feat(profiles): general update.
This commit is contained in:
Alexandre Pujol
parent
58b96a7ba9
commit
177d27d94c
19 changed files with 106 additions and 73 deletions
|
|
@ -10,9 +10,8 @@ include <tunables/global>
|
|||
profile gnome-control-center @{exec_path} flags=(attach_disconnected) {
|
||||
include <abstractions/base>
|
||||
include <abstractions/audio>
|
||||
include <abstractions/dbus-network-manager-strict>
|
||||
include <abstractions/dbus-session-strict>
|
||||
include <abstractions/dbus-strict>
|
||||
include <abstractions/dbus-session>
|
||||
include <abstractions/dbus>
|
||||
include <abstractions/dconf-write>
|
||||
include <abstractions/dri-common>
|
||||
include <abstractions/dri-enumerate>
|
||||
|
|
@ -35,54 +34,6 @@ profile gnome-control-center @{exec_path} flags=(attach_disconnected) {
|
|||
signal (send) set=(kill) peer=unconfined,
|
||||
signal (send) set=(kill) peer=passwd,
|
||||
|
||||
dbus send bus=system path=/org/freedesktop{,ModemManager[0-9],UDisks2}
|
||||
interface=org.freedesktop.DBus.ObjectManager
|
||||
member=GetManagedObjects,
|
||||
|
||||
dbus send bus=system path=/net/reactivated/Fprint/Manager
|
||||
interface=net.reactivated.Fprint.Manager
|
||||
member=GetDevices,
|
||||
|
||||
dbus send bus=system path=/net/reactivated/Fprint/Manager
|
||||
interface=org.freedesktop.DBus.Properties
|
||||
member=GetAll,
|
||||
|
||||
dbus send bus=system path=/org/freedesktop/PolicyKit[0-9]/Authority
|
||||
interface=org.freedesktop.DBus.Properties
|
||||
member=GetAll,
|
||||
|
||||
dbus send bus=system path=/org/freedesktop/PolicyKit[0-9]/Authority
|
||||
interface=org.freedesktop.PolicyKit[0-9].Authority
|
||||
member=CheckAuthorization,
|
||||
|
||||
dbus send bus=system path=/org/freedesktop/Accounts/User[0-9]*
|
||||
interface=org.freedesktop.DBus.Properties
|
||||
member=GetAll,
|
||||
|
||||
dbus send bus=system path=/org/freedesktop/Accounts
|
||||
interface=org.freedesktop.Accounts
|
||||
member={ListCachedUsers,FindUserById},
|
||||
|
||||
dbus send bus=system path=/net/hadess/SwitcherooControl
|
||||
interface=org.freedesktop.DBus.Properties
|
||||
member=GetAll,
|
||||
|
||||
dbus send bus=system path=/org/freedesktop/hostname[0-9]
|
||||
interface=org.freedesktop.DBus.Properties
|
||||
member=GetAll,
|
||||
|
||||
dbus send bus=system path=/org/freedesktop/NetworkManager
|
||||
interface=org.freedesktop.NetworkManager
|
||||
member=GetPermissions,
|
||||
|
||||
dbus send bus=system path=/org/freedesktop/NetworkManager/Settings/[0-9]*
|
||||
interface=org.freedesktop.NetworkManager.Settings.Connection
|
||||
member=GetSettings,
|
||||
|
||||
dbus send bus=system path=/org/freedesktop/systemd[0-9]
|
||||
interface=org.freedesktop.DBus.Properties
|
||||
member={GetAll,Get},
|
||||
|
||||
@{exec_path} mr,
|
||||
|
||||
/{usr/,}bin/{,b,d,rb}ash rUx,
|
||||
|
|
@ -101,7 +52,7 @@ profile gnome-control-center @{exec_path} flags=(attach_disconnected) {
|
|||
/{usr/,}lib/webkit2gtk-{3,4}.0/WebKitNetworkProcess rix,
|
||||
/usr/share/language-tools/language2locale rix,
|
||||
|
||||
/snap/*/[0-9]*/*.png r,
|
||||
/snap/*/[0-9]*/**.png r,
|
||||
/usr/share/backgrounds/{,**} r,
|
||||
/usr/share/cups/data/testprint r,
|
||||
/usr/share/egl/{,**} r,
|
||||
|
|
@ -109,12 +60,13 @@ profile gnome-control-center @{exec_path} flags=(attach_disconnected) {
|
|||
/usr/share/gnome-background-properties/{,**} r,
|
||||
/usr/share/gnome-bluetooth{-*,}/{,**} r,
|
||||
/usr/share/gnome-color-manager/{,**} r,
|
||||
/usr/share/gnome-control-center/{,**} r,
|
||||
/usr/share/gnome-shell/search-providers/{,**} r,
|
||||
/usr/share/gnome/gnome-version.xml r,
|
||||
/usr/share/mime/{,**} r,
|
||||
/usr/share/pipewire/client.conf r,
|
||||
/usr/share/thumbnailers/{,*} r,
|
||||
/usr/share/ubuntu/applications/ r,
|
||||
/usr/share/ubuntu/applications/{,*} r,
|
||||
/usr/share/xml/iso-codes/iso_[0-9]*-[0-9]*.xml r,
|
||||
/usr/share/zoneinfo/{,**} r,
|
||||
|
||||
|
|
@ -135,9 +87,11 @@ profile gnome-control-center @{exec_path} flags=(attach_disconnected) {
|
|||
owner @{user_cache_dirs}/thumbnails/{,**} rw,
|
||||
owner @{user_config_dirs}/gnome-control-center/{,**} rw,
|
||||
owner @{user_config_dirs}/ibus/bus/{,[0-9a-f]*-unix-wayland-[0-9]} r,
|
||||
owner @{user_config_dirs}/mimeapps.list.* rw,
|
||||
owner @{user_share_dirs}/backgrounds/{,**} rw,
|
||||
owner @{user_share_dirs}/gvfs-metadata/{,*} r,
|
||||
owner @{user_share_dirs}/icc/{,edid-*} r,
|
||||
owner @{user_share_dirs}/sounds/__custom/{,*} rw,
|
||||
owner @{user_share_dirs}/webkitgtk/{,**} r,
|
||||
owner @{user_share_dirs}/webkitgtk/databases/indexeddb/* rw,
|
||||
owner @{user_share_dirs}/webkitgtk/localstorage/{,**} rwk,
|
||||
|
|
@ -145,10 +99,11 @@ profile gnome-control-center @{exec_path} flags=(attach_disconnected) {
|
|||
owner @{run}/user/@{uid}/gnome-shell-disable-extensions w,
|
||||
owner @{run}/user/@{uid}/pipewire-[0-9]* rw,
|
||||
owner @{run}/user/@{uid}/webkitgtk/{,**} rw,
|
||||
@{run}/systemd/users/@{uid} r,
|
||||
@{run}/cups/cups.sock rw,
|
||||
@{run}/samba/ rw,
|
||||
@{run}/systemd/sessions/ r,
|
||||
@{run}/systemd/sessions/* r,
|
||||
@{run}/cups/cups.sock rw,
|
||||
@{run}/systemd/users/@{uid} r,
|
||||
|
||||
@{run}/udev/data/+dmi:* r,
|
||||
@{run}/udev/data/+input* r, # for mouse, keyboard, touchpad
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue