Il 10/10/18 06:28, Lars Noodén ha scritto:
> On 10/10/18 12:38 AM, Taiidan@??? wrote:
>> You can use apparmor to do this quite easily - afaik there are a few
>> tutorials for it.
> Last I checked, apparmor does not function with Devuan:
>
> # /etc/init.d/apparmor start
> /etc/init.d/apparmor: 130: /etc/init.d/apparmor:
> systemd-detect-virt: not found
>
> Starting AppArmor profiles:AppArmor not available as kernel
> LSM.. failed!
>
>
> /Lars
Works for me:
[root@wrkstn02 ~]# /etc/init.d/apparmor status
apparmor module is loaded.
19 profiles are loaded.
17 profiles are in enforce mode.
/usr/lib/cups/backend/cups-pdf
/usr/sbin/cups-browsed
/usr/sbin/cupsd
/usr/sbin/cupsd//third_party
/usr/sbin/libvirtd
/usr/sbin/libvirtd//qemu_bridge_helper
/usr/sbin/named
system_tor
thunderbird
thunderbird//browser_java
thunderbird//browser_openjdk
thunderbird//gpg
thunderbird//sanitized_helper
torbrowser_firefox
torbrowser_plugin_container
torbrowser_tor
virt-aa-helper
2 profiles are in complain mode.
/usr/bin/i2prouter
system_i2p
2 processes have profiles defined.
2 processes are in enforce mode.
/usr/sbin/named (11896)
thunderbird (20717)
0 processes are in complain mode.
0 processes are unconfined but have a profile defined.
[root@wrkstn02 ~]#
[root@wrkstn02 ~]# lsb_release -d ; uname -r
Description: Devuan GNU/Linux 2.0 (ascii)
4.18.0-0.bpo.1-amd64
[root@wrkstn02 ~]#
Alessandro
--
Alessandro Selli <alessandroselli@???>
VOIP SIP: dhatarattha@???
Chiave firma e cifratura PGP/GPG signing and encoding key:
BA651E4050DDFC31E17384BABCE7BD1A1B0DF2AE
::
Re: [DNG] [OT] Restricting user cap…
