logo

apparmor.d

Unnamed repository; edit this file 'description' to name the repository. git clone https://anongit.hacktivis.me/git/apparmor.d.git/

sbin.dhcpcd (1013B)

    

  1. # Copyright 2020-2023 Haelwenn (lanodan) Monnier <contact+apparmor.d@hacktivis.me>
  2. # Distributed under the terms of the GNU General Public License v2
  3. include <tunables/global>
  5. /sbin/dhcpcd flags=(complain) {
  6.   include <abstractions/base>
  7.   include <abstractions/consoles>
  8.   include <abstractions/nameservice>
  10.   capability net_admin,
  11.   capability net_raw,
  13.   capability sys_chroot,
  14.   capability setgid,
  15.   capability setuid,
  17.   signal receive set=term,
  18.   signal send peer="ntpd",
  20.   /lib{,64}/dhcpcd/dhcpcd-run-hooks ix,
  21.   /sbin/dhcpcd mr,
  23.   owner /etc/dhcpcd.conf r,
  25.   /etc/udev/udev.conf r,
  26.   /run/udev/data/* r,
  27.   /sys/devices/**/net/**/uevent r,
  28.   /sys/devices/virtual/net/**/uevent r,
  30.   owner /proc/*/mountinfo r,
  31.   owner /proc/*/net/if_inet6 r,
  32.   owner /proc/*/stat r,
  33.   /proc/cpuinfo r,
  34.   /proc/sys/kernel/hostname r,
  36.   owner /proc/sys/net/** rw,
  38.   owner /run/dhcpcd/** rwlk,
  39.   owner /var/lib/dhcpcd/* rw,
  41.   /bin/gsed rix,
  42.   /usr/bin/cmp rix,
  43.   /bin/rm rix,
  45.   /etc/ntpd.conf r,
  47.   unix (getattr),
  48. }