feat(profile): use profile variable in rules such as in dbus, ptrace, unix...
This commit is contained in:
Alexandre Pujol
parent
f717ea7383
commit
04b6cade64
72 changed files with 152 additions and 151 deletions
|
|
@ -24,8 +24,8 @@
|
|||
|
||||
network netlink raw, # PAM
|
||||
|
||||
#aa:dbus talk bus=system name=org.freedesktop.home1 label=systemd-homed
|
||||
#aa:dbus talk bus=system name=org.freedesktop.login1 label=systemd-logind
|
||||
#aa:dbus talk bus=system name=org.freedesktop.home1 label="@{p_systemd_homed}"
|
||||
#aa:dbus talk bus=system name=org.freedesktop.login1 label="@{p_systemd_logind}"
|
||||
|
||||
dbus (send receive) bus=session path=/org/freedesktop/systemd1
|
||||
interface=org.freedesktop.systemd.Manager
|
||||
|
|
|
|||
|
|
@ -18,7 +18,7 @@
|
|||
signal (receive) set=(term,kill) peer=openbox,
|
||||
signal (receive) set=(term,kill) peer=su,
|
||||
|
||||
ptrace (readby) peer=systemd-coredump,
|
||||
ptrace (readby) peer=@{p_systemd_coredump},
|
||||
|
||||
@{etc_rw}/localtime r,
|
||||
/etc/locale.conf r,
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@
|
|||
|
||||
abi <abi/4.0>,
|
||||
|
||||
#aa:dbus common bus=system name=net.hadess.PowerProfiles label=power-profiles-daemon
|
||||
#aa:dbus common bus=system name=net.hadess.PowerProfiles label="@{p_power_profiles_daemon}"
|
||||
|
||||
include if exists <abstractions/bus/net.hadess.PowerProfiles.d>
|
||||
|
||||
|
|
|
|||
|
|
@ -4,12 +4,12 @@
|
|||
|
||||
abi <abi/4.0>,
|
||||
|
||||
#aa:dbus common bus=system name=net.reactivated.Fprint label=fprintd
|
||||
#aa:dbus common bus=system name=net.reactivated.Fprint label="@{p_fprintd}"
|
||||
|
||||
dbus send bus=system path=/net/reactivated/Fprint/Manager
|
||||
interface=net.reactivated.Fprint.Manager
|
||||
member={GetDevices,GetDefaultDevice}
|
||||
peer=(name="@{busname}", label=fprintd),
|
||||
peer=(name="@{busname}", label="@{p_fprintd}"),
|
||||
|
||||
dbus send bus=system path=/net/reactivated/Fprint/Manager
|
||||
interface=net.reactivated.Fprint.Manager
|
||||
|
|
@ -19,7 +19,7 @@
|
|||
dbus send bus=system path=/net/reactivated/Fprint/Manager
|
||||
interface=net.reactivated.Fprint.Manager
|
||||
member={GetDevices,GetDefaultDevice}
|
||||
peer=(name=net.reactivated.Fprint, label=fprintd),
|
||||
peer=(name=net.reactivated.Fprint, label="@{p_fprintd}"),
|
||||
|
||||
include if exists <abstractions/bus/net.reactivated.Fprint.d>
|
||||
|
||||
|
|
|
|||
|
|
@ -9,27 +9,27 @@
|
|||
dbus receive bus=accessibility path=/org/a11y/atspi/registry
|
||||
interface=org.a11y.atspi.Registry
|
||||
member=EventListenerDeregistered
|
||||
peer=(name="@{busname}", label=at-spi2-registryd),
|
||||
peer=(name="@{busname}", label="@{p_at_spi2_registryd}"),
|
||||
|
||||
dbus send bus=accessibility path=/org/a11y/atspi/registry
|
||||
interface=org.a11y.atspi.Registry
|
||||
member=GetRegisteredEvents
|
||||
peer=(name=org.a11y.atspi.Registry, label=at-spi2-registryd),
|
||||
peer=(name=org.a11y.atspi.Registry, label="@{p_at_spi2_registryd}"),
|
||||
|
||||
dbus send bus=accessibility path=/org/a11y/atspi/registry/deviceeventcontroller
|
||||
interface=org.a11y.atspi.DeviceEventController
|
||||
member={GetKeystrokeListeners,GetDeviceEventListeners}
|
||||
peer=(name=org.a11y.atspi.Registry, label=at-spi2-registryd),
|
||||
peer=(name=org.a11y.atspi.Registry, label="@{p_at_spi2_registryd}"),
|
||||
|
||||
dbus receive bus=accessibility path=/org/a11y/atspi/accessible/root
|
||||
interface=org.freedesktop.DBus.Properties
|
||||
member=Set
|
||||
peer=(name="@{busname}", label=at-spi2-registryd),
|
||||
peer=(name="@{busname}", label="@{p_at_spi2_registryd}"),
|
||||
|
||||
dbus send bus=accessibility path=/org/a11y/atspi/accessible/root
|
||||
interface=org.a11y.atspi.Socket
|
||||
member=Embed
|
||||
peer=(name=org.a11y.atspi.Registry, label=at-spi2-registryd),
|
||||
peer=(name=org.a11y.atspi.Registry, label="@{p_at_spi2_registryd}"),
|
||||
|
||||
# Session bus
|
||||
|
||||
|
|
|
|||
|
|
@ -4,37 +4,37 @@
|
|||
|
||||
abi <abi/4.0>,
|
||||
|
||||
#aa:dbus common bus=system name=org.bluez label=bluetoothd
|
||||
#aa:dbus common bus=system name=org.bluez label="@{p_bluetoothd}"
|
||||
|
||||
dbus receive bus=system path=/
|
||||
interface=org.freedesktop.DBus.ObjectManager
|
||||
member=InterfacesRemoved
|
||||
peer=(name="{@{busname},org.bluez}", label=bluetoothd),
|
||||
peer=(name="{@{busname},org.bluez}", label="@{p_bluetoothd}"),
|
||||
|
||||
dbus send bus=system path=/
|
||||
interface=org.freedesktop.DBus.ObjectManager
|
||||
member=GetManagedObjects
|
||||
peer=(name="{@{busname},org.bluez}", label=bluetoothd),
|
||||
peer=(name="{@{busname},org.bluez}", label="@{p_bluetoothd}"),
|
||||
|
||||
dbus send bus=system path=/org/bluez
|
||||
interface=org.bluez.AgentManager@{int}
|
||||
member={RegisterAgent,RequestDefaultAgent,UnregisterAgent}
|
||||
peer=(name=org.bluez, label=bluetoothd),
|
||||
peer=(name=org.bluez, label="@{p_bluetoothd}"),
|
||||
|
||||
dbus send bus=system path=/org/bluez
|
||||
interface=org.bluez.ProfileManager@{int}
|
||||
member=RegisterProfile
|
||||
peer=(name=org.bluez, label=bluetoothd),
|
||||
peer=(name=org.bluez, label="@{p_bluetoothd}"),
|
||||
|
||||
dbus send bus=system path=/org/bluez/hci@{int}
|
||||
interface=org.bluez.BatteryProviderManager@{int}
|
||||
member=RegisterProfile
|
||||
peer=(name=org.bluez, label=bluetoothd),
|
||||
peer=(name=org.bluez, label="@{p_bluetoothd}"),
|
||||
|
||||
dbus send bus=system path=/org/bluez/hci@{int}
|
||||
interface=org.bluez.Media@{int}
|
||||
member=RegisterApplication
|
||||
peer=(name=org.bluez, label=bluetoothd),
|
||||
peer=(name=org.bluez, label="@{p_bluetoothd}"),
|
||||
|
||||
include if exists <abstractions/bus/org.bluez.d>
|
||||
|
||||
|
|
|
|||
|
|
@ -4,27 +4,27 @@
|
|||
|
||||
abi <abi/4.0>,
|
||||
|
||||
#aa:dbus common bus=system name=org.freedesktop.Accounts label=accounts-daemon
|
||||
#aa:dbus common bus=system name=org.freedesktop.Accounts label="@{p_accounts_daemon}"
|
||||
|
||||
dbus send bus=system path=/org/freedesktop/Accounts
