sbin.apparmor_parser (602B)
- # Copyright 2020 Haelwenn (lanodan) Monnier <contact+apparmor.d@hacktivis.me>
- # Distributed under the terms of the GNU General Public License v2
- #include <tunables/global>
- profile /sbin/apparmor_parser (complain) {
- #include <abstractions/base>
- #include <abstractions/consoles>
- /sbin/apparmor_parser mr,
- capability mac_admin,
- allow /etc/apparmor/ r,
- allow /etc/apparmor/** r,
- allow /etc/apparmor.d/ r,
- allow /etc/apparmor.d/** r,
- allow /sys/kernel/security/apparmor/ rw,
- allow /sys/kernel/security/apparmor/** rw,
- allow /proc/sys/kernel/osrelease r,
- allow @{PROC}/@{pid}/mounts r,
- }