Fix #184 (#185)

* Replace @{HOME}/.config with @{user_config_dirs} * Replace @{HOME}/.cache with @{user_cache_dirs} * Replace @{HOME}/.local/state with @{user_state_dirs} * Add missing user_share_dirs to apparmor.d/tunables/home.d/apparmor.d * Update docs/variables.md * Replace @{HOME}/.local/share with @{user_share_dirs} * Replace @{HOME}/.local/lib with @{user_lib_dirs} * Revert "Add missing user_share_dirs to apparmor.d/tunables/home.d/apparmor.d" This reverts commit 9525003098.
2023-07-27 13:20:19 +02:00 · 2023-07-27 13:20:19 +02:00 · 0f9b7cb474
commit 0f9b7cb474
parent fe0238250a
26 changed files with 75 additions and 73 deletions
--- a/apparmor.d/profiles-a-f/amixer
+++ b/apparmor.d/profiles-a-f/amixer
@ -21,7 +21,7 @@ profile amixer @{exec_path} {

  owner @{HOME}/.Xauthority r,

-  owner @{HOME}/.config/pulse/ r,
+  owner @{user_config_dirs}/pulse/ r,

  owner @{PROC}/@{pid}/task/@{tid}/comm rw,

--- a/apparmor.d/profiles-a-f/anki
+++ b/apparmor.d/profiles-a-f/anki
@ -70,7 +70,7 @@ profile anki @{exec_path} {
  owner @{user_share_dirs}/Anki{,2}/** rwk,

  owner @{HOME}/ r,
-  owner @{HOME}/.cache/ rw,
+  owner @{user_cache_dirs}/ rw,

  # To remove the following error:
  #  Error initializing NSS with a persistent database
--- a/apparmor.d/profiles-a-f/deltachat-desktop
+++ b/apparmor.d/profiles-a-f/deltachat-desktop
@ -44,8 +44,8 @@ profile deltachat-desktop @{exec_path} {
  @{DCD_LIBDIR}/resources/app.asar.unpacked/node_modules/**.so.[0-9]* mr,
  @{DCD_LIBDIR}/chrome-sandbox rPx,

-  owner @{HOME}/.config/DeltaChat/ rw,
-  owner @{HOME}/.config/DeltaChat/** rwk,
+  owner @{user_config_dirs}/DeltaChat/ rw,
+  owner @{user_config_dirs}/DeltaChat/** rwk,

  owner /tmp/@{hex}/ rw,
  owner /tmp/@{hex}/db.sqlite-blobs/ rw,
--- a/apparmor.d/profiles-a-f/dring
+++ b/apparmor.d/profiles-a-f/dring
@ -19,10 +19,10 @@ profile dring @{exec_path} {

  @{exec_path} mr,

-  owner @{HOME}/.config/ring/ rw,
-  owner @{HOME}/.config/jami/dring.yml rw,
-  owner @{HOME}/.config/jami/dring.yml.bak w,
-  owner @{HOME}/.local/share/jami/ r,
+  owner @{user_config_dirs}/ring/ rw,
+  owner @{user_config_dirs}/jami/dring.yml rw,
+  owner @{user_config_dirs}/jami/dring.yml.bak w,
+  owner @{user_share_dirs}/jami/ r,

  @{sys}/class/ r,
  @{sys}/bus/ r,
--- a/apparmor.d/profiles-a-f/dunst
+++ b/apparmor.d/profiles-a-f/dunst
@ -16,7 +16,7 @@ profile dunst @{exec_path} {
  @{exec_path} mr,

  /etc/xdg/dunst/dunstrc r,
-  owner @{HOME}/.config/dunst/dunstrc r,
+  owner @{user_config_dirs}/dunst/dunstrc r,

  owner @{HOME}/.Xauthority r,

--- a/apparmor.d/profiles-a-f/fritzing
+++ b/apparmor.d/profiles-a-f/fritzing
@ -29,7 +29,7 @@ profile fritzing @{exec_path} {
  @{exec_path} mrix,

  owner @{user_config_dirs}/Fritzing/ rw,
-  owner @{user_config_dirs}/Fritzing/** rwkl -> @{HOME}/.config/Fritzing/**,
+  owner @{user_config_dirs}/Fritzing/** rwkl -> @{user_config_dirs}/Fritzing/**,

  owner @{HOME}/@{XDG_DOCUMENTS_DIR}/Fritzing/ rw,
  owner @{HOME}/@{XDG_DOCUMENTS_DIR}/Fritzing/** rw,
--- a/apparmor.d/profiles-a-f/fuseiso
+++ b/apparmor.d/profiles-a-f/fuseiso
@ -15,7 +15,7 @@ profile fuseiso @{exec_path} {
  # Be able to mount ISO images
  mount fstype=fuse.fuseiso -> @{HOME}/*/,
  mount fstype=fuse.fuseiso -> @{HOME}/*/*/,
-  mount fstype=fuse.fuseiso -> @{HOME}/.cache/**/,
+  mount fstype=fuse.fuseiso -> @{user_cache_dirs}/**/,

  @{exec_path} mr,

@ -24,7 +24,7 @@ profile fuseiso @{exec_path} {
  # Where to mount ISO files
  owner @{HOME}/*/ rw,
  owner @{HOME}/*/*/ rw,
-  owner @{HOME}/.cache/**/ r,
+  owner @{user_cache_dirs}/**/ r,

  owner @{HOME}/.mtab.fuseiso rwk,
  owner @{HOME}/.mtab.fuseiso.new rw,
@ -45,7 +45,7 @@ profile fuseiso @{exec_path} {

    mount fstype={fuse,fuse.fuseiso} -> @{HOME}/*/,
    mount fstype={fuse,fuse.fuseiso} -> @{HOME}/*/*/,
-    mount fstype={fuse,fuse.fuseiso} -> @{HOME}/.cache/**/,
+    mount fstype={fuse,fuse.fuseiso} -> @{user_cache_dirs}/**/,

    @{bin}/fusermount{,3} mr,

--- a/apparmor.d/profiles-a-f/fusermount
+++ b/apparmor.d/profiles-a-f/fusermount
@ -30,7 +30,7 @@ profile fusermount @{exec_path} {
  # Be able to mount ISO images
  mount fstype={fuse,fuse.*} -> @{HOME}/*/,
  mount fstype={fuse,fuse.*} -> @{HOME}/*/*/,
-  mount fstype={fuse,fuse.*} -> @{HOME}/.cache/**/,
+  mount fstype={fuse,fuse.*} -> @{user_cache_dirs}/**/,
  mount fstype={fuse,fuse.*} -> @{MOUNTS}/*/,
  mount fstype={fuse,fuse.*} -> @{MOUNTS}/*/*/,
  mount fstype={fuse,fuse.*} -> @{run}/user/@{uid}/*/,
@ -38,7 +38,7 @@ profile fusermount @{exec_path} {

  umount @{HOME}/*/,
  umount @{HOME}/*/*/,
-  umount @{HOME}/.cache/**/,
+  umount @{user_cache_dirs}/**/,
  umount @{MOUNTS}/*/,
  umount @{MOUNTS}/*/*/,
  umount /tmp/.mount_*/,