|
||||
interface=org.freedesktop.Accounts
|
||||
member={FindUserByName,ListCachedUsers}
|
||||
peer=(name="@{busname}", label=accounts-daemon),
|
||||
peer=(name="@{busname}", label="@{p_accounts_daemon}"),
|
||||
|
||||
dbus receive bus=system path=/org/freedesktop/Accounts/User@{uid}
|
||||
interface=org.freedesktop.Accounts.User
|
||||
member=*Changed
|
||||
peer=(name="@{busname}", label=accounts-daemon),
|
||||
peer=(name="@{busname}", label="@{p_accounts_daemon}"),
|
||||
|
||||
dbus receive bus=system path=/org/freedesktop/Accounts
|
||||
interface=org.freedesktop.Accounts
|
||||
member=UserAdded
|
||||
peer=(name="@{busname}", label=accounts-daemon),
|
||||
peer=(name="@{busname}", label="@{p_accounts_daemon}"),
|
||||
|
||||
dbus receive bus=system path=/org/freedesktop/Accounts/User@{uid}
|
||||
interface=org.freedesktop.DBus.Properties
|
||||
member=*Changed
|
||||
peer=(name="@{busname}", label=accounts-daemon),
|
||||
peer=(name="@{busname}", label="@{p_accounts_daemon}"),
|
||||
|
||||
include if exists <abstractions/bus/org.freedesktop.Accounts.d>
|
||||
|
||||
|
|
|
|||
|
|
@ -4,27 +4,27 @@
|
|||
|
||||
abi <abi/4.0>,
|
||||
|
||||
#aa:dbus common bus=system name=org.freedesktop.Avahi label=avahi-daemon
|
||||
#aa:dbus common bus=system name=org.freedesktop.Avahi label="@{p_avahi_daemon}"
|
||||
|
||||
dbus send bus=system path=/
|
||||
interface=org.freedesktop.DBus.Peer
|
||||
member=Ping
|
||||
peer=(name=org.freedesktop.Avahi, label=avahi-daemon),
|
||||
peer=(name=org.freedesktop.Avahi, label="@{p_avahi_daemon}"),
|
||||
|
||||
dbus send bus=system path=/
|
||||
interface=org.freedesktop.Avahi.Server
|
||||
member={GetAPIVersion,GetState,Service*New}
|
||||
peer=(name=org.freedesktop.Avahi, label=avahi-daemon),
|
||||
peer=(name=org.freedesktop.Avahi, label="@{p_avahi_daemon}"),
|
||||
|
||||
dbus send bus=system path=/Client@{int}/ServiceBrowser@{int}
|
||||
interface=org.freedesktop.Avahi.ServiceBrowser
|
||||
member=Free
|
||||
peer=(name=org.freedesktop.Avahi, label=avahi-daemon),
|
||||
peer=(name=org.freedesktop.Avahi, label="@{p_avahi_daemon}"),
|
||||
|
||||
dbus receive bus=system path=/Client@{int}/ServiceBrowser@{int}
|
||||
interface=org.freedesktop.Avahi.ServiceBrowser
|
||||
member={ItemNew,AllForNow,CacheExhausted}
|
||||
peer=(name="@{busname}", label=avahi-daemon),
|
||||
peer=(name="@{busname}", label="@{p_avahi_daemon}"),
|
||||
|
||||
include if exists <abstractions/bus/org.freedesktop.Avahi.d>
|
||||
|
||||
|
|
|
|||
|
|
@ -4,22 +4,22 @@
|
|||
|
||||
abi <abi/4.0>,
|
||||
|
||||
#aa:dbus common bus=system name=org.freedesktop.ColorManager label=colord
|
||||
#aa:dbus common bus=system name=org.freedesktop.ColorManager label="@{p_colord}"
|
||||
|
||||
dbus send bus=system path=/org/freedesktop/ColorManager
|
||||
interface=org.freedesktop.ColorManager
|
||||
member=GetDevices
|
||||
peer=(name="@{busname}", label=colord),
|
||||
peer=(name="@{busname}", label="@{p_colord}"),
|
||||
|
||||
dbus send bus=system path=/org/freedesktop/ColorManager
|
||||
interface=org.freedesktop.ColorManager
|
||||
member=CreateDevice
|
||||
peer=(name="@{busname}", label=colord),
|
||||
peer=(name="@{busname}", label="@{p_colord}"),
|
||||
|
||||
dbus receive bus=system path=/org/freedesktop/ColorManager
|
||||
interface=org.freedesktop.ColorManager
|
||||
member={DeviceAdded,DeviceRemoved}
|
||||
peer=(name="@{busname}", label=colord),
|
||||
peer=(name="@{busname}", label="@{p_colord}"),
|
||||
|
||||
include if exists <abstractions/bus/org.freedesktop.ColorManager.d>
|
||||
|
||||
|
|
|
|||
|
|
@ -4,26 +4,26 @@
|
|||
|
||||
abi <abi/4.0>,
|
||||
|
||||
#aa:dbus common bus=system name=org.freedesktop.GeoClue2 label=geoclue
|
||||
#aa:dbus common bus=system name=org.freedesktop.GeoClue2 label="@{p_geoclue}"
|
||||
dbus send bus=system path=/org/freedesktop/GeoClue2/Agent
|
||||
interface=org.freedesktop.DBus.Properties
|
||||
member=PropertiesChanged
|
||||
peer=(name=org.freedesktop.DBus, label=geoclue),
|
||||
peer=(name=org.freedesktop.DBus, label="@{p_geoclue}"),
|
||||
|
||||
dbus receive bus=system path=/org/freedesktop/GeoClue2/Agent
|
||||
interface=org.freedesktop.DBus.Properties
|
||||
member=GetAll
|
||||
peer=(name="@{busname}", label=geoclue),
|
||||
peer=(name="@{busname}", label="@{p_geoclue}"),
|
||||
|
||||
dbus send bus=system path=/org/freedesktop/GeoClue2/Manager
|
||||
interface=org.freedesktop.DBus.Properties
|
||||
member=GetAll
|
||||
peer=(name="@{busname}", label=geoclue),
|
||||
peer=(name="@{busname}", label="@{p_geoclue}"),
|
||||
|
||||
dbus send bus=system path=/org/freedesktop/GeoClue2/Manager
|
||||
interface=org.freedesktop.GeoClue2.Manager
|
||||
member=AddAgent
|
||||
peer=(name="@{busname}", label=geoclue),
|
||||
peer=(name="@{busname}", label="@{p_geoclue}"),
|
||||
|
||||
include if exists <abstractions/bus/org.freedesktop.GeoClue2.d>
|
||||
|
||||
|
|
|
|||
|
|
@ -4,17 +4,17 @@
|
|||
|
||||
abi <abi/4.0>,
|
||||
|
||||
#aa:dbus common bus=system name=org.freedesktop.ModemManager1 label=ModemManager
|
||||
#aa:dbus common bus=system name=org.freedesktop.ModemManager1 label="@{p_ModemManager}"
|
||||
|
||||
dbus send bus=system path=/org/freedesktop/ModemManager1
|
||||
interface=org.freedesktop.DBus.ObjectManager
|
||||
member=GetManagedObjects
|
||||
peer=(name=org.freedesktop.ModemManager1, label=ModemManager),
|
||||
peer=(name=org.freedesktop.ModemManager1, label="@{p_ModemManager}"),
|
||||
|
||||
dbus send bus=system path=/org/freedesktop/ModemManager1
|
||||
interface=org.freedesktop.DBus.ObjectManager
|
||||
member=GetManagedObjects
|
||||
peer=(name="@{busname}", label=ModemManager),
|
||||
peer=(name="@{busname}", label="@{p_ModemManager}"),
|
||||
|
||||
include if exists <abstractions/bus/org.freedesktop.ModemManager1.d>
|
||||
|
||||
|
|
|
|||
|
|
@ -4,22 +4,22 @@
|
|||
|
||||
abi <abi/4.0>,
|
||||
|
||||
#aa:dbus common bus=system name=org.freedesktop.PolicyKit1 label=polkitd
|
||||
#aa:dbus common bus=system name=org.freedesktop.PolicyKit1 label="@{p_polkitd}"
