5
0
mirror of https://github.com/cwinfo/yggdrasil-go.git synced 2024-11-14 16:10:29 +00:00
yggdrasil-go/contrib/apparmor/usr.bin.yggdrasil
2020-03-10 16:47:41 +02:00

26 lines
514 B
Plaintext

# Last Modified: Tue Mar 10 16:38:14 2020
#include <tunables/global>
/usr/bin/yggdrasil {
#include <abstractions/base>
capability net_admin,
capability net_raw,
network inet stream,
network inet dgram,
network inet6 dgram,
network inet6 stream,
network netlink raw,
/lib/@{multiarch}/ld-*.so mr,
/proc/sys/net/core/somaxconn r,
owner /sys/kernel/mm/transparent_hugepage/hpage_pmd_size r,
/dev/net/tun rw,
/usr/bin/yggdrasil mr,
/etc/yggdrasil.conf rw,
/run/yggdrasil.sock rw,
}