github.com/rigado/snapd@v2.42.5-go-mod+incompatible/interfaces/builtin/ppp.go

github.com/rigado/snapd@v2.42.5-go-mod+incompatible/interfaces/builtin/ppp.go (about)

     1  // -*- Mode: Go; indent-tabs-mode: t -*-
     2  
     3  /*
     4   * Copyright (C) 2016-2017 Canonical Ltd
     5   *
     6   * This program is free software: you can redistribute it and/or modify
     7   * it under the terms of the GNU General Public License version 3 as
     8   * published by the Free Software Foundation.
     9   *
    10   * This program is distributed in the hope that it will be useful,
    11   * but WITHOUT ANY WARRANTY; without even the implied warranty of
    12   * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    13   * GNU General Public License for more details.
    14   *
    15   * You should have received a copy of the GNU General Public License
    16   * along with this program.  If not, see <http://www.gnu.org/licenses/>.
    17   *
    18   */
    19  
    20  package builtin
    21  
    22  const pppSummary = `allows operating as the ppp service`
    23  
    24  const pppBaseDeclarationSlots = `
    25    ppp:
    26      allow-installation:
    27        slot-snap-type:
    28          - core
    29      deny-auto-connection: true
    30  `
    31  
    32  const pppConnectedPlugAppArmor = `
    33  # Description: Allow operating ppp daemon. This gives privileged access to the
    34  # ppp daemon.
    35  
    36  # Needed for modem connections using PPP
    37  /usr/sbin/pppd ix,
    38  /etc/ppp/** rwix,
    39  /dev/ppp rw,
    40  /dev/tty[^0-9]* rw,
    41  /run/lock/*tty[^0-9]* rw,
    42  /run/ppp* rwk,
    43  /var/run/ppp* rwk,
    44  /var/log/ppp* rw,
    45  /bin/run-parts ix,
    46  @{PROC}/@{pid}/loginuid r,
    47  capability setgid,
    48  capability setuid,
    49  `
    50  
    51  // ppp_generic creates /dev/ppp. Other ppp modules will be automatically loaded
    52  // by the kernel on different ioctl calls for this device. Note also that
    53  // in many cases ppp_generic is statically linked into the kernel (CONFIG_PPP=y)
    54  var pppConnectedPlugKmod = []string{
    55  	"ppp_generic",
    56  }
    57  
    58  var pppConnectedPlugUDev = []string{
    59  	`KERNEL=="ppp"`,
    60  	`KERNEL=="tty[a-zA-Z]*[0-9]*"`,
    61  }
    62  
    63  func init() {
    64  	registerIface(&commonInterface{
    65  		name:                     "ppp",
    66  		summary:                  pppSummary,
    67  		implicitOnCore:           true,
    68  		implicitOnClassic:        true,
    69  		baseDeclarationSlots:     pppBaseDeclarationSlots,
    70  		connectedPlugAppArmor:    pppConnectedPlugAppArmor,
    71  		connectedPlugKModModules: pppConnectedPlugKmod,
    72  		connectedPlugUDev:        pppConnectedPlugUDev,
    73  		reservedForOS:            true,
    74  	})
    75  }