|
||||
|
||||
dbus receive bus=system path=/org/freedesktop/PolicyKit1/Authority
|
||||
interface=org.freedesktop.PolicyKit1.Authority
|
||||
member=Changed
|
||||
peer=(name="@{busname}", label=polkitd),
|
||||
peer=(name="@{busname}", label="@{p_polkitd}"),
|
||||
|
||||
dbus send bus=system path=/org/freedesktop/PolicyKit1/Authority
|
||||
interface=org.freedesktop.PolicyKit1.Authority
|
||||
member=CheckAuthorization
|
||||
peer=(name=org.freedesktop.PolicyKit1, label=polkitd),
|
||||
peer=(name=org.freedesktop.PolicyKit1, label="@{p_polkitd}"),
|
||||
|
||||
dbus send bus=system path=/org/freedesktop/PolicyKit1/Authority
|
||||
interface=org.freedesktop.PolicyKit1.Authority
|
||||
member=CheckAuthorization
|
||||
peer=(name="@{busname}", label=polkitd),
|
||||
peer=(name="@{busname}", label="@{p_polkitd}"),
|
||||
dbus send bus=system path=/org/freedesktop/PolicyKit1/Authority
|
||||
interface=org.freedesktop.PolicyKit1.Authority
|
||||
member=CheckAuthorization
|
||||
|
|
|
|||
|
|
@ -6,7 +6,7 @@
|
|||
|
||||
abi <abi/4.0>,
|
||||
|
||||
#aa:dbus common bus=system name=org.freedesktop.RealtimeKit1 label=rtkit-daemon
|
||||
#aa:dbus common bus=system name=org.freedesktop.RealtimeKit1 label="@{p_rtkit_daemon}"
|
||||
dbus send bus=system path=/org/freedesktop/RealtimeKit1
|
||||
interface=org.freedesktop.DBus.Properties
|
||||
member=Get
|
||||
|
|
@ -15,12 +15,12 @@
|
|||
dbus send bus=system path=/org/freedesktop/RealtimeKit1
|
||||
interface=org.freedesktop.RealtimeKit1
|
||||
member={MakeThreadHighPriority,MakeThreadRealtime}
|
||||
peer=(name="{@{busname},org.freedesktop.RealtimeKit1}", label=rtkit-daemon),
|
||||
peer=(name="{@{busname},org.freedesktop.RealtimeKit1}", label="@{p_rtkit_daemon}"),
|
||||
|
||||
dbus send bus=system path=/org/freedesktop/RealtimeKit1
|
||||
interface=org.freedesktop.RealtimeKit1
|
||||
member={MakeThreadHighPriorityWithPID,MakeThreadRealtimeWithPID}
|
||||
peer=(name="{@{busname},org.freedesktop.RealtimeKit1}", label=rtkit-daemon),
|
||||
peer=(name="{@{busname},org.freedesktop.RealtimeKit1}", label="@{p_rtkit_daemon}"),
|
||||
|
||||
include if exists <abstractions/bus/org.freedesktop.RealtimeKit1.d>
|
||||
|
||||
|
|
|
|||
|
|
@ -4,22 +4,22 @@
|
|||
|
||||
abi <abi/4.0>,
|
||||
|
||||
#aa:dbus common bus=system name=org.freedesktop.UPower label=upowerd
|
||||
#aa:dbus common bus=system name=org.freedesktop.UPower label="@{p_upowerd}"
|
||||
|
||||
dbus send bus=system path=/org/freedesktop/UPower
|
||||
interface=org.freedesktop.UPower
|
||||
member=EnumerateDevices
|
||||
peer=(name="{@{busname},org.freedesktop.UPower}", label=upowerd),
|
||||
peer=(name="{@{busname},org.freedesktop.UPower}", label="@{p_upowerd}"),
|
||||
|
||||
dbus send bus=system path=/org/freedesktop/UPower
|
||||
interface=org.freedesktop.DBus.Properties
|
||||
member=GetDisplayDevice
|
||||
peer=(name=org.freedesktop.UPower, label=upowerd),
|
||||
peer=(name=org.freedesktop.UPower, label="@{p_upowerd}"),
|
||||
|
||||
dbus receive bus=system path=/org/freedesktop/UPower
|
||||
interface=org.freedesktop.UPower
|
||||
member=DeviceAdded
|
||||
peer=(name="{@{busname},org.freedesktop.UPower}", label=upowerd),
|
||||
peer=(name="{@{busname},org.freedesktop.UPower}", label="@{p_upowerd}"),
|
||||
|
||||
include if exists <abstractions/bus/org.freedesktop.UPower.d>
|
||||
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@
|
|||
|
||||
abi <abi/4.0>,
|
||||
|
||||
#aa:dbus common bus=system name=org.freedesktop.UPower.PowerProfiles label=power-profiles-daemon
|
||||
#aa:dbus common bus=system name=org.freedesktop.UPower.PowerProfiles label=@{p_power_profiles_daemon}
|
||||
|
||||
include if exists <abstractions/bus/org.freedesktop.UPower.PowerProfiles.d>
|
||||
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@
|
|||
|
||||
abi <abi/4.0>,
|
||||
|
||||
#aa:dbus common bus=system name=org.freedesktop.hostname1 label=systemd-hostnamed
|
||||
#aa:dbus common bus=system name=org.freedesktop.hostname1 label="@{p_systemd_hostnamed}"
|
||||
dbus send bus=system path=/org/freedesktop/hostname1
|
||||
interface=org.freedesktop.DBus.Properties
|
||||
member=Get
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@
|
|||
|
||||
abi <abi/4.0>,
|
||||
|
||||
#aa:dbus common bus=system name=org.freedesktop.locale1 label=systemd-localed
|
||||
#aa:dbus common bus=system name=org.freedesktop.locale1 label="@{p_systemd_localed}"
|
||||
dbus send bus=system path=/org/freedesktop/locale1
|
||||
interface=org.freedesktop.DBus.Properties
|
||||
member=GetAll
|
||||
|
|
|
|||
|
|
@ -4,22 +4,22 @@
|
|||
|
||||
abi <abi/4.0>,
|
||||
|
||||
#aa:dbus common bus=system name=org.freedesktop.login1 label=systemd-logind
|
||||
#aa:dbus common bus=system name=org.freedesktop.login1 label="@{p_systemd_logind}"
|
||||
|
||||
dbus send bus=system path=/org/freedesktop/login1
|
||||
interface=org.freedesktop.login1.Manager
|
||||
member={Inhibit,CanHibernate,CanHybridSleep,CanPowerOff,CanReboot,CanSuspend,CreateSession,GetSessionByPID}
|
||||
peer=(name="{@{busname},org.freedesktop.login1}", label=systemd-logind),
|
||||
peer=(name="{@{busname},org.freedesktop.login1}", label="@{p_systemd_logind}"),
|
||||
|
||||
dbus receive bus=system path=/org/freedesktop/login1
|
||||
interface=org.freedesktop.login1.Manager
|
||||
member={SessionNew,SessionRemoved,UserNew,UserRemoved,SeatNew,PrepareFor*}
|
||||
peer=(name="{@{busname},org.freedesktop.login1}", label=systemd-logind),
|
||||
peer=(name="{@{busname},org.freedesktop.login1}", label="@{p_systemd_logind}"),
|
||||
|
||||
dbus send bus=system path=/org/freedesktop/login1/session/*
|
||||
interface=org.freedesktop.login1.Session
|
||||
member=PauseDeviceComplete
|
||||
peer=(name=org.freedesktop.login1, label=systemd-logind),
|
||||
peer=(name=org.freedesktop.login1, label="@{p_systemd_logind}"),
|
||||
|
||||
include if exists <abstractions/bus/org.freedesktop.login1.d>
|
||||
|
||||
|
|
|
|||
|
|
@ -4,22 +4,22 @@
|
|||
|
||||
abi <abi/4.0>,
|
||||
|
||||
#aa:dbus common bus=system name=org.freedesktop.login1 label=systemd-logind
