ajust install package

2026-02-08 17:18:23 +08:00
parent 6eb6ff6425
commit c83e4755e9
5 changed files with 88 additions and 2 deletions
--- a/packaging/ubuntu/bitoj-guards
+++ b/packaging/ubuntu/bitoj-guards
@@ -0,0 +1,68 @@
+#include <tunables/global>
+
+# BitOJ guard profiles
+/usr/lib/bitoj/scripts/binary-guard {
+    #include <abstractions/bitoj>
+
+    /var/lib/bitoj/data/**/main mrix,
+    /usr/lib/bitoj/data/**/main mrix,
+}
+
+/usr/lib/bitoj/scripts/java-guard {
+    #include <abstractions/bitoj>
+    capability sys_ptrace,
+
+    /var/lib/bitoj/data/**/*.class mr,
+    /usr/lib/bitoj/data/**/*.class mr,
+    /usr/bin/java mrix,
+
+    /etc/passwd mr,
+    /etc/nsswitch.conf mr,
+    /etc/java*/* mr,
+    /proc/** mr,
+    /sys/** mr,
+    /usr/lib/jvm/**/** mr,
+    /usr/lib/jvm/java-6-sun*/jre/bin/* mrix,
+
+    /tmp/hsperfdata_ojrun*/ mrw,
+    /tmp/hsperfdata_ojrun*/* mrw,
+}
+
+/usr/lib/bitoj/scripts/mono-guard {
+    #include <abstractions/bitoj>
+
+    /var/lib/bitoj/data/**/main.exe mr,
+    /usr/lib/bitoj/data/**/main.exe mr,
+    /var/lib/bitoj/data/**/.wapi/ mrw,
+    /var/lib/bitoj/data/**/.wapi/* mrw,
+    /usr/lib/bitoj/data/**/.wapi/ mrw,
+    /usr/lib/bitoj/data/**/.wapi/* mrw,
+
+    /usr/bin/mono mrix,
+    /usr/lib/mono/2.0/* mr,
+    /usr/lib/mono/2.0/**/* mr,
+    /etc/mono/config mr,
+    /etc/nsswitch.conf mr,
+    /etc/passwd mr,
+    /proc/**/* mr,
+}
+
+/usr/lib/bitoj/scripts/python-guard {
+    #include <abstractions/bitoj>
+    #include <abstractions/python>
+
+    /var/lib/bitoj/data/**/main.py mr,
+    /usr/lib/bitoj/data/**/main.py mr,
+    /usr/bin/python2.5 mrix,
+    /usr/lib/python2.5/lib-dynload/** mr,
+}
+
+/usr/lib/bitoj/scripts/bash-guard {
+    #include <abstractions/bitoj>
+    #include <abstractions/bash>
+
+    /var/lib/bitoj/data/**/main.sh mr,
+    /usr/lib/bitoj/data/**/main.sh mr,
+    /bin/* mrix,
+    /usr/bin/* mrix,
+}