jeans/operating-system
jeans/operating-system
1
0
Fork 0
mirror of https://github.com/home-assistant/operating-system.git synced 2025-07-25 22:16:30 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update hassio-supervisor

Browse Source
This commit is contained in:
Pascal Vizeli 2018-05-02 21:53:15 +02:00 committed by GitHub
parent c05d027732
commit 2d75a978a5
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
buildroot-external/apparmor/hassio-supervisor
View File

@ -10,7 +10,6 @@ profile hassio-supervisor flags=(attach_disconnected,mediate_deleted) {
deny network raw, deny network raw,
deny network packet, deny network packet,
/bin/busybox ix,
/usr/bin/python{,3,3.[0-9]} ix, /usr/bin/python{,3,3.[0-9]} ix,
/usr/bin/socat cx, /usr/bin/socat cx,
/usr/bin/gdbus cx, /usr/bin/gdbus cx,
@ -28,9 +27,8 @@ profile hassio-supervisor flags=(attach_disconnected,mediate_deleted) {
deny /tmp/** wl, deny /tmp/** wl,
deny /sys/** wl, deny /sys/** wl,
deny /usr/** wl, deny /usr/** wl,
/** r,
/proc/** r,
/sys/** r,
/data/** rw, /data/** rw,
/var/run/docker.sock rw, /var/run/docker.sock rw,
@ -42,8 +40,6 @@ profile hassio-supervisor flags=(attach_disconnected,mediate_deleted) {
deny network raw, deny network raw,
deny network packet, deny network packet,
deny /data/** r,
} }
profile /usr/bin/gdbus { profile /usr/bin/gdbus {
@ -53,7 +49,5 @@ profile hassio-supervisor flags=(attach_disconnected,mediate_deleted) {
deny network inet, deny network inet,
/var/run/dbus/system_bus_socket rw, /var/run/dbus/system_bus_socket rw,
deny /data/** r,
} }
} }