|
||||
#aa:dbus common bus=system name=org.freedesktop.login1 label="@{p_systemd_logind}"
|
||||
|
||||
dbus send bus=system path=/org/freedesktop/login1
|
||||
interface=org.freedesktop.login1.Manager
|
||||
member=GetSession
|
||||
peer=(name="@{busname}", label=systemd-logind),
|
||||
peer=(name="@{busname}", label="@{p_systemd_logind}"),
|
||||
|
||||
dbus send bus=system path=/org/freedesktop/login1/session/*
|
||||
interface=org.freedesktop.login1.Session
|
||||
member={ReleaseDevice,TakeControl,TakeDevice,SetBrightness,SetLockedHint,SetIdleHint}
|
||||
peer=(name="{@{busname},org.freedesktop.login1}", label=systemd-logind),
|
||||
peer=(name="{@{busname},org.freedesktop.login1}", label="@{p_systemd_logind}"),
|
||||
|
||||
dbus receive bus=system path=/org/freedesktop/login1/session/*
|
||||
interface=org.freedesktop.login1.Session
|
||||
member={PauseDevice,Unlock}
|
||||
peer=(name="{@{busname},org.freedesktop.login1}", label=systemd-logind),
|
||||
peer=(name="{@{busname},org.freedesktop.login1}", label="@{p_systemd_logind}"),
|
||||
|
||||
include if exists <abstractions/bus/org.freedesktop.login1.Session.d>
|
||||
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@
|
|||
|
||||
abi <abi/4.0>,
|
||||
|
||||
#aa:dbus common bus=system name=org.freedesktop.network1 label=systemd-networkd
|
||||
#aa:dbus common bus=system name=org.freedesktop.network1 label="@{p_systemd_networkd}"
|
||||
|
||||
include if exists <abstractions/bus/org.freedesktop.network1.d>
|
||||
|
||||
|
|
|
|||
|
|
@ -4,12 +4,12 @@
|
|||
|
||||
abi <abi/4.0>,
|
||||
|
||||
#aa:dbus common bus=system name=org.freedesktop.resolve1 label=systemd-resolved
|
||||
#aa:dbus common bus=system name=org.freedesktop.resolve1 label="@{p_systemd_resolved}"
|
||||
|
||||
dbus send bus=system path=/org/freedesktop/resolve1
|
||||
interface=org.freedesktop.resolve1.Manager
|
||||
member={SetLink*,ResolveHostname}
|
||||
peer=(name="{@{busname},org.freedesktop.resolve1}", label=systemd-resolved),
|
||||
peer=(name="{@{busname},org.freedesktop.resolve1}", label="@{p_systemd_resolved}"),
|
||||
|
||||
include if exists <abstractions/bus/org.freedesktop.resolve1.d>
|
||||
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@
|
|||
|
||||
abi <abi/4.0>,
|
||||
|
||||
#aa:dbus common bus=system name=org.freedesktop.timedate1 label=systemd-timedated
|
||||
#aa:dbus common bus=system name=org.freedesktop.timedate1 label="@{p_systemd_timedated}"
|
||||
|
||||
include if exists <abstractions/bus/org.freedesktop.timedate1.d>
|
||||
|
||||
|
|
|
|||
|
|
@ -4,12 +4,12 @@
|
|||
|
||||
abi <abi/4.0>,
|
||||
|
||||
#aa:dbus common bus=session name=org.gnome.ArchiveManager1 label=file-roller
|
||||
#aa:dbus common bus=session name=org.gnome.ArchiveManager1 label="@{p_file_roller}"
|
||||
|
||||
dbus send bus=session path=/org/gnome/ArchiveManager1
|
||||
interface=org.gnome.ArchiveManager1
|
||||
member=GetSupportedTypes
|
||||
peer=(name="@{busname}", label=file-roller),
|
||||
peer=(name="@{busname}", label="@{p_file_roller}"),
|
||||
|
||||
include if exists <abstractions/bus/org.gnome.ArchiveManager1.d>
|
||||
|
||||
|
|
|
|||
|
|
@ -25,7 +25,7 @@
|
|||
dbus send bus=system path=/org/freedesktop/login1
|
||||
interface=org.freedesktop.login1.Manager
|
||||
member=ReleaseSession
|
||||
peer=(name=org.freedesktop.login1, label=systemd-logind),
|
||||
peer=(name=org.freedesktop.login1, label="@{p_systemd_logind}"),
|
||||
|
||||
@{etc_ro}/security/group.conf r,
|
||||
@{etc_ro}/security/limits.conf r,
|
||||
|
|
|
|||
|
|
@ -28,7 +28,7 @@
|
|||
network inet6 stream,
|
||||
network netlink raw,
|
||||
|
||||
signal receive set=exists peer=systemd-journald,
|
||||
signal receive set=exists peer=@{p_systemd_journald},
|
||||
signal receive set=hup peer=@{p_systemd},
|
||||
|
||||
unix bind type=stream addr=@@{udbus}/bus/sshd/system,
|
||||
|
|
@ -36,7 +36,7 @@
|
|||
dbus send bus=system path=/org/freedesktop/login1
|
||||
interface=org.freedesktop.login1.Manager
|
||||
member={CreateSession,ReleaseSession,CreateSessionWithPIDFD}
|
||||
peer=(name=org.freedesktop.login1, label=systemd-logind),
|
||||
peer=(name=org.freedesktop.login1, label="@{p_systemd_logind}"),
|
||||
|
||||
/etc/motd r,
|
||||
/etc/locale.conf r,
|
||||
|
|
|
|||
|
|
@ -17,7 +17,7 @@ profile avahi-browse @{exec_path} {
|
|||
dbus receive bus=system path=/Client@{int}/ServiceTypeBrowser@{int}
|
||||
interface=org.freedesktop.Avahi.ServiceTypeBrowser
|
||||
member={ItemNew,AllForNow,CacheExhausted}
|
||||
peer=(name=:*, label=avahi-daemon),
|
||||
peer=(name=:*, label="@{p_avahi_daemon}"),
|
||||
|
||||
@{exec_path} mr,
|
||||
|
||||
|
|
|
|||
|
|
@ -17,12 +17,12 @@ profile avahi-resolve @{exec_path} {
|
|||
dbus send bus=system path=/Client@{int}/AddressResolver@{int}
|
||||
interface=org.freedesktop.Avahi.AddressResolver
|
||||
member={Free,HostNameResolverNew}
|
||||
peer=(name=:*, label=avahi-daemon),
|
||||
peer=(name=:*, label="@{p_avahi_daemon}"),
|
||||
|
||||
dbus receive bus=system path=/Client@{int}/AddressResolver@{int}
|
||||
interface=org.freedesktop.Avahi.AddressResolver
|
||||
member={Failure,Found}
|
||||
peer=(name=:*, label=avahi-daemon),
|
||||
peer=(name=:*, label="@{p_avahi_daemon}"),
|
||||
|
||||
@{exec_path} mr,
|
||||
|
||||
|
|
|
|||
|
|
@ -15,7 +15,7 @@ profile bluetoothctl @{exec_path} {
|
|||
|
||||
network bluetooth raw,
|
||||
|
||||
#aa:dbus talk bus=system name=org.bluez label=bluetoothd
|
||||
#aa:dbus talk bus=system name=org.bluez label="@{p_bluetoothd}"
|
||||
|
||||
@{exec_path} mr,
|
||||
|
||||
|
|
|
|||
|
|
@ -22,7 +22,7 @@ profile obexd @{exec_path} {
|
|||
dbus receive bus=system path=/org/bluez/obex/@{uuid}
|
||||
interface=org.bluez.Profile1
|
||||
member=Release
|
||||
peer=(name=:*, label=bluetoothd),
|
||||
peer=(name=:*, label="@{p_bluetoothd}"),
|
||||
|
||||
@{exec_path} mr,
|
||||
|
||||
|
|
|
|||
|
|
@ -15,6 +15,7 @@ profile ibus-dconf @{exec_path} flags=(attach_disconnected) {
|
|||
include <abstractions/dconf-write>
|
||||
include <abstractions/nameservice-strict>
|
||||
