feat(profiles): replace old [0-9]* glob by @{int}
Beware some [0-9]* glob are actually not proper @{int}.
This commit is contained in:
Alexandre Pujol
parent
8ea4491a56
commit
275d6b6e62
368 changed files with 637 additions and 636 deletions
|
|
@ -40,7 +40,7 @@ profile evolution-addressbook-factory @{exec_path} {
|
|||
@{exec_path}-subprocess rix,
|
||||
|
||||
/usr/share/glib-2.0/schemas/gschemas.compiled r,
|
||||
/usr/share/icu/[0-9]*.[0-9]*/*.dat r,
|
||||
/usr/share/icu/@{int}.@{int}/*.dat r,
|
||||
|
||||
owner @{user_share_dirs}/evolution/{,**} rwk,
|
||||
owner @{user_cache_dirs}/evolution/addressbook/{,**} rwk,
|
||||
|
|
|
|||
|
|
@ -92,7 +92,7 @@ profile gdm @{exec_path} flags=(attach_disconnected) {
|
|||
@{run}/gdm{3,}/custom.conf r,
|
||||
@{run}/gdm{3,}/gdm.pid rw,
|
||||
@{run}/gdm{3,}/greeter/ rw,
|
||||
@{run}/systemd/seats/seat[0-9]* r,
|
||||
@{run}/systemd/seats/seat@{int} r,
|
||||
@{run}/systemd/sessions/* r,
|
||||
@{run}/systemd/sessions/*.ref r,
|
||||
@{run}/systemd/users/@{uid} r,
|
||||
|
|
|
|||
|
|
@ -104,7 +104,7 @@ profile gdm-session-worker @{exec_path} flags=(attach_disconnected) {
|
|||
@{PROC}/keys r,
|
||||
|
||||
/dev/tty rw,
|
||||
/dev/tty[0-9]* rw,
|
||||
/dev/tty@{int} rw,
|
||||
|
||||
include if exists <local/gdm-session-worker>
|
||||
}
|
||||
|
|
|
|||
|
|
@ -98,7 +98,7 @@ profile gdm-wayland-session @{exec_path} {
|
|||
owner @{PROC}/@{pid}/fd/ r,
|
||||
owner @{PROC}/@{pid}/loginuid r,
|
||||
|
||||
/dev/tty[0-9]* rw,
|
||||
/dev/tty@{int} rw,
|
||||
|
||||
include if exists <local/gdm-wayland-session>
|
||||
}
|
||||
|
|
|
|||
|
|
@ -55,7 +55,7 @@ profile gdm-x-session @{exec_path} flags=(attach_disconnected) {
|
|||
|
||||
owner @{PROC}/@{pid}/fd/ r,
|
||||
|
||||
/dev/tty[0-9]* rw,
|
||||
/dev/tty@{int} rw,
|
||||
|
||||
include if exists <local/gdm-x-session>
|
||||
}
|
||||
|
|
|
|||
|
|
@ -57,7 +57,7 @@ profile gdm-xsession @{exec_path} {
|
|||
owner /tmp/gdm{3,}-config-err-@{rand6} rw,
|
||||
|
||||
# file_inherit
|
||||
/dev/tty[0-9]* rw,
|
||||
/dev/tty@{int} rw,
|
||||
|
||||
profile dbus {
|
||||
include <abstractions/base>
|
||||
|
|
@ -78,7 +78,7 @@ profile gdm-xsession @{exec_path} {
|
|||
|
||||
# file_inherit
|
||||
/dev/tty rw,
|
||||
/dev/tty[0-9]* rw,
|
||||
/dev/tty@{int} rw,
|
||||
owner @{HOME}/.xsession-errors w,
|
||||
|
||||
include if exists <local/gdm-xsession_dbus>
|
||||
|
|
|
|||
|
|
@ -23,7 +23,7 @@ profile gio-launch-desktop @{exec_path} flags=(attach_disconnected) {
|
|||
@{lib}/gio-launch-desktop rix,
|
||||
|
||||
# System files
|
||||
/var/cache/gio-[0-9]*.[0-9]*/gnome-mimeapps.list r,
|
||||
/var/cache/gio-@{int}.@{int}/gnome-mimeapps.list r,
