void-packages/srcpkgs/apparmor/files/profiles/usr.bin.wpa_supplicant
Cameron Nemo ac938da314 apparmor: update profiles
* dhcpcd, wpa_supplicant: add small additional permissions
* wpa_cli: remove profile, it causes issues with the -a flag;
           expected impact is low: wpa_cli is run as a normal user,
	   and it does not serve requests to other users.
2019-12-31 15:25:17 +01:00

49 lines
972 B
Text

#include <tunables/global>
/usr/bin/wpa_supplicant {
#include <abstractions/base>
#include <abstractions/dbus-strict>
capability net_admin,
capability net_raw,
capability chown,
capability dac_override,
capability fsetid,
network inet dgram,
network inet raw,
network packet dgram,
network netlink,
/usr/bin/wpa_supplicant mr,
/run/wpa_supplicant/ rw,
/run/wpa_supplicant/** rw,
/run/dbus/system_bus_socket rw,
/run/sendsigs.omit.d/wpasupplicant.pid rw,
/etc/wpa_supplicant/ rw,
/etc/wpa_supplicant/** rw,
/etc/nsswitch.conf r,
/etc/group r,
@{PROC}/sys/net/ipv{4,6}/conf/*/* rw,
@{PROC}/@{pid}/psched r,
/dev/rfkill r,
dbus (send, receive)
bus=system
path=/fi/w1/wpa_supplicant1,
dbus (send, receive)
bus=system
path=/fi/w1/wpa_supplicant1/**,
dbus (send,receive)
bus=system
path=/fi/epitest/hostap/WPASupplicant/**,
#include <local/usr.bin.wpa_supplicant>
}