/etc/apparmor.d/usr.sbin.rsyslogd is in rsyslog 8.16.0-1ubuntu3.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 | # Last Modified: Sun Sep 25 08:58:35 2011
#include <tunables/global>
# Debugging the syslogger can be difficult if it can't write to the file
# that the kernel is logging denials to. In these cases, you can do the
# following:
# watch -n 1 'dmesg | tail -5'
/usr/sbin/rsyslogd {
#include <abstractions/base>
#include <abstractions/nameservice>
capability sys_tty_config,
capability dac_override,
capability dac_read_search,
capability setuid,
capability setgid,
capability sys_nice,
capability syslog,
unix (receive) type=dgram,
unix (receive) type=stream,
# rsyslog configuration
/etc/rsyslog.conf r,
/etc/rsyslog.d/ r,
/etc/rsyslog.d/** r,
/{,var/}run/rsyslogd.pid rwk,
/var/spool/rsyslog/ r,
/var/spool/rsyslog/** rwk,
/usr/lib{,32,64}/rsyslog/*.so mr,
/dev/tty* rw,
/dev/xconsole rw,
@{PROC}/kmsg r,
/dev/log rwl,
/{,var/}run/utmp rk,
/var/lib/*/dev/log rwl,
/var/spool/postfix/dev/log rwl,
/{,var/}run/systemd/notify w,
# 'r' is needed when using imfile
/var/log/** rw,
# Add these for mysql support
#/etc/mysql/my.cnf r,
#/{,var/}run/mysqld/mysqld.sock rw,
# Add thes for postgresql support
##include <abstractions/openssl>
##include <abstractions/ssl_certs>
#/{,var/}run/postgresql/.s.PGSQL.*[0-9] rw,
# Site-specific additions and overrides. See local/README for details.
#include <local/usr.sbin.rsyslogd>
}
|