|
||||
|
||||
# User files
|
||||
owner @{PROC}/@{pid}/fd/ r,
|
||||
|
|
@ -37,7 +37,7 @@ profile gio-launch-desktop @{exec_path} flags=(attach_disconnected) {
|
|||
owner @{HOME}/{,**} rw,
|
||||
owner /tmp/wl-copy-buffer-*/{,**} rw,
|
||||
|
||||
/dev/dri/card[0-9]* rw,
|
||||
/dev/dri/card@{int} rw,
|
||||
|
||||
@{run}/mount/utab r,
|
||||
|
||||
|
|
|
|||
|
|
@ -84,7 +84,7 @@ profile gjs-console @{exec_path} flags=(attach_disconnected) {
|
|||
/usr/share/egl/{,**} r,
|
||||
/usr/share/gdm/greeter-dconf-defaults r,
|
||||
/usr/share/gnome-shell/{,**} r,
|
||||
/usr/share/icu/[0-9]*.[0-9]*/*.dat r,
|
||||
/usr/share/icu/@{int}.@{int}/*.dat r,
|
||||
/usr/share/X11/xkb/** r,
|
||||
|
||||
/var/lib/gdm{3,}/.cache/fontconfig/[a-f0-9]*.cache-?{,.NEW,.LCK,.TMP-*} r,
|
||||
|
|
@ -110,7 +110,7 @@ profile gjs-console @{exec_path} flags=(attach_disconnected) {
|
|||
|
||||
/dev/ r,
|
||||
/dev/tty rw,
|
||||
/dev/tty[0-9]* rw,
|
||||
/dev/tty@{int} rw,
|
||||
|
||||
include if exists <local/gjs-console>
|
||||
}
|
||||
|
|
|
|||
|
|
@ -23,7 +23,7 @@ profile gnome-characters @{exec_path} {
|
|||
@{bin}/gjs-console rix,
|
||||
|
||||
/usr/share/glib-2.0/schemas/gschemas.compiled r,
|
||||
/usr/share/icu/[0-9]*.[0-9]*/*.dat r,
|
||||
/usr/share/icu/@{int}.@{int}/*.dat r,
|
||||
/usr/share/libdrm/*.ids r,
|
||||
/usr/share/org.gnome.Characters/org.gnome.Characters.*.gresource r,
|
||||
/usr/share/themes/{,**} r,
|
||||
|
|
|
|||
|
|
@ -88,7 +88,7 @@ profile gnome-control-center @{exec_path} flags=(attach_disconnected) {
|
|||
/usr/share/language-tools/language2locale rix,
|
||||
/usr/share/language-tools/language-options rPUx,
|
||||
|
||||
/snap/*/[0-9]*/**.png r,
|
||||
/snap/*/@{int}/**.png r,
|
||||
/usr/share/backgrounds/{,**} r,
|
||||
/usr/share/cups/data/testprint r,
|
||||
/usr/share/desktop-base/**.{xml,png,svg} r,
|
||||
|
|
@ -202,8 +202,8 @@ profile gnome-control-center @{exec_path} flags=(attach_disconnected) {
|
|||
@{PROC}/zoneinfo r,
|
||||
|
||||
/dev/ r,
|
||||
/dev/media[0-9]* r,
|
||||
/dev/video[0-9]* rw,
|
||||
/dev/media@{int} r,
|
||||
/dev/video@{int} rw,
|
||||
|
||||
deny owner @{user_share_dirs}/gvfs-metadata/{,*} r,
|
||||
|
||||
|
|
|
|||
|
|
@ -24,7 +24,7 @@ profile gnome-control-center-search-provider @{exec_path} {
|
|||
|
||||
/usr/share/X11/xkb/{,**} r,
|
||||
|
||||
/var/cache/gio-[0-9]*.[0-9]*/gnome-mimeapps.list r,
|
||||
/var/cache/gio-@{int}.@{int}/gnome-mimeapps.list r,
|
||||
|
||||
owner @{run}/user/@{uid}/gdm/Xauthority r,
|
||||
|
||||
|
|
|
|||
|
|
@ -26,7 +26,7 @@ profile gnome-extensions-app @{exec_path} {
|
|||
@{bin}/gjs-console rix,
|
||||
|
||||
