35 lines
792 B
Nginx Configuration File
35 lines
792 B
Nginx Configuration File
# vim:syntax=apparmor
|
|
|
|
# NOTE: This profile will by default work with pfp-fpm on TCP sockets.
|
|
# If you need to make use of php-fpm unix socket, add the following to local/usr.bin.nginx
|
|
# /path/to/your/unix/socket rw,
|
|
|
|
#include <tunables/global>
|
|
|
|
/usr/bin/nginx {
|
|
#include <abstractions/base>
|
|
#include <abstractions/nameservice>
|
|
#include <abstractions/nis>
|
|
#include <abstractions/openssl>
|
|
|
|
capability setgid,
|
|
capability setuid,
|
|
|
|
# XXX: Maybe switch to "/etc/nginx/** r," ?
|
|
/etc/nginx/*.conf r,
|
|
/etc/nginx/*_params r,
|
|
/etc/nginx/conf.d/* r,
|
|
/etc/nginx/mime.types r,
|
|
|
|
/run/nginx.pid rw,
|
|
|
|
/usr/bin/nginx mr,
|
|
|
|
/usr/share/nginx/html/* r,
|
|
|
|
/var/log/nginx/* w,
|
|
|
|
# Site-specific additions and overrides. See local/README for details.
|
|
#include <local/usr.bin.nginx>
|
|
}
|