/usr/share/doc/apparmor-profiles/extras/usr.sbin.cupsd is in apparmor-profiles 2.8.95~2430-0ubuntu5.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 | # Last Modified: Sun Sep 16 18:11:15 2007
#include <tunables/global>
/usr/sbin/cupsd {
#include <abstractions/base>
#include <abstractions/bash>
#include <abstractions/dbus>
#include <abstractions/nameservice>
#include <abstractions/perl>
capability chown,
capability dac_override,
capability fowner,
capability fsetid,
capability net_bind_service,
capability setgid,
capability setuid,
/bin/bash ixr,
/bin/cat ix,
/usr/bin/foomatic-rip ixr,
/etc/foomatic/** r,
/usr/bin/gs ix,
/usr/lib/ghostscript/** m,
/usr/lib64/ghostscript/** m,
/usr/share/ghostscript/** r,
/etc/ghostscript/** r,
/dev/lp0 rw,
/dev/tty rw,
/dev/ttyS? w,
/etc/cups rw,
/etc/cups/ r,
/etc/cups/** r,
/etc/cups/certs w,
/etc/cups/certs/* w,
/etc/cups/*.conf* rw,
/etc/cups/ppd rw,
/etc/printcap rw,
/etc/cups/printcap rw,
/etc/cups/ssl rw,
/etc/cups/yes/* rw,
/etc/hosts.allow r,
/etc/hosts.deny r,
@{PROC}/meminfo r,
@{PROC}/sys/dev/parport/** r,
/sys/class/usb r,
/usr/bin/perl ix,
/usr/bin/smbspool ixr,
/usr/lib/cups/backend/* ixr,
/usr/lib/cups/filter/* ixr,
/usr/sbin/cupsd mixr,
/usr/share/cups/** r,
/var/log/cups/access_log rw,
/var/log/cups/error_log rw,
/var/spool/cups rw,
/var/spool/cups/** rw,
/var/spool/cups/tmp w,
/var/spool/cups/tmp/ r,
/{,var/}run/cups/ rw,
/{,var/}run/cups/** rw,
/var/cache/cups/ rw,
/var/cache/cups/** rw,
}
|