paulbsd/paulbsd-salt
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

updated apparmor state

Browse Source
This commit is contained in:
Paul 2023-03-10 00:07:59 +01:00
parent c0add92d8d
commit dff51f8bb3
5 changed files with 7 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
states/apparmor/init.sls
View File

@ -4,8 +4,8 @@
{%- for cfg in apparmor.configs %} {%- for cfg in apparmor.configs %}
apparmor-{{ cfg }}: apparmor-{{ cfg }}:
file.managed: file.managed:
- name: "/etc/apparmor.d/{{ cfg }}" - name: /etc/apparmor.d/{{ cfg }}
- source: "salt://apparmor/{{ cfg }}.j2" - source: salt://apparmor/templates/{{ cfg }}.j2
- user: root - user: root
- group: root - group: root
- mode: "0644" - mode: "0644"
@ -18,4 +18,4 @@ apparmor-reload:
service.running: service.running:
- name: apparmor - name: apparmor
- enable: true - enable: true
{%- endif %} {%- endif %}

2
states/apparmor/opt.kingsoft.j2 → states/apparmor/templates/opt.kingsoft.j2
View File

@ -24,4 +24,4 @@
owner @{HOME}/Documents/** rw, owner @{HOME}/Documents/** rw,
deny network inet, deny network inet,
} }

2
states/apparmor/opt.sublime_text.sublime_text.j2 → states/apparmor/templates/opt.sublime_text.sublime_text.j2
View File

@ -38,4 +38,4 @@
deny network inet, deny network inet,
deny network inet6, deny network inet6,
deny network raw, deny network raw,
} }

2
states/apparmor/usr.bin.skype.j2 → states/apparmor/templates/usr.bin.skype.j2
View File

@ -74,4 +74,4 @@
deny /var/cache/fontconfig/ w, deny /var/cache/fontconfig/ w,
deny owner @{HOME}/.fontconfig/ w, deny owner @{HOME}/.fontconfig/ w,
deny owner @{HOME}/.fontconfig/*.cache-*.TMP* w, deny owner @{HOME}/.fontconfig/*.cache-*.TMP* w,
} }

2
states/apparmor/usr.bin.spotify.j2 → states/apparmor/templates/usr.bin.spotify.j2
View File

@ -21,4 +21,4 @@
owner @{HOME}/.config/spotify/ w, owner @{HOME}/.config/spotify/ w,
owner @{HOME}/Music/** r, owner @{HOME}/Music/** r,
} }