commit: f83e334bae9a2a0d6922c8617df630c801ab85bb
parent c71c3c31bfbfe5ae82212d80f51ce240dcce3650
Author: Haelwenn (lanodan) Monnier <contact@hacktivis.me>
Date: Mon, 19 Oct 2020 10:34:10 +0200
sbin.dhcpcd: Initial profile
Diffstat:
1 file changed, 31 insertions(+), 0 deletions(-)
diff --git a/sbin.dhcpcd b/sbin.dhcpcd
@@ -0,0 +1,31 @@
+# Last Modified: Mon Oct 19 08:29:42 2020
+#include <tunables/global>
+
+/sbin/dhcpcd flags=(complain) {
+ #include <abstractions/base>
+ #include <abstractions/consoles>
+ #include <abstractions/nameservice>
+
+ capability net_admin,
+
+ signal receive set=term,
+ signal send peer="ntpd",
+
+ /lib64/dhcpcd/dhcpcd-run-hooks Px,
+ /sbin/dhcpcd mr,
+
+ owner /bin/bash r,
+ owner /etc/dhcpcd.conf r,
+ owner /etc/udev/udev.conf r,
+ owner /proc/*/mountinfo r,
+ owner /proc/*/net/if_inet6 r,
+ owner /proc/*/stat r,
+ owner /proc/cpuinfo r,
+ owner /proc/sys/net/** r,
+ owner /proc/sys/net/** w,
+ owner /run/dhcpcd.* wk,
+ owner /run/udev/data/* r,
+ owner /sys/devices/**/net/**/uevent r,
+ owner /sys/devices/virtual/net/**/uevent r,
+ owner /var/lib/dhcpcd/* r,
+}