[apparmor] Man profile
Jeremy
keet at slightlyorganized.us
Sat Nov 8 16:11:33 UTC 2014
Hello,
I could not run sys-apps/man-1.6g after enabling the AppArmor profile
that came with sec-policy/apparmor-profiles-2.8.4 (for Gentoo Linux). I
made this profile that lets me run it.
-------------------------------------------------------------
# Last Modified: Sat Nov 8 10:22:10 2014
#include <tunables/global>
/usr/bin/man {
#include <abstractions/base>
@{HOME}/.lesshst r,
/bin/bash ix,
/bin/bzip2 rix,
/dev/pts/[0-9]* rw,
/dev/tty rw,
/etc/man.conf r,
/etc/terminfo/x/xterm r,
/usr/bin/groff rix,
/usr/bin/grotty rix,
/usr/bin/locale rix,
/usr/bin/less rix,
/usr/bin/locale rix,
/usr/bin/man mr,
/usr/bin/nroff rix,
/usr/bin/tbl rix,
/usr/bin/troff rix,
/usr/local/share/man/** r,
/usr/share/binutils-data/x86_64-pc-linux-gnu/2.23.2/man/** r,
/usr/share/gcc-data/x86_64-pc-linux-gnu/4.8.3/man/** r,
/usr/share/groff/1.22.2/font/devutf8/** r,
/usr/share/groff/site-tmac/** r,
/usr/share/groff/1.22.2/tmac/** r,
/usr/share/man/** r,
}
-------------------------------------------------------------
This is my first time making an AppArmor profile, so please tell me if I
should have done it differently.
-Jeremy
More information about the AppArmor
mailing list