54 lines
1.0 KiB
Plaintext
54 lines
1.0 KiB
Plaintext
# vim:syntax=apparmor
|
|
|
|
abi <abi/3.0>,
|
|
|
|
include <tunables/global>
|
|
|
|
profile wpa_supplicant /usr/bin/wpa_supplicant {
|
|
include <abstractions/base>
|
|
include <abstractions/dbus-strict>
|
|
|
|
capability net_admin,
|
|
capability net_raw,
|
|
capability chown,
|
|
capability dac_override,
|
|
capability fsetid,
|
|
network inet dgram,
|
|
network inet raw,
|
|
network packet dgram,
|
|
network netlink,
|
|
|
|
/usr/bin/wpa_supplicant mr,
|
|
|
|
/run/wpa_supplicant/ rw,
|
|
/run/wpa_supplicant/** rw,
|
|
|
|
/run/dbus/system_bus_socket rw,
|
|
/run/sendsigs.omit.d/wpasupplicant.pid rw,
|
|
|
|
/etc/wpa_supplicant/ rw,
|
|
/etc/wpa_supplicant/** rw,
|
|
|
|
/etc/nsswitch.conf r,
|
|
/etc/group r,
|
|
|
|
@{PROC}/sys/net/ipv{4,6}/conf/*/* rw,
|
|
@{PROC}/@{pid}/psched r,
|
|
|
|
/dev/rfkill r,
|
|
|
|
dbus (send, receive)
|
|
bus=system
|
|
path=/fi/w1/wpa_supplicant1,
|
|
|
|
dbus (send, receive)
|
|
bus=system
|
|
path=/fi/w1/wpa_supplicant1/**,
|
|
|
|
dbus (send,receive)
|
|
bus=system
|
|
path=/fi/epitest/hostap/WPASupplicant/**,
|
|
|
|
include if exists <local/usr.bin.wpa_supplicant>
|
|
}
|