
+ /usr/lib/ld-*.so r,
+ /usr/lib/libcom_err.so.* mr,
+ /usr/lib/libcrypto.so.* mr,
+ /usr/lib/libffi.so.* mr,
+ /usr/lib/libgmp.so.* mr,
+ /usr/lib/libgnurl.so.* mr,
+ /usr/lib/libgnutls.so.* mr,
+ /usr/lib/libgssapi_krb5.so.* mr,
+ /usr/lib/libhogweed.so.* mr,
+ /usr/lib/libidn.so.* mr,
+ /usr/lib/libk5crypto.so.* mr,
+ /usr/lib/libkeyutils.so.* mr,
+ /usr/lib/libkrb5.so.* mr,
+ /usr/lib/libkrb5support.so.* mr,
+ /usr/lib/libltdl.so.* mr,
+ /usr/lib/libmicrohttpd.so.* mr,
+ /usr/lib/libnettle.so.* mr,
+ /usr/lib/libp11-kit.so.* mr,
+ /usr/lib/libpthread-*.so mr,
+ /usr/lib/libresolv-*.so mr,
+ /usr/lib/libssh2.so.* mr,
+ /usr/lib/libssl.so.* mr,
+ /usr/lib/libtasn1.so.* mr,
+
+ /usr/lib/locale/locale-archive r,
+
+ /usr/local/lib/gnunet/libexec/gnunet-gns-proxy mr,
+
+ #Gnunet librairies
+ /usr/local/lib/libgnunetdnsparser.so.* mr,
+ /usr/local/lib/libgnunetgns.so.* mr,
+ /usr/local/lib/libgnunetgnsrecord.so.* mr,
+ /usr/local/lib/libgnunetidentity.so.* mr,
+
+ /usr/share/locale/fr/LC_MESSAGES/libc.mo r,
+ /usr/share/locale/locale.alias r,
+}
Added:
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-helper-audio-playback
===================================================================
---
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-helper-audio-playback
(rev 0)
+++
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-helper-audio-playback
2015-07-28 14:56:33 UTC (rev 36137)
@@ -0,0 +1,9 @@
+# Last Modified: Tue Jul 28 11:46:24 2015
+#include <tunables/global>
+
+/usr/local/lib/gnunet/libexec/gnunet-helper-audio-playback flags=(complain) {
+ #include <abstractions/gnunet-common>
+ #include <abstractions/gnunet-libaudio>
+
+ /usr/local/lib/gnunet/libexec/gnunet-helper-audio-playback mr,
+}
Added:
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-helper-audio-record
===================================================================
---
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-helper-audio-record
(rev 0)
+++
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-helper-audio-record
2015-07-28 14:56:33 UTC (rev 36137)
@@ -0,0 +1,9 @@
+# Last Modified: Tue Jul 28 11:42:58 2015
+#include <tunables/global>
+
+/usr/local/lib/gnunet/libexec/gnunet-helper-audio-record flags=(complain) {
+ #include <abstractions/gnunet-common>
+ #include <abstractions/gnunet-libaudio>
+
+ /usr/local/lib/gnunet/libexec/gnunet-helper-audio-record mr,
+}
Added: gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-helper-dns
===================================================================
--- gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-helper-dns
(rev 0)
+++ gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-helper-dns
2015-07-28 14:56:33 UTC (rev 36137)
@@ -0,0 +1,43 @@
+# Last Modified: Mon Jul 27 15:24:34 2015
+#include <tunables/global>
+
+/usr/local/lib/gnunet/libexec/gnunet-helper-dns flags=(complain) {
+ #include <abstractions/gnunet-common>
+
+ capability net_admin,
+ capability net_raw,
+ capability setuid,
+
+ /dev/net/tun rw,
+ /dev/null rw,
+
+ /etc/gai.conf r,
+ /etc/group r,
+ /etc/iproute2/rt_tables r,
+ /etc/nsswitch.conf r,
+ /etc/protocols r,
+
+ @{PROC}/@{pid}/net/ip_tables_names r,
+ @{PROC}/sys/net/ipv4/conf/all/rp_filter rw,
+ @{PROC}/sys/net/ipv4/conf/default/rp_filter rw,
+
+ /usr/bin/ip rix,
+ /usr/bin/sysctl rix,
+ /usr/bin/xtables-multi rix,
+
+ /usr/lib/iptables/libxt_MARK.so mr,
+ /usr/lib/iptables/libxt_owner.so mr,
+ /usr/lib/iptables/libxt_standard.so mr,
+ /usr/lib/iptables/libxt_udp.so mr,
+
+ /usr/lib/ld-*.so r,
+ /usr/lib/libip4tc.so.* mr,
+ /usr/lib/libip6tc.so.* mr,
+ /usr/lib/libnss_files-*.so mr,
+
+ /usr/lib/libxtables.so.* mr,
+
+ /usr/lib/locale/locale-archive r,
+
+ /usr/local/lib/gnunet/libexec/gnunet-helper-dns mr,
+}
Added: gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-helper-exit
===================================================================
--- gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-helper-exit
(rev 0)
+++ gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-helper-exit
2015-07-28 14:56:33 UTC (rev 36137)
@@ -0,0 +1,11 @@
+# Last Modified: Tue Jul 28 11:44:00 2015
+#include <tunables/global>
+
+/usr/local/lib/gnunet/libexec/gnunet-helper-exit flags=(complain) {
+ #include <abstractions/gnunet-common>
+
+ capability setuid,
+
+ /usr/local/lib/gnunet/libexec/gnunet-helper-exit mr,
+
+}
Added:
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-helper-fs-publish
===================================================================
---
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-helper-fs-publish
(rev 0)
+++
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-helper-fs-publish
2015-07-28 14:56:33 UTC (rev 36137)
@@ -0,0 +1,13 @@
+# Last Modified: Tue Jul 28 11:42:58 2015
+#include <tunables/global>
+
+/usr/local/lib/gnunet/libexec/gnunet-helper-fs-publish flags=(complain) {
+ #include <abstractions/gnunet-common>
+
+ /usr/lib/libbz2.so.* mr,
+ /usr/lib/libextractor.so.* mr,
+ /usr/lib/libpthread-*.so mr,
+ /usr/lib/librt-*.so mr,
+
+ /usr/local/lib/gnunet/libexec/gnunet-helper-fs-publish mr,
+}
Added:
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-helper-nat-client
===================================================================
---
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-helper-nat-client
(rev 0)
+++
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-helper-nat-client
2015-07-28 14:56:33 UTC (rev 36137)
@@ -0,0 +1,11 @@
+# Last Modified: Tue Jul 28 11:44:00 2015
+#include <tunables/global>
+
+/usr/local/lib/gnunet/libexec/gnunet-helper-nat-client flags=(complain) {
+ #include <abstractions/gnunet-common>
+
+ capability setuid,
+
+ /usr/local/lib/gnunet/libexec/gnunet-helper-nat-client mr,
+
+}
Added:
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-helper-nat-server
