]>
Commit | Line | Data |
---|---|---|
198b363f | 1 | # generated by: lxc-generate-aa-rules.py container-rules.base |
94a77f3f SH |
2 | deny /proc/sys/[^kn]*{,/**} wklx, |
3 | deny /proc/sys/k[^e]*{,/**} wklx, | |
4 | deny /proc/sys/ke[^r]*{,/**} wklx, | |
5 | deny /proc/sys/ker[^n]*{,/**} wklx, | |
6 | deny /proc/sys/kern[^e]*{,/**} wklx, | |
7 | deny /proc/sys/kerne[^l]*{,/**} wklx, | |
773bd282 | 8 | deny /proc/sys/kernel/[^smhd]*{,/**} wklx, |
94a77f3f SH |
9 | deny /proc/sys/kernel/d[^o]*{,/**} wklx, |
10 | deny /proc/sys/kernel/do[^m]*{,/**} wklx, | |
11 | deny /proc/sys/kernel/dom[^a]*{,/**} wklx, | |
12 | deny /proc/sys/kernel/doma[^i]*{,/**} wklx, | |
13 | deny /proc/sys/kernel/domai[^n]*{,/**} wklx, | |
14 | deny /proc/sys/kernel/domain[^n]*{,/**} wklx, | |
15 | deny /proc/sys/kernel/domainn[^a]*{,/**} wklx, | |
16 | deny /proc/sys/kernel/domainna[^m]*{,/**} wklx, | |
17 | deny /proc/sys/kernel/domainnam[^e]*{,/**} wklx, | |
18 | deny /proc/sys/kernel/domainname?*{,/**} wklx, | |
19 | deny /proc/sys/kernel/h[^o]*{,/**} wklx, | |
20 | deny /proc/sys/kernel/ho[^s]*{,/**} wklx, | |
21 | deny /proc/sys/kernel/hos[^t]*{,/**} wklx, | |
22 | deny /proc/sys/kernel/host[^n]*{,/**} wklx, | |
23 | deny /proc/sys/kernel/hostn[^a]*{,/**} wklx, | |
24 | deny /proc/sys/kernel/hostna[^m]*{,/**} wklx, | |
25 | deny /proc/sys/kernel/hostnam[^e]*{,/**} wklx, | |
26 | deny /proc/sys/kernel/hostname?*{,/**} wklx, | |
773bd282 SH |
27 | deny /proc/sys/kernel/m[^s]*{,/**} wklx, |
28 | deny /proc/sys/kernel/ms[^g]*{,/**} wklx, | |
29 | deny /proc/sys/kernel/msg*/** wklx, | |
30 | deny /proc/sys/kernel/s[^he]*{,/**} wklx, | |
31 | deny /proc/sys/kernel/se[^m]*{,/**} wklx, | |
32 | deny /proc/sys/kernel/sem*/** wklx, | |
198b363f SH |
33 | deny /proc/sys/kernel/sh[^m]*{,/**} wklx, |
34 | deny /proc/sys/kernel/shm*/** wklx, | |
94a77f3f SH |
35 | deny /proc/sys/kernel?*{,/**} wklx, |
36 | deny /proc/sys/n[^e]*{,/**} wklx, | |
37 | deny /proc/sys/ne[^t]*{,/**} wklx, | |
38 | deny /proc/sys/net?*{,/**} wklx, | |
198b363f SH |
39 | deny /sys/[^fdc]*{,/**} wklx, |
40 | deny /sys/c[^l]*{,/**} wklx, | |
41 | deny /sys/cl[^a]*{,/**} wklx, | |
42 | deny /sys/cla[^s]*{,/**} wklx, | |
43 | deny /sys/clas[^s]*{,/**} wklx, | |
44 | deny /sys/class/[^n]*{,/**} wklx, | |
45 | deny /sys/class/n[^e]*{,/**} wklx, | |
46 | deny /sys/class/ne[^t]*{,/**} wklx, | |
47 | deny /sys/class/net?*{,/**} wklx, | |
48 | deny /sys/class?*{,/**} wklx, | |
49 | deny /sys/d[^e]*{,/**} wklx, | |
50 | deny /sys/de[^v]*{,/**} wklx, | |
51 | deny /sys/dev[^i]*{,/**} wklx, | |
52 | deny /sys/devi[^c]*{,/**} wklx, | |
53 | deny /sys/devic[^e]*{,/**} wklx, | |
54 | deny /sys/device[^s]*{,/**} wklx, | |
55 | deny /sys/devices/[^v]*{,/**} wklx, | |
56 | deny /sys/devices/v[^i]*{,/**} wklx, | |
57 | deny /sys/devices/vi[^r]*{,/**} wklx, | |
58 | deny /sys/devices/vir[^t]*{,/**} wklx, | |
59 | deny /sys/devices/virt[^u]*{,/**} wklx, | |
60 | deny /sys/devices/virtu[^a]*{,/**} wklx, | |
61 | deny /sys/devices/virtua[^l]*{,/**} wklx, | |
62 | deny /sys/devices/virtual/[^n]*{,/**} wklx, | |
63 | deny /sys/devices/virtual/n[^e]*{,/**} wklx, | |
64 | deny /sys/devices/virtual/ne[^t]*{,/**} wklx, | |
65 | deny /sys/devices/virtual/net?*{,/**} wklx, | |
66 | deny /sys/devices/virtual?*{,/**} wklx, | |
67 | deny /sys/devices?*{,/**} wklx, | |
68 | deny /sys/f[^s]*{,/**} wklx, | |
69 | deny /sys/fs/[^c]*{,/**} wklx, | |
70 | deny /sys/fs/c[^g]*{,/**} wklx, | |
71 | deny /sys/fs/cg[^r]*{,/**} wklx, | |
72 | deny /sys/fs/cgr[^o]*{,/**} wklx, | |
73 | deny /sys/fs/cgro[^u]*{,/**} wklx, | |
74 | deny /sys/fs/cgrou[^p]*{,/**} wklx, | |
75 | deny /sys/fs/cgroup?*{,/**} wklx, | |
76 | deny /sys/fs?*{,/**} wklx, |