|
||||
signal receive set=kill peer=@{p_systemd_user},
|
||||
signal receive set=term peer=ibus-daemon,
|
||||
|
||||
dbus receive bus=session
|
||||
|
|
|
|||
|
|
@ -29,7 +29,7 @@ profile cups-browsed @{exec_path} {
|
|||
dbus receive bus=system path=/
|
||||
interface=org.freedesktop.Avahi.Server
|
||||
member=StateChanged
|
||||
peer=(name=:*, label=avahi-daemon),
|
||||
peer=(name=:*, label="@{p_avahi_daemon}"),
|
||||
|
||||
dbus receive bus=system path=/org/freedesktop/NetworkManager
|
||||
interface=org.freedesktop.NetworkManager
|
||||
|
|
|
|||
|
|
@ -65,8 +65,8 @@ profile udisksd @{exec_path} flags=(attach_disconnected) {
|
|||
signal receive set=int peer=@{p_systemd},
|
||||
|
||||
#aa:dbus own bus=system name=org.freedesktop.UDisks2
|
||||
#aa:dbus talk bus=system name=org.freedesktop.login1 label=systemd-logind
|
||||
#aa:dbus talk bus=system name=org.freedesktop.PolicyKit1 label=polkitd
|
||||
#aa:dbus talk bus=system name=org.freedesktop.login1 label="@{p_systemd_logind}"
|
||||
#aa:dbus talk bus=system name=org.freedesktop.PolicyKit1 label="@{p_polkitd}"
|
||||
|
||||
@{exec_path} mr,
|
||||
|
||||
|
|
|
|||
|
|
@ -41,8 +41,8 @@ profile flatpak @{exec_path} flags=(attach_disconnected,mediate_deleted,complain
|
|||
signal send peer=flatpak-app,
|
||||
|
||||
#aa:dbus talk bus=session name=org.freedesktop.Flatpak.SessionHelper label=flatpak-session-helper
|
||||
#aa:dbus talk bus=system name=org.freedesktop.Accounts label=accounts-daemon
|
||||
#aa:dbus talk bus=system name=org.freedesktop.PolicyKit1 label=polkitd
|
||||
#aa:dbus talk bus=system name=org.freedesktop.Accounts label="@{p_accounts_daemon}"
|
||||
#aa:dbus talk bus=system name=org.freedesktop.PolicyKit1 label="@{p_polkitd}"
|
||||
|
||||
dbus send bus=session path=/org/freedesktop/portal/documents
|
||||
interface=org.freedesktop.portal.Documents
|
||||
|
|
|
|||
|
|
@ -50,12 +50,12 @@ profile pulseaudio @{exec_path} {
|
|||
dbus receive bus=system path=/Client@{int}/ServiceResolver@{int}
|
||||
interface=org.freedesktop.Avahi.ServiceResolver
|
||||
member=Found
|
||||
peer=(name=:*, label=avahi-daemon),
|
||||
peer=(name=:*, label="@{p_avahi_daemon}"),
|
||||
|
||||
dbus receive bus=system path=/Client@{int}/ServiceBrowser@{int}
|
||||
interface=org.freedesktop.Avahi.ServiceBrowser
|
||||
member=ItemRemove
|
||||
peer=(name=:*, label=avahi-daemon),
|
||||
peer=(name=:*, label="@{p_avahi_daemon}"),
|
||||
|
||||
dbus send bus=system path=/
|
||||
interface=org.freedesktop.DBus.ObjectManager
|
||||
|
|
@ -65,7 +65,7 @@ profile pulseaudio @{exec_path} {
|
|||
dbus send bus=system path=/Client@{int}/ServiceResolver@{int}
|
||||
interface=org.freedesktop.Avahi.ServiceResolver
|
||||
member={Found,Free}
|
||||
peer=(name=org.freedesktop.Avahi, label=avahi-daemon),
|
||||
peer=(name=org.freedesktop.Avahi, label="@{p_avahi_daemon}"),
|
||||
|
||||
@{exec_path} mrix,
|
||||
|
||||
|
|
|
|||
|
|
@ -13,7 +13,7 @@ profile upower @{exec_path} {
|
|||
include <abstractions/bus-system>
|
||||
include <abstractions/consoles>
|
||||
|
||||
#aa:dbus own bus=system name=org.freedesktop.UPower label=upowerd
|
||||
#aa:dbus own bus=system name=org.freedesktop.UPower label="@{p_upowerd}"
|
||||
|
||||
@{exec_path} mr,
|
||||
|
||||
|
|
|
|||
|
|
@ -48,7 +48,7 @@ profile xorg @{exec_path} flags=(attach_disconnected) {
|
|||
dbus send bus=system path=/org/freedesktop/login1/session/*
|
||||
interface=org.freedesktop.login1.Session
|
||||
member=ReleaseControl
|
||||
peer=(name=org.freedesktop.login1, label=systemd-logind),
|
||||
peer=(name=org.freedesktop.login1, label="@{p_systemd_logind}"),
|
||||
|
||||
@{exec_path} mrix,
|
||||
|
||||
|
|
|
|||
|
|
@ -34,8 +34,8 @@ profile gdm @{exec_path} flags=(attach_disconnected) {
|
|||
|
||||
#aa:dbus own bus=system name=org.gnome.DisplayManager
|
||||
|
||||
#aa:dbus talk bus=system name=org.freedesktop.login1 label=systemd-logind
|
||||
#aa:dbus talk bus=system name=org.freedesktop.Accounts label=accounts-daemon
|
||||
#aa:dbus talk bus=system name=org.freedesktop.login1 label="@{p_systemd_logind}"
|
||||
#aa:dbus talk bus=system name=org.freedesktop.Accounts label="@{p_accounts_daemon}"
|
||||
|
||||
@{exec_path} mr,
|
||||
|
||||
|
|
|
|||
|
|
@ -49,13 +49,13 @@ profile gdm-session-worker @{exec_path} flags=(attach_disconnected) {
|
|||
|
||||
unix bind type=stream addr=@@{udbus}/bus/gdm-session-wor/system,
|
||||
|
||||
#aa:dbus talk bus=system name=org.freedesktop.Accounts label=accounts-daemon
|
||||
#aa:dbus talk bus=system name=org.freedesktop.home1 interface=org.freedesktop.home1.Manager label=systemd-homed
|
||||
#aa:dbus talk bus=system name=org.freedesktop.Accounts label="@{p_accounts_daemon}"
|
||||
#aa:dbus talk bus=system name=org.freedesktop.home1 interface=org.freedesktop.home1.Manager label="@{p_systemd_homed}"
|
||||
|
||||
dbus send bus=system path=/org/freedesktop/login1
|
||||
interface=org.freedesktop.login1.Manager
|
||||
member={*Session,CreateSessionWithPIDFD}
|
||||
peer=(name=org.freedesktop.login1, label=systemd-logind),
|
||||
peer=(name=org.freedesktop.login1, label="@{p_systemd_logind}"),
|
||||
|
||||
@{exec_path} mrix,
|
||||
|
||||
|
|
|
|||
|
|
@ -32,7 +32,7 @@ profile gnome-calendar @{exec_path} {
|
|||
#aa:dbus talk bus=session name=org.gnome.evolution.dataserver.Sources@{int} label=evolution-source-registry
|
||||
#aa:dbus talk bus=session name=org.gnome.OnlineAccounts label=goa-daemon
|
||||
#aa:dbus talk bus=session name=org.gnome.SettingsDaemon.Color label=gsd-color
|
||||
#aa:dbus talk bus=system name=org.freedesktop.GeoClue2 label=geoclue
|
||||
#aa:dbus talk bus=system name=org.freedesktop.GeoClue2 label="@{p_geoclue}"
|
||||
|
||||
dbus send bus=session path=/org/gnome/evolution/dataserver/SourceManager{,/**}
|
||||
interface=org.freedesktop.DBus.ObjectManager
|
||||
|
|
|
|||
|
|
@ -45,18 +45,18 @@ profile gnome-control-center @{exec_path} flags=(attach_disconnected) {
|
|||
|
||||
#aa:dbus talk bus=system name=com.ubuntu.WhoopsiePreferences label=whoopsie-preferences
|
||||
