Linux webserver 6.8.0-49-generic #49~22.04.1-Ubuntu SMP PREEMPT_DYNAMIC Wed Nov 6 17:42:15 UTC 2 x86_64
Apache/2.4.52 (Ubuntu)
Server IP : 192.168.1.1 & Your IP : 18.191.11.237
Domains :
Cant Read [ /etc/named.conf ]
User : www-data
Terminal
Auto Root
Create File
Create Folder
Localroot Suggester
Backdoor Destroyer
Readme
/
etc /
apparmor.d /
Delete
Unzip
Name
Size
Permission
Date
Action
abi
[ DIR ]
drwxr-xr-x
2024-09-18 19:49
abstractions
[ DIR ]
drwxr-xr-x
2024-09-18 19:49
disable
[ DIR ]
drwxr-xr-x
2024-02-16 18:50
force-complain
[ DIR ]
drwxr-xr-x
2023-06-05 18:58
local
[ DIR ]
drwxr-xr-x
2024-09-18 19:49
tunables
[ DIR ]
drwxr-xr-x
2024-09-18 19:49
lsb_release
1.31
KB
-rw-r--r--
2023-06-05 18:58
nvidia_modprobe
1.16
KB
-rw-r--r--
2023-06-05 18:58
sbin.dhclient
3.42
KB
-rw-r--r--
2023-01-31 19:07
ubuntu_pro_apt_news
1.7
KB
-rw-r--r--
2024-07-18 15:20
ubuntu_pro_esm_cache
6.71
KB
-rw-r--r--
2024-07-18 15:20
usr.bin.man
3.37
KB
-rw-r--r--
2022-03-17 19:03
usr.bin.tcpdump
1.65
KB
-rw-r--r--
2024-02-08 13:21
usr.lib.snapd.snap-confine.real
28.76
KB
-rw-r--r--
2024-07-26 02:57
usr.sbin.mysqld
1.96
KB
-rw-r--r--
2024-01-17 20:13
usr.sbin.rsyslogd
1.55
KB
-rw-r--r--
2021-11-16 09:31
Save
Rename
abi <abi/3.0>, include <tunables/global> # attach_disconnected is needed in all profiles defined here because this # service runs with systemd's PrivateTmp=true profile ubuntu_pro_esm_cache flags=(attach_disconnected) { include <abstractions/base> include <abstractions/nameservice> include <abstractions/openssl> include <abstractions/python> include <abstractions/user-tmp> capability chown, capability dac_override, capability dac_read_search, capability fowner, capability kill, capability setgid, capability setuid, signal send set=int peer=ubuntu_pro_esm_cache//apt_methods, signal send set=int peer=ubuntu_pro_esm_cache//apt_methods_gpgv, /etc/apt/** r, /etc/machine-id r, /etc/ubuntu-advantage/uaclient.conf r, # GH: #3109 # Allow reading the os-release file (possibly a symlink to /usr/lib). /{etc/,usr/lib/,lib/}os-release r, /run/ubuntu-advantage/ rw, /run/ubuntu-advantage/** rw, /run/systemd/container/ r, /run/systemd/container/** r, /{,usr/}bin/apt mrix, /{,usr/}bin/apt-cache mrix, /{,usr/}bin/ischroot mrix, /{,usr/}bin/python3.{1,}[0-9] mrix, # LP: #2067319 /{,usr/}bin/uname mrix, /{,usr/}bin/cloud-id Cx -> cloud_id, # LP: #2067319 /{,usr/}bin/ps Cx -> ps, /{,usr/}bin/systemd-detect-virt Px -> ubuntu_pro_esm_cache_systemd_detect_virt, /{,usr/}bin/dpkg Cx -> dpkg, /{,usr/}bin/ubuntu-distro-info Cx -> ubuntu_distro_info, /{,usr/}lib/apt/methods/gpgv Cx -> apt_methods_gpgv, /{,usr/}lib/apt/methods/http Cx -> apt_methods, /{,usr/}lib/apt/methods/https Cx -> apt_methods, /{,usr/}lib/apt/methods/store Cx -> apt_methods, # when there is no status.json cached, esm-cache.service will invoke "snap status" /{,usr/}bin/snap PUx, /usr/share/dpkg/** r, /usr/share/keyrings/* r, /var/cache/apt/** rw, /var/lib/apt/** r, /var/lib/dpkg/** r, /var/lib/ubuntu-advantage/** rwk, /var/log/ubuntu-advantage.log rw, @{PROC}/@{pid}/fd/ r, @{PROC}/1/cgroup r, @{PROC}/version_signature r, @{PROC}/@{pid}/mountinfo r, @{PROC}/@{pid}/status r, @{PROC}/@{pid}/stat r, @{PROC}/sys/kernel/osrelease r, profile ps flags=(attach_disconnected) { include <abstractions/base> include <abstractions/nameservice> capability sys_ptrace, # GH: #3079 capability dac_read_search, capability dac_override, # GH: #3119 ptrace (read,trace), # LP: #2067319 /{,usr/}bin/ps mrix, /dev/tty r, @{PROC}/ r, @{PROC}/@{pid}/** r, @{PROC}/uptime r, @{PROC}/sys/kernel/** r, # GH: #3079 @{PROC}/tty/drivers r, /sys/devices/system/node/ r, /sys/devices/system/node/** r, } profile cloud_id flags=(attach_disconnected) { include <abstractions/base> include <abstractions/nameservice> include <abstractions/python> ptrace read peer=unconfined, /etc/cloud/** r, /etc/apt/** r, /etc/apport/** r, /etc/ssl/openssl.cnf r, @{PROC}/@{pid}/fd/ r, @{PROC}/cmdline r, @{PROC}/1/environ r, @{PROC}/1/cmdline r, @{PROC}/@{pid}/status r, /run/cloud-init/** r, /{,usr/}bin/ r, /{,usr/}bin/cloud-id r, /{,usr/}bin/python3.