openstack
/
charm-ceph-osd
Code Issues Proposed changes

Merge "Misc updates to apparmor profile"

This commit is contained in:
Zuul 2018-05-15 19:39:29 +00:00 committed by Gerrit Code Review
parent 272cbd2261 5c1a304e0e
commit 7ccf3569f7
1 changed files with 17 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
files/apparmor/usr.bin.ceph-osd
View File

@ -1,5 +1,4 @@
# vim:syntax=apparmor
# Author: Chris Holcombe <xfactor973 at gmail_com>
#include <tunables/global>
/usr/bin/ceph-osd {
@ -18,25 +17,29 @@
network inet6 stream,
/etc/ceph/* r,
@{PROC}/@{pids}/auxv r,
@{PROC}/@{pids}/net/dev r,
@{PROC}/loadavg r,
/run/ceph/* rw,
/srv/ceph/** rwkl,
/tmp/ r,
/var/lib/ceph/** rwk,
/var/lib/ceph/osd/** l,
/var/lib/charm/*/ceph.conf r,
owner @{PROC}/@{pids}/auxv r,
owner @{PROC}/@{pids}/net/dev r,
owner @{PROC}/@{pids}/task/*/comm rw,
@{PROC}/loadavg r,
@{PROC}/1/cmdline r,
@{PROC}/partitions r,
@{PROC}/sys/kernel/random/uuid r,
/var/lib/ceph/** rwkl,
/srv/ceph/** rwkl,
/var/log/ceph/* rwk,
/var/run/ceph/* rwk,
/var/tmp/ r,
/{,var/}run/ceph/* rwk,
/{,var/}tmp/ r,
/dev/ r,
/dev/** rw,
/sys/devices/** r,
/proc/partitions r,
/run/blkid/blkid.tab r,
/bin/dash rix,