network ,
network inet ,
network inet6 ,
network inet stream ,
network inet tcp ,
network tcp ,
Allow all networking. No restrictions applied with regards to domain, type, or
protocol.
Allow general use of IPv4 networking.
Allow general use of IPv6 networking.
Allow the use of IPv4 TCP networking.
Allow the use of IPv4 TCP networking, paraphrasing the rule above.
Allow the use of both IPv4 and IPv6 TCP networking.
21.6 Paths and Globbing
AppArmor explicitly distinguishes directory path names from file path names. Use a
trailing / for any directory path that needs to be explicitly distinguished:
/some/random/example/* r
Allow read access to files in the /some/random/example directory.
/some/random/example/ r
Allow read access to the directory only.
/some/**/ r
Give read access to any directories below /some.
/some/random/example/** r
Give read access to files and directories under /some/random/example.
/some/random/example/**[^/] r
Give read access to files under /some/random/example. Explicitly exclude
directories ([^/]).
206
Security Guide