logo

apparmor.d

Unnamed repository; edit this file 'description' to name the repository. git clone https://hacktivis.me/git/apparmor.d.git

samba (1275B)

    

  1. # vim:syntax=apparmor
  2. # ------------------------------------------------------------------
  3. #
  4. #    Copyright (C) 2009-2010 Canonical Ltd.
  5. #
  6. #    This program is free software; you can redistribute it and/or
  7. #    modify it under the terms of version 2 of the GNU General Public
  8. #    License published by the Free Software Foundation.
  9. #
  10. # ------------------------------------------------------------------
  12.   abi <abi/3.0>,
  14.   /etc/samba/* r,
  15.   /usr/lib*/ldb/*.so mr,
  16.   /usr/lib*/ldb2/*.so mr,
  17.   /usr/lib*/ldb2/modules/ldb/*.so mr,
  18.   /usr/lib*/samba/ldb/*.so mr,
  19.   /usr/share/samba/*.dat r,
  20.   /usr/share/samba/codepages/{lowcase,upcase,valid}.dat r,
  21.   /var/cache/samba/ w,
  22.   /var/cache/samba/lck/* rwk,
  23.   /var/lib/samba/** rwk,
  24.   /var/log/samba/cores/ rw,
  25.   /var/log/samba/cores/** rw,
  26.   /var/log/samba/* rw,
  27.   @{run}/{,lock/}samba/ w,
  28.   @{run}/{,lock/}samba/*.tdb rwk,
  29.   @{run}/{,lock/}samba/msg.{lock,sock}/ rwk,
  30.   @{run}/{,lock/}samba/msg.{lock,sock}/[0-9]* rwk,
  31.   /var/cache/samba/*.tdb rwk,
  32.   /var/cache/samba/msg.lock/ rwk,
  33.   /var/cache/samba/msg.lock/[0-9]* rwk,
  35.   # required for clustering
  36.   /var/lib/ctdb/** rwk,
  38.   deny capability net_admin, # noisy setsockopt() calls from systemd
  40.   # Include additions to the abstraction
  41.   include if exists <abstractions/samba.d>