avm/hassio-addons
1
0
Fork 0
mirror of https://github.com/alexbelgium/hassio-addons.git synced 2026-03-20 11:33:12 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
9583d2a7794a2292fdc7ebf28d61bb3e565a305d
hassio-addons/bentopdf/apparmor.txt
ToledoEM 5d68d92afa add bentopdf
2026-03-18 12:36:54 +00:00

43 lines
799 B
Plaintext
Raw Blame History

#include <tunables/global>
profile bentopdf flags=(attach_disconnected,mediate_deleted) {
#include <abstractions/base>
# Capabilities
file,
signal (send) set=(kill,term,int,hup,cont),
# S6-Overlay
/init ix,
/bin/** ix,
/usr/bin/** ix,
/run/{s6,s6-rc*,service}/** ix,
/package/** ix,
/command/** ix,
/etc/services.d/** rwix,
/etc/cont-init.d/** rwix,
/etc/cont-finish.d/** rwix,
/run/{,**} rwk,
/dev/tty rw,
# Bashio
/usr/lib/bashio/** ix,
/tmp/** rwk,
# App data
/data/** rw,
# nginx
/usr/sbin/nginx ix,
/etc/nginx/** r,
/usr/share/nginx/** r,
/var/lib/nginx/** rw,
/var/log/nginx/** rw,
/run/nginx/** rw,
# Deny dangerous kernel interfaces
deny /proc/kcore rwklx,
deny /proc/sysrq-trigger rwklx,
deny /sys/firmware/** rwklx,
}
Reference in New Issue View Git Blame Copy Permalink