This file is indexed.

/etc/apparmor.d/usr.sbin.rsyslogd is in rsyslog 8.16.0-1ubuntu3.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below.

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
# Last Modified: Sun Sep 25 08:58:35 2011
#include <tunables/global>

# Debugging the syslogger can be difficult if it can't write to the file
# that the kernel is logging denials to. In these cases, you can do the
# following:
# watch -n 1 'dmesg | tail -5'

/usr/sbin/rsyslogd {
  #include <abstractions/base>
  #include <abstractions/nameservice>

  capability sys_tty_config,
  capability dac_override,
  capability dac_read_search,
  capability setuid,
  capability setgid,
  capability sys_nice,
  capability syslog,

  unix (receive) type=dgram,
  unix (receive) type=stream,

  # rsyslog configuration
  /etc/rsyslog.conf r,
  /etc/rsyslog.d/ r,
  /etc/rsyslog.d/** r,
  /{,var/}run/rsyslogd.pid rwk,
  /var/spool/rsyslog/ r,
  /var/spool/rsyslog/** rwk,

  /usr/lib{,32,64}/rsyslog/*.so mr,

  /dev/tty*                     rw,
  /dev/xconsole                 rw,
  @{PROC}/kmsg                  r,

  /dev/log                      rwl,
  /{,var/}run/utmp              rk,
  /var/lib/*/dev/log            rwl,
  /var/spool/postfix/dev/log    rwl,
  /{,var/}run/systemd/notify    w,

  # 'r' is needed when using imfile
  /var/log/**                   rw,

  # Add these for mysql support
  #/etc/mysql/my.cnf r,
  #/{,var/}run/mysqld/mysqld.sock rw,

  # Add thes for postgresql support
  ##include <abstractions/openssl>
  ##include <abstractions/ssl_certs>
  #/{,var/}run/postgresql/.s.PGSQL.*[0-9] rw,

  # Site-specific additions and overrides. See local/README for details.
  #include <local/usr.sbin.rsyslogd>
}