AppArmor: Difference between revisions

Revision as of 05:37, 6 January 2021

AppArmor allows you to further shield your TeamSpeak instance from code based attacks. This is a SAMPLE profile and WILL need to eb changed so it works on your system. The profile is set to complain mode by default so you will need to enable it with the aa-enforce command to enable it.

# Last Modified: Thu Oct 22 19:18:38 2020
include <tunables/global>

vim:syntax=apparmor

AppArmor policy for ts3server

###AUTHOR###

###COPYRIGHT###

###COMMENT###

No template variables specified

/home/teamspeak/teamspeak3-server_linux-amd64/ts3server flags=(complain) {
#include <abstractions/base>
network inet dgram,
network inet stream,
network inet6 dgram,
network netlink raw,
/etc/hosts r,
owner /home/teamspeak/teamspeak3-server_linux-amd64/files/virtualserver_**/channel_**/ r,
owner /home/teamspeak/teamspeak3-server_linux-amd64/files/virtualserver_**/channel_**/* r,
owner /home/teamspeak/teamspeak3-server_linux-amd64/files/virtualserver_**/channel_**/* w,
owner /home/teamspeak/teamspeak3-server_linux-amd64/files/virtualserver_**/internal/ r,
owner /home/teamspeak/teamspeak3-server_linux-amd64/files/virtualserver_**/internal/avatar_** r,
owner /home/teamspeak/teamspeak3-server_linux-amd64/files/virtualserver_**/internal/avatar_** w,
owner /home/teamspeak/teamspeak3-server_linux-amd64/files/virtualserver_**/internal/icons/ r,
owner /home/teamspeak/teamspeak3-server_linux-amd64/files/virtualserver_**/internal/icons/icon_** r,
owner /home/teamspeak/teamspeak3-server_linux-amd64/.ts3server_license_accepted r,
owner /home/teamspeak/teamspeak3-server_linux-amd64/query_ip_blacklist.txt r,
owner /home/teamspeak/teamspeak3-server_linux-amd64/query_ip_whitelist.txt r,
owner /home/teamspeak/teamspeak3-server_linux-amd64/GeoLite2-Country.mmdb r,
owner /home/teamspeak/teamspeak3-server_linux-amd64/redist/libmariadb.so.2 r,
owner /home/teamspeak/teamspeak3-server_linux-amd64/libts3_ssh.so r,
owner /home/teamspeak/teamspeak3-server_linux-amd64/libts3db_mariadb.so r,
owner /home/teamspeak/teamspeak3-server_linux-amd64/libts3db_sqlite3.so r,
owner /home/teamspeak/teamspeak3-server_linux-amd64/ts3server.sqlitedb w,
owner /home/teamspeak/teamspeak3-server_linux-amd64/ts3server.sqlitedb-shm w,
owner /home/teamspeak/teamspeak3-server_linux-amd64/ts3server.sqlitedb-wal w,
owner /home/teamspeak/teamspeak3-server_linux-amd64/ssh_host_rsa_key w,
owner /home/teamspeak/teamspeak3-server_linux-amd64/ts3server.ini w,
owner /home/teamspeak/teamspeak3-server_linux-amd64/ts3server.pid w,
owner /home/teamspeak/teamspeak3-server_linux-amd64/licensekey.dat w,

@@ Line 1: / Line 1: @@
-AppArmor allows you to further shield your TeamSpeak instance from code based attacks. This is a SAMPLE profile and WILL need to eb changed so it works on your system.
+AppArmor allows you to further shield your TeamSpeak instance from code based attacks. This is a SAMPLE profile and WILL need to eb changed so it works on your system. The profile is set to complain mode by default so you will need to enable it with the aa-enforce command to enable it.
 <blockquote># Last Modified: Thu Oct 22 19:18:38 2020
 #include <tunables/global>
@@ Line 16: / Line 14: @@
 # No template variables specified
 /home/teamspeak/teamspeak3-server_linux-amd64/ts3server flags=(complain) {

AppArmor: Difference between revisions

Revision as of 05:37, 6 January 2021

Navigation menu

Search