From 00ad8e594e6d757a02caccc3638b44741c903cc4 Mon Sep 17 00:00:00 2001 From: Viktor Villainov Date: Sat, 9 Mar 2019 08:15:14 -0500 Subject: [PATCH] Add AppArmor profile --- contrib/apparmor/usr.bin.yggdrasil | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) create mode 100644 contrib/apparmor/usr.bin.yggdrasil diff --git a/contrib/apparmor/usr.bin.yggdrasil b/contrib/apparmor/usr.bin.yggdrasil new file mode 100644 index 00000000..2d178d6c --- /dev/null +++ b/contrib/apparmor/usr.bin.yggdrasil @@ -0,0 +1,22 @@ +# Last Modified: Sat Mar 9 06:08:02 2019 +#include + +/usr/bin/yggdrasil { + #include + + capability net_admin, + + network inet stream, + network inet6 dgram, + network inet6 stream, + network netlink raw, + + /lib/x86_64-linux-gnu/ld-*.so mr, + /proc/sys/net/core/somaxconn r, + /dev/net/tun rw, + + /usr/bin/yggdrasil mr, + /etc/yggdrasil.conf rw, + /run/yggdrasil.sock rw, + +}