gitee.com/mysnapcore/mysnapd@v0.1.0/interfaces/builtin/ppp.go

gitee.com/mysnapcore/mysnapd@v0.1.0/interfaces/builtin/ppp.go (about)

     1  // -*- Mode: Go; indent-tabs-mode: t -*-
     2  
     3  /*
     4   * Copyright (C) 2016-2017 Canonical Ltd
     5   *
     6   * This program is free software: you can redistribute it and/or modify
     7   * it under the terms of the GNU General Public License version 3 as
     8   * published by the Free Software Foundation.
     9   *
    10   * This program is distributed in the hope that it will be useful,
    11   * but WITHOUT ANY WARRANTY; without even the implied warranty of
    12   * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    13   * GNU General Public License for more details.
    14   *
    15   * You should have received a copy of the GNU General Public License
    16   * along with this program.  If not, see <http://www.gnu.org/licenses/>.
    17   *
    18   */
    19  
    20  package builtin
    21  
    22  const pppSummary = `allows operating as the ppp service`
    23  
    24  const pppBaseDeclarationSlots = `
    25    ppp:
    26      allow-installation:
    27        slot-snap-type:
    28          - core
    29      deny-auto-connection: true
    30  `
    31  
    32  const pppConnectedPlugAppArmor = `
    33  # Description: Allow operating ppp daemon. This gives privileged access to the
    34  # ppp daemon.
    35  
    36  # Needed for modem connections using PPP
    37  /usr/sbin/pppd ix,
    38  /etc/ppp/** rwix,
    39  /dev/ppp rw,
    40  /dev/tty[^0-9]* rw,
    41  /run/lock/*tty[^0-9]* rw,
    42  /run/ppp* rwk,
    43  /var/run/ppp* rwk,
    44  /var/log/ppp* rw,
    45  /{,usr/}bin/run-parts ix,
    46  @{PROC}/@{pid}/loginuid r,
    47  capability setgid,
    48  capability setuid,
    49  
    50  # Allow to determine whether a tty device is a serial port or not.
    51  @{PROC}/tty/drivers r,
    52  `
    53  
    54  // ppp_generic creates /dev/ppp. Other ppp modules will be automatically loaded
    55  // by the kernel on different ioctl calls for this device. Note also that
    56  // in many cases ppp_generic is statically linked into the kernel (CONFIG_PPP=y)
    57  var pppConnectedPlugKmod = []string{
    58  	"ppp_generic",
    59  }
    60  
    61  var pppConnectedPlugUDev = []string{
    62  	`KERNEL=="ppp"`,
    63  	`KERNEL=="tty[a-zA-Z]*[0-9]*"`,
    64  }
    65  
    66  func init() {
    67  	registerIface(&commonInterface{
    68  		name:                     "ppp",
    69  		summary:                  pppSummary,
    70  		implicitOnCore:           true,
    71  		implicitOnClassic:        true,
    72  		baseDeclarationSlots:     pppBaseDeclarationSlots,
    73  		connectedPlugAppArmor:    pppConnectedPlugAppArmor,
    74  		connectedPlugKModModules: pppConnectedPlugKmod,
    75  		connectedPlugUDev:        pppConnectedPlugUDev,
    76  	})
    77  }