/usr/share/gnome-shell/org.gnome.Extensions* r,
|
||||
/usr/share/icu/[0-9]*.[0-9]*/*.dat r,
|
||||
/usr/share/icu/@{int}.@{int}/*.dat r,
|
||||
/usr/share/terminfo/x/xterm-256color r,
|
||||
/usr/share/X11/xkb/{,**} r,
|
||||
|
||||
|
|
|
|||
|
|
@ -26,7 +26,7 @@ profile gnome-remote-desktop-daemon @{exec_path} {
|
|||
owner @{run}/user/@{uid}/wayland-@{int} rw,
|
||||
|
||||
@{sys}/devices/system/node/ r,
|
||||
@{sys}/devices/system/node/node[0-9]*/meminfo r,
|
||||
@{sys}/devices/system/node/node@{int}/meminfo r,
|
||||
|
||||
include if exists <local/gnome-remote-desktop-daemon>
|
||||
}
|
||||
|
|
|
|||
|
|
@ -209,7 +209,7 @@ profile gnome-session-binary @{exec_path} flags=(attach_disconnected) {
|
|||
/var/lib/gdm{3,}/.local/share/session_migration-* r,
|
||||
/var/lib/gdm{3,}/greeter-dconf-defaults r,
|
||||
|
||||
/var/cache/gio-[0-9]*.[0-9]*/gnome-mimeapps.list r,
|
||||
/var/cache/gio-@{int}.@{int}/gnome-mimeapps.list r,
|
||||
/var/lib/flatpak/exports/share/applications/{,**} r,
|
||||
/var/lib/flatpak/exports/share/mime/mime.cache r,
|
||||
/var/lib/snapd/desktop/applications/{,mimeinfo.cache} r,
|
||||
|
|
@ -243,7 +243,7 @@ profile gnome-session-binary @{exec_path} flags=(attach_disconnected) {
|
|||
owner @{PROC}/@{pid}/loginuid r,
|
||||
|
||||
/dev/tty rw,
|
||||
/dev/tty[0-9]* rw,
|
||||
/dev/tty@{int} rw,
|
||||
|
||||
include if exists <usr/gnome-session-binary.d>
|
||||
include if exists <local/gnome-session-binary>
|
||||
|
|
|
|||
|
|
@ -516,8 +516,8 @@ profile gnome-shell @{exec_path} flags=(attach_disconnected) {
|
|||
/var/lib/gdm{3,}/.cache/ w,
|
||||
/var/lib/gdm{3,}/.cache/event-sound-cache.tdb.@{md5}.x86_64-pc-linux-gnu rwk,
|
||||
/var/lib/gdm{3,}/.cache/fontconfig/{,*} rwl,
|
||||
/var/lib/gdm{3,}/.cache/gstreamer-[0-9]*/ rw,
|
||||
/var/lib/gdm{3,}/.cache/gstreamer-[0-9]*/registry.*.bin{,.tmp@{rand6}} rw,
|
||||
/var/lib/gdm{3,}/.cache/gstreamer-@{int}/ rw,
|
||||
/var/lib/gdm{3,}/.cache/gstreamer-@{int}/registry.*.bin{,.tmp@{rand6}} rw,
|
||||
/var/lib/gdm{3,}/.cache/libgweather/ r,
|
||||
/var/lib/gdm{3,}/.cache/mesa_shader_cache/ rw,
|
||||
/var/lib/gdm{3,}/.cache/mesa_shader_cache/@{h}@{h}/ rw,
|
||||
|
|
@ -584,14 +584,14 @@ profile gnome-shell @{exec_path} flags=(attach_disconnected) {
|
|||
owner @{run}/user/@{uid}/wayland-@{int} rwk,
|
||||
|
||||
owner /dev/shm/.org.chromium.Chromium.* rw,
|
||||
owner /dev/shm/wayland.mozilla.ipc.[0-9]* rw,
|
||||
owner /dev/shm/wayland.mozilla.ipc.@{int} rw,
|
||||
|
||||
owner /tmp/.X[0-9]-lock rw,
|
||||
owner /tmp/[0-9A-Z]*.shell-extension.zip rw,
|
||||
owner /tmp/gdkpixbuf-xpm-tmp.[0-9A-Z]* rw,
|
||||
|
||||
@{run}/systemd/users/@{uid} r,
|
||||
