~linkat/+junk/linkat-servidor-18.04

Viewing changes to debian/linkat-servidor/usr/share/linkat/linkat-servidor/plantilles/usr.sbin.ntpd

Committer: Francesc Konate
Date: 2019-09-18 10:48:26 UTC
Revision ID: jfkoga@tutanota.com-20190918104826-96gc7yaeonrqk3cp

125: Removed apparmor workarounds plantilles/nextcloud.sh, plantilles/nextcloud-restart.sh, /patches/03-snap.sh, /patches/patches.sh, /configurador/roles/ldap/tasks/main.yml | Removed templates usr.bin.freshclam, usr.lib.snapd.snap-confine.real, usr.sbin.clamd, usr.sbin.cupsd, usr.sbin.ntpd

files added:
.pc/125

.pc/125/linkat-servidor

.pc/125/linkat-servidor/configurador

.pc/125/linkat-servidor/configurador/roles

.pc/125/linkat-servidor/configurador/roles/ldap

.pc/125/linkat-servidor/configurador/roles/ldap/tasks

.pc/125/linkat-servidor/configurador/roles/ldap/tasks/main.yml

.pc/126

.pc/126/linkat-servidor

.pc/126/linkat-servidor/configurador

.pc/126/linkat-servidor/configurador/roles

.pc/126/linkat-servidor/configurador/roles/ldap

.pc/126/linkat-servidor/configurador/roles/ldap/tasks

.pc/126/linkat-servidor/configurador/roles/ldap/tasks/main.yml

.pc/126/linkat-servidor/patches

.pc/126/linkat-servidor/patches/patches.sh

.pc/126/linkat-servidor/plantilles

.pc/126/linkat-servidor/plantilles/nextcloud-restart.sh

.pc/126/linkat-servidor/plantilles/nextcloud.sh

debian/patches/125

debian/patches/126

files removed:
debian/linkat-servidor/usr/share/linkat/linkat-servidor/patches/03-snap.sh

debian/linkat-servidor/usr/share/linkat/linkat-servidor/plantilles/usr.bin.freshclam

debian/linkat-servidor/usr/share/linkat/linkat-servidor/plantilles/usr.lib.snapd.snap-confine.real

debian/linkat-servidor/usr/share/linkat/linkat-servidor/plantilles/usr.sbin.clamd

debian/linkat-servidor/usr/share/linkat/linkat-servidor/plantilles/usr.sbin.cupsd

debian/linkat-servidor/usr/share/linkat/linkat-servidor/plantilles/usr.sbin.ntpd

linkat-servidor/patches/03-snap.sh

linkat-servidor/plantilles/usr.bin.freshclam

linkat-servidor/plantilles/usr.lib.snapd.snap-confine.real

linkat-servidor/plantilles/usr.sbin.clamd

linkat-servidor/plantilles/usr.sbin.cupsd

linkat-servidor/plantilles/usr.sbin.ntpd

files modified:
.pc/applied-patches

debian/changelog

debian/files

debian/linkat-servidor/DEBIAN/control

debian/linkat-servidor/DEBIAN/md5sums

debian/linkat-servidor/usr/share/doc/linkat-servidor/changelog.Debian.gz

debian/linkat-servidor/usr/share/linkat/linkat-servidor/configurador/roles/ldap/tasks/main.yml

debian/linkat-servidor/usr/share/linkat/linkat-servidor/patches/patches.sh

debian/linkat-servidor/usr/share/linkat/linkat-servidor/plantilles/nextcloud-restart.sh

debian/linkat-servidor/usr/share/linkat/linkat-servidor/plantilles/nextcloud.sh

debian/patches/series

linkat-servidor/configurador/roles/ldap/tasks/main.yml

linkat-servidor/patches/patches.sh

linkat-servidor/plantilles/nextcloud-restart.sh

linkat-servidor/plantilles/nextcloud.sh

Show diffs side-by-side

added added

removed removed

# vim:syntax=apparmor

# Updated for Ubuntu by: Jamie Strandboge <jamie@canonical.com>

# ------------------------------------------------------------------

# This program is free software; you can redistribute it and/or

# modify it under the terms of version 2 of the GNU General Public

# License published by the Free Software Foundation.

# ------------------------------------------------------------------

#include <tunables/global>

#include <tunables/ntpd>

/usr/sbin/ntpd flags=(attach_disconnected) {

#include <abstractions/base>

#include <abstractions/nameservice>

#include <abstractions/user-tmp>

capability ipc_lock,

capability net_bind_service,

capability setgid,

capability setuid,

capability sys_chroot,

capability sys_resource,

capability sys_time,

capability sys_nice,

# ntp uses AF_INET, AF_INET6 and AF_UNSPEC

network dgram,

network stream,

@{PROC}/net/if_inet6 r,

@{PROC}/*/net/if_inet6 r,

@{NTPD_DEVICE} rw,

# pps devices are almost exclusively used with NTP

/dev/pps[0-9]* rw,

/{,s}bin/ r,

/usr/{,s}bin/ r,

/usr/local/{,s}bin/ r,

/usr/sbin/ntpd rmix,

/etc/ntp.conf r,

/etc/ntp.conf.dhcp r,

/etc/ntpd.conf r,

/etc/ntpd.conf.tmp r,

/run/ntp.conf.dhcp r,

/etc/ntp.keys r,

/etc/ntp/** r,

/etc/ntp.drift rwl,

/etc/ntp.drift.TEMP rwl,

/etc/ntp/drift* rwl,

/var/lib/ntp/*drift rw,

/var/lib/ntp/*drift.TEMP rw,

/var/log/ntp w,

/var/log/ntp.log w,

/var/log/ntpd w,

/var/log/ntpstats/clockstats* rwl,

/var/log/ntpstats/loopstats* rwl,

/var/log/ntpstats/peerstats* rwl,

/var/log/ntpstats/protostats* rwl,

/var/log/ntpstats/rawstats* rwl,

/var/log/ntpstats/sysstats* rwl,

/{,var/}run/ntpd.pid w,

# to be able to check for running ntpdate

/run/lock/ntpdate wk,

# samba4 ntp signing socket

/{,var/}run/samba/ntp_signd/socket rw,

# samba4 winbindd pipe

/run/samba/winbindd/pipe rw,

# For use with clocks that report via shared memory (e.g. gpsd),

# you may need to give ntpd access to all of shared memory, though

# this can be considered dangerous. See https://launchpad.net/bugs/722815

# for details. To enable, add this to local/usr.sbin.ntpd:

# capability ipc_owner,

# Site-specific additions and overrides. See local/README for details.

#include <local/usr.sbin.ntpd>

/etc/ldap/ldap.conf r,

}

Older »