#aa:dbus talk bus=system name=net.hadess.SwitcherooControl label=switcheroo-control
|
||||
#aa:dbus talk bus=system name=net.reactivated.Fprint.Manager label=fprintd
|
||||
#aa:dbus talk bus=system name=org.freedesktop.Accounts label=accounts-daemon
|
||||
#aa:dbus talk bus=system name=net.reactivated.Fprint.Manager label="@{p_fprintd}"
|
||||
#aa:dbus talk bus=system name=org.freedesktop.Accounts label="@{p_accounts_daemon}"
|
||||
#aa:dbus talk bus=system name=org.freedesktop.bolt1 label=boltd
|
||||
#aa:dbus talk bus=system name=org.freedesktop.hostname1 label=systemd-hostnamed
|
||||
#aa:dbus talk bus=system name=org.freedesktop.login1 label=systemd-logind
|
||||
#aa:dbus talk bus=system name=org.freedesktop.ModemManager1 label=ModemManager
|
||||
#aa:dbus talk bus=system name=org.freedesktop.hostname1 label="@{p_systemd_hostnamed}"
|
||||
#aa:dbus talk bus=system name=org.freedesktop.login1 label="@{p_systemd_logind}"
|
||||
#aa:dbus talk bus=system name=org.freedesktop.ModemManager1 label="@{p_ModemManager}"
|
||||
#aa:dbus talk bus=system name=org.freedesktop.NetworkManager label=NetworkManager
|
||||
#aa:dbus talk bus=system name=org.freedesktop.PolicyKit1 label=polkitd
|
||||
#aa:dbus talk bus=system name=org.freedesktop.PolicyKit1 label="@{p_polkitd}"
|
||||
#aa:dbus talk bus=system name=org.freedesktop.systemd1 label="@{p_systemd}"
|
||||
#aa:dbus talk bus=system name=org.freedesktop.UDisks2 label=udisksd
|
||||
#aa:dbus talk bus=system name=org.freedesktop.UPower label=upowerd
|
||||
#aa:dbus talk bus=system name=org.freedesktop.UPower.PowerProfiles label=power-profiles-daemon
|
||||
#aa:dbus talk bus=system name=org.freedesktop.UPower label="@{p_upowerd}"
|
||||
#aa:dbus talk bus=system name=org.freedesktop.UPower.PowerProfiles label=@{p_power_profiles_daemon}
|
||||
|
||||
@{exec_path} mr,
|
||||
|
||||
|
|
|
|||
|
|
@ -20,8 +20,8 @@ profile gnome-firmware @{exec_path} {
|
|||
network inet6 stream,
|
||||
network netlink raw,
|
||||
|
||||
#aa:dbus talk bus=system name=org.freedesktop.fwupd label=fwupd path=/
|
||||
#aa:dbus talk bus=system name=org.freedesktop.login1 label=systemd-logind
|
||||
#aa:dbus talk bus=system name=org.freedesktop.fwupd label="@{p_fwupd}" path=/
|
||||
#aa:dbus talk bus=system name=org.freedesktop.login1 label="@{p_systemd_logind}"
|
||||
|
||||
@{exec_path} mr,
|
||||
@{open_path} rPx -> child-open-help,
|
||||
|
|
|
|||
|
|
@ -33,7 +33,7 @@ profile gnome-keyring-daemon @{exec_path} flags=(attach_disconnected) {
|
|||
dbus send bus=system path=/org/freedesktop/login1
|
||||
interface=org.freedesktop.login1.Manager
|
||||
member=GetSession
|
||||
peer=(name=org.freedesktop.login1, label=systemd-logind),
|
||||
peer=(name=org.freedesktop.login1, label="@{p_systemd_logind}"),
|
||||
|
||||
@{exec_path} mr,
|
||||
|
||||
|
|
|
|||
|
|
@ -32,7 +32,7 @@ profile gnome-session-binary @{exec_path} flags=(attach_disconnected) {
|
|||
signal (send) set=(term) peer=gsd-*,
|
||||
|
||||
#aa:dbus own bus=session name=org.gnome.SessionManager
|
||||
#aa:dbus talk bus=system name=org.freedesktop.login1 label=systemd-logind
|
||||
#aa:dbus talk bus=system name=org.freedesktop.login1 label="@{p_systemd_logind}"
|
||||
|
||||
dbus send bus=session path=/org/freedesktop/DBus
|
||||
interface=org.freedesktop.DBus
|
||||
|
|
|
|||
|
|
@ -83,11 +83,11 @@ profile gnome-shell @{exec_path} flags=(attach_disconnected,mediate_deleted) {
|
|||
|
||||
# Talk with gnome-shell
|
||||
|
||||
#aa:dbus talk bus=system name=org.freedesktop.Accounts label=accounts-daemon
|
||||
#aa:dbus talk bus=system name=org.freedesktop.Accounts label="@{p_accounts_daemon}"
|
||||
#aa:dbus talk bus=system name=org.freedesktop.bolt label=boltd
|
||||
#aa:dbus talk bus=system name=org.freedesktop.ColorManager label=colord
|
||||
#aa:dbus talk bus=system name=org.freedesktop.login1 label=systemd-logind
|
||||
#aa:dbus talk bus=system name=org.freedesktop.UPower.PowerProfiles label=power-profiles-daemon
|
||||
#aa:dbus talk bus=system name=org.freedesktop.ColorManager label="@{p_colord}"
|
||||
#aa:dbus talk bus=system name=org.freedesktop.login1 label="@{p_systemd_logind}"
|
||||
#aa:dbus talk bus=system name=org.freedesktop.UPower.PowerProfiles label=@{p_power_profiles_daemon}
|
||||
#aa:dbus talk bus=system name=org.gnome.DisplayManager label=gdm
|
||||
|
||||
#aa:dbus talk bus=session name=com.rastersoft.ding label=gnome-extension-ding
|
||||
|
|
@ -103,11 +103,11 @@ profile gnome-shell @{exec_path} flags=(attach_disconnected,mediate_deleted) {
|
|||
dbus send bus=system path=/org/freedesktop/PolicyKit1/Authority
|
||||
interface=org.freedesktop.PolicyKit1.Authority
|
||||
member=RegisterAuthenticationAgent
|
||||
peer=(name=:*, label=polkitd),
|
||||
peer=(name=:*, label="@{p_polkitd}"),
|
||||
dbus receive bus=system path=/org/freedesktop/PolicyKit1/AuthenticationAgent
|
||||
interface=org.freedesktop.PolicyKit1.AuthenticationAgent
|
||||
member=BeginAuthentication
|
||||
peer=(name=:*, label=polkitd),
|
||||
peer=(name=:*, label="@{p_polkitd}"),
|
||||
|
||||
dbus send bus=system path=/org/freedesktop/NetworkManager/AgentManager
|
||||
interface=org.freedesktop.NetworkManager.AgentManager
|
||||
|
|
|
|||
|
|
@ -28,7 +28,7 @@ profile gsd-color @{exec_path} flags=(attach_disconnected) {
|
|||
|
||||
#aa:dbus own bus=session name=org.gnome.SettingsDaemon.Color
|
||||
|
||||
#aa:dbus talk bus=system name=org.freedesktop.ColorManager label=colord
|
||||
#aa:dbus talk bus=system name=org.freedesktop.ColorManager label="@{p_colord}"
|
||||
|
||||
dbus receive bus=session path=/org/gtk/Settings
|
||||
interface=org.freedesktop.DBus.Properties
|
||||
|
|
|
|||
|
|
@ -24,10 +24,10 @@ profile gsd-housekeeping @{exec_path} flags=(attach_disconnected) {
|
|||
|
||||
#aa:dbus own bus=session name=org.gnome.SettingsDaemon.Housekeeping
|
||||
|
||||
dbus receive bus=session
|
||||
interface=org.freedesktop.DBus.Introspectable
|
||||
member=Introspect
|
||||
peer=(name=:*, label=gnome-shell),
|
||||
dbus send bus=session path=/org/freedesktop/systemd1
|
||||
interface=org.freedesktop.systemd1.Manager
|
