felipe/apparmor.d
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat(dbus): rewrite some dbus rules (4).

Browse source
This commit is contained in:
Alexandre Pujol 2023-12-04 18:52:10 +00:00
parent d1affd31f6
commit 2432414ae2
No known key found for this signature in database
GPG key ID: C5469996F0DF68EC
13 changed files with 61 additions and 143 deletions
Download patch file Download diff file Expand all files Collapse all files

7
apparmor.d/profiles-g-l/login
View file

@ -10,10 +10,11 @@ include <tunables/global>
profile login @{exec_path} flags=(attach_disconnected) {
include <abstractions/base>
include <abstractions/authentication>
include <abstractions/bus/login>
include <abstractions/consoles>
include <abstractions/dbus-strict>
include <abstractions/nameservice-strict>
include <abstractions/wutmp>
include <abstractions/dbus-strict>
capability audit_write,
capability chown,
@ -34,10 +35,6 @@ profile login @{exec_path} flags=(attach_disconnected) {
ptrace read,
dbus send bus=system path=/org/freedesktop/login1
interface=org.freedesktop.login1.*
peer=(name=org.freedesktop.login1),
@{exec_path} mr,
@{bin}/{,z,ba,da}sh rUx,