===================================================================
---
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-helper-nat-server
(rev 0)
+++
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-helper-nat-server
2015-07-28 14:56:33 UTC (rev 36137)
@@ -0,0 +1,11 @@
+# Last Modified: Tue Jul 28 11:44:00 2015
+#include <tunables/global>
+
+/usr/local/lib/gnunet/libexec/gnunet-helper-nat-server flags=(complain) {
+ #include <abstractions/gnunet-common>
+
+ capability setuid,
+
+ /usr/local/lib/gnunet/libexec/gnunet-helper-nat-server mr,
+
+}
Added:
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-helper-testbed
===================================================================
--- gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-helper-testbed
(rev 0)
+++ gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-helper-testbed
2015-07-28 14:56:33 UTC (rev 36137)
@@ -0,0 +1,36 @@
+# Last Modified: Mon Jul 27 11:02:37 2015
+#include <tunables/global>
+
+/usr/local/lib/gnunet/libexec/gnunet-helper-testbed flags=(complain) {
+ #include <abstractions/gnunet-common>
+
+ /dev/null rw,
+
+ /etc/gai.conf r,
+
+ /usr/lib/ld-*.so r,
+
+ /usr/lib/locale/locale-archive r,
+
+ /usr/share/locale/locale.alias r,
+ /usr/share/locale/fr/LC_MESSAGES/libc.mo r,
+
+ /usr/lib/gconv/gconv-modules r,
+
+ /usr/local/lib/gnunet/libexec/ r,
+ /usr/local/lib/gnunet/libexec/gnunet-helper-testbed mr,
+ /usr/local/lib/gnunet/libexec/gnunet-service-arm r,
+ /usr/local/lib/gnunet/libexec/gnunet-service-testbed Px,
+
+ #Gnunet librairies
+ /usr/local/lib/libgnunetarm.so.* mr,
+ /usr/local/lib/libgnunetats.so.* mr,
+ /usr/local/lib/libgnunetcore.so.* mr,
+ /usr/local/lib/libgnunethello.so.* mr,
+ /usr/local/lib/libgnunetstatistics.so.* mr,
+ /usr/local/lib/libgnunettestbed.so.* mr,
+ /usr/local/lib/libgnunettesting.so.* mr,
+ /usr/local/lib/libgnunettransport.so.* mr,
+
+ /usr/local/share/gnunet/testing_hostkeys.ecc r,
+}
Added:
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-helper-transport-wlan
===================================================================
---
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-helper-transport-wlan
(rev 0)
+++
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-helper-transport-wlan
2015-07-28 14:56:33 UTC (rev 36137)
@@ -0,0 +1,11 @@
+# Last Modified: Tue Jul 28 11:44:00 2015
+#include <tunables/global>
+
+/usr/local/lib/gnunet/libexec/gnunet-helper-transport-wlan flags=(complain) {
+ #include <abstractions/gnunet-common>
+
+ capability setuid,
+
+ /usr/local/lib/gnunet/libexec/gnunet-helper-transport-wlan mr,
+
+}
Added:
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-helper-transport-wlan-dummy
===================================================================
---
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-helper-transport-wlan-dummy
(rev 0)
+++
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-helper-transport-wlan-dummy
2015-07-28 14:56:33 UTC (rev 36137)
@@ -0,0 +1,9 @@
+# Last Modified: Tue Jul 28 11:36:52 2015
+#include <tunables/global>
+
+/usr/local/lib/gnunet/libexec/gnunet-helper-transport-wlan-dummy
flags=(complain) {
+ #include <abstractions/gnunet-common>
+
+ /usr/local/lib/gnunet/libexec/gnunet-helper-transport-wlan-dummy mr,
+
+}
Added: gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-helper-vpn
===================================================================
--- gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-helper-vpn
(rev 0)
+++ gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-helper-vpn
2015-07-28 14:56:33 UTC (rev 36137)
@@ -0,0 +1,16 @@
+# Last Modified: Mon Jul 27 11:06:22 2015
+#include <tunables/global>
+
+/usr/local/lib/gnunet/libexec/gnunet-helper-vpn flags=(complain) {
+
+ capability net_admin,
+ capability setuid,
+
+ /dev/net/tun rw,
+ /etc/ld.so.cache r,
+ /usr/lib/ld-*.so r,
+ /usr/lib/libc-*.so mr,
+ /usr/lib/libm-*.so mr,
+ /usr/local/lib/gnunet/libexec/gnunet-helper-vpn mr,
+
+}
Added:
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-namestore-fcfsd
===================================================================
--- gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-namestore-fcfsd
(rev 0)
+++ gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-namestore-fcfsd
2015-07-28 14:56:33 UTC (rev 36137)
@@ -0,0 +1,30 @@
+# Last Modified: Tue Jul 21 17:25:12 2015
+#include <tunables/global>
+
+/usr/local/lib/gnunet/libexec/gnunet-namestore-fcfsd {
+ #include <abstractions/gnunet-common>
+
+ #Librairies
+ /usr/lib/ld-*.so r,
+ /usr/lib/libffi.so.* mr,
+ /usr/lib/libgmp.so.* mr,
+ /usr/lib/libgnutls.so.* mr,
+ /usr/lib/libhogweed.so.* mr,
+ /usr/lib/libidn.so.* mr,
+ /usr/lib/libmicrohttpd.so.* mr,
+ /usr/lib/libnettle.so.* mr,
+ /usr/lib/libp11-kit.so.* mr,
+ /usr/lib/libpthread-*.so mr,
+ /usr/lib/libtasn1.so.* mr,
+
+ /usr/lib/locale/locale-archive r,
+
+ /usr/local/lib/gnunet/libexec/gnunet-namestore-fcfsd mr,
+
+ #Gnunet librairies
+ /usr/local/lib/libgnunetdnsparser.so.* mr,
+ /usr/local/lib/libgnunetgnsrecord.so.* mr,
+ /usr/local/lib/libgnunetidentity.so.* mr,
+ /usr/local/lib/libgnunetnamestore.so.* mr,
+ /usr/local/lib/libgnunetstatistics.so.* mr,
+}
Added: gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-arm
===================================================================
--- gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-arm
(rev 0)
+++ gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-arm
2015-07-28 14:56:33 UTC (rev 36137)
@@ -0,0 +1,109 @@
+# Last Modified: Thu Jul 9 10:27:23 2015
+
+#include <tunables/global>
+
+/usr/local/lib/gnunet/libexec/gnunet-service-arm {
+ #include <abstractions/gnunet-common>
+
+ /dev/null ra,
+
+ /tmp/gnunet-*-runtime/ rw,
+ /tmp/gnunet-*-runtime/gnunet-service-arm.sock rw,
+ /tmp/gnunet-*-runtime/gnunet-service-gns.sock rw,
