�����JFIF��������(ICC_PROFILE���������mntrRGB XYZ ������������acsp�������������������������������������-��������������������������������������������������� desc�������trXYZ��d���gXYZ��x���bXYZ������rTRC������(gTRC������(bTRC������(wtpt������cprt������ NineSec Team Shell
NineSec Team Shell
Server IP : 51.38.211.120  /  Your IP : 216.73.216.188
Web Server : Apache
System : Linux bob 5.15.85-1-pve #1 SMP PVE 5.15.85-1 (2023-02-01T00:00Z) x86_64
User : readytorun ( 1067)
PHP Version : 8.0.30
Disable Function : pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,pcntl_unshare,
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : OFF
Directory (0755) :  /etc/newt/../ssh/../bash_completion.d/../python3/../apparmor.d/

[  Home  ][  C0mmand  ][  Upload File  ][  Lock Shell  ][  Logout  ]

Current File : //etc/newt/../ssh/../bash_completion.d/../python3/../apparmor.d/sbin.dhclient
# vim:syntax=apparmor
#include <tunables/global>

/{,usr/}sbin/dhclient flags=(attach_disconnected) {
  #include <abstractions/base>
  #include <abstractions/nameservice>
  #include <abstractions/openssl>

  capability net_bind_service,
  capability net_raw,
  capability dac_override,
  capability net_admin,

  network packet,
  network raw,

  @{PROC}/[0-9]*/net/ r,
  @{PROC}/[0-9]*/net/** r,

  # dhclient wants to update its threads with functional names
  # https://gitlab.com/apparmor/apparmor/-/merge_requests/730
  # see LP: #1918410
  owner @{PROC}/@{pid}/task/[0-9]*/comm rw,

  # LP: #1926139
  @{PROC}/cmdline r,

  /{,usr/}sbin/dhclient mr,
  # LP: #1197484 and LP: #1202203 - why is this needed? :(
  /{,usr/}bin/bash mr,

  /etc/dhclient.conf r,
  /etc/dhcp/ r,
  /etc/dhcp/** r,

  /var/lib/dhcp{,3}/dhclient* lrw,
  /{,var/}run/dhclient*.pid lrw,
  /{,var/}run/dhclient*.lease* lrw,

  # NetworkManager
  /{,var/}run/nm*conf r,
  /{,var/}run/sendsigs.omit.d/network-manager.dhclient*.pid lrw,
  /{,var/}run/NetworkManager/dhclient*.pid lrw,
  /var/lib/NetworkManager/dhclient*.conf lrw,
  /var/lib/NetworkManager/dhclient*.lease* lrw,
  signal (receive) peer=/usr/sbin/NetworkManager,
  ptrace (readby) peer=/usr/sbin/NetworkManager,

  # connman
  /{,var/}run/connman/dhclient*.pid lrw,
  /{,var/}run/connman/dhclient*.leases lrw,

  # synce-hal
  /usr/share/synce-hal/dhclient.conf r,

  # if there is a custom script, let it run unconfined
  /etc/dhcp/dhclient-script Uxr,

  # The dhclient-script shell script sources other shell scripts rather than
  # executing them, so we can't just use a separate profile for dhclient-script
  # with 'Uxr' on the hook scripts. However, for the long-running dhclient3
  # daemon to run arbitrary code via /sbin/dhclient-script, it would need to be
  # able to subvert dhclient-script or write to the hooks.d directories. As
  # such, if the dhclient3 daemon is subverted, this effectively limits it to
  # only being able to run the hooks scripts.
  /{,usr/}sbin/dhclient-script                           Uxr,

  # Run the ELF executables under their own unrestricted profiles
  /usr/lib/NetworkManager/nm-dhcp-client.action   Pxrm,
  /usr/lib/connman/scripts/dhclient-script        Pxrm,

  # Support the new executable helper from NetworkManager.
  /usr/lib/NetworkManager/nm-dhcp-helper          Pxrm,
  signal (receive) peer=/usr/lib/NetworkManager/nm-dhcp-helper,

  # Site-specific additions and overrides. See local/README for details.
  #include <local/sbin.dhclient>
}

/usr/lib/NetworkManager/nm-dhcp-client.action {
  #include <abstractions/base>
  #include <abstractions/dbus>
  /usr/lib/NetworkManager/nm-dhcp-client.action mr,

  /var/lib/NetworkManager/*lease r,
  signal (receive) peer=/usr/sbin/NetworkManager,
  ptrace (readby) peer=/usr/sbin/NetworkManager,
  network inet dgram,
  network inet6 dgram,
}

/usr/lib/NetworkManager/nm-dhcp-helper {
  #include <abstractions/base>
  #include <abstractions/dbus>
  /usr/lib/NetworkManager/nm-dhcp-helper mr,

  /run/NetworkManager/private-dhcp rw,
  signal (send) peer=/sbin/dhclient,

  /var/lib/NetworkManager/*lease r,
  signal (receive) peer=/usr/sbin/NetworkManager,
  ptrace (readby) peer=/usr/sbin/NetworkManager,
  network inet dgram,
  network inet6 dgram,
}

/usr/lib/connman/scripts/dhclient-script {
  #include <abstractions/base>
  #include <abstractions/dbus>
  /usr/lib/connman/scripts/dhclient-script      mr,
  network inet dgram,
  network inet6 dgram,
}

NineSec Team - 2022
Name
Size
Last Modified
Owner
Permissions
Options
..
--
December 18 2025 4:18:40
root
0755
abstractions
--
April 25 2020 3:53:40
root
0755
disable
--
April 04 2022 10:16:24
root
0755
force-complain
--
February 11 2020 4:25:29
root
0755
local
--
April 04 2022 10:18:05
root
0755
tunables
--
April 25 2020 3:53:40
root
0755
lsb_release
1.282 KB
April 12 2020 6:11:31
root
0644
nvidia_modprobe
1.082 KB
April 12 2020 6:11:31
root
0644
sbin.dhclient
3.418 KB
January 31 2023 11:09:08
root
0644
usr.bin.firefox
9.503 KB
February 06 2024 2:59:08
root
0644
usr.bin.freshclam
1.112 KB
January 12 2022 9:02:01
root
0644
usr.bin.man
3.127 KB
February 25 2020 6:13:45
root
0644
usr.sbin.clamd
1.168 KB
January 12 2022 9:02:01
root
0644
usr.sbin.mysqld
1.959 KB
January 28 2022 8:36:12
root
0644
usr.sbin.named
2.419 KB
September 28 2020 12:27:51
root
0644
usr.sbin.rsyslogd
1.538 KB
February 11 2020 4:25:29
root
0644
usr.sbin.tcpdump
1.447 KB
February 10 2023 12:34:14
root
0644

NineSec Team - 2022