12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667 |
- profile systemctl-mqtt flags=(attach_disconnected) {
-
- network inet,
-
- /systemctl-mqtt/ r,
- /systemctl-mqtt/** r,
- /systemctl-mqtt/.venv/lib/python3.8/site-packages/_dbus_bindings.so m,
- /systemctl-mqtt/.venv/lib/python3.8/site-packages/_dbus_glib_bindings.so m,
- /systemctl-mqtt/.venv/lib/python3.8/site-packages/gi/_gi.cpython-38-*-linux-gnu.so m,
- /systemctl-mqtt/.venv/lib/python3.8/site-packages/gi/_gi_cairo.cpython-38-*-linux-gnu.so m,
-
- /systemctl-mqtt/.venv/bin/systemctl-mqtt rix,
- /etc/** r,
- /usr/lib/** rm,
- /var/** r,
- deny /bin/** rwklx,
- deny @{PROC}/** rwklx,
- deny /sys/** rwklx,
-
-
- dbus (send, receive)
- bus=system
- path=/org/freedesktop/login1
- interface=org.freedesktop.DBus.Introspectable
- member=Introspect
- peer=(label=unconfined),
- dbus (send)
- bus=system
- path=/org/freedesktop/login1
- interface=org.freedesktop.login1.Manager
- member={Inhibit,ListInhibitors,ScheduleShutdown,LockSessions}
- peer=(label=unconfined),
- dbus (receive)
- bus=system
- path=/org/freedesktop/login1
- interface=org.freedesktop.login1.Manager
- member=PrepareForShutdown
- peer=(label=unconfined),
- dbus (send)
- bus=system
- path=/org/freedesktop/login1
- interface=org.freedesktop.DBus.Properties
- member=Get
- peer=(label=unconfined),
- }
|