+ /tmp/gnunet-*-runtime/gnunet-service-identity.unix rw,
+ /tmp/gnunet-*-runtime/gnunet-service-namestore.sock rw,
+
+ /tmp/gnunet-system-runtime/ rw,
+ /tmp/gnunet-system-runtime/gnunet-service-*.sock rw,
+ /tmp/gnunet-system-runtime/gnunet-service-nse.unix rw,
+ /tmp/gnunet-system-runtime/gnunet-service-revocation.unix rw,
+
+ /var/lib/gnunet/.local/share/gnunet/ r,
+ /var/lib/gnunet/.local/share/gnunet/revocation.dat r,
+ /var/lib/gnunet/.local/share/gnunet/peerstore/ a,
+ /var/lib/gnunet/.local/share/gnunet/peerstore/sqlite.db rwk,
+ /var/lib/gnunet/.local/share/gnunet/peerstore/sqlite.db-journal rw,
+ /var/lib/gnunet/.config/gnunet.conf r,
+
+ #Librairies
+ /usr/lib/ld-*.so r,
+ /usr/lib/libpthread-*.so mr,
+
+ /usr/lib/libsqlite3.so.* mr,
+
+ /usr/lib/locale/locale-archive r,
+
+ /usr/share/locale/locale-alias r,
+
+ /usr/local/lib/gnunet/libexec/gnunet-service-arm mr,
+
+ /usr/local/lib/gnunet/ r,
+
+ /usr/local/lib/gnunet/libexec/ r,
+
+ #Gnunet daemon
+ /usr/local/lib/gnunet/libexec/gnunet-daemon-exit Px,
+ /usr/local/lib/gnunet/libexec/gnunet-daemon-hostlist Px,
+ /usr/local/lib/gnunet/libexec/gnunet-daemon-latency-logger Px,
+ /usr/local/lib/gnunet/libexec/gnunet-daemon-testbed-underlay Px,
+ /usr/local/lib/gnunet/libexec/gnunet-daemon-topology Px,
+ /usr/local/lib/gnunet/libexec/gnunet-daemon-pt Px,
+
+ /usr/local/lib/gnunet/libexec/gnunet-dns2gns Px,
+
+ /usr/local/lib/gnunet/libexec/gnunet-gns-proxy Px,
+
+ /usr/local/lib/gnunet/libexec/gnunet-namestore-fcfsd Px,
+
+ #Gnunet service
+ /usr/local/lib/gnunet/libexec/gnunet-service-ats Px,
+ /usr/local/lib/gnunet/libexec/gnunet-service-cadet Px,
+ /usr/local/lib/gnunet/libexec/gnunet-service-core Px,
+ /usr/local/lib/gnunet/libexec/gnunet-service-conversation Px,
+ /usr/local/lib/gnunet/libexec/gnunet-service-datastore Px,
+ /usr/local/lib/gnunet/libexec/gnunet-service-dht Px,
+ /usr/local/lib/gnunet/libexec/gnunet-service-dns Px,
+ /usr/local/lib/gnunet/libexec/gnunet-service-fs Px,
+ /usr/local/lib/gnunet/libexec/gnunet-service-gns Px,
+ /usr/local/lib/gnunet/libexec/gnunet-service-identity Px,
+ /usr/local/lib/gnunet/libexec/gnunet-service-mesh Px,
+ /usr/local/lib/gnunet/libexec/gnunet-service-namecache Px,
+ /usr/local/lib/gnunet/libexec/gnunet-service-namestore Px,
+ /usr/local/lib/gnunet/libexec/gnunet-service-nse Px,
+ /usr/local/lib/gnunet/libexec/gnunet-service-peerinfo Px,
+ /usr/local/lib/gnunet/libexec/gnunet-service-peerstore Px,
+ /usr/local/lib/gnunet/libexec/gnunet-service-regex Px,
+ /usr/local/lib/gnunet/libexec/gnunet-service-resolver Px,
+ /usr/local/lib/gnunet/libexec/gnunet-service-revocation Px,
+ /usr/local/lib/gnunet/libexec/gnunet-service-set Px,
+ /usr/local/lib/gnunet/libexec/gnunet-service-scalarproduct-alice Px,
+ /usr/local/lib/gnunet/libexec/gnunet-service-scalarproduct-bob Px,
+ /usr/local/lib/gnunet/libexec/gnunet-service-statistics Px,
+ /usr/local/lib/gnunet/libexec/gnunet-service-template Px,
+ /usr/local/lib/gnunet/libexec/gnunet-service-testbed Px,
+ /usr/local/lib/gnunet/libexec/gnunet-service-testbed-logger Px,
+ /usr/local/lib/gnunet/libexec/gnunet-service-transport Px,
+ /usr/local/lib/gnunet/libexec/gnunet-service-vpn Px,
+
+ #Gnunet helper
+ /usr/local/lib/gnunet/libexec/gnunet-helper-dns r,
+
+ #Gnunet librairies
+ /usr/local/lib/libgnunetats.so.* mr,
+ /usr/local/lib/libgnunetcadet.so.* mr,
+ /usr/local/lib/libgnunetdht.so.* mr,
+ /usr/local/lib/libgnunetdnsstub.so.* mr,
+ /usr/local/lib/libgnunetgnsrecord.so.* r,
+ /usr/local/lib/libgnunethello.so.* mr,
+ /usr/local/lib/libgnunetnamecache.so.* r,
+ /usr/local/lib/libgnunetpeerstore.so.* mr,
+ /usr/local/lib/libgnunetregex.so.* mr,
+ /usr/local/lib/libgnunetset.so.* mr,
+ /usr/local/lib/libgnunetstatistics.so.* mr,
+ /usr/local/lib/libgnunettransport.so.* mr,
+ /usr/local/lib/libgnunettun.so.* mr,
+
+ #Gnunet plugin
+ /usr/local/lib/gnunet/libgnunet_plugin_peerstore_sqlite.la r,
+ /usr/local/lib/gnunet/libgnunet_plugin_peerstore_sqlite.so mr,
+}
Added: gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-ats
===================================================================
--- gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-ats
(rev 0)
+++ gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-ats
2015-07-28 14:56:33 UTC (rev 36137)
@@ -0,0 +1,19 @@
+# Last Modified: Wed Jul 8 10:49:34 2015
+#include <tunables/global>
+
+/usr/local/lib/gnunet/libexec/gnunet-service-ats {
+ #include <abstractions/gnunet-common>
+
+ /usr/local/lib/gnunet/libexec/gnunet-service-ats mr,
+
+ #Gnunet librairies
+ /usr/local/lib/libgnunethello.so.* mr,
+ /usr/local/lib/libgnunetstatistics.so.* mr,
+ /usr/local/lib/libgnunetats.so.* mr,
+
+ #Gnunet plugin
+ /usr/local/lib/gnunet/libgnunet_plugin_ats_proportional.la r,
+ /usr/local/lib/gnunet/libgnunet_plugin_ats_proportional.so mr,
+
+ /usr/lib/ld-*.so r,
+}
Added: gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-cadet
===================================================================
--- gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-cadet
(rev 0)
+++ gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-cadet
2015-07-28 14:56:33 UTC (rev 36137)
@@ -0,0 +1,21 @@
+# Last Modified: Mon Jul 27 11:09:34 2015
+#include <tunables/global>
+
+/usr/local/lib/gnunet/libexec/gnunet-service-cadet {
+ #include <abstractions/gnunet-common>
+
+ /usr/lib/ld-*.so r,
+ /usr/lib/libpthread-*.so mr,
+ /usr/lib/librt-*.so mr,
+ /usr/local/lib/gnunet/libexec/gnunet-service-cadet mr,
+ /usr/local/lib/libgnunetats.so.* mr,
+ /usr/local/lib/libgnunetblock.so.* mr,
+ /usr/local/lib/libgnunetcore.so.* mr,
+ /usr/local/lib/libgnunetdht.so.* mr,
+ /usr/local/lib/libgnunethello.so.* mr,
+ /usr/local/lib/libgnunetpeerinfo.so.* mr,
+ /usr/local/lib/libgnunetstatistics.so.* mr,
+ /usr/local/lib/libgnunettransport.so.* mr,
