avm/hassio-addons
1
0
Fork 0
mirror of https://github.com/alexbelgium/hassio-addons.git synced 2026-01-10 09:51:02 +01:00
Code Issues Packages Projects Releases Wiki Activity

add network capability

Browse Source
This commit is contained in:
Alexandre
2022-01-25 09:42:36 +01:00
parent 4dd0e8dd1f
commit afc7f27686
51 changed files with 1044 additions and 285 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
transmission/apparmor.txt
View File

@@ -2,17 +2,25 @@
profile db21ed7f_transmission flags=(attach_disconnected,mediate_deleted) {
#include <abstractions/base>
capability,
file,
signal,
mount,
umount,
remount,
network udp,
network tcp,
network dgram,
network stream,
network inet,
network inet6,
network netlink raw,
capability setgid,
capability setuid,
capability sys_admin,
capability dac_read_search,
capability sys_admin,
capability dac_read_search,
# capability dac_override,
# capability sys_rawio,
@@ -28,20 +36,20 @@ profile db21ed7f_transmission flags=(attach_disconnected,mediate_deleted) {
/init rix,
/var/run/** mrwkl,
/var/run/ mrwkl,
/dev/i2c-1 mrwkl,
/dev/i2c-1 mrwkl,
# Files required
/dev/sda1 mrwkl,
/dev/sdb1 mrwkl,
/dev/mmcblk0p1 mrwkl,
/dev/* mrwkl,
/tmp/** mrkwl,
# Data access
/data/** rw,
/data/** rw,
# suppress ptrace denials when using 'docker ps' or using 'ps' inside a container
ptrace (trace,read) peer=docker-default,
# docker daemon confinement requires explict allow rule for signal
signal (receive) set=(kill,term) peer=/usr/bin/docker,