Forum

Apparmor profile with CGI-Wrapper by example

Samiux
21 September 2009, 22:06


Hiawatha version: 6.17.1
Operating System: Ubuntu 9.04 Server
Working environment : PHP5, MySQL and CGI-Wrapper

I would like to share my Apparmor profile for Hiawatha, PHP5 and MySQL with CGI-Wrapper on my Ubuntu 9.04 Server.

Content of usr.sbin.hiawatha :

# Last Modified: Mon Sep 21 04:49:57 2009
#include <tunables/global>

/usr/sbin/hiawatha {
#include <abstractions/base>

capability chown,
capability dac_override,
capability net_bind_service,
capability setgid,
capability setuid,
capability sys_chroot,

network inet tcp,

/etc/group r,
/etc/hiawatha/** r,
/etc/host.conf r,
/etc/hosts r,
/etc/nsswitch.conf r,
/etc/passwd r,
/etc/php5/cgi/php.ini r,
/etc/php5/conf.d/ r,
/etc/php5/conf.d/curl.ini r,
/etc/php5/conf.d/gd.ini r,
/etc/php5/conf.d/idn.ini r,
/etc/php5/conf.d/imagick.ini r,
/etc/php5/conf.d/imap.ini r,
/etc/php5/conf.d/mcrypt.ini r,
/etc/php5/conf.d/memcache.ini r,
/etc/php5/conf.d/mhash.ini r,
/etc/php5/conf.d/ming.ini r,
/etc/php5/conf.d/mysql.ini r,
/etc/php5/conf.d/mysqli.ini r,
/etc/php5/conf.d/pdo.ini r,
/etc/php5/conf.d/pdo_mysql.ini r,
/etc/php5/conf.d/ps.ini r,
/etc/php5/conf.d/pspell.ini r,
/etc/php5/conf.d/recode.ini r,
/etc/php5/conf.d/tidy.ini r,
/etc/php5/conf.d/xsl.ini r,
/etc/protocols r,
/etc/resolv.conf r,
/etc/services r,
/usr/bin/php5-cgi rix,
/usr/lib{,32,64}/** mr,
/usr/sbin/cgi-wrapper rix,
/usr/sbin/hiawatha mr,
/usr/share/dbconfig-common/** r,
/usr/share/file/magic.mime r,
/usr/share/mysql/charsets/Index.xml r,
/usr/share/phpmyadmin/ r,
/usr/share/phpmyadmin/** r,
/usr/share/zoneinfo/ r,
/var/lib/** r,
/var/lib/hiawatha/* rw,
/var/log/hiawatha/* r,
/var/log/hiawatha/** rw,

owner /var/run/hiawatha.pid rw,

/var/www/ r,
/var/www/** rw,
}


Samiux
The Hiawatha's happy user
Hugo Leisink
22 September 2009, 09:12
Thanks!
maerkathtny
2 April 2010, 10:32
Sounds like a wild idea, right? Can you really get unlimited targeted traffic in 15 minutes? Not only can you do so, but I am going to tell you how. If you like to get unlimited, <a href=http://www.magictrafficfilter.com/>targeted web site traffic</a> in any niche to your website listen up, for I am about to tell you the way to do it.

You may think I am pulling your leg, but the fact is that after you are done reading this put to action what I state here, your traffic ticker will explode. And the best part is the way to do it is by using a system I created. That?s right. The secret is to using my system <a href=http://www.magictrafficfilter.com/>free web site traffic</a>.

You may then ask what system I am talking about. I am talking about a powerful and effective technique that is built around a five-step process. It is a system that when set up, will pump targeted traffic to your website so fast that it will make your head spin. All you will need to do is perform all the actions required, and take a look at your hit counter. Then go do something fun for 15 minutes. Then come back and take another look at your hit counter. You will faint when you see how many hits you got within just 15 minutes <a href=http://www.magictrafficfilter.com/>increasing web site traffic</a>.

If you think I am joking here this. I have a friend who owns a website. Before using my amazingly powerful program, his website was getting about 1000 hits a month. After he put my five-step program into action, he saw his hit counter go from 1000 hits a month to a 1000 hits in an hour. If he can see this kind of results, so can you.
This topic has been closed.