@{run}/systemd/seats/seat[0-9]* r,
|
||||
@{run}/systemd/seats/seat@{int} r,
|
||||
@{run}/systemd/sessions/ r,
|
||||
@{run}/systemd/sessions/* r,
|
||||
@{run}/systemd/inhibit/[0-9]*.ref rw,
|
||||
|
|
@ -620,8 +620,8 @@ profile gnome-shell @{exec_path} flags=(attach_disconnected) {
|
|||
@{sys}/class/input/ r,
|
||||
@{sys}/class/net/ r,
|
||||
@{sys}/class/power_supply/ r,
|
||||
@{sys}/devices/**/hwmon[0-9]*/{,name,temp*,fan*} r,
|
||||
@{sys}/devices/**/hwmon[0-9]*/**/{,name,temp*,fan*} r,
|
||||
@{sys}/devices/**/hwmon@{int}/{,name,temp*,fan*} r,
|
||||
@{sys}/devices/**/hwmon@{int}/**/{,name,temp*,fan*} r,
|
||||
@{sys}/devices/**/hwmon/{,name,temp*,fan*} r,
|
||||
@{sys}/devices/**/hwmon/**/{,name,temp*,fan*} r,
|
||||
@{sys}/devices/**/power_supply/{,**} r,
|
||||
|
|
@ -630,7 +630,7 @@ profile gnome-shell @{exec_path} flags=(attach_disconnected) {
|
|||
@{sys}/devices/pci[0-9]*/**/input[0-9]*/{properties,name} r,
|
||||
@{sys}/devices/pci[0-9]*/**/net/*/statistics/{rx_bytes,tx_bytes} r,
|
||||
@{sys}/devices/platform/**/input[0-9]*/{properties,name} r,
|
||||
@{sys}/devices/system/cpu/cpufreq/policy[0-9]*/scaling_cur_freq r,
|
||||
@{sys}/devices/system/cpu/cpufreq/policy@{int}/scaling_cur_freq r,
|
||||
@{sys}/devices/virtual/net/*/statistics/{rx_bytes,tx_bytes} r,
|
||||
|
||||
@{PROC}/ r,
|
||||
|
|
@ -650,9 +650,9 @@ profile gnome-shell @{exec_path} flags=(attach_disconnected) {
|
|||
owner @{PROC}/@{pid}/mounts r,
|
||||
owner @{PROC}/@{pid}/task/@{pid}/cmdline r,
|
||||
|
||||
/dev/input/event[0-9]* rw,
|
||||
/dev/media[0-9]* rw,
|
||||
/dev/tty[0-9]* rw,
|
||||
/dev/input/event@{int} rw,
|
||||
/dev/media@{int} rw,
|
||||
/dev/tty@{int} rw,
|
||||
|
||||
include if exists <local/gnome-shell>
|
||||
}
|
||||
|
|
|
|||
|
|
@ -59,7 +59,7 @@ profile gnome-software @{exec_path} {
|
|||
|
||||
/var/cache/app-info/icons/**.png r,
|
||||
/var/cache/app-info/xmls/{,**} r,
|
||||
/var/cache/gio-[0-9]*.[0-9]*/gnome-mimeapps.list r,
|
||||
/var/cache/gio-@{int}.@{int}/gnome-mimeapps.list r,
|
||||
|
||||
/var/lib/flatpak/app/{,**} r,
|
||||
/var/lib/flatpak/appstream/{,**} r,
|
||||
|
|
|
|||
|
|
@ -37,7 +37,7 @@ profile gnome-terminal-server @{exec_path} {
|
|||
@{lib}/@{multiarch}/glib-[0-9]*/gio-launch-desktop rPx -> child-open,
|
||||
@{lib}/gio-launch-desktop rPx -> child-open,
|
||||
|
||||
/usr/share/icu/[0-9]*.[0-9]*/*.dat r,
|
||||
/usr/share/icu/@{int}.@{int}/*.dat r,
|
||||
/usr/share/X11/xkb/{,**} r,
|
||||
|
||||
/var/lib/flatpak/exports/share/icons/{,**} r,
|
||||
|
|
|
|||
|
|
@ -61,7 +61,7 @@ profile gsd-a11y-settings @{exec_path} flags=(attach_disconnected) {
|
|||
/var/lib/gdm{3,}/.config/dconf/user r,
