Atos
# vim:syntax=apparmor
#include <tunables/global>
profile system_tor flags=(attach_disconnected) {
#include <abstractions/tor>
/etc/tor/* w,
# Used by Tor to do clearnet DNS lookups while in bridge mode (#8775).
/etc/resolv-over-clearnet.conf r,
owner /var/lib/tor/** rwk,
owner /var/lib/tor/ r,
owner /var/log/tor/* w,
# During startup, tor (as root) tries to open various things such as
# directories via check_private_dir(). Let it.
/var/lib/tor/** r,
/{,var/}run/tor/ r,
куда?
