From 193260d57ddfa84a1453604525c67614d8fef2fc Mon Sep 17 00:00:00 2001 From: Hans Karlinius Date: Sun, 8 Dec 2024 05:53:21 +0100 Subject: [PATCH] test --- vhclient/README.md | 2 +- vhclient/apparmor.txt | 15 ++++++++------- vhclient/config.yaml | 6 ++++-- 3 files changed, 13 insertions(+), 10 deletions(-) diff --git a/vhclient/README.md b/vhclient/README.md index 32ec700..74511d2 100644 --- a/vhclient/README.md +++ b/vhclient/README.md @@ -1,6 +1,6 @@ # Home Assistant Add-on: VirtualHere Client -Installs VirtualHere Client with addon configuration or manual handle configuration. +Installs VirtualHere Client with configuration handled by addon or manually. ## About diff --git a/vhclient/apparmor.txt b/vhclient/apparmor.txt index e788a6c..7c648e7 100644 --- a/vhclient/apparmor.txt +++ b/vhclient/apparmor.txt @@ -28,9 +28,9 @@ profile example flags=(attach_disconnected,mediate_deleted) { /data/** rw, # Start new profile for service - /usr/bin/my_program cx -> my_program, + /usr/bin/vhclient cx -> vhclient, - profile my_program flags=(attach_disconnected,mediate_deleted) { + profile vhclient flags=(attach_disconnected,mediate_deleted) { #include # Receive signals from S6-Overlay @@ -42,16 +42,17 @@ profile example flags=(attach_disconnected,mediate_deleted) { # Access to mapped volumes specified in config.json /share/** rw, + complain, # Access required for service functionality # Note: List was built by doing the following: # 1. Add what is obviously needed based on what is in the script # 2. Add `complain` as a flag to this profile temporarily and run the addon # 3. Review the audit log with `journalctl _TRANSPORT="audit" -g 'apparmor="ALLOWED"'` and add other access as needed # Remember to remove the `complain` flag when you are done - /usr/bin/my_program r, - /bin/bash rix, - /bin/echo ix, - /etc/passwd r, - /dev/tty rw, + /usr/bin/vhclient r, + #/bin/bash rix, + #/bin/echo ix, + #/etc/passwd r, + #/dev/tty rw, } } \ No newline at end of file diff --git a/vhclient/config.yaml b/vhclient/config.yaml index 7640576..acfb39a 100644 --- a/vhclient/config.yaml +++ b/vhclient/config.yaml @@ -1,5 +1,5 @@ name: VirtualHere Client -version: "0.1.404" +version: "0.1.405" slug: vhclient description: VirtualHere Client arch: @@ -14,12 +14,14 @@ host_network: true hassio_api: true homeassistant_api: true privileged: - - SYS_ADMIN + - SYS_RAWIO +# - SYS_ADMIN apparmor: false map: - type: homeassistant_config read_only: false path: /config +udev: true usb: true kernel_modules: true options: