From 2aa4618ddafb50dc43adc85d1646874d16b5fadd Mon Sep 17 00:00:00 2001 From: Alexandre Pujol Date: Sat, 15 Oct 2022 17:32:01 +0100 Subject: [PATCH] feat(profiles): gnome-session-binary ensure compatibility across distribution. --- apparmor.d/groups/gnome/gnome-session-binary | 24 ++++++++++++-------- 1 file changed, 14 insertions(+), 10 deletions(-) diff --git a/apparmor.d/groups/gnome/gnome-session-binary b/apparmor.d/groups/gnome/gnome-session-binary index 4175bfd51..7fd5d4db9 100644 --- a/apparmor.d/groups/gnome/gnome-session-binary +++ b/apparmor.d/groups/gnome/gnome-session-binary @@ -135,26 +135,34 @@ profile gnome-session-binary @{exec_path} flags=(attach_disconnected) { /{usr/,}bin/{,z,ba,da}sh rix, /{usr/,}bin/env rix, + /{usr/,}bin/gnome-session rix, /{usr/,}bin/grep rix, - /{usr/,}bin/mkdir rix, - /{usr/,}bin/touch rix, /{usr/,}bin/gsettings rix, /{usr/,}bin/gsettings-data-convert rix, + /{usr/,}bin/mkdir rix, /{usr/,}bin/session-migration rix, /{usr/,}bin/xdg-user-dirs-gtk-update rix, - /{usr/,}bin/gnome-session rix, + @{libexec}/at-spi-bus-launcher rPx, @{libexec}/gnome-session-check-accelerated rix, @{libexec}/gnome-session-check-accelerated-gl-helper rix, @{libexec}/gnome