||||
member=Subscribe
|
||||
peer=(name=org.freedesktop.systemd1),
|
||||
|
||||
@{exec_path} mr,
|
||||
|
||||
|
|
|
|||
|
|
@ -38,7 +38,7 @@ profile gsd-media-keys @{exec_path} flags=(attach_disconnected) {
|
|||
dbus send bus=system path=/org/freedesktop/login1
|
||||
interface=org.freedesktop.login1.Manager
|
||||
member=PowerOff
|
||||
peer=(name=:*, label=systemd-logind),
|
||||
peer=(name=:*, label="@{p_systemd_logind}"),
|
||||
|
||||
dbus send bus=session path=/
|
||||
interface=org.freedesktop.DBus
|
||||
|
|
|
|||
|
|
@ -43,7 +43,7 @@ profile gsd-power @{exec_path} flags=(attach_disconnected) {
|
|||
dbus send bus=system path=/org/freedesktop/UPower/KbdBacklight
|
||||
interface=org.freedesktop.UPower.KbdBacklight
|
||||
member=GetBrightness
|
||||
peer=(name=:*, label=upowerd),
|
||||
peer=(name=:*, label="@{p_upowerd}"),
|
||||
|
||||
dbus receive bus=session path=/org/gtk/Settings
|
||||
interface=org.freedesktop.DBus.Properties
|
||||
|
|
|
|||
|
|
@ -36,12 +36,7 @@ profile gsd-xsettings @{exec_path} {
|
|||
dbus send bus=system path=/org/freedesktop/Accounts/User@{uid}
|
||||
interface=org.freedesktop.Accounts.User
|
||||
member=SetInputSources
|
||||
peer=(name=:*, label=accounts-daemon),
|
||||
|
||||
dbus send bus=session path=/org/freedesktop/DBus
|
||||
interface=org.freedesktop.DBus
|
||||
member=GetId
|
||||
peer=(name=org.freedesktop.DBus, label="@{p_dbus_session}"),
|
||||
peer=(name=:*, label="@{p_accounts_daemon}"),
|
||||
|
||||
@{exec_path} mr,
|
||||
|
||||
|
|
|
|||
|
|
@ -21,6 +21,11 @@ profile loupe @{exec_path} flags=(attach_disconnected) {
|
|||
|
||||
#aa:dbus talk bus=session name=org.gtk.vfs label="gvfsd{,-*}"
|
||||
|
||||
dbus send bus=system path=/org/freedesktop/hostname1
|
||||
interface=org.freedesktop.DBus.Properties
|
||||
member=GetAll
|
||||
peer=(name=@{busname}, label=@{p_systemd_hostnamed}),
|
||||
|
||||
@{exec_path} mr,
|
||||
|
||||
@{bin}/bwrap rCx -> bwrap,
|
||||
|
|
|
|||
|
|
@ -58,7 +58,7 @@ profile sddm @{exec_path} flags=(attach_disconnected,mediate_deleted) {
|
|||
dbus receive bus=system path=/org/freedesktop/DisplayManager/Seat@{int}
|
||||
interface=org.freedesktop.DBus.Properties
|
||||
member=PropertiesChanged
|
||||
peer=(name=:*, label=systemd-logind),
|
||||
peer=(name=:*, label="@{p_systemd_logind}"),
|
||||
|
||||
dbus send bus=system path=/org/freedesktop/DisplayManager/Seat@{int}
|
||||
interface=org.freedesktop.DBus.Introspectable
|
||||
|
|
|
|||
|
|
@ -46,7 +46,7 @@ profile NetworkManager @{exec_path} flags=(attach_disconnected) {
|
|||
#aa:dbus talk bus=system name=fi.w1.wpa_supplicant1 label=wpa-supplicant
|
||||
#aa:dbus talk bus=system name=org.fedoraproject.FirewallD1 label=firewalld
|
||||
#aa:dbus talk bus=system name=org.freedesktop.nm_dispatcher label=nm-dispatcher
|
||||
#aa:dbus talk bus=system name=org.freedesktop.resolve1 label=systemd-resolved
|
||||
#aa:dbus talk bus=system name=org.freedesktop.resolve1 label="@{p_systemd_resolved}"
|
||||
|
||||
dbus send bus=system path=/org/freedesktop/nm_dispatcher
|
||||
interface=org.freedesktop.nm_dispatcher
|
||||
|
|
@ -60,12 +60,12 @@ profile NetworkManager @{exec_path} flags=(attach_disconnected) {
|
|||
dbus receive bus=system path=/
|
||||
interface=org.freedesktop.DBus.ObjectManager
|
||||
member=InterfacesRemoved
|
||||
peer=(name=:*, label=bluetoothd),
|
||||
peer=(name=:*, label="@{p_bluetoothd}"),
|
||||
|
||||
dbus send bus=system path=/
|
||||
interface=org.freedesktop.DBus.ObjectManager
|
||||
member=GetManagedObjects
|
||||
peer=(name=:*, label=bluetoothd),
|
||||
peer=(name=:*, label="@{p_bluetoothd}"),
|
||||
|
||||
dbus send bus=system path=/org/freedesktop
|
||||
interface=org.freedesktop.DBus.ObjectManager
|
||||
|
|
|
|||
|
|
@ -16,7 +16,7 @@ profile networkd-dispatcher @{exec_path} {
|
|||
dbus receive bus=system path=/org/freedesktop/network1{,/link/*}
|
||||
interface=org.freedesktop.DBus.Properties
|
||||
member=PropertiesChanged
|
||||
peer=(name=:*, label=systemd-networkd),
|
||||
peer=(name=:*, label="@{p_systemd_networkd}"),
|
||||
|
||||
@{exec_path} mr,
|
||||
|
||||
|
|
|
|||
|
|
@ -35,12 +35,12 @@ profile polkit-agent-helper @{exec_path} flags=(attach_disconnected) {
|
|||
dbus send bus=system path=/org/freedesktop/PolicyKit1/Authority
|
||||
interface=org.freedesktop.DBus.Properties
|
||||
member=GetAll
|
||||
peer=(name=:*, label=polkitd),
|
||||
peer=(name=:*, label="@{p_polkitd}"),
|
||||
|
||||
dbus send bus=system path=/org/freedesktop/PolicyKit1/Authority
|
||||
interface=org.freedesktop.PolicyKit1.Authority
|
||||
member=AuthenticationAgentResponse2
|
||||
peer=(name=:*, label=polkitd),
|
||||
peer=(name=:*, label="@{p_polkitd}"),
|
||||
|
||||
@{exec_path} mr,
|
||||
|
||||
|
|
|
|||
|
|
@ -55,7 +55,7 @@ profile snapd @{exec_path} {
|
|||
dbus send bus=system path=/org/freedesktop/
|
||||
interface=org.freedesktop.login1.Manager
|
||||
member={SetWallMessage,ScheduleShutdown}
|
||||
peer=(name=org.freedesktop.login1, label=systemd-logind),
|
||||
peer=(name=org.freedesktop.login1, label="@{p_systemd_logind}"),
|
||||
|
||||
dbus send bus=system path=/org/freedesktop/timedate1
|
||||
interface=org.freedesktop.DBus.Properties
|
||||
|
|
|
|||
|
|
@ -56,7 +56,7 @@ profile sshd @{exec_path} flags=(attach_disconnected) {
|
|||
dbus send bus=system path=/org/freedesktop/login1
|
||||
interface=org.freedesktop.login1.Manager
|
||||
member={CreateSession,ReleaseSession,CreateSessionWithPIDFD}
|
||||
peer=(name=org.freedesktop.login1, label=systemd-logind),
|
||||
peer=(name=org.freedesktop.login1, label="@{p_systemd_logind}"),
|
||||
|
||||
@{exec_path} mrix,
|
||||
|
||||
|
|
|
|||
|
|
@ -19,7 +19,7 @@ profile homectl @{exec_path} {
|
|||
|
||||
signal send peer=child-pager,
|
||||
|
||||
#aa:dbus talk bus=system name=org.freedesktop.home1 label=systemd-homed
|
||||
#aa:dbus talk bus=system name=org.freedesktop.home1 label="@{p_systemd_homed}"
|
||||
|
||||
@{exec_path} mr,
|
||||
|
||||
|
|
|
|||
|
|
@ -15,7 +15,7 @@ profile hostnamectl @{exec_path} {
|
|||
|
||||
capability net_admin,
