summaryrefslogtreecommitdiffstats
path: root/debian/usr.sbin.kea-dhcp4
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-05-04 11:36:05 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-05-04 11:36:05 +0000
commitcd4d062141cede71ee9cb0ed125e968b5a731a6f (patch)
tree160c2c662fb462d9301cbdf2fafd2df88bcefc66 /debian/usr.sbin.kea-dhcp4
parentAdding upstream version 2.2.0. (diff)
downloadisc-kea-cd4d062141cede71ee9cb0ed125e968b5a731a6f.tar.xz
isc-kea-cd4d062141cede71ee9cb0ed125e968b5a731a6f.zip
Adding debian version 2.2.0-6.debian/2.2.0-6debian
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'debian/usr.sbin.kea-dhcp4')
-rw-r--r--debian/usr.sbin.kea-dhcp444
1 files changed, 44 insertions, 0 deletions
diff --git a/debian/usr.sbin.kea-dhcp4 b/debian/usr.sbin.kea-dhcp4
new file mode 100644
index 0000000..0572c21
--- /dev/null
+++ b/debian/usr.sbin.kea-dhcp4
@@ -0,0 +1,44 @@
+abi <abi/3.0>,
+
+include <tunables/global>
+
+profile kea-dhcp4 /usr/sbin/kea-dhcp4 {
+ include <abstractions/base>
+ include <abstractions/nameservice>
+
+ # for MySQL access, localhost
+ include <abstractions/mysql>
+ include <abstractions/openssl>
+
+ capability net_bind_service,
+ capability net_raw,
+
+ network inet dgram,
+ network inet stream,
+ network netlink raw,
+ network packet raw,
+
+ /etc/gss/mech.d/ r,
+ /etc/gss/mech.d/* r,
+
+ /etc/kea/ r,
+ /etc/kea/** r,
+ /usr/sbin/kea-dhcp4 mr,
+ /usr/sbin/kea-lfc Px,
+
+ owner /run/kea/kea-dhcp4.kea-dhcp4.pid w,
+ owner /run/lock/kea/logger_lockfile rwk,
+
+ # Control sockets
+ # Before LP: #1863100, these were in /tmp. For compatibility, let's keep both
+ # locations
+ owner /{tmp,run/kea}/kea4-ctrl-socket w,
+ owner /{tmp,run/kea}/kea4-ctrl-socket.lock rwk,
+
+ # this includes .completed, .output, .pid, .[0-9]
+ owner /var/lib/kea/kea-leases4.csv* rw,
+
+ owner /var/log/kea/kea-dhcp4.log rw,
+ owner /var/log/kea/kea-dhcp4.log.[0-9]* rw,
+ owner /var/log/kea/kea-dhcp4.log.lock rwk,
+}