logo

apparmor.d

Unnamed repository; edit this file 'description' to name the repository. git clone https://hacktivis.me/git/apparmor.d.git

README (1110B)


  1. # This directory is intended to contain profile additions and overrides for
  2. # inclusion by distributed profiles to aid in packaging AppArmor for
  3. # distributions.
  4. #
  5. # The shipped profiles in /etc/apparmor.d can still be modified by an
  6. # administrator and people should modify the shipped profile when making
  7. # large policy changes, rather than trying to make those adjustments here.
  8. #
  9. # For simple access additions or the occasional deny override, adjusting them
  10. # here can prevent the package manager of the distribution from interfering
  11. # with local modifications. As always, new policy should be reviewed to ensure
  12. # it is appropriate for your site.
  13. #
  14. # For example, if the shipped /etc/apparmor.d/usr.sbin.smbd profile has:
  15. # include <local/usr.sbin.smbd>
  16. #
  17. # then an administrator can adjust /etc/apparmor.d/local/usr.sbin.smbd to
  18. # contain any additional paths to be allowed, such as:
  19. #
  20. # /var/exports/** lrwk,
  21. #
  22. # Keep in mind that 'deny' rules are evaluated after allow rules, so you won't
  23. # be able to allow access to files that are explicitly denied by the shipped
  24. # profile using this mechanism.