| Apache/2.4.7 (Ubuntu) Linux sman1baleendah 3.13.0-24-generic #46-Ubuntu SMP Thu Apr 10 19:11:08 UTC 2014 x86_64 uid=33(www-data) gid=33(www-data) groups=33(www-data) safemode : OFF MySQL: ON | Perl: ON | cURL: OFF | WGet: ON > / etc / apparmor.d / abstractions / | server ip : 172.67.156.115 your ip : 172.70.179.94 H O M E |
| Filename | /etc/apparmor.d/abstractions/nameservice |
| Size | 2.65 kb |
| Permission | rw-r--r-- |
| Owner | root : root |
| Create time | 27-Apr-2025 09:56 |
| Last modified | 04-Apr-2014 14:27 |
| Last accessed | 05-Jul-2025 11:25 |
| Actions | edit | rename | delete | download (gzip) |
| View | text | code | image |
# ------------------------------------------------------------------
#
# Copyright (C) 2002-2009 Novell/SUSE
# Copyright (C) 2009-2011 Canonical Ltd.
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of version 2 of the GNU General Public
# License published by the Free Software Foundation.
#
# ------------------------------------------------------------------
# Many programs wish to perform nameservice-like operations, such as
# looking up users by name or id, groups by name or id, hosts by name
# or IP, etc. These operations may be performed through files, dns,
# NIS, NIS+, LDAP, hesiod, wins, etc. Allow them all here.
/etc/group r,
/etc/host.conf r,
/etc/hosts r,
/etc/nsswitch.conf r,
/etc/gai.conf r,
/etc/passwd r,
/etc/protocols r,
# When using sssd, the passwd and group files are stored in an alternate path
# and the nss plugin also needs to talk to a pipe
/var/lib/sss/mc/group r,
/var/lib/sss/mc/passwd r,
/var/lib/sss/pipes/nss rw,
/etc/resolv.conf r,
# on systems using resolvconf, /etc/resolv.conf is a symlink to
# /{,var/}run/resolvconf/resolv.conf and a file sometimes referenced in
# /etc/resolvconf/run/resolv.conf
/{,var/}run/resolvconf/resolv.conf r,
/etc/resolvconf/run/resolv.conf r,
/etc/samba/lmhosts r,
/etc/services r,
# db backend
/var/lib/misc/*.db r,
# The Name Service Cache Daemon can cache lookups, sometimes leading
# to vast speed increases when working with network-based lookups.
/{,var/}run/.nscd_socket rw,
/{,var/}run/nscd/socket rw,
/var/{db,cache,run}/nscd/{passwd,group,services,host} r,
# nscd renames and unlinks files in it's operation that clients will
# have open
/{,var/}run/nscd/db* rmix,
# The nss libraries are sometimes used in addition to PAM; make sure
# they are available
/lib{,32,64}/libnss_*.so* mr,
/usr/lib{,32,64}/libnss_*.so* mr,
/lib/@{multiarch}/libnss_*.so* mr,
/usr/lib/@{multiarch}/libnss_*.so* mr,
/etc/default/nss r,
# avahi-daemon is used for mdns4 resolution
/{,var/}run/avahi-daemon/socket rw,
# nis
#include <abstractions/nis>
# ldap
#include <abstractions/ldapclient>
# winbind
#include <abstractions/winbind>
# likewise
#include <abstractions/likewise>
# mdnsd
#include <abstractions/mdns>
# kerberos
#include <abstractions/kerberosclient>
# TCP/UDP network access
network inet stream,
network inet6 stream,
network inet dgram,
network inet6 dgram,
# interface details
@{PROC}/@{pid}/net/route r,
#
# Copyright (C) 2002-2009 Novell/SUSE
# Copyright (C) 2009-2011 Canonical Ltd.
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of version 2 of the GNU General Public
# License published by the Free Software Foundation.
#
# ------------------------------------------------------------------
# Many programs wish to perform nameservice-like operations, such as
# looking up users by name or id, groups by name or id, hosts by name
# or IP, etc. These operations may be performed through files, dns,
# NIS, NIS+, LDAP, hesiod, wins, etc. Allow them all here.
/etc/group r,
/etc/host.conf r,
/etc/hosts r,
/etc/nsswitch.conf r,
/etc/gai.conf r,
/etc/passwd r,
/etc/protocols r,
# When using sssd, the passwd and group files are stored in an alternate path
# and the nss plugin also needs to talk to a pipe
/var/lib/sss/mc/group r,
/var/lib/sss/mc/passwd r,
/var/lib/sss/pipes/nss rw,
/etc/resolv.conf r,
# on systems using resolvconf, /etc/resolv.conf is a symlink to
# /{,var/}run/resolvconf/resolv.conf and a file sometimes referenced in
# /etc/resolvconf/run/resolv.conf
/{,var/}run/resolvconf/resolv.conf r,
/etc/resolvconf/run/resolv.conf r,
/etc/samba/lmhosts r,
/etc/services r,
# db backend
/var/lib/misc/*.db r,
# The Name Service Cache Daemon can cache lookups, sometimes leading
# to vast speed increases when working with network-based lookups.
/{,var/}run/.nscd_socket rw,
/{,var/}run/nscd/socket rw,
/var/{db,cache,run}/nscd/{passwd,group,services,host} r,
# nscd renames and unlinks files in it's operation that clients will
# have open
/{,var/}run/nscd/db* rmix,
# The nss libraries are sometimes used in addition to PAM; make sure
# they are available
/lib{,32,64}/libnss_*.so* mr,
/usr/lib{,32,64}/libnss_*.so* mr,
/lib/@{multiarch}/libnss_*.so* mr,
/usr/lib/@{multiarch}/libnss_*.so* mr,
/etc/default/nss r,
# avahi-daemon is used for mdns4 resolution
/{,var/}run/avahi-daemon/socket rw,
# nis
#include <abstractions/nis>
# ldap
#include <abstractions/ldapclient>
# winbind
#include <abstractions/winbind>
# likewise
#include <abstractions/likewise>
# mdnsd
#include <abstractions/mdns>
# kerberos
#include <abstractions/kerberosclient>
# TCP/UDP network access
network inet stream,
network inet6 stream,
network inet dgram,
network inet6 dgram,
# interface details
@{PROC}/@{pid}/net/route r,