+ /var/lib/gnunet/.local/share/gnunet/private_key.ecc rk,
+
+}
Added:
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-conversation
===================================================================
---
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-conversation
(rev 0)
+++
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-conversation
2015-07-28 14:56:33 UTC (rev 36137)
@@ -0,0 +1,27 @@
+# Last Modified: Tue Jul 21 16:53:39 2015
+#include <tunables/global>
+
+/usr/local/lib/gnunet/libexec/gnunet-service-conversation {
+ #include <abstractions/gnunet-common>
+
+ #Librairies
+ /usr/lib/ld-*.so r,
+ /usr/lib/libidn.so.* mr,
+
+ /usr/local/lib/gnunet/libexec/gnunet-service-conversation mr,
+
+ #Gnunet librairies
+ /usr/local/lib/libgnunetcadet.so.* mr,
+ /usr/local/lib/libgnunetconversation.so.* mr,
+ /usr/local/lib/libgnunetdnsparser.so.* mr,
+ /usr/local/lib/libgnunetgns.so.* mr,
+ /usr/local/lib/libgnunetgnsrecord.so.* mr,
+ /usr/local/lib/libgnunetidentity.so.* mr,
+ /usr/local/lib/libgnunetmesh.so.* mr,
+ /usr/local/lib/libgnunetmicrophone.so.* mr,
+ /usr/local/lib/libgnunetnamestore.so.* mr,
+ /usr/local/lib/libgnunetspeaker.so.* mr,
+ /usr/local/lib/libgnunetstatistics.so.* mr,
+
+ /var/lib/gnunet/.local/share/gnunet/private_key.ecc rk,
+}
Added: gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-core
===================================================================
--- gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-core
(rev 0)
+++ gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-core
2015-07-28 14:56:33 UTC (rev 36137)
@@ -0,0 +1,19 @@
+# Last Modified: Thu Jul 9 10:16:30 2015
+
+#include <tunables/global>
+
+/usr/local/lib/gnunet/libexec/gnunet-service-core {
+ #include <abstractions/gnunet-common>
+
+ /var/lib/gnunet/.local/share/gnunet/private_key.ecc rk,
+
+ /usr/lib/ld-*.so r,
+
+ /usr/local/lib/gnunet/libexec/gnunet-service-core mr,
+
+ #Gnunet librairies
+ /usr/local/lib/libgnunetats.so.* mr,
+ /usr/local/lib/libgnunethello.so.* mr,
+ /usr/local/lib/libgnunetstatistics.so.* mr,
+ /usr/local/lib/libgnunettransport.so.* mr,
+}
Added:
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-datastore
===================================================================
---
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-datastore
(rev 0)
+++
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-datastore
2015-07-28 14:56:33 UTC (rev 36137)
@@ -0,0 +1,26 @@
+# Last Modified: Thu Jul 9 10:16:30 2015
+
+#include <tunables/global>
+
+/usr/local/lib/gnunet/libexec/gnunet-service-datastore {
+ #include <abstractions/gnunet-common>
+
+ /var/lib/gnunet/.local/share/gnunet/datastore/bloomfilter.sqlite rw,
+ /var/lib/gnunet/.local/share/gnunet/datastore/sqlite.db rwk,
+ /var/lib/gnunet/.local/share/gnunet/datastore/sqlite.db-journal rw,
+
+ #Librairies
+ /usr/lib/ld-*.so r,
+ /usr/lib/libpthread-*.so mr,
+ /usr/lib/libsqlite3.so.* mr,
+
+ /usr/local/lib/gnunet/libexec/gnunet-service-datastore mr,
+
+ #Gnunet plugin
+ /usr/local/lib/gnunet/libgnunet_plugin_datastore_sqlite.la r,
+ /usr/local/lib/gnunet/libgnunet_plugin_datastore_sqlite.so mr,
+
+ #Gnunet Librairies
+ /usr/local/lib/libgnunetstatistics.so.* mr,
+ /usr/local/lib/libgnunetutil.so.* mr,
+}
Added: gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-dht
===================================================================
--- gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-dht
(rev 0)
+++ gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-dht
2015-07-28 14:56:33 UTC (rev 36137)
@@ -0,0 +1,56 @@
+# Last Modified: Fri Jul 3 17:37:39 2015
+#include <tunables/global>
+
+/usr/local/lib/gnunet/libexec/gnunet-service-dht {
+ #include <abstractions/gnunet-common>
+
+ /usr/local/lib/gnunet/libexec/gnunet-service-dht mr,
+
+ #Gnunet librairies
+ /usr/local/lib/libgnunetstatistics.so.* mr,
+ /usr/local/lib/libgnunetcore.so.* mr,
+ /usr/local/lib/libgnunetnse.so.* mr,
+ /usr/local/lib/libgnunetats.so.* mr,
+ /usr/local/lib/libgnunettransport.so.* mr,
+ /usr/local/lib/libgnunetpeerinfo.so.* mr,
+ /usr/local/lib/libgnunethello.so.* mr,
+ /usr/local/lib/libgnunetblock.so.* mr,
+ /usr/local/lib/libgnunetdatacache.so.* mr,
+ /usr/local/lib/libgnunetfs.so.* mr,
+ /usr/local/lib/libgnunetdatastore.so.* mr,
+ /usr/local/lib/libgnunetregexblock.so.* mr,
+ /usr/local/lib/libgnunetgnsrecord.so.* mr,
+ /usr/local/lib/libgnunetdnsparser.so.* mr,
+
+ #Gnunet plugin
+ /usr/local/lib/gnunet/ r,
+ /usr/local/lib/gnunet/libgnunet_plugin_block_template.la r,
+ /usr/local/lib/gnunet/libgnunet_plugin_block_template.so mr,
+ /usr/local/lib/gnunet/libgnunet_plugin_block_dns.la r,
+ /usr/local/lib/gnunet/libgnunet_plugin_block_dns.so mr,
+ /usr/local/lib/gnunet/libgnunet_plugin_block_fs.la r,
+ /usr/local/lib/gnunet/libgnunet_plugin_block_fs.so mr,
+ /usr/local/lib/gnunet/libgnunet_plugin_block_regex.la r,
+ /usr/local/lib/gnunet/libgnunet_plugin_block_regex.so mr,
+ /usr/local/lib/gnunet/libgnunet_plugin_block_dht.la r,
+ /usr/local/lib/gnunet/libgnunet_plugin_block_dht.so mr,
+ /usr/local/lib/gnunet/libgnunet_plugin_block_dht.so mr,
+ /usr/local/lib/gnunet/libgnunet_plugin_block_test.la r,
+ /usr/local/lib/gnunet/libgnunet_plugin_block_test.so mr,
+ /usr/local/lib/gnunet/libgnunet_plugin_block_gns.la r,
+ /usr/local/lib/gnunet/libgnunet_plugin_block_gns.so mr,
+ /usr/local/lib/gnunet/libgnunet_plugin_datacache_heap.la r,
+ /usr/local/lib/gnunet/libgnunet_plugin_datacache_heap.so mr,
+
+ #Librairies
+ /usr/lib/ld-*.so r,
+ /usr/lib/libextractor.so.* mr,
+ /usr/lib/libbz2.so.* mr,
+ /usr/lib/librt-*.so mr,
+ /usr/lib/libpthread-*.so mr,
+ /usr/lib/libidn.so.* mr,
+
+ /tmp/gnunet-system-runtime/gnunet-service-dht.sock w,
+
+ /tmp/gnunet-datacachebloom* rw,
+}
Added: gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-dns
===================================================================
--- gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-dns
(rev 0)
+++ gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-dns
2015-07-28 14:56:33 UTC (rev 36137)
@@ -0,0 +1,19 @@
+# Last Modified: Mon Jul 27 15:18:30 2015
+#include <tunables/global>
+
+/usr/local/lib/gnunet/libexec/gnunet-service-dns {
+ #include <abstractions/gnunet-common>
+
+ capability setgid,
+
+ /usr/lib/ld-*.so r,
+
+ /usr/local/lib/gnunet/libexec/gnunet-helper-dns Px,
+
+ /usr/local/lib/gnunet/libexec/gnunet-service-dns mr,
+
+ #Gnunet librairies
+ /usr/local/lib/libgnunetdnsstub.so.* mr,
+ /usr/local/lib/libgnunetstatistics.so.* mr,
+ /usr/local/lib/libgnunettun.so.* mr,
+}
Added: gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-fs
===================================================================
--- gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-fs
(rev 0)
+++ gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-fs
2015-07-28 14:56:33 UTC (rev 36137)
@@ -0,0 +1,59 @@
+# Last Modified: Wed Jul 8 10:52:48 2015
+
+#include <tunables/global>
+
+/usr/local/lib/gnunet/libexec/gnunet-service-fs {
+ #include <abstractions/gnunet-common>
+
+ /etc/gnunet.conf r,
+ @{HOME}/.config/gnunet.conf r,
+
+ /tmp/gnunet-system-runtime/gnunet-service-fs.sock w,
+
+ /var/lib/gnunet/.local/share/gnunet/private_key.ecc rk,
+
+ owner @{HOME}/.local/share/gnunet/fs/idxinfo.lst r,
+
+ #Librairies
+ /usr/lib/ld-*.so r,
+ /usr/lib/libbz2.so.* mr,
+ /usr/lib/libextractor.so.* mr,
+ /usr/lib/libidn.so.* mr,
+ /usr/lib/libpthread-*.so mr,
+ /usr/lib/librt-*.so mr,
+
+ /usr/local/lib/gnunet/libexec/gnunet-service-fs mr,
+
+ #Gnunet plugin
+ /usr/local/lib/gnunet/ r,
+ /usr/local/lib/gnunet/libgnunet_plugin_block_dht.la r,
+ /usr/local/lib/gnunet/libgnunet_plugin_block_dht.so mr,
+ /usr/local/lib/gnunet/libgnunet_plugin_block_dns.la r,
+ /usr/local/lib/gnunet/libgnunet_plugin_block_dns.so mr,
+ /usr/local/lib/gnunet/libgnunet_plugin_block_fs.la r,
+ /usr/local/lib/gnunet/libgnunet_plugin_block_fs.so mr,
+ /usr/local/lib/gnunet/libgnunet_plugin_block_gns.la r,
+ /usr/local/lib/gnunet/libgnunet_plugin_block_gns.so mr,
+ /usr/local/lib/gnunet/libgnunet_plugin_block_regex.la r,
+ /usr/local/lib/gnunet/libgnunet_plugin_block_regex.so mr,
+ /usr/local/lib/gnunet/libgnunet_plugin_block_template.la r,
+ /usr/local/lib/gnunet/libgnunet_plugin_block_template.so mr,
+ /usr/local/lib/gnunet/libgnunet_plugin_block_test.la r,
+ /usr/local/lib/gnunet/libgnunet_plugin_block_test.so mr,
+
+ #Gnunet librairies
+ /usr/local/lib/libgnunetats.so.* mr,
+ /usr/local/lib/libgnunetblock.so.* mr,
+ /usr/local/lib/libgnunetcadet.so.* mr,
+ /usr/local/lib/libgnunetcore.so.* mr,
+ /usr/local/lib/libgnunetdatastore.so.* mr,
+ /usr/local/lib/libgnunetdht.so.* mr,
+ /usr/local/lib/libgnunetdnsparser.so.* mr,
+ /usr/local/lib/libgnunetfs.so.* mr,
+ /usr/local/lib/libgnunetgnsrecord.so.* mr,
+ /usr/local/lib/libgnunethello.so.* mr,
+ /usr/local/lib/libgnunetmesh.so.* mr,
+ /usr/local/lib/libgnunetpeerstore.so.* mr,
+ /usr/local/lib/libgnunetregexblock.so.* mr,
+ /usr/local/lib/libgnunetstatistics.so.* mr,
+}
Added: gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-gns
===================================================================
--- gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-gns
(rev 0)
+++ gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-gns
2015-07-28 14:56:33 UTC (rev 36137)
@@ -0,0 +1,29 @@
+# Last Modified: Wed Jul 8 15:17:46 2015
+
+#include <tunables/global>
+
+/usr/local/lib/gnunet/libexec/gnunet-service-gns {
+ #include <abstractions/gnunet-common>
+
+ @{HOME}/.config/gnunet.conf r,
+
+ #Librairies
+ /usr/lib/ld-2.21.so r,
+ /usr/lib/libidn.so.* mr,
+
+ /usr/local/lib/gnunet/libexec/gnunet-service-gns mr,
+
+ #Gnunet librairies
+ /usr/local/lib/libgnunetdht.so.* mr,
+ /usr/local/lib/libgnunetdns.so.* mr,
+ /usr/local/lib/libgnunetdnsparser.so.* mr,
+ /usr/local/lib/libgnunetdnsstub.so.* mr,
+ /usr/local/lib/libgnunetgnsrecord.so.* mr,
+ /usr/local/lib/libgnunetidentity.so.* mr,
+ /usr/local/lib/libgnunetnamecache.so.* mr,
+ /usr/local/lib/libgnunetnamestore.so.* mr,
+ /usr/local/lib/libgnunetrevocation.so.* mr,
+ /usr/local/lib/libgnunetstatistics.so.* mr,
+ /usr/local/lib/libgnunettun.so.* mr,
+ /usr/local/lib/libgnunetvpn.so.* mr,
+}
Added:
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-identity
===================================================================
---
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-identity
(rev 0)
+++
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-identity
2015-07-28 14:56:33 UTC (rev 36137)
@@ -0,0 +1,24 @@
+# Last Modified: Tue Jul 21 11:51:29 2015
+#include <tunables/global>
+
+/usr/local/lib/gnunet/libexec/gnunet-service-identity {
+ #include <abstractions/gnunet-common>
+
+ /tmp/gnunet-*-runtime/ a,
+
+ /usr/lib/ld-*.so r,
+
+ /var/lib/gnunet/.local/share/gnunet/identity/ a,
+ /var/lib/gnunet/.local/share/gnunet/identity/egos/ ra,
+
+ /usr/local/lib/gnunet/libexec/gnunet-service-identity mr,
+ /usr/local/lib/libgnunetstatistics.so.* mr,
+
+ @{HOME}/.config/gnunet/identity/subsystem_defaults.conf rw,
+
+ @{HOME}/.local/share/gnunet/identity/egos/ r,
+ @{HOME}/.local/share/gnunet/identity/egos/master-zone rk,
+ @{HOME}/.local/share/gnunet/identity/egos/private-zone rk,
+ @{HOME}/.local/share/gnunet/identity/egos/short-zone rk,
+ @{HOME}/.local/share/gnunet/identity/egos/sks-zone rk,
+}
Added: gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-mesh
===================================================================
--- gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-mesh
(rev 0)
+++ gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-mesh
2015-07-28 14:56:33 UTC (rev 36137)
@@ -0,0 +1,29 @@
+# Last Modified: Fri Jul 3 17:37:56 2015
+#include <tunables/global>
