← Back to branch summary

~ubuntu-branches/ubuntu/raring/apparmor/raring

« back to all changes in this revision

Viewing changes to profiles/enabled/usr.sbin.named

  • Committer: Bazaar Package Importer
  • Author(s): Kees Cook
  • Date: 2007-03-23 16:42:01 UTC
  • Revision ID: james.westby@ubuntu.com-20070323164201-jkax6f0oku087b7l
Tags: upstream-2.0.1+510.dfsg
ImportĀ upstreamĀ versionĀ 2.0.1+510.dfsg

Show diffs side-by-side

added added

removed removed

Lines of Context:
profiles/enabled/usr.sbin.named
 
1
# $Id: usr.sbin.named 307 2007-01-19 12:05:05Z seth_arnold $
 
2
#
 
3
# ------------------------------------------------------------------
 
4
#
 
5
#    Copyright (C) 2002-2005 Novell/SUSE
 
6
#
 
7
#    This program is free software; you can redistribute it and/or
 
8
#    modify it under the terms of version 2 of the GNU General Public
 
9
#    License published by the Free Software Foundation.
 
10
#
 
11
# ------------------------------------------------------------------
 
12
# vim:syntax=apparmor
 
13
# Last Modified: Wed Aug 17 14:09:24 2005
 
14
 
 
15
#include <tunables/global>
 
16
 
 
17
/usr/sbin/named {
 
18
  #include <abstractions/base>
 
19
  #include <abstractions/nameservice>
 
20
  #include <abstractions/xad>
 
21
 
 
22
  capability net_bind_service,
 
23
  capability setgid,
 
24
  capability setuid,
 
25
  capability sys_chroot,
 
26
 
 
27
  /** r,
 
28
  /dyn/** rwl,
 
29
  /usr/bin/dnskeygen mix,
 
30
  /usr/bin/dnsquery mix,
 
31
  /usr/sbin/named rmix,
 
32
  /usr/sbin/named-xfer mix,
 
33
  /var/lib/named/** rwl,
 
34
  /var/named/** rwl,
 
35
  /var/run/named.pid wl,
 
36
  /var/run/named/named.pid wl,
 
37
  /var/run/ndc wl,
 
38
  /slave/* rw,
 
39
 
 
40
  /var/opt/novell/xad/ds/krb5kdc/krb5.keytab r,
 
41
  /var/tmp/DNS_* rw,
 
42
  /tmp/DNS_* rw,
 
43
}