commit: bb320fd495d22de3ac543fe2b95352fab2910616
parent 878c280a6c03b22b47b008dcd1d0e0c67a4b380b
Author: Haelwenn (lanodan) Monnier <contact@hacktivis.me>
Date: Mon, 14 Aug 2023 22:23:03 +0200
usr.sbin.mtr*: Update for split with mtr-packet executable
Diffstat:
2 files changed, 26 insertions(+), 8 deletions(-)
diff --git a/usr.sbin.mtr b/usr.sbin.mtr
@@ -1,15 +1,17 @@
-# Copyright 2020 Haelwenn (lanodan) Monnier <contact+apparmor.d@hacktivis.me>
+# Copyright 2020-2023 Haelwenn (lanodan) Monnier <contact+apparmor.d@hacktivis.me>
# Distributed under the terms of the GNU General Public License v2
-#include <tunables/global>
+abi <abi/3.0>,
+
+include <tunables/global>
profile /usr/sbin/mtr {
- #include <abstractions/base>
- #include <abstractions/nameservice>
+ include <abstractions/base>
+ include <abstractions/nameservice>
+ include <abstractions/consoles>
- capability net_raw,
- network inet raw,
- network inet6 raw,
+ /usr/sbin/mtr rm,
+ /usr/sbin/mtr-packet rpx,
- /etc/terminfo/** r,
+ signal send set=term peer=/usr/sbin/mtr-packet,
}
diff --git a/usr.sbin.mtr-packet b/usr.sbin.mtr-packet
@@ -0,0 +1,16 @@
+# Copyright 2023 Haelwenn (lanodan) Monnier <contact+apparmor.d@hacktivis.me>
+# Distributed under the terms of the GNU General Public License v2
+
+#include <tunables/global>
+
+profile /usr/sbin/mtr-packet {
+ include <abstractions/base>
+
+ /usr/sbin/mtr-packet rm,
+
+ capability net_raw,
+ network inet raw,
+ network inet6 raw,
+
+ signal receive set=term peer=/usr/sbin/mtr,
+}
