Sign Up
Log In
Sign Up
Username:
*
Email:
*
Password:
*
Password confirmation:
*
or
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
Web
pihole-admin-lte
pihole.apparmor
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File pihole.apparmor of Package pihole-admin-lte
# Rules for Pi-hole’s AdminLTE, a PHP control panel. /{,usr/}bin/bash Cx -> bash, @{PROC}/loadavg r, # Shown in header. /run/php-fpm/pihole.sock w, # nginx-user will delete the socket during restart. /etc/pihole/** r, /etc/pihole/gravity.db wk, /etc/pihole/pihole-FTL.db k, /srv/www/pihole/admin/index.php r, /srv/www/pihole/admin/**.php r, /var/log/pihole/pihole-FTL.log r, # To show FTL’s log in the web UI. /tmp/ r, # session_start() may cause this read. Still inside systemd’s private namespace. owner /run/php-fpm/pihole.sock rw, owner /var/log/pihole/adminlte-error.log rw, # Set as error log via PHP_ERROR_LOG env var, by AdminLTE code. owner /var/log/pihole/fpm-php.log rw, # Error log configured in php-fpm configuration. owner /tmp/sess_* rwlk, # This is necessary, even though these are saved under namespace to pihole-admin-lte.service’s private tmp dir. # Separate bash for better control. # # attach_disconnected: from # name="var/lib/nscd/passwd" comm="sh" requested_mask="r" denied_mask="r" fsuid=65534 ouid=0 profile bash flags=(attach_disconnected) { include <abstractions/base> include <abstractions/consoles> include <abstractions/nameservice> /{,usr/}bin/bash mr, /usr/bin/nproc ix, # Output is shown in header. /usr/bin/pihole rix, # Allow control of Pi-hole. # TODO: Create separate profile for pihole. This way normal commands can use the profile too. } # kate: syntax AppArmor; indent-width 2
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Contact
Support
@OBShq
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
