# _________________________________________ # / Copy this file to the right location \ # | then load with: | # | | # | apparmor_parser -r -W | # | /etc/apparmor.d/docker-i2pd | # | | # | docker run --security-opt | # | "apparmor=docker-i2pd" ... | # | purplei2p/i2pd | # | | # \ And "aa-status" to verify it's loaded. / # ----------------------------------------- # \ ^__^ # \ (oo)\_______ # (__)\ )\/\ # ||----w | # || || #include <tunables/global> profile docker-i2pd flags=(attach_disconnected,mediate_deleted) { #include <abstractions/base> #include <abstractions/openssl> #include <abstractions/nameservice> /bin/busybox ix, /usr/local/bin/i2pd ix, /entrypoint.sh ixr, /i2pd_certificates/** r, /home/i2pd/data/** rw, /home/i2pd/data/i2pd.pid k, deny /home/i2pd/data/i2pd.conf w, deny /home/i2pd/data/tunnels.conf w, deny /home/i2pd/data/tunnels.d/** w, deny /home/i2pd/data/certificates/** w, deny /home/i2pd/data/i2pd.log r, }