diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-04 11:36:05 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-04 11:36:05 +0000 |
commit | cd4d062141cede71ee9cb0ed125e968b5a731a6f (patch) | |
tree | 160c2c662fb462d9301cbdf2fafd2df88bcefc66 /debian/usr.sbin.kea-dhcp4 | |
parent | Adding upstream version 2.2.0. (diff) | |
download | isc-kea-cd4d062141cede71ee9cb0ed125e968b5a731a6f.tar.xz isc-kea-cd4d062141cede71ee9cb0ed125e968b5a731a6f.zip |
Adding debian version 2.2.0-6.debian/2.2.0-6debian
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'debian/usr.sbin.kea-dhcp4')
-rw-r--r-- | debian/usr.sbin.kea-dhcp4 | 44 |
1 files changed, 44 insertions, 0 deletions
diff --git a/debian/usr.sbin.kea-dhcp4 b/debian/usr.sbin.kea-dhcp4 new file mode 100644 index 0000000..0572c21 --- /dev/null +++ b/debian/usr.sbin.kea-dhcp4 @@ -0,0 +1,44 @@ +abi <abi/3.0>, + +include <tunables/global> + +profile kea-dhcp4 /usr/sbin/kea-dhcp4 { + include <abstractions/base> + include <abstractions/nameservice> + + # for MySQL access, localhost + include <abstractions/mysql> + include <abstractions/openssl> + + capability net_bind_service, + capability net_raw, + + network inet dgram, + network inet stream, + network netlink raw, + network packet raw, + + /etc/gss/mech.d/ r, + /etc/gss/mech.d/* r, + + /etc/kea/ r, + /etc/kea/** r, + /usr/sbin/kea-dhcp4 mr, + /usr/sbin/kea-lfc Px, + + owner /run/kea/kea-dhcp4.kea-dhcp4.pid w, + owner /run/lock/kea/logger_lockfile rwk, + + # Control sockets + # Before LP: #1863100, these were in /tmp. For compatibility, let's keep both + # locations + owner /{tmp,run/kea}/kea4-ctrl-socket w, + owner /{tmp,run/kea}/kea4-ctrl-socket.lock rwk, + + # this includes .completed, .output, .pid, .[0-9] + owner /var/lib/kea/kea-leases4.csv* rw, + + owner /var/log/kea/kea-dhcp4.log rw, + owner /var/log/kea/kea-dhcp4.log.[0-9]* rw, + owner /var/log/kea/kea-dhcp4.log.lock rwk, +} |