← Back to branch summary

~apparmor-dev/apparmor/master

« back to all changes in this revision

Viewing changes to profiles/apparmor.d/usr.sbin.smbd

  • Committer: Steve Beattie
  • Date: 2019-02-19 09:38:13 UTC
  • Revision ID: sbeattie@ubuntu.com-20190219093813-ud526ee6hwn8nljz
The AppArmor project has been converted to git and is now hosted on
gitlab.

To get the converted repository, please do
  git clone https://gitlab.com/apparmor/apparmor

Show diffs side-by-side

added added

removed removed

Lines of Context:
profiles/apparmor.d/usr.sbin.smbd
1
 
#include <tunables/global>
2
 
 
3
 
/usr/sbin/smbd {
4
 
  #include <abstractions/authentication>
5
 
  #include <abstractions/base>
6
 
  #include <abstractions/consoles>
7
 
  #include <abstractions/cups-client>
8
 
  #include <abstractions/nameservice>
9
 
  #include <abstractions/samba>
10
 
  #include <abstractions/user-tmp>
11
 
  #include <abstractions/wutmp>
12
 
 
13
 
  capability audit_write,
14
 
  capability dac_override,
15
 
  capability dac_read_search,
16
 
  capability fowner,
17
 
  capability lease,
18
 
  capability net_bind_service,
19
 
  capability setgid,
20
 
  capability setuid,
21
 
  capability sys_admin,
22
 
  capability sys_resource,
23
 
  capability sys_tty_config,
24
 
 
25
 
  /etc/mtab r,
26
 
  /etc/netgroup r,
27
 
  /etc/printcap r,
28
 
  /etc/samba/* rwk,
29
 
  @{PROC}/@{pid}/mounts r,
30
 
  @{PROC}/sys/kernel/core_pattern r,
31
 
  /usr/lib*/samba/vfs/*.so mr,
32
 
  /usr/lib*/samba/charset/*.so mr,
33
 
  /usr/lib*/samba/auth/script.so mr,
34
 
  /usr/lib*/samba/pdb/*.so mr,
35
 
  /usr/lib*/samba/{lowcase,upcase,valid}.dat r,
36
 
  /usr/lib/@{multiarch}/samba/*.so{,.[0-9]*} mr,
37
 
  /usr/lib/@{multiarch}/samba/**/ r,
38
 
  /usr/lib/@{multiarch}/samba/**/*.so{,.[0-9]*} mr,
39
 
  /usr/sbin/smbd mr,
40
 
  /usr/sbin/smbldap-useradd Px,
41
 
  /var/cache/samba/** rwk,
42
 
  /var/{cache,lib}/samba/printing/printers.tdb mrw,
43
 
  /var/lib/samba/** rwk,
44
 
  /var/lib/sss/pubconf/kdcinfo.* r,
45
 
  /{,var/}run/dbus/system_bus_socket rw,
46
 
  /{,var/}run/samba/** rk,
47
 
  /{,var/}run/samba/ncalrpc/ rw,
48
 
  /{,var/}run/samba/ncalrpc/** rw,
49
 
  /{,var/}run/samba/smbd.pid rw,
50
 
  /{,var/}run/samba/msg.lock/ rw,
51
 
  /{,var/}run/samba/msg.lock/[0-9]* rwk,
52
 
  /var/spool/samba/** rw,
53
 
 
54
 
  @{HOMEDIRS}/** lrwk,
55
 
 
56
 
  # Site-specific additions and overrides. See local/README for details.
57
 
  #include <local/usr.sbin.smbd>
58
 
}