felipe/apparmor.d
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat: profiles update.

Browse source
This commit is contained in:
Alexandre Pujol 2022-04-13 22:04:36 +01:00
parent ef9c451559
commit 1ad60d3b1c
No known key found for this signature in database
GPG key ID: C5469996F0DF68EC
14 changed files with 56 additions and 35 deletions
Download patch file Download diff file Expand all files Collapse all files

16
apparmor.d/groups/gpg/gpg-agent
View file

@ -43,6 +43,13 @@ profile gpg-agent @{exec_path} {
owner @{HOME}/@{XDG_PROJECTS_DIR}/**/{.,}gnupg/S.gpg-agent{,.ssh,.browser,.extra} rw,
owner @{HOME}/@{XDG_PROJECTS_DIR}/**/{.,}gnupg/sshcontrol r,
owner @{run}/user/@{uid}/gnupg/ rw,
owner @{run}/user/@{uid}/gnupg/gpg-agent.conf r,
owner @{run}/user/@{uid}/gnupg/private-keys-v1.d/ rw,
owner @{run}/user/@{uid}/gnupg/private-keys-v1.d/[0-9A-F]*.key rw,
owner @{run}/user/@{uid}/gnupg/S.gpg-agent{,.ssh,.browser,.extra} rw,
owner @{run}/user/@{uid}/gnupg/sshcontrol r,
owner @{user_tmp_dirs}/**/{.,}gnupg/ rw,
owner @{user_tmp_dirs}/**/{.,}gnupg/gpg-agent.conf r,
owner @{user_tmp_dirs}/**/{.,}gnupg/private-keys-v1.d/ rw,
@ -68,14 +75,7 @@ profile gpg-agent @{exec_path} {
owner /tmp/tmp.*/gnupg/S.gpg-agent rw,
owner /tmp/tmp.*/gnupg/sshcontrol r,
# For debuild
owner /tmp/dpkg-import-key.*/private-keys-v1.d/ w,
owner @{run}/user/@{uid}/gnupg/d.*/S.gpg-agent{,.extra,.browser,.ssh} w,
@{PROC}/@{pid}/fd/ r,
# file_inherit
owner @{HOME}/.xsession-errors w,
owner @{PROC}/@{pid}/fd/ r,
# Silencer
deny /{usr/,}bin/.gnupg/ w,