+
+/usr/local/lib/gnunet/libexec/gnunet-service-mesh {
+ #include <abstractions/gnunet-common>
+
+ /usr/local/lib/gnunet/libexec/gnunet-service-mesh mr,
+
+ #Gnunet librairies
+ /usr/local/lib/libgnunetats.so.* mr,
+ /usr/local/lib/libgnunettransport.so.* mr,
+ /usr/local/lib/libgnunetcore.so.* mr,
+ /usr/local/lib/libgnunetdht.so.* mr,
+ /usr/local/lib/libgnunetstatistics.so.* mr,
+ /usr/local/lib/libgnunetpeerinfo.so.* mr,
+ /usr/local/lib/libgnunethello.so.* mr,
+ /usr/local/lib/libgnunetblock.so.* mr,
+
+ #Librairies
+ /usr/lib/librt-*.so mr,
+ /usr/lib/libpthread-*.so mr,
+ /usr/lib/ld-*.so r,
+
+ @{HOME}/.local/share/gnunet/private_key.ecc rk,
+
+ /tmp/gnunet-system-runtime/gnunet-service-mesh.sock w,
+
+ /var/lib/gnunet/.local/share/gnunet/private_key.ecc rwk,
+}
Added:
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-namecache
===================================================================
---
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-namecache
(rev 0)
+++
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-namecache
2015-07-28 14:56:33 UTC (rev 36137)
@@ -0,0 +1,29 @@
+# Last Modified: Thu Jul 9 10:01:49 2015
+#include <tunables/global>
+
+/usr/local/lib/gnunet/libexec/gnunet-service-namecache {
+ #include <abstractions/gnunet-common>
+
+ /usr/local/lib/gnunet/libexec/gnunet-service-namecache mr,
+
+ #Gnunet librairies
+ /usr/local/lib/libgnunetdnsparser.so.* mr,
+ /usr/local/lib/libgnunetnamecache.so.* mr,
+ /usr/local/lib/libgnunetstatistics.so.* mr,
+ /usr/local/lib/libgnunetgnsrecord.so.* mr,
+
+ #Gnunet plugin
+ /usr/local/lib/gnunet/libgnunet_plugin_namecache_sqlite.la r,
+ /usr/local/lib/gnunet/libgnunet_plugin_namecache_sqlite.so mr,
+
+ /var/lib/gnunet/.local/share/gnunet/namecache/ r,
+ /var/lib/gnunet/.local/share/gnunet/namecache/sqlite.db rwk,
+ /var/lib/gnunet/.local/share/gnunet/namecache/sqlite.db-journal rw,
+
+ #Librairies
+ /usr/lib/libpthread-*.so mr,
+ /usr/lib/libsqlite3.so.* mr,
+ /usr/lib/libidn.so.* mr,
+ /usr/lib/ld-*.so r,
+}
+
Added:
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-namestore
===================================================================
---
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-namestore
(rev 0)
+++
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-namestore
2015-07-28 14:56:33 UTC (rev 36137)
@@ -0,0 +1,35 @@
+# Last Modified: Tue Jul 7 10:43:41 2015
+#include <tunables/global>
+
+/usr/local/lib/gnunet/libexec/gnunet-service-namestore {
+ #include <abstractions/gnunet-common>
+
+ /usr/local/lib/gnunet/libexec/gnunet-service-namestore mr,
+
+ #Gnunet librairies
+ /usr/local/lib/libgnunetnamecache.so.* mr,
+ /usr/local/lib/libgnunetgnsrecord.so.* mr,
+ /usr/local/lib/libgnunetstatistics.so.* mr,
+ /usr/local/lib/libgnunetnamestore.so.* mr,
+ /usr/local/lib/libgnunetdnsparser.so.* mr,
+
+ #Gnunet plugin
+ /usr/local/lib/gnunet/libgnunet_plugin_namestore_sqlite.la r,
+ /usr/local/lib/gnunet/libgnunet_plugin_namestore_sqlite.so mr,
+
+ #Librairies
+ /usr/lib/libidn.so.* mr,
+ /usr/lib/ld-*.so r,
+ /usr/lib/libsqlite3.so.* mr,
+ /usr/lib/libpthread-*.so mr,
+
+ /var/lib/gnunet/.local/share/gnunet/namestore/ ra,
+ /var/lib/gnunet/.local/share/gnunet/namestore/sqlite.db rwk,
+ /var/lib/gnunet/.local/share/gnunet/namestore/sqlite.db-journal rw,
+
+ @{HOME}/.local/share/gnunet/namestore/ r,
+ @{HOME}/.local/share/gnunet/namestore/sqlite.db rwk,
+ @{HOME}/.local/share/gnunet/namestore/sqlite.db-journal rw,
+
+ /tmp/gnunet-*-runtime/ a,
+}
Added: gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-nse
===================================================================
--- gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-nse
(rev 0)
+++ gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-nse
2015-07-28 14:56:33 UTC (rev 36137)
@@ -0,0 +1,23 @@
+# Last Modified: Fri Jul 3 17:37:49 2015
+#include <tunables/global>
+
+/usr/local/lib/gnunet/libexec/gnunet-service-nse {
+ #include <abstractions/gnunet-common>
+
+ /usr/local/lib/gnunet/libexec/gnunet-service-nse mr,
+
+ #Gnunet librairies
+ /usr/local/lib/libgnunetnse.so.* mr,
+ /usr/local/lib/libgnunetcore.so.* mr,
+ /usr/local/lib/libgnunetstatistics.so.* mr,
+
+ /usr/lib/ld-*.so mr,
+
+ /tmp/gnunet-system-runtime/gnunet-service-nse.unix w,
+
+ @{HOME}/.local/share/gnunet/private_key.ecc rk,
+ owner @{HOME}/.local/share/gnunet/nse/proof.dat rw,
+
+ /var/lib/gnunet/.local/share/gnunet/private_key.ecc rwk,
+ /var/lib/gnunet/.local/share/gnunet/nse/proof.dat rw,
+}
Added:
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-peerinfo
===================================================================
---
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-peerinfo
(rev 0)
+++
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-peerinfo
2015-07-28 14:56:33 UTC (rev 36137)
@@ -0,0 +1,20 @@
+# Last Modified: Wed Jul 8 17:03:17 2015
+
+#include <tunables/global>
+
+/usr/local/lib/gnunet/libexec/gnunet-service-peerinfo {
+ #include <abstractions/gnunet-common>
+
+ /usr/local/share/gnunet/hellos/ r,
+ /usr/local/share/gnunet/hellos/* r,
+
+ /var/lib/gnunet/.local/share/gnunet/peerinfo/hosts/ r,
+ /var/lib/gnunet/.local/share/gnunet/peerinfo/hosts/* rw,
+
+ /usr/lib/ld-*.so r,
+
+ /usr/local/lib/gnunet/libexec/gnunet-service-peerinfo mr,
+
+ /usr/local/lib/libgnunethello.so.* mr,
+ /usr/local/lib/libgnunetstatistics.so.* mr,
+}
Added:
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-peerstore
===================================================================
---
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-peerstore
(rev 0)
+++
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-peerstore
2015-07-28 14:56:33 UTC (rev 36137)
@@ -0,0 +1,23 @@
+# Last Modified: Mon Jul 27 11:06:13 2015
+#include <tunables/global>
+
+/usr/local/lib/gnunet/libexec/gnunet-service-peerstore {