|
||||
/var/lib/gdm{3,}/greeter-dconf-defaults r,
|
||||
|
||||
owner /dev/tty[0-9]* rw,
|
||||
owner /dev/tty@{int} rw,
|
||||
|
||||
include if exists <local/gsd-a11y-settings>
|
||||
}
|
||||
|
|
|
|||
|
|
@ -136,7 +136,7 @@ profile gsd-color @{exec_path} flags=(attach_disconnected) {
|
|||
|
||||
owner @{run}/user/@{uid}/gdm/Xauthority r,
|
||||
|
||||
owner /dev/tty[0-9]* rw,
|
||||
owner /dev/tty@{int} rw,
|
||||
|
||||
include if exists <local/gsd-color>
|
||||
}
|
||||
|
|
|
|||
|
|
@ -66,7 +66,7 @@ profile gsd-datetime @{exec_path} flags=(attach_disconnected) {
|
|||
|
||||
owner @{PROC}/@{pid}/stat r,
|
||||
|
||||
owner /dev/tty[0-9]* rw,
|
||||
owner /dev/tty@{int} rw,
|
||||
|
||||
include if exists <local/gsd-datetime>
|
||||
}
|
||||
|
|
|
|||
|
|
@ -81,7 +81,7 @@ profile gsd-housekeeping @{exec_path} flags=(attach_disconnected) {
|
|||
@{run}/mount/utab r,
|
||||
owner @{run}/user/@{uid}/gvfsd/socket-@{rand8} rw,
|
||||
|
||||
owner /dev/tty[0-9]* rw,
|
||||
owner /dev/tty@{int} rw,
|
||||
|
||||
include if exists <local/gsd-housekeeping>
|
||||
}
|
||||
|
|
|
|||
|
|
@ -110,7 +110,7 @@ profile gsd-keyboard @{exec_path} flags=(attach_disconnected) {
|
|||
|
||||
owner @{run}/user/@{uid}/gdm/Xauthority r,
|
||||
|
||||
owner /dev/tty[0-9]* rw,
|
||||
owner /dev/tty@{int} rw,
|
||||
|
||||
include if exists <local/gsd-keyboard>
|
||||
}
|
||||
|
|
|
|||
|
|
@ -185,7 +185,7 @@ profile gsd-media-keys @{exec_path} flags=(attach_disconnected) {
|
|||
@{run}/systemd/inhibit/[0-9]*.ref rw,
|
||||
owner @{run}/user/@{uid}/gdm/Xauthority r,
|
||||
|
||||
owner /dev/tty[0-9]* rw,
|
||||
owner /dev/tty@{int} rw,
|
||||
|
||||
@{run}/udev/data/+sound:card[0-9]* r, # For sound
|
||||
@{run}/udev/data/c13:[0-9]* r, # for /dev/input/*
|
||||
|
|
|
|||
|
|
@ -199,9 +199,9 @@ profile gsd-power @{exec_path} flags=(attach_disconnected) {
|
|||
@{sys}/devices/pci[0-9]*/**/backlight/**/brightness rw,
|
||||
@{sys}/devices/pci[0-9]*/**/backlight/**/{max_brightness,actual_brightness} r,
|
||||
@{sys}/devices/pci[0-9]*/**/backlight/**/{uevent,type} r,
|
||||
@{sys}/devices/pci[0-9]*/**/drm/card[0-9]*/**/brightness rw,
|
||||
@{sys}/devices/pci[0-9]*/**/drm/card[0-9]*/**/{max_brightness,actual_brightness} r,
|
||||
@{sys}/devices/pci[0-9]*/**/drm/card[0-9]*/**/{uevent,type,enabled} r,
|
||||
@{sys}/devices/pci[0-9]*/**/drm/card@{int}/**/brightness rw,
|
||||
@{sys}/devices/pci[0-9]*/**/drm/card@{int}/**/{max_brightness,actual_brightness} r,
|
||||
@{sys}/devices/pci[0-9]*/**/drm/card@{int}/**/{uevent,type,enabled} r,
|
||||
|
||||
@{sys}/devices/platform/**/leds/*backlight*/uevent r,
|
||||
@{sys}/devices/platform/**/leds/*backlight*/max_brightness r,
