← Back to branch summary

~apparmor-dev/apparmor/master

« back to all changes in this revision

Viewing changes to profiles/apparmor/profiles/extras/usr.sbin.cupsd

  • Committer: Steve Beattie
  • Date: 2019-02-19 09:38:13 UTC
  • Revision ID: sbeattie@ubuntu.com-20190219093813-ud526ee6hwn8nljz
The AppArmor project has been converted to git and is now hosted on
gitlab.

To get the converted repository, please do
  git clone https://gitlab.com/apparmor/apparmor

Show diffs side-by-side

added added

removed removed

Lines of Context:
profiles/apparmor/profiles/extras/usr.sbin.cupsd
1
 
# Last Modified: Sun Sep 16 18:11:15 2007
2
 
#include <tunables/global>
3
 
/usr/sbin/cupsd {
4
 
  #include <abstractions/base>
5
 
  #include <abstractions/bash>
6
 
  #include <abstractions/dbus>
7
 
  #include <abstractions/nameservice>
8
 
  #include <abstractions/perl>
9
 
 
10
 
  capability chown,
11
 
  capability dac_override,
12
 
  capability fowner,
13
 
  capability fsetid,
14
 
  capability net_bind_service,
15
 
  capability setgid,
16
 
  capability setuid,
17
 
 
18
 
  /{usr/,}bin/bash ixr,
19
 
  /{usr/,}bin/cat ix,
20
 
 
21
 
  /usr/bin/foomatic-rip ixr,
22
 
  /etc/foomatic/** r,
23
 
 
24
 
  /usr/bin/gs ix,
25
 
  /usr/lib/ghostscript/** m,
26
 
  /usr/lib64/ghostscript/** m,
27
 
  /usr/share/ghostscript/** r,
28
 
  /etc/ghostscript/** r,
29
 
 
30
 
  /dev/lp0 rw,
31
 
  /dev/tty rw,
32
 
  /dev/ttyS? w,
33
 
  /etc/cups rw,
34
 
  /etc/cups/ r,
35
 
  /etc/cups/** r,
36
 
  /etc/cups/certs w,
37
 
  /etc/cups/certs/* w,
38
 
  /etc/cups/*.conf* rw,
39
 
  /etc/cups/ppd rw,
40
 
  /etc/printcap rw,
41
 
  /etc/cups/printcap rw,
42
 
  /etc/cups/ssl rw,
43
 
  /etc/cups/yes/* rw,
44
 
  /etc/hosts.allow r,
45
 
  /etc/hosts.deny r,
46
 
  @{PROC}/meminfo r,
47
 
  @{PROC}/sys/dev/parport/** r,
48
 
  /sys/class/usb r,
49
 
  /usr/bin/perl ix,
50
 
  /usr/bin/smbspool ixr,
51
 
  /usr/lib/cups/backend/* ixr,
52
 
  /usr/lib/cups/filter/* ixr,
53
 
  /usr/sbin/cupsd mixr,
54
 
  /usr/share/cups/** r,
55
 
  /var/log/cups/access_log rw,
56
 
  /var/log/cups/error_log rw,
57
 
  /var/spool/cups rw,
58
 
  /var/spool/cups/** rw,
59
 
  /var/spool/cups/tmp w,
60
 
  /var/spool/cups/tmp/ r,
61
 
  /{,var/}run/cups/ rw,
62
 
  /{,var/}run/cups/** rw,
63
 
  /var/cache/cups/ rw,
64
 
  /var/cache/cups/** rw,
65
 
}