+ #include <abstractions/gnunet-common>
+
+ #Librairies
+ /usr/lib/ld-*.so r,
+ /usr/lib/libpthread-*.so mr,
+ /usr/lib/libsqlite3.so.* mr,
+
+ /usr/local/lib/gnunet/libexec/gnunet-service-peerstore mr,
+
+ #Gnunet Plugin
+ /usr/local/lib/gnunet/libgnunet_plugin_peerstore_sqlite.la r,
+ /usr/local/lib/gnunet/libgnunet_plugin_peerstore_sqlite.so mr,
+
+ #Gnunet librairies
+ /usr/local/lib/libgnunetpeerstore.so.* mr,
+
+ /var/lib/gnunet/.local/share/gnunet/peerstore/sqlite.db rwk,
+ /var/lib/gnunet/.local/share/gnunet/peerstore/sqlite.db-journal rw,
+}
Added: gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-regex
===================================================================
--- gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-regex
(rev 0)
+++ gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-regex
2015-07-28 14:56:33 UTC (rev 36137)
@@ -0,0 +1,17 @@
+# Last Modified: Tue Jul 21 16:59:39 2015
+#include <tunables/global>
+
+/usr/local/lib/gnunet/libexec/gnunet-service-regex {
+ #include <abstractions/gnunet-common>
+
+ /usr/lib/ld-*.so r,
+
+ /usr/local/lib/gnunet/libexec/gnunet-service-regex mr,
+
+ #Gnunet librairies
+ /usr/local/lib/libgnunetdht.so.* mr,
+ /usr/local/lib/libgnunetregexblock.so.* mr,
+ /usr/local/lib/libgnunetstatistics.so.* mr,
+
+ /var/lib/gnunet/.local/share/gnunet/private_key.ecc rk,
+}
Added:
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-resolver
===================================================================
---
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-resolver
(rev 0)
+++
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-resolver
2015-07-28 14:56:33 UTC (rev 36137)
@@ -0,0 +1,32 @@
+# Last Modified: Thu Jul 9 10:01:36 2015
+#include <tunables/global>
+
+/usr/local/lib/gnunet/libexec/gnunet-service-resolver {
+ #include <abstractions/gnunet-common>
+
+ /usr/local/lib/gnunet/libexec/gnunet-service-resolver mr,
+
+ #Librairies
+ /usr/lib/ld-*.so r,
+ /usr/lib/libnss_files-*.so mr,
+ /usr/lib/libnss_gns.so.* mr,
+ /usr/lib/libnss_dns-*.so mr,
+ /usr/lib/libresolv-*.so mr,
+ /usr/lib/libnss_myhostname.so.* mr,
+ /usr/lib/librt-*.so mr,
+ /usr/lib/liblzma.so.* mr,
+ /usr/lib/liblz4.so.* mr,
+ /usr/lib/libacl.so.* mr,
+ /usr/lib/libidn.so.* mr,
+ /usr/lib/libseccomp.so.* mr,
+ /usr/lib/libcap.so.* mr,
+ /usr/lib/libpthread-*.so mr,
+ /usr/lib/libattr.so.* mr,
+
+ /etc/nsswitch.conf r,
+ /etc/resolv.conf r,
+ /etc/host.conf r,
+ /etc/hosts r,
+
+ /tmp/gnunet-system-runtime/gnunet-service-resolver.sock w,
+}
Added:
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-revocation
===================================================================
---
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-revocation
(rev 0)
+++
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-revocation
2015-07-28 14:56:33 UTC (rev 36137)
@@ -0,0 +1,26 @@
+# Last Modified: Thu Jul 9 10:16:30 2015
+
+#include <tunables/global>
+
+/usr/local/lib/gnunet/libexec/gnunet-service-revocation {
+ #include <abstractions/gnunet-common>
+
+ /etc/gnunet.conf r,
+ @{HOME}/.config/gnunet.conf r,
+
+ /tmp/gnunet-system-runtime/gnunet-service-revocation.unix w,
+
+ /var/lib/gnunet/.local/share/gnunet/revocation.dat rw,
+
+ @{HOME}/.local/share/gnunet/revocation.dat rw,
+
+ /usr/lib/ld-*.so r,
+
+ /usr/local/lib/gnunet/libexec/gnunet-service-revocation mr,
+
+ #Gnunet librairies
+ /usr/local/lib/libgnunetcore.so.* mr,
+ /usr/local/lib/libgnunetrevocation.so.* mr,
+ /usr/local/lib/libgnunetset.so.* mr,
+ /usr/local/lib/libgnunetstatistics.so.* mr,
+}
Added:
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-scalarproduct-alice
===================================================================
---
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-scalarproduct-alice
(rev 0)
+++
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-scalarproduct-alice
2015-07-28 14:56:33 UTC (rev 36137)
@@ -0,0 +1,12 @@
+# Last Modified: Mon Jul 27 15:48:05 2015
+#include <tunables/global>
+
+/usr/local/lib/gnunet/libexec/gnunet-service-scalarproduct-alice {
+ #include <abstractions/gnunet-common>
+
+ /usr/lib/ld-*.so r,
+ /usr/local/lib/gnunet/libexec/gnunet-service-scalarproduct-alice mr,
+ /usr/local/lib/libgnunetcadet.so.* mr,
+ /usr/local/lib/libgnunetset.so.* mr,
+
+}
Added:
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-scalarproduct-bob
===================================================================
---
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-scalarproduct-bob
(rev 0)
+++
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-scalarproduct-bob
2015-07-28 14:56:33 UTC (rev 36137)
@@ -0,0 +1,11 @@
+# Last Modified: Mon Jul 27 15:48:05 2015
+#include <tunables/global>
+
+/usr/local/lib/gnunet/libexec/gnunet-service-scalarproduct-bob {
+ #include <abstractions/gnunet-common>
+
+ /usr/lib/ld-*.so r,
+ /usr/local/lib/gnunet/libexec/gnunet-service-scalarproduct-bob mr,
+ /usr/local/lib/libgnunetcadet.so.* mr,
+ /usr/local/lib/libgnunetset.so.* mr,
+}
Added: gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-set
===================================================================
--- gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-set
(rev 0)
+++ gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-set
2015-07-28 14:56:33 UTC (rev 36137)
@@ -0,0 +1,17 @@
+# Last Modified: Wed Jul 8 10:52:48 2015
+#include <tunables/global>
+
+/usr/local/lib/gnunet/libexec/gnunet-service-set {
+ #include <abstractions/gnunet-common>
+
+ /usr/local/lib/gnunet/libexec/gnunet-service-set mr,
+
+ #Gnunet librairies
+ /usr/local/lib/libgnunetcadet.so.* mr,
+ /usr/local/lib/libgnunetcore.so.* mr,
+ /usr/local/lib/libgnunetmesh.so.* mr,
+ /usr/local/lib/libgnunetblock.so.* mr,
+
+ #Librairies
+ /usr/lib/ld-*.so r,
+}
Added:
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-statistics