|
||||
|
|
@ -211,7 +211,7 @@ profile gsd-power @{exec_path} flags=(attach_disconnected) {
|
|||
@{PROC}/sys/kernel/osrelease r,
|
||||
owner @{PROC}/@{pid}/cgroup r,
|
||||
|
||||
owner /dev/tty[0-9]* rw,
|
||||
owner /dev/tty@{int} rw,
|
||||
|
||||
include if exists <local/gsd-power>
|
||||
}
|
||||
|
|
|
|||
|
|
@ -87,7 +87,7 @@ profile gsd-print-notifications @{exec_path} flags=(attach_disconnected) {
|
|||
owner @{PROC}/@{pid}/cgroup r,
|
||||
owner @{PROC}/@{pid}/fd/ r,
|
||||
|
||||
owner /dev/tty[0-9]* rw,
|
||||
owner /dev/tty@{int} rw,
|
||||
|
||||
include if exists <local/gsd-print-notifications>
|
||||
}
|
||||
|
|
|
|||
|
|
@ -56,7 +56,7 @@ profile gsd-printer @{exec_path} flags=(attach_disconnected) {
|
|||
|
||||
owner @{PROC}/@{pid}/cgroup r,
|
||||
|
||||
owner /dev/tty[0-9]* rw,
|
||||
owner /dev/tty@{int} rw,
|
||||
|
||||
include if exists <local/gsd-printer>
|
||||
}
|
||||
|
|
|
|||
|
|
@ -90,7 +90,7 @@ profile gsd-rfkill @{exec_path} flags=(attach_disconnected) {
|
|||
|
||||
@{run}/udev/data/c10:[0-9]* r, # for non-serial mice, misc features
|
||||
|
||||
owner /dev/tty[0-9]* rw,
|
||||
owner /dev/tty@{int} rw,
|
||||
|
||||
/dev/rfkill rw,
|
||||
|
||||
|
|
|
|||
|
|
@ -56,7 +56,7 @@ profile gsd-screensaver-proxy @{exec_path} flags=(attach_disconnected) {
|
|||
|
||||
@{exec_path} mr,
|
||||
|
||||
owner /dev/tty[0-9]* rw,
|
||||
owner /dev/tty@{int} rw,
|
||||
|
||||
include if exists <local/gsd-screensaver-proxy>
|
||||
}
|
||||
|
|
|
|||
|
|
@ -112,7 +112,7 @@ profile gsd-sharing @{exec_path} flags=(attach_disconnected) {
|
|||
/var/lib/gdm{3,}/.config/dconf/user r,
|
||||
/var/lib/gdm{3,}/greeter-dconf-defaults r,
|
||||
|
||||
owner /dev/tty[0-9]* rw,
|
||||
owner /dev/tty@{int} rw,
|
||||
|
||||
include if exists <local/gsd-sharing>
|
||||
}
|
||||
|
|
|
|||
|
|
@ -76,7 +76,7 @@ profile gsd-smartcard @{exec_path} flags=(attach_disconnected) {
|
|||
/var/tmp/ r,
|
||||
/tmp/ r,
|
||||
|
||||
owner /dev/tty[0-9]* rw,
|
||||
owner /dev/tty@{int} rw,
|
||||
|
||||
include if exists <local/gsd-smartcard>
|
||||
}
|
||||
|
|
|
|||
|
|
@ -72,7 +72,7 @@ profile gsd-sound @{exec_path} flags=(attach_disconnected) {
|
|||
|
||||
owner @{user_share_dirs}/sounds/ rw,
|
||||
|
||||
owner /dev/tty[0-9]* rw,
|
||||
owner /dev/tty@{int} rw,
|
||||
|
||||
include if exists <local/gsd-sound>
|
||||
}
|
||||
|
|
|
|||
|
|
@ -112,7 +112,7 @@ profile gsd-wacom @{exec_path} flags=(attach_disconnected) {
|
|||
/var/lib/gdm{3,}/.config/dconf/user r,
|
||||
/var/lib/gdm{3,}/greeter-dconf-defaults r,
|
||||
|
||||
owner /dev/tty[0-9]* rw,
|
||||
owner /dev/tty@{int} rw,
|
||||
|
||||
