felipe/apparmor.d
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fix #184 (#185)

Browse source 
* Replace @{HOME}/.config with @{user_config_dirs}

* Replace @{HOME}/.cache with @{user_cache_dirs}

* Replace @{HOME}/.local/state with @{user_state_dirs}

* Add missing user_share_dirs to apparmor.d/tunables/home.d/apparmor.d

* Update docs/variables.md

* Replace @{HOME}/.local/share with @{user_share_dirs}

* Replace @{HOME}/.local/lib with @{user_lib_dirs}

* Revert "Add missing user_share_dirs to apparmor.d/tunables/home.d/apparmor.d"

This reverts commit 9525003098.
This commit is contained in:
ShellCode 2023-07-27 13:20:19 +02:00 committed by GitHub
parent fe0238250a
commit 0f9b7cb474
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
26 changed files with 75 additions and 73 deletions
Download patch file Download diff file Expand all files Collapse all files

6
apparmor.d/profiles-g-l/gajim
View file

@ -72,8 +72,8 @@ profile gajim @{exec_path} {
owner @{user_cache_dirs}/gajim/ rw,
owner @{user_cache_dirs}/gajim/** rwk,
owner @{HOME}/.cache/farstream/ rw,
owner @{HOME}/.cache/farstream/codecs.audio.x86_64.cache{,.tmp*} rw,
owner @{user_cache_dirs}/farstream/ rw,
owner @{user_cache_dirs}/farstream/codecs.audio.x86_64.cache{,.tmp*} rw,
owner @{PROC}/@{pid}/fd/ r,
owner @{PROC}/@{pid}/mounts r,
@ -135,7 +135,7 @@ profile gajim @{exec_path} {
owner @{HOME}/@{XDG_GPG_DIR}/** rwkl -> @{HOME}/@{XDG_GPG_DIR}/**,
owner @{user_share_dirs}/gajim/openpgp/ rw,
owner @{user_share_dirs}/gajim/openpgp/** rwkl -> @{HOME}/.local/share/gajim/openpgp/**,
owner @{user_share_dirs}/gajim/openpgp/** rwkl -> @{user_share_dirs}/gajim/openpgp/**,
# "Without owner
@{PROC}/@{pid}/fd/ r,

20
apparmor.d/profiles-g-l/jami-gnome
View file

@ -24,19 +24,19 @@ profile jami-gnome @{exec_path} {
@{exec_path} mr,
owner @{HOME}/.cache/ rw,
owner @{HOME}/.cache/jami-gnome/ rw,
owner @{HOME}/.cache/jami-gnome/** rw,
owner @{user_cache_dirs}/ rw,
owner @{user_cache_dirs}/jami-gnome/ rw,
owner @{user_cache_dirs}/jami-gnome/** rw,
owner @{HOME}/.local/share/jami/ rw,
owner @{HOME}/.local/share/jami/** rwkl -> @{HOME}/.local/share/jami/,
owner @{user_share_dirs}/jami/ rw,
owner @{user_share_dirs}/jami/** rwkl -> @{user_share_dirs}/jami/,
owner @{HOME}/.config/autostart/jami-gnome.desktop w,
owner @{user_config_dirs}/autostart/jami-gnome.desktop w,
owner @{HOME}/.local/share/ r,
owner @{HOME}/.local/share/webkitgtk/deviceidhashsalts/1/ r,
owner @{HOME}/.local/share/webkitgtk/databases/indexeddb/v0 w,
owner @{HOME}/.local/share/webkitgtk/databases/indexeddb/v1/ w,
owner @{user_share_dirs}/ r,
owner @{user_share_dirs}/webkitgtk/deviceidhashsalts/1/ r,
owner @{user_share_dirs}/webkitgtk/databases/indexeddb/v0 w,
owner @{user_share_dirs}/webkitgtk/databases/indexeddb/v1/ w,
@{lib}/@{multiarch}/webkit2gtk-4.0/WebKitNetworkProcess rix,
@{lib}/@{multiarch}/webkit2gtk-4.0/WebKitWebProcess rix,

6
apparmor.d/profiles-g-l/jmtpfs
View file

@ -24,11 +24,11 @@ profile jmtpfs @{exec_path} {
owner @{HOME}/*/ r,
owner @{HOME}/*/*/ r,
owner @{HOME}/.cache/*/mtp{,-[0-9]*}/ rw,
owner @{user_cache_dirs}/*/mtp{,-[0-9]*}/ rw,
mount fstype={fuse,fuse.jmtpfs} -> @{HOME}/*/,
mount fstype={fuse,fuse.jmtpfs} -> @{HOME}/*/*/,
mount fstype={fuse,fuse.jmtpfs} -> @{HOME}/.cache/*/*/,
mount fstype={fuse,fuse.jmtpfs} -> @{user_cache_dirs}/*/*/,
/etc/magic r,
@ -49,7 +49,7 @@ profile jmtpfs @{exec_path} {
mount fstype={fuse,fuse.jmtpfs} -> @{HOME}/*/,
mount fstype={fuse,fuse.jmtpfs} -> @{HOME}/*/*/,
mount fstype={fuse,fuse.jmtpfs} -> @{HOME}/.cache/*/*/,
mount fstype={fuse,fuse.jmtpfs} -> @{user_cache_dirs}/*/*/,
/etc/fuse.conf r,