AlaK4X
Linux lhjmq-records 5.15.0-118-generic #128-Ubuntu SMP Fri Jul 5 09:28:59 UTC 2024 x86_64



Your IP : 3.15.12.133


Current Path : /proc/thread-self/root/etc/apparmor.d/disable/
Upload File :
Current File : //proc/thread-self/root/etc/apparmor.d/disable/usr.sbin.rsyslogd

# Last Modified: Sun Sep 25 08:58:35 2011
#include <tunables/global>

# Debugging the syslogger can be difficult if it can't write to the file
# that the kernel is logging denials to. In these cases, you can do the
# following:
# watch -n 1 'dmesg | tail -5'

profile rsyslogd /usr/sbin/rsyslogd {
  #include <abstractions/base>
  #include <abstractions/nameservice>

  capability sys_tty_config,
  capability dac_override,
  capability dac_read_search,
  capability setuid,
  capability setgid,
  capability sys_nice,
  capability syslog,

  unix (receive) type=dgram,
  unix (receive) type=stream,

  # rsyslog configuration
  /etc/rsyslog.conf r,
  /etc/rsyslog.d/ r,
  /etc/rsyslog.d/** r,
  /{,var/}run/rsyslogd.pid{,.tmp} rwk,
  /var/spool/rsyslog/ r,
  /var/spool/rsyslog/** rwk,

  /usr/sbin/rsyslogd mr,
  /usr/lib{,32,64}/{,@{multiarch}/}rsyslog/*.so mr,

  /dev/tty*                     rw,
  /dev/xconsole                 rw,
  @{PROC}/kmsg                  r,

  /dev/log                      rwl,
  /{,var/}run/utmp              rk,
  /var/lib/*/dev/log            rwl,
  /var/spool/postfix/dev/log    rwl,
  /{,var/}run/systemd/notify    w,

  # 'r' is needed when using imfile
  /var/log/**                   rw,

  # Add these for mysql support
  #/etc/mysql/my.cnf r,
  #/{,var/}run/mysqld/mysqld.sock rw,

  # Add thes for postgresql support
  ##include <abstractions/openssl>
  ##include <abstractions/ssl_certs>
  #/{,var/}run/postgresql/.s.PGSQL.*[0-9] rw,

  # Site-specific additions and overrides. See local/README for details.
  #include <local/usr.sbin.rsyslogd>
}