include if exists <local/gsd-wacom>
|
||||
}
|
||||
|
|
|
|||
|
|
@ -149,7 +149,7 @@ profile gsd-xsettings @{exec_path} {
|
|||
owner @{PROC}/@{pid}/fd/ r,
|
||||
|
||||
/dev/tty rw,
|
||||
/dev/tty[0-9]* rw,
|
||||
/dev/tty@{int} rw,
|
||||
|
||||
profile run-parts {
|
||||
include <abstractions/base>
|
||||
|
|
|
|||
|
|
@ -50,7 +50,7 @@ profile nautilus @{exec_path} flags=(attach_disconnected) {
|
|||
@{lib}/gio-launch-desktop rPx -> child-open,
|
||||
|
||||
/usr/share/*ubuntu/applications/{,**} r,
|
||||
/usr/share/icu/[0-9]*.[0-9]*/*.dat r,
|
||||
/usr/share/icu/@{int}.@{int}/*.dat r,
|
||||
/usr/share/libdrm/*.ids r,
|
||||
/usr/share/nautilus/{,**} r,
|
||||
/usr/share/poppler/{,**} r,
|
||||
|
|
@ -85,12 +85,12 @@ profile nautilus @{exec_path} flags=(attach_disconnected) {
|
|||
|
||||
@{run}/mount/utab r,
|
||||
|
||||
@{sys}/devices/**/hwmon[0-9]*/{,name,temp*,fan*} r,
|
||||
@{sys}/devices/**/hwmon[0-9]*/**/{,name,temp*,fan*} r,
|
||||
@{sys}/devices/**/hwmon@{int}/{,name,temp*,fan*} r,
|
||||
@{sys}/devices/**/hwmon@{int}/**/{,name,temp*,fan*} r,
|
||||
@{sys}/devices/**/hwmon/{,name,temp*,fan*} r,
|
||||
@{sys}/devices/**/hwmon/**/{,name,temp*,fan*} r,
|
||||
@{sys}/devices/pci[0-9]*/**/revision r,
|
||||
@{sys}/devices/system/cpu/cpufreq/policy[0-9]*/scaling_cur_freq r,
|
||||
@{sys}/devices/system/cpu/cpufreq/policy@{int}/scaling_cur_freq r,
|
||||
|
||||
@{PROC}/@{pids}/net/wireless r,
|
||||
@{PROC}/sys/dev/i915/perf_stream_paranoid r,
|
||||
|
|
@ -98,7 +98,7 @@ profile nautilus @{exec_path} flags=(attach_disconnected) {
|
|||
owner @{PROC}/@{pid}/mountinfo r,
|
||||
|
||||
/dev/tty rw,
|
||||
/dev/dri/card[0-9]* rw,
|
||||
/dev/dri/card@{int} rw,
|
||||
|
||||
include if exists <local/nautilus>
|
||||
}
|
||||
|
|
|
|||
|
|
@ -119,13 +119,13 @@ profile tracker-extract @{exec_path} flags=(attach_disconnected) {
|
|||
owner @{PROC}/@{pid}/mountinfo r,
|
||||
owner @{PROC}/@{pid}/task/@{tid}/comm rw,
|
||||
|
||||
/dev/dri/card[0-9]* rw,
|
||||
/dev/dri/card@{int} rw,
|
||||
/dev/dri/renderD128 rw,
|
||||
/dev/media[0-9]* r,
|
||||
/dev/video[0-9]* rw,
|
||||
/dev/media@{int} r,
|
||||
/dev/video@{int} rw,
|
||||
|
||||
# file_inherit
|
||||
owner /dev/tty[0-9]* rw,
|
||||
owner /dev/tty@{int} rw,
|
||||
|
||||
include if exists <local/tracker-extract>
|
||||
}
|
||||
|
|
|
|||
|
|
@ -110,7 +110,7 @@ profile tracker-miner @{exec_path} flags=(attach_disconnected) {
|
|||
owner @{PROC}/@{pid}/mounts r,
|
||||
|
||||
# file_inherit
|
||||
owner /dev/tty[0-9]* rw,
|
||||
owner /dev/tty@{int} rw,
|
||||
|
||||
include if exists <local/tracker-miner>
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue