File: //usr/share/apparmor/extra-profiles/usr.sbin.oidentd
# ------------------------------------------------------------------
#
#    Copyright (C) 2002-2005 Novell/SUSE
#
#    This program is free software; you can redistribute it and/or
#    modify it under the terms of version 2 of the GNU General Public
#    License published by the Free Software Foundation.
#
# ------------------------------------------------------------------
# vim:syntax=apparmor
abi <abi/3.0>,
include <tunables/global>
/usr/sbin/oidentd {
  include <abstractions/base>
  include <abstractions/nameservice>
  capability net_bind_service,
  capability dac_override,
  capability dac_read_search,
  /etc/oidentd.conf        r,
  /etc/oidentd_masq.conf   r,
  @{PROC}/net/tcp          r,
  @{PROC}/net/tcp6         r,
  # spoofing feature of oidentd
  @{HOME}/.ispoof          r,
  @{HOME}/.oidentd.conf    r,
}