Search
Search
Search
Search
Information
Information
Light
Dark
Open actions menu
Basic upload method
Bypass upload method
Tips!
If you encounter an error (by firewall) while uploading using both methods,
try changing extension of the file before uploading it and rename it right after.
Submit
~
etc
apparmor.d
File Content:
usr.sbin.named
# vim:syntax=apparmor # Last Modified: Fri Jun 1 16:43:22 2007 #include <tunables/global> profile named /usr/sbin/named flags=(attach_disconnected) { #include <abstractions/base> #include <abstractions/nameservice> capability net_bind_service, capability setgid, capability setuid, capability sys_chroot, capability sys_resource, # /etc/bind should be read-only for bind # /var/lib/bind is for dynamically updated zone (and journal) files. # /var/cache/bind is for slave/stub data, since we're not the origin of it. # See /usr/share/doc/bind9/README.Debian.gz /etc/bind/** r, /var/lib/bind/** rw, /var/lib/bind/ rw, /var/cache/bind/** lrw, /var/cache/bind/ rw, # Database file used by allow-new-zones /var/cache/bind/_default.nzd-lock rwk, # gssapi /etc/krb5.keytab kr, /etc/bind/krb5.keytab kr, # ssl /etc/ssl/openssl.cnf r, # root hints from dns-data-root /usr/share/dns/root.* r, # GeoIP data files for GeoIP ACLs /usr/share/GeoIP/** r, # dnscvsutil package /var/lib/dnscvsutil/compiled/** rw, # Allow changing worker thread names owner @{PROC}/@{pid}/task/@{tid}/comm rw, @{PROC}/net/if_inet6 r, @{PROC}/*/net/if_inet6 r, @{PROC}/sys/net/ipv4/ip_local_port_range r, /usr/sbin/named mr, /{,var/}run/named/named.pid w, /{,var/}run/named/session.key w, # support for resolvconf /{,var/}run/named/named.options r, # some people like to put logs in /var/log/named/ instead of having # syslog do the heavy lifting. /var/log/named/** rw, /var/log/named/ rw, # gssapi /var/lib/sss/pubconf/krb5.include.d/** r, /var/lib/sss/pubconf/krb5.include.d/ r, /var/lib/sss/mc/initgroups r, /etc/gss/mech.d/ r, # ldap /etc/ldap/ldap.conf r, /{,var/}run/slapd-*.socket rw, # dynamic updates /var/tmp/DNS_* rw, # dyndb backends /usr/lib/bind/*.so rm, # Samba DLZ /{usr/,}lib/@{multiarch}/samba/bind9/*.so rm, /{usr/,}lib/@{multiarch}/samba/gensec/*.so rm, /{usr/,}lib/@{multiarch}/samba/ldb/*.so rm, /{usr/,}lib/@{multiarch}/ldb/modules/ldb/*.so rm, /var/lib/samba/bind-dns/dns.keytab rk, /var/lib/samba/bind-dns/named.conf r, /var/lib/samba/bind-dns/dns/** rwk, /var/lib/samba/private/dns.keytab rk, /var/lib/samba/private/named.conf r, /var/lib/samba/private/dns/** rwk, /etc/samba/smb.conf r, /dev/urandom rwmk, owner /var/tmp/krb5_* rwk, # Site-specific additions and overrides. See local/README for details. #include <local/usr.sbin.named> }
Edit
Rename
Chmod
Delete
