felipe/apparmor.d
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat(profile): general update.

Browse source
This commit is contained in:
Alexandre Pujol 2024-04-03 21:04:18 +01:00
parent 4490db45c9
commit 095254864f
No known key found for this signature in database
GPG key ID: C5469996F0DF68EC
26 changed files with 52 additions and 37 deletions
Download patch file Download diff file Expand all files Collapse all files

4
apparmor.d/profiles-a-f/cups-notifier-dbus
View file

@ -17,7 +17,9 @@ profile cups-notifier-dbus @{exec_path} {
@{exec_path} mr,
/tmp/cups-dbus-notifier-lockfile rwk,
/etc/cups/client.conf r,
owner /tmp/cups-dbus-notifier-lockfile rwk,
include if exists <local/cups-notifier-dbus>
}

2
apparmor.d/profiles-a-f/evince
View file

@ -17,6 +17,7 @@ profile evince @{exec_path} {
include <abstractions/gnome-strict>
include <abstractions/ibus>
include <abstractions/nameservice-strict>
include <abstractions/thumbnails-cache-write>
include <abstractions/user-download-strict>
include <abstractions/user-read-strict>
include <abstractions/user-write-strict>
@ -46,7 +47,6 @@ profile evince @{exec_path} {
owner @{user_share_dirs}/ r,
owner @{user_share_dirs}/gvfs-metadata/{,*} r,
owner @{user_cache_dirs}/thumbnails/{,**} rw,
owner @{user_config_dirs}/evince/{,*} rw,
owner /tmp/*.pdf r,

3
apparmor.d/profiles-a-f/flatpak
View file

@ -14,7 +14,7 @@ profile flatpak @{exec_path} flags=(attach_disconnected,mediate_deleted,complain
include <abstractions/bus/org.freedesktop.Accounts>
include <abstractions/consoles>
include <abstractions/dconf-write>
include <abstractions/gnome-strict>
include <abstractions/desktop>
include <abstractions/nameservice-strict>
include <abstractions/ssl_certs>
@ -86,6 +86,7 @@ profile flatpak @{exec_path} flags=(attach_disconnected,mediate_deleted,complain
@{sys}/module/nvidia/version r,
@{PROC}/sys/fs/pipe-max-size r,
owner @{PROC}/@{pid}/fdinfo/@{int} r,
owner @{PROC}/@{pid}/stat r,
/dev/fuse rw,

6
apparmor.d/profiles-a-f/flatpak-app
View file

@ -24,7 +24,6 @@ include <tunables/global>
profile flatpak-app flags=(attach_disconnected,mediate_deleted) {
include <abstractions/base>
include <abstractions/bus-system>
include <abstractions/bus/org.freedesktop.NetworkManager>
include <abstractions/common/app>
include <abstractions/common/bwrap>
@ -76,11 +75,12 @@ profile flatpak-app flags=(attach_disconnected,mediate_deleted) {
/var/tmp/etilqs_@{hex} rw,
@{run}/.userns r,
owner @{run}/user/@{uid}/*.kioworker.socket r,
owner @{run}/user/@{uid}/#@{int} rwl,
owner @{run}/flatpak/{,**} rk,
owner @{run}/flatpak/app/*/*ipc* rw,
owner @{run}/flatpak/doc/** rw,
owner @{run}/ld-so-cache-dir/* rw,
owner @{run}/user/@{uid}/*.kioworker.socket r,
owner @{run}/user/@{uid}/#@{int} rwl,
include if exists <usr/flatpak-app.d>
include if exists <local/flatpak-app>

3
apparmor.d/profiles-a-f/flatpak-system-helper
View file

@ -48,7 +48,8 @@ profile flatpak-system-helper @{exec_path} {
@{PROC}/@{pid}/stat r,
owner @{PROC}/@{pid}/fd/ r,
owner @{PROC}/@{pid}/fdinfo/@{int} r,
profile gpg {
include <abstractions/base>
include <abstractions/nameservice-strict>