summaryrefslogtreecommitdiffstats
path: root/config/chroot_local-patches/apparmor-adjust-tor-profile.diff
blob: 64d3e1c722994c4155180873cfa0276db418965e (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
XXX: renaming the profile should not be needed on Stretch anymore,
since tor@default.service loads the profile correctly itself there
(and actually, renaming the profile as this patch does may prevent
the service from starting at all).

--- a/etc/apparmor.d/system_tor	2015-06-04 12:28:12.243020484 +0000
+++ b/etc/apparmor.d/system_tor	2015-06-04 12:29:32.580249731 +0000
@@ -1,9 +1,12 @@
 # vim:syntax=apparmor
 #include <tunables/global>
 
-profile system_tor flags=(attach_disconnected) {
+/usr/bin/tor flags=(attach_disconnected) {
   #include <abstractions/tor>
 
+  link /etc/tor/.wh.torrc -> /.wh..wh.aufs,
+  /etc/tor/* w,
+
   owner /var/lib/tor/** rwk,
   owner /var/log/tor/* w,