Merge pull request #663 from rany0/patch-3

Update usr.bin.yggdrasil
This commit is contained in:
Neil Alexander 2020-03-25 20:54:53 +00:00 committed by GitHub
commit 83c41d57c2
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -1,10 +1,11 @@
# Last Modified: Sat Mar 9 06:08:02 2019 # Last Modified: Tue Mar 10 16:38:14 2020
#include <tunables/global> #include <tunables/global>
/usr/bin/yggdrasil { /usr/bin/yggdrasil {
#include <abstractions/base> #include <abstractions/base>
capability net_admin, capability net_admin,
capability net_raw,
network inet stream, network inet stream,
network inet dgram, network inet dgram,
@ -14,6 +15,7 @@
/lib/@{multiarch}/ld-*.so mr, /lib/@{multiarch}/ld-*.so mr,
/proc/sys/net/core/somaxconn r, /proc/sys/net/core/somaxconn r,
owner /sys/kernel/mm/transparent_hugepage/hpage_pmd_size r,
/dev/net/tun rw, /dev/net/tun rw,
/usr/bin/yggdrasil mr, /usr/bin/yggdrasil mr,