{1,}[0-9] mrix, # LP: #2067319 /{,usr/}bin/uname mrix, /usr/share/dpkg/** r, # workarounds for # https://gitlab.com/apparmor/apparmor/-/issues/346 # LP: #2067319 /{,usr/}bin/systemctl Px -> ubuntu_pro_esm_cache_systemctl, /{,usr/}bin/systemd-detect-virt Px -> ubuntu_pro_esm_cache_systemd_detect_virt, /var/lib/cloud/** r, } profile dpkg flags=(attach_disconnected) { include <abstractions/base> capability setgid, /etc/dpkg/** r, /{,usr/}bin/dpkg mr, # LP: #2067810 /var/lib/dpkg/** r, } profile ubuntu_distro_info flags=(attach_disconnected) { include <abstractions/base> /{,usr/}bin/ubuntu-distro-info mr, /usr/share/distro-info/** r, } profile apt_methods flags=(attach_disconnected) { include <abstractions/base> include <abstractions/nameservice> include <abstractions/ssl_certs> include <abstractions/user-tmp> capability setgid, capability setuid, network inet stream, network inet6 stream, signal receive set=int peer=ubuntu_pro_esm_cache, / r, /etc/dpkg/** r, /{,usr/}lib/apt/methods/gpgv mr, /{,usr/}lib/apt/methods/http mr, /{,usr/}lib/apt/methods/https mr, /{,usr/}lib/apt/methods/store mr, /usr/share/dpkg/** r, # LP: #2067810 /var/lib/dpkg/** r, /var/lib/ubuntu-advantage/apt-esm/** rwk, @{PROC}/@{pid}/cgroup r, @{PROC}/@{pid}/fd/ r, } profile apt_methods_gpgv flags=(attach_disconnected) { include <abstractions/base> include <abstractions/nameservice> include <abstractions/ssl_certs> include <abstractions/user-tmp> capability setgid, capability setuid, signal receive set=int peer=ubuntu_pro_esm_cache, / r, /etc/dpkg/** r, # there are just too many shell script tools that are called, like head, # tail, cut, sed, etc /{,usr/}bin/* mrix, /{,usr/}lib/apt/methods/gpgv mr, /usr/share/dpkg/** r, /usr/share/keyrings/* r, /var/lib/ubuntu-advantage/apt-esm/** r, @{PROC}/@{pid}/fd/ r, # apt-config command needs these # Note: observed only in xenial tests, but makes sense for all releases /etc/apt/** r, /var/lib/apt/** r, # LP: #2067810 /var/lib/dpkg/** r, } # Site-specific additions and overrides. See local/README for details. #include <local/ubuntu_pro_esm_cache> } # these profiles were initially subprofiles of cloud-id, but: # a) that crashes the kernel # https://gitlab.com/apparmor/apparmor/-/issues/346 # b) <= bionic doesn't like the // or - chars in profile names # https://gitlab.com/apparmor/apparmor/-/commit/99755daafb8cfde4df542b66f656597a482129ac profile ubuntu_pro_esm_cache_systemctl flags=(attach_disconnected) { include <abstractions/base> capability net_admin, capability sys_ptrace, ptrace read peer=unconfined, # LP: #2067319 /{,usr/}bin/systemctl mr, /run/systemd/private rw, /run/systemd/** r, @{PROC}/cmdline r, # GH: #3119 @{PROC}/1/* r, @{PROC}/@{pid}/stat r, @{PROC}/sys/kernel/osrelease r, # GH: 3119 /sys/firmware/efi/efivars/** r, } profile ubuntu_pro_esm_cache_systemd_detect_virt flags=(attach_disconnected) { include <abstractions/base> capability sys_ptrace, ptrace read peer=unconfined, /{,usr/}bin/systemd-detect-virt mr, /run/systemd/** r, /sys/devices/virtual/** r, # GH: #3119 /sys/firmware/efi/efivars/** r, @{PROC}/@{pid}/status r, @{PROC}/@{pid}/stat r, @{PROC}/1/environ r, @{PROC}/1/sched r, @{PROC}/cmdline r, @{PROC}/1/cmdline r, @{PROC}/sys/kernel/osrelease r, }