Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #include <tunables/global>
- /usr/bin/bitcoin {
- #include <abstractions/base>
- #include <abstractions/dbus>
- #include <abstractions/fonts>
- #include <abstractions/freedesktop.org>
- #include <abstractions/nameservice>
- capability dac_override,
- capability dac_read_search,
- network inet stream,
- network inet6 stream,
- /bin/dash rix,
- /bin/uname rix,
- /proc/*/mounts r,
- /usr/lib{,32,64}/** mr,
- /usr/share/gvfs/remote-volume-monitors/ r,
- /usr/share/gvfs/remote-volume-monitors/** r,
- /usr/share/themes/** r,
- @{HOME}/.bitcoin/ rwk,
- @{HOME}/.bitcoin/** rwk,
- @{HOME}/.fontconfig/** r,
- @{HOME}/.config/ibus/bus/ w,
- @{HOME}/.config/Trolltech.conf r,
- @{PROC}/[0-9]*/net/if_inet6 r,
- @{PROC}/[0-9]*/net/ipv6_route r,
- /var/lib/dbus/machine-id r,
- /var/run/gdm/*/database r,
- }
- # That's my (chmod755) apparmor ruleset
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