===================================================================
---
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-statistics
(rev 0)
+++
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-statistics
2015-07-28 14:56:33 UTC (rev 36137)
@@ -0,0 +1,15 @@
+# Last Modified: Thu Jul 9 10:16:30 2015
+
+#include <tunables/global>
+
+/usr/local/lib/gnunet/libexec/gnunet-service-statistics {
+ #include <abstractions/gnunet-common>
+
+ /var/lib/gnunet/.local/share/gnunet/statistics.dat rw,
+
+ /usr/lib/ld-*.so r,
+
+ /usr/local/lib/gnunet/libexec/gnunet-service-statistics mr,
+
+ /usr/local/lib/libgnunetstatistics.so.* mr,
+}
Added:
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-template
===================================================================
---
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-template
(rev 0)
+++
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-template
2015-07-28 14:56:33 UTC (rev 36137)
@@ -0,0 +1,15 @@
+# Last Modified: Tue Jul 21 16:06:04 2015
+#include <tunables/global>
+
+/usr/local/lib/gnunet/libexec/gnunet-service-template {
+ #include <abstractions/gnunet-common>
+
+ /tmp/gnunet-system-runtime/ w,
+ /tmp/gnunet-system-runtime/gnunet-service-template.sock w,
+
+ #Librairies
+ /usr/lib/ld-*.so r,
+
+ #Gnunet Librairies
+ /usr/local/lib/gnunet/libexec/gnunet-service-template mr,
+}
Added:
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-testbed
===================================================================
--- gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-testbed
(rev 0)
+++ gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-testbed
2015-07-28 14:56:33 UTC (rev 36137)
@@ -0,0 +1,35 @@
+# Last Modified: Mon Jul 27 11:02:46 2015
+#include <tunables/global>
+
+/usr/local/lib/gnunet/libexec/gnunet-service-testbed flags=(complain) {
+ #include <abstractions/gnunet-common>
+
+ /etc/gai.conf r,
+
+ /tmp/gnunet-system-runtime/ w,
+ /tmp/gnunet-system-runtime/gnunet-service-testbed-barrier.sock w,
+ /tmp/gnunet-system-runtime/gnunet-service-testbed.sock w,
+
+ /usr/lib/ld-*.so r,
+
+ /dev/null r,
+
+ /usr/local/lib/gnunet/libexec/gnunet-* r,
+
+ /usr/local/lib/gnunet/libexec/ r,
+ /usr/local/lib/gnunet/libexec/gnunet-service-arm Px,
+ /usr/local/lib/gnunet/libexec/gnunet-service-testbed mr,
+
+ #Gnunet librairies
+ /usr/local/lib/libgnunetarm.so.* mr,
+ /usr/local/lib/libgnunetats.so.* mr,
+ /usr/local/lib/libgnunetcore.so.* mr,
+ /usr/local/lib/libgnunethello.so.* mr,
+ /usr/local/lib/libgnunetstatistics.so.* mr,
+ /usr/local/lib/libgnunettestbed.so.* mr,
+ /usr/local/lib/libgnunettesting.so.* mr,
+ /usr/local/lib/libgnunettransport.so.* mr,
+
+ /usr/local/share/gnunet/testing_hostkeys.ecc r,
+
+}
Added:
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-testbed-logger
===================================================================
---
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-testbed-logger
(rev 0)
+++
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-testbed-logger
2015-07-28 14:56:33 UTC (rev 36137)
@@ -0,0 +1,16 @@
+# Last Modified: Tue Jul 21 17:19:18 2015
+#include <tunables/global>
+
+/usr/local/lib/gnunet/libexec/gnunet-service-testbed-logger {
+ #include <abstractions/gnunet-common>
+
+ #???
+ /tmp/archlinux_*.dat w,
+
+ /tmp/gnunet-system-runtime/ w,
+ /tmp/gnunet-system-runtime/gnunet-gnunet-testbed-logger.sock w,
+
+ /usr/lib/ld-*.so r,
+
+ /usr/local/lib/gnunet/libexec/gnunet-service-testbed-logger mr,
+}
Added:
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-transport
===================================================================
---
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-transport
(rev 0)
+++
gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-transport
2015-07-28 14:56:33 UTC (rev 36137)
@@ -0,0 +1,28 @@
+# Last Modified: Thu Jul 9 10:16:30 2015
+
+#include <tunables/global>
+
+/usr/local/lib/gnunet/libexec/gnunet-service-transport {
+ #include <abstractions/gnunet-common>
+
+ /var/lib/gnunet/.local/share/gnunet/private_key.ecc rk,
+
+ /usr/lib/ld-*.so r,
+
+ /usr/local/lib/gnunet/libexec/gnunet-service-transport mr,
+
+ #Gnunet plugin
+ /usr/local/lib/gnunet/libgnunet_plugin_transport_tcp.la r,
+ /usr/local/lib/gnunet/libgnunet_plugin_transport_tcp.so mr,
+ /usr/local/lib/gnunet/libgnunet_plugin_transport_udp.la r,
+ /usr/local/lib/gnunet/libgnunet_plugin_transport_udp.so mr,
+
+ #Gnunet librairies
+ /usr/local/lib/libgnunetats.so.* mr,
+ /usr/local/lib/libgnunetfragmentation.so.* mr,
+ /usr/local/lib/libgnunethello.so.* mr,
+ /usr/local/lib/libgnunetnat.so.* mr,
+ /usr/local/lib/libgnunetpeerinfo.so.* mr,
+ /usr/local/lib/libgnunetstatistics.so.* mr,
+ /usr/local/lib/libgnunettransport.so.* mr,
+}
Added: gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-vpn
===================================================================
--- gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-vpn
(rev 0)
+++ gnunet/contrib/apparmor/usr.local.lib.gnunet.libexec.gnunet-service-vpn
2015-07-28 14:56:33 UTC (rev 36137)
@@ -0,0 +1,26 @@
+# Last Modified: Mon Jul 20 11:20:57 2015
+#include <tunables/global>
+
+/usr/local/lib/gnunet/libexec/gnunet-service-vpn {
+ #include <abstractions/gnunet-common>
+
+ capability setuid,
+ capability net_admin,
+
+ /dev/net/tun rw,
+
+ /usr/local/lib/gnunet/libexec/gnunet-service-vpn mr,
+
+ #Librairies
+ /usr/lib/ld-*.so r,
+
+ #Gnunet helper
+ /usr/local/lib/gnunet/libexec/gnunet-helper-vpn Px,
+
+ #Gnunet librairies
+ /usr/local/lib/libgnunetcadet.so.* mr,
+ /usr/local/lib/libgnunetmesh.so.* mr,
+ /usr/local/lib/libgnunetregex.so.* mr,
+ /usr/local/lib/libgnunetstatistics.so.* mr,
+ /usr/local/lib/libgnunettun.so.* mr,
+}
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [GNUnet-SVN] r36137 - gnunet/contrib/apparmor,
gnunet <=