|
||||
|
||||
#aa:dbus talk bus=system name=org.freedesktop.hostname1 label=systemd-hostnamed
|
||||
#aa:dbus talk bus=system name=org.freedesktop.hostname1 label="@{p_systemd_hostnamed}"
|
||||
dbus send bus=system path=/org/freedesktop/hostname1
|
||||
interface=org.freedesktop.DBus.Properties
|
||||
member=GetAll
|
||||
|
|
|
|||
|
|
@ -16,7 +16,7 @@ profile localectl @{exec_path} {
|
|||
|
||||
signal send set=cont peer=child-pager,
|
||||
|
||||
#aa:dbus talk bus=system name=org.freedesktop.locale1 label=systemd-localed
|
||||
#aa:dbus talk bus=system name=org.freedesktop.locale1 label="@{p_systemd_localed}"
|
||||
|
||||
@{exec_path} mr,
|
||||
|
||||
|
|
|
|||
|
|
@ -20,7 +20,7 @@ profile loginctl @{exec_path} flags=(attach_disconnected) {
|
|||
|
||||
signal send set=cont peer=child-pager,
|
||||
|
||||
#aa:dbus talk bus=system name=org.freedesktop.login1 label=systemd-logind
|
||||
#aa:dbus talk bus=system name=org.freedesktop.login1 label="@{p_systemd_logind}"
|
||||
|
||||
@{exec_path} mr,
|
||||
|
||||
|
|
|
|||
|
|
@ -26,7 +26,7 @@ profile networkctl @{exec_path} flags=(attach_disconnected) {
|
|||
|
||||
unix (bind) type=stream addr=@@{udbus}/bus/networkctl/system,
|
||||
|
||||
#aa:dbus talk bus=system name=org.freedesktop.network1 label=systemd-networkd
|
||||
#aa:dbus talk bus=system name=org.freedesktop.network1 label="@{p_systemd_networkd}"
|
||||
dbus send bus=system path=/org/freedesktop/network1{,/**}
|
||||
interface=org.freedesktop.DBus.Properties
|
||||
member=Get
|
||||
|
|
|
|||
|
|
@ -15,7 +15,7 @@ profile resolvectl @{exec_path} {
|
|||
|
||||
signal send set=cont peer=child-pager,
|
||||
|
||||
#aa:dbus talk bus=system name=org.freedesktop.resolve1 label=systemd-resolved
|
||||
#aa:dbus talk bus=system name=org.freedesktop.resolve1 label="@{p_systemd_resolved}"
|
||||
|
||||
@{exec_path} mr,
|
||||
|
||||
|
|
|
|||
|
|
@ -14,7 +14,7 @@ profile systemd-inhibit @{exec_path} flags=(attach_disconnected) {
|
|||
capability net_admin,
|
||||
capability sys_resource,
|
||||
|
||||
signal receive set=term peer=packagekitd,
|
||||
signal receive set=term peer=@{p_packagekitd},
|
||||
|
||||
@{exec_path} mr,
|
||||
|
||||
|
|
|
|||
|
|
@ -42,7 +42,7 @@ profile systemd-networkd @{exec_path} flags=(attach_disconnected) {
|
|||
dbus send bus=system path=/org/freedesktop/hostname1
|
||||
interface=org.freedesktop.hostname1
|
||||
member=SetHostname
|
||||
peer=(name=org.freedesktop.hostname1, label=systemd-hostnamed),
|
||||
peer=(name=org.freedesktop.hostname1, label="@{p_systemd_hostnamed}"),
|
||||
|
||||
@{exec_path} mr,
|
||||
|
||||
|
|
|
|||
|
|
@ -22,7 +22,7 @@ profile systemd-timesyncd @{exec_path} flags=(attach_disconnected) {
|
|||
network inet6 stream,
|
||||
|
||||
unix (bind) type=stream addr=@@{udbus}/bus/systemd-timesyn/bus-api-timesync,
|
||||
unix (send, receive) type=dgram addr=none peer=(label=@{p_systemd}, addr=none),
|
||||
unix (send, receive) type=dgram addr=none peer=(label=@{p_sd}, addr=none),
|
||||
|
||||
#aa:dbus own bus=system name=org.freedesktop.timesync1
|
||||
|
||||
|
|
|
|||
|
|
@ -20,7 +20,7 @@ profile systemd-tty-ask-password-agent @{exec_path} {
|
|||
signal receive set=(term cont winch) peer=*//systemctl,
|
||||
signal receive set=(term cont winch) peer=deb-systemd-invoke,
|
||||
signal receive set=(term cont winch) peer=default,
|
||||
signal receive set=(term cont winch) peer=logrotate,
|
||||
signal receive set=(term cont winch) peer=@{p_logrotate},
|
||||
signal receive set=(term cont winch) peer=makepkg//sudo,
|
||||
signal receive set=(term cont winch) peer=role_*,
|
||||
signal receive set=(term cont winch) peer=rpm,
|
||||
|
|
|
|||
|
|
@ -24,7 +24,7 @@ profile chsh @{exec_path} {
|
|||
|
||||
network netlink raw,
|
||||
|
||||
#aa:dbus talk bus=system name=org.freedesktop.home1 label=systemd-homed
|
||||
#aa:dbus talk bus=system name=org.freedesktop.home1 label="@{p_systemd_homed}"
|
||||
|
||||
@{exec_path} mr,
|
||||
|
||||
|
|
|
|||
|
|
@ -34,7 +34,7 @@ profile login @{exec_path} flags=(attach_disconnected) {
|
|||
|
||||
ptrace read,
|
||||
|
||||
#aa:dbus talk bus=system name=org.freedesktop.login1 label=systemd-logind
|
||||
#aa:dbus talk bus=system name=org.freedesktop.login1 label="@{p_systemd_logind}"
|
||||
|
||||
@{exec_path} mr,
|
||||
|
||||
|
|
|
|||
|
|
@ -30,7 +30,7 @@ profile evince @{exec_path} {
|
|||
|
||||
#aa:dbus own bus=session name=org.gnome.evince
|
||||
|
||||
#aa:dbus talk bus=session name=org.gnome.SettingsDaemon.MediaKeys label=gsd-media-keys
|
||||
#aa:dbus talk bus=session name=org.gnome.SettingsDaemon.MediaKeys label="@{p_gsd_media_keys}"
|
||||
#aa:dbus talk bus=session name=org.gtk.vfs label="gvfsd{,-*}"
|
||||
|
||||
@{exec_path} rix,
|
||||
|
|
|
|||
|
|
@ -27,7 +27,7 @@ profile fwupdmgr @{exec_path} flags=(attach_disconnected) {
|
|||
network inet6 dgram,
|
||||
network netlink raw,
|
||||
|
||||
#aa:dbus talk bus=system name=org.freedesktop.fwupd label=fwupd path=/
|
||||
#aa:dbus talk bus=system name=org.freedesktop.fwupd label="@{p_fwupd}" path=/
|
||||
|
||||
@{exec_path} mr,
|
||||
|
||||
|
|
|
|||
|
|
@ -34,7 +34,7 @@ profile qemu-ga @{exec_path} {
|
|||
|
||||
unix type=stream addr=@@{udbus}/bus/shutdown/system,
|
||||
|
||||
#aa:dbus talk bus=system name=org.freedesktop.login1 label=systemd-logind
|
||||
#aa:dbus talk bus=system name=org.freedesktop.login1 label="@{p_systemd_logind}"
|
||||
|
||||
include if exists <local/qemu-ga_systemctl>
|
||||
}
|
||||
|
|
|
|||
|
|
@ -8,10 +8,10 @@
|
|||
# All variables that refer to a profile name should be prefixed with `p_`
|
||||
|
||||
# Name of the systemd profiles. Can be `unconfined` or `systemd`, `systemd-user`
|
||||
@{p_systemd}=unconfined
|
||||
@{p_systemd_executor}=unconfined
|
||||
@{p_sd}=unconfined
|
||||
@{p_sdu}=unconfined
|
||||
@{p_systemd_user}=unconfined
|
||||
@{p_systemd_user_executor}=unconfined
|
||||
@{p_systemd}=unconfined
|
||||
|
||||
# Name of the dbus daemon profiles
|
||||
@{p_dbus_accessibility}=dbus-accessibility
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue