void-packages/srcpkgs/apparmor/files/profiles/usr.bin.wpa_supplicant

54 lines
1.0 KiB
Plaintext

# vim:syntax=apparmor
abi <abi/3.0>,
include <tunables/global>
profile wpa_supplicant /usr/bin/wpa_supplicant {
include <abstractions/base>
include <abstractions/dbus-strict>
capability net_admin,
capability net_raw,
capability chown,
capability dac_override,
capability fsetid,
network inet dgram,
network inet raw,
network packet dgram,
network netlink,
/usr/bin/wpa_supplicant mr,
/run/wpa_supplicant/ rw,
/run/wpa_supplicant/** rw,
/run/dbus/system_bus_socket rw,
/run/sendsigs.omit.d/wpasupplicant.pid rw,
/etc/wpa_supplicant/ rw,
/etc/wpa_supplicant/** rw,
/etc/nsswitch.conf r,
/etc/group r,
@{PROC}/sys/net/ipv{4,6}/conf/*/* rw,
@{PROC}/@{pid}/psched r,
/dev/rfkill r,
dbus (send, receive)
bus=system
path=/fi/w1/wpa_supplicant1,
dbus (send, receive)
bus=system
path=/fi/w1/wpa_supplicant1/**,
dbus (send,receive)
bus=system
path=/fi/epitest/hostap/WPASupplicant/**,
include if exists <local/usr.bin.wpa_supplicant>
}