mirror of
https://github.com/yggdrasil-network/yggdrasil-go.git
synced 2025-11-03 10:45:09 +03:00
709ea6976c
The apparmor profile in it's current state won't allow resolving hostnames. We need `<abstractions/nameservice>` because we simply can't just allow `/etc/resolv.conf`. This is because systemd-resolved, resolvconf, and others rely on symbolic links to `/etc/resolv.conf` which would make this extremely complicated. `<abstractions/nameservice>` deals with this complexity to allow every single one of those packages (systemd-resolved, resolvconf, ... ). ``` network inet stream, network inet dgram, network inet6 dgram, network inet6 stream, network netlink raw, ``` was removed because it's already included in `<abstractions/nameservice>`. Some permissions that are no longer needed in newer yggdrasil versions were also removed. `owner /sys/kernel/mm/transparent_hugepage/hpage_pmd_size r,` was changed to `/sys/kernel/mm/transparent_hugepage/hpage_pmd_size r,` because there is no guarantee that yggdrasil will always be run as root. (`owner` makes sure that the process's user and the file have the same owner, in that case, root. This might not always be the case so `owner` was removed) |
||
|---|---|---|
| .. | ||
| ansible | ||
| apparmor | ||
| busybox-init | ||
| deb | ||
| docker | ||
| freebsd | ||
| logo | ||
| macos | ||
| msi | ||
| openrc | ||
| semver | ||
| systemd | ||
| yggdrasil-brute-simple | ||