From 0d7cb228ae0e275081fa0429e7691a9a4d56f681 Mon Sep 17 00:00:00 2001 From: Pascal Vizeli Date: Thu, 3 May 2018 11:13:39 +0200 Subject: [PATCH] Update hassio-supervisor --- buildroot-external/apparmor/hassio-supervisor | 19 +++++-------------- 1 file changed, 5 insertions(+), 14 deletions(-) diff --git a/buildroot-external/apparmor/hassio-supervisor b/buildroot-external/apparmor/hassio-supervisor index 50283887d..60edfff1c 100644 --- a/buildroot-external/apparmor/hassio-supervisor +++ b/buildroot-external/apparmor/hassio-supervisor @@ -13,20 +13,11 @@ profile hassio-supervisor flags=(attach_disconnected,mediate_deleted) { /usr/bin/socat cx, /usr/bin/gdbus cx, - deny /bin/** wl, - deny /boot/** wl, - deny /etc/** wl, - deny /home/** wl, - deny /lib/** wl, - deny /mnt/** wl, deny /proc/** wl, deny /root/** wl, - deny /sbin/** wl, - deny /tmp/** wl, deny /sys/** wl, - deny /usr/** wl, - /** r, + /** r, /data/** rw, /var/run/docker.sock rw, @@ -66,12 +57,12 @@ profile hassio-supervisor flags=(attach_disconnected,mediate_deleted) { /bin/busybox ix, /usr/bin/git mr, /usr/libexec/git-core/* ix, - /lib/* mr, - /** r, - - /data/addons/** rw, deny /data/homeassistant rw, deny /data/ssl rw, + + /lib/* mr, + /** r, + /data/addons/** rw, } }