diff --git a/apps/apparmor/home.i2p.i2prouter b/apps/apparmor/home.i2p.i2prouter deleted file mode 100644 index 7f7dcb7ef..000000000 --- a/apps/apparmor/home.i2p.i2prouter +++ /dev/null @@ -1,99 +0,0 @@ -#Last Modified: Sun Dec 06 12:30:32 2015 -# vim:syntax=apparmor et ts=8 sw=4 - -#include - -$INSTALL_PATH/{i2prouter,runplain.sh} flags=(complain) { - #include - #include - #include - #include - - capability sys_ptrace, - network inet stream, - network inet6 stream, - - $INSTALL_PATH/ r, - $INSTALL_PATH/{i2psvc,wrapper} rmix, - owner $INSTALL_PATH/** rwkm, - - # Needed for Java - owner @{PROC} r, - owner @{PROC}/[0-9]*/ r, - owner @{PROC}/[0-9]*/status r, - owner @{PROC}/[0-9]*/stat r, - owner @{PROC}/[0-9]*/cmdline r, - @{PROC}/uptime r, - @{PROC}/sys/kernel/pid_max r, - /sys/devices/system/cpu/ r, - /sys/devices/system/cpu/** r, - - /dev/random r, - /dev/urandom r, - - @{PROC}/1/comm r, - - /etc/ssl/certs/java/** r, - /etc/timezone r, - /usr/share/javazi/** r, - - # Debian - /etc/java-{6,7,8}-openjdk/** r, - /usr/lib/jvm/default-java/jre/bin/java rix, - - # Debian, Ubuntu, openSUSE - /usr/lib{,32,64}/jvm/java-*-openjdk-*/jre/bin/java rix, - /usr/lib{,32,64}/jvm/java-*-openjdk-*/jre/bin/keytool rix, - - # Raspbian - /usr/lib/jvm/jdk-*-oracle-*/jre/bin/java rix, - /usr/lib/jvm/jdk-*-oracle-*/jre/bin/keytool rix, - - - # Fonts are needed for I2P's graphs - /usr/share/java/java-atk-wrapper.jar r, - - # Used by some plugins - /usr/share/java/eclipse-ecj-*.jar r, - - /{,var/}tmp/ rwm, - owner /{,var/}tmp/** rwkm, - - /{,usr/}bin/{,b,d}ash rix, - /{,usr/}bin/cat rix, - /{,usr/}bin/cut rix, - /{,usr/}bin/dirname rix, - /{,usr/}bin/expr rix, - /{,usr/}bin/{,g,m}awk rix, - /{,usr/}bin/grep rix, - /{,usr/}bin/id rix, - /{,usr/}bin/ldd rix, - /{,usr/}bin/ls rix, - /{,usr/}bin/mkdir rix, - /{,usr/}bin/nohup rix, - /{,usr/}bin/ps rix, - /{,usr/}bin/rm rix, - /{,usr/}bin/sed rix, - /{,usr/}bin/sleep rix, - /{,usr/}bin/tail rix, - /{,usr/}bin/tr rix, - /{,usr/}bin/uname rix, - /{,usr/}bin/which rix, - - @{HOME}/.java/fonts/** r, - owner @{HOME}/.i2p/ rw, - owner @{HOME}/.i2p/** rwk, - - # Prevent spamming the logs - deny owner @{HOME}/.java/ wk, - deny @{HOME}/.fontconfig/ wk, - deny @{HOME}/.java/fonts/** w, - deny /dev/tty rw, - deny /dev/pts/[0-9]* rw, - deny @{PROC}/[0-9]*/fd/ r, - deny /usr/local/share/fonts/ r, - deny /var/cache/fontconfig/ wk, - # Used by some versions of the Tanuki wrapper but never used by I2P - deny /usr/share/java/hamcrest*.jar r, - deny /usr/share/java/junit*.jar r, -} diff --git a/build.xml b/build.xml index d485bc257..99aef4649 100644 --- a/build.xml +++ b/build.xml @@ -1336,7 +1336,6 @@ - diff --git a/installer/resources/postinstall.sh b/installer/resources/postinstall.sh index e81659de5..bcc336452 100644 --- a/installer/resources/postinstall.sh +++ b/installer/resources/postinstall.sh @@ -111,9 +111,6 @@ if [ ! `echo $HOST_OS |grep osx` ]; then rm -f *i2p_service_osx.command rm -f net.i2p.router.plist.template #rm -f I2P\ Router\ Console.webloc -else - # The example apparmor profile is useless on OSX - rm -f ./scripts/home.i2p.i2prouter fi rm -f ./osid