fix(profile): minor fixes.

roddhjav · Nov 13, 2024 · b4bcb2f · b4bcb2f
1 parent 194d181
commit b4bcb2f
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 4 deletions.
diff --git a/apparmor.d/profiles-g-l/ip b/apparmor.d/profiles-g-l/ip
@@ -20,11  20,13 @@ profile ip @{exec_path} flags=(attach_disconnected) {
 
   network netlink raw,
 
-  mount options=(rw, rshared)                       -> @{run}/netns/,
-  mount options=(rw, rslave)                        -> /,
   mount fstype=sysfs                                -> /sys/,
   mount options=(rw bind)                         / -> @{run}/netns/*,
   mount options=(rw rbind)            @{run}/netns/ -> @{run}/netns/,
   mount options=(rw, bind)                  @{att}/ ->  @{run}/netns/*,
   mount options=(rw, bind) /etc/netns/*/resolv.conf -> /etc/resolv.conf,
-  mount fstype=sysfs                                -> /sys/,
   mount options=(rw, rshared)                       -> @{run}/netns/,
   mount options=(rw, rslave)                        -> /,
 
   umount @{run}/netns/*,
   umount /sys/,

diff --git a/apparmor.d/profiles-s-z/sync b/apparmor.d/profiles-s-z/sync
@@ -14,7  14,7 @@ profile sync @{exec_path} {
   @{exec_path} mr,
 
   # All paths where sync can be used to flush all write operations on a single file to disk
-  /** rw,
   /{,**} rw,
 
   include if exists <local/sync>
 }