Skip to content
Snippets Groups Projects
Commit 3c98a024 authored by intrigeri's avatar intrigeri Committed by Peter Palfrader
Browse files

Add AppArmor profile. 


Signed-off-by: default avatarPeter Palfrader <peter@palfrader.org>
parent 39ca810b
Branches
Tags
No related merge requests found
Hide whitespace changes
Inline Side-by-side
debian/apparmor-profile 0 → 100644
+ 35
0
View file @ 3c98a024
# vim:syntax=apparmor
#include <tunables/global>
/usr/sbin/tor {
#include <abstractions/base>
#include <abstractions/nameservice>
network tcp,
network udp,
capability chown,
capability dac_override,
capability fowner,
capability fsetid,
capability setgid,
capability setuid,
/proc/sys/kernel/random/uuid r,
/sys/devices/system/cpu/ r,
/sys/devices/system/cpu/** r,
/etc/tor/* r,
/usr/share/tor/** r,
owner /var/lib/tor/** rwk,
owner /var/log/tor/log* w,
/{,var/}run/tor/control w,
/{,var/}run/tor/tor.pid w,
/{,var/}run/tor/control.authcookie w,
/{,var/}run/tor/control.authcookie.tmp rw,
# Site-specific additions and overrides. See local/README for details.
#include <local/usr.sbin.tor>
}
debian/control
+ 2
2
View file @ 3c98a024
......@@ -2,7 +2,7 @@ Source: tor
Section: net
Priority: optional
Maintainer: Peter Palfrader <weasel@debian.org>
Build-Depends: debhelper (>= 5), libssl-dev, dpatch, zlib1g-dev, libevent-dev (>= 1.1), binutils (>= 2.14.90.0.7), hardening-includes, asciidoc (>= 8.2), docbook-xml, docbook-xsl, xmlto
Build-Depends: debhelper (>= 5), libssl-dev, dpatch, zlib1g-dev, libevent-dev (>= 1.1), binutils (>= 2.14.90.0.7), hardening-includes, asciidoc (>= 8.2), docbook-xml, docbook-xsl, xmlto, dh-apparmor
Standards-Version: 3.8.1
Homepage: https://www.torproject.org/
Vcs-Git: git://git.torproject.org/debian/tor.git
......@@ -13,7 +13,7 @@ Architecture: any
Depends: ${shlibs:Depends}, adduser, ${misc:Depends}
Conflicts: libssl0.9.8 (<< 0.9.8g-9)
Recommends: logrotate, tor-geoipdb, torsocks
Suggests: mixmaster, xul-ext-torbutton, socat, tor-arm, polipo (>= 1) | privoxy
Suggests: mixmaster, xul-ext-torbutton, socat, tor-arm, polipo (>= 1) | privoxy, apparmor
Description: anonymizing overlay network for TCP
Tor is a connection-based low-latency anonymous communication system which
addresses many flaws in the original onion routing design.
......
debian/rules
+ 4
0
View file @ 3c98a024
......@@ -151,6 +151,10 @@ install: build
install -m 644 contrib/tor-tsocks.conf $(CURDIR)/debian/tor/etc/tor
install -m 644 debian/tor-service-defaults-torrc $(CURDIR)/debian/tor/usr/share/tor
install -m 644 debian/apparmor-profile $(CURDIR)/debian/tor/etc/apparmor.d/usr.sbin.tor
if type dh_apparmor >/dev/null 2>&1; \
then dh_apparmor --profile-name=usr.sbin.tor -ptor; fi
dh_link usr/share/man/man8/tor.8 usr/share/man/man5/torrc.5
rm -f $(CURDIR)/debian/tor/usr/bin/tor-control.py
......
debian/tor.dirs
+ 1
0
View file @ 3c98a024
etc/apparmor.d
etc/tor
var/lib/tor
var/log/tor
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment