This file is indexed.

/etc/apparmor.d/usr.sbin.kopano-server is in kopano-server 8.5.5-0ubuntu1.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below.

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
#include <tunables/global>

/usr/sbin/kopano-server flags=(attach_disconnected) {
  #include <abstractions/base>
  #include <abstractions/nameservice>
  #include <abstractions/user-tmp>
  #include <abstractions/mysql>

  capability chown,
  capability dac_override,
  capability dac_read_search,
  capability setgid,
  capability setuid,

  network tcp,

  /etc/kopano/debian-db.cfg r,
  /etc/kopano/server.cfg r,
  /usr/sbin/kopano-server r,

  @{PROC}/@{pid}/task/@{tid}/comm rw,

  /run/kopano/prio.sock rw,
  /run/kopano/server.pid rw,
  /run/kopano/server.sock rw,

  /usr/lib/@{multiarch}/kopano/*.so m,

  /var/lib/kopano/attachments/ r,
  /var/lib/kopano/attachments/** rw,
  /var/log/kopano/server.log rw,

  /etc/kopano/userscripts/* Cxr -> kopano_userscripts,

  # New features in 8.5.2 need this, and read-only on those is safe
  @{PROC}/sys/kernel/core_pattern r,
  @{PROC}/sys/fs/suid_dumpable r,

  # There's little we can do if the server is allowed to run
  # arbitrary scripts
  profile kopano_userscripts flags=(attach_disconnected) {
    file,
    network,
  }

  # Site-specific additions and overrides. See local/README for details.
  #include <local/usr.sbin.kopano-server>
}