improve apparmor profile

Signed-off-by: eternal-flame-AD <yume@yumechi.jp>
This commit is contained in:
ゆめ 2024-11-15 00:36:38 -06:00
parent 8e683d0fdb
commit 961b30ae4e
No known key found for this signature in database

View file

@ -26,7 +26,7 @@ profile yumechi-no-kuni-proxy-worker @{prog_path} {
network tcp,
network udp,
network raw,
network netlink raw,
deny network (bind) udp,
change_profile -> yumechi-no-kuni-proxy-worker//serve,
@ -67,6 +67,7 @@ profile yumechi-no-kuni-proxy-worker @{prog_path} {
network tcp,
network udp,
network netlink raw,
deny network (bind) tcp,
deny network (bind) udp,
@ -81,6 +82,9 @@ profile yumechi-no-kuni-proxy-worker @{prog_path} {
include <abstractions/apparmor_api/change_profile>
include <abstractions/fonts>
deny capability,
deny network,
signal (receive) peer=yume-proxy-worker//serve,
}
}