Domotique/hassio-addons-old
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
4e23d7dd7f657a084c2ac463b33eaccedfa12ef8
hassio-addons-old/kresus-mrraph/apparmor.txt
MrRaph_ 4e23d7dd7f 📦 chore(kresus): add Kresus addon files and configuration 
 feat(kresus): add Dockerfile and build.yaml for building Kresus addon image
 feat(kresus): add config.yaml for Kresus addon configuration
 feat(kresus): add icon.png and logo.png for Kresus addon branding
 feat(kresus): add rootfs directory with necessary files for Kresus addon
 feat(kresus): add translations/en.yaml for English translations of Kresus addon

🐛 fix(kresus): fix finish script to handle service failure and restart
🐛 fix(kresus): fix run script to initialize data directory and generate Kresus salt

🔧 chore(kresus): update woob dependencies install method in Dockerfile
🔧 chore(kresus): update Kresus version to 0.6.2 in CHANGELOG.md

🔧 chore(kresus): update Kresus dependencies in DOCS.md
🔧 chore(kresus): update Kresus dependencies in README.md

🔧 chore(kresus): update Kresus dependencies in apparmor.txt
🔧 chore(kresus): update Kresus dependencies in requirements.txt
🔧 chore(kresus): update Kresus dependencies in start.sh

🔧 chore(kresus): update Kresus dependencies in translations/en.yaml

🔧 chore(kresus): update Kresus dependencies in build.yaml

🔧 chore(kresus): update Kresus dependencies in config.yaml

🔧 chore(kresus): update Kresus dependencies in icon.png

🔧 chore(kresus): update Kresus dependencies in logo.png

🔧 chore(kresus): update Kresus dependencies in rootfs/etc/kresus/config.ini

🔧 chore(kresus): update Kresus dependencies in rootfs/etc/services.d/kresus/finish

🔧 chore(kresus): update Kresus dependencies in rootfs/etc/services.d/kresus/run

🔧 chore(kresus): update Kresus dependencies in rootfs/requirements.txt

🔧 chore(kresus): update Kresus dependencies in rootfs/usr/libexec/kresus/start.sh

🔧 chore(kresus): update Kresus
2024-03-06 11:27:44 +01:00

73 lines
1.7 KiB
Plaintext
Raw Blame History

include <tunables/global>
profile kresus flags=(attach_disconnected,mediate_deleted) {
#include <abstractions/base>
# Capabilities
file,
signal (send) set=(kill,term,int,hup,cont),
capability chown,
capability fowner,
capability kill,
# S6-Overlay
/init ix,
/bin/** ix,
/usr/bin/** ix,
/run/{s6,s6-rc*,service}/** ix,
/package/** ix,
/command/** ix,
/etc/services.d/** rwix,
/etc/cont-init.d/** rwix,
/etc/cont-finish.d/** rwix,
/run/{,**} rwk,
/dev/tty rw,
# Access to options.json and other files within your addon
/data/options.json r,
/data/kresus/{,**} rw,
/package/admin/s6-2.11.2.0/command/s6-applyuidgid cx -> s6setuidgid,
profile s6setuidgid flags=(attach_disconnected,mediate_deleted) {
#include <abstractions/base>
capability setuid,
capability setgid,
signal (receive) set=("cont","kill","term"),
# Generic accesses
/package/admin/s6-2.11.2.0/command/s6-applyuidgid rm,
/bin/{bash,busybox} ix,
/dev/{null,tty} rw,
/etc/{group,hosts,os-release,passwd,resolv.conf,ssl/**} r,
/package/admin/** rmix,
/run/s6/container_environment** r,
/tmp/.bashio/{,**} rw,
/usr/bin/{curl,jq,ssl_client} rix,
/usr/lib/bashio/bashio ix,
/lib/** rmix,
/tmp/pip-install-** rw,
# Kresus specific accesses
/data/kresus_salt r,
/data/kresus/{,**} rw,
/etc/kresus/config.ini r,
/woob/ r,
/woob/** lrw,
/woob/.py-deps/** lrwix,
/usr/bin/{,**} r,
/usr/bin/git ix,
/usr/bin/gpgv ix,
/usr/bin/node ix,
/usr/bin/python3.11 ix,
/usr/bin/pip3 rix,
/usr/libexec/git-core/** ix,
/usr/libexec/kresus/** rix,
/usr/local/lib/node_modules/** rm,
/usr/local/lib/node_modules/kresus/bin/kresus.js rix,
/usr/share/** r,
}
}
Reference in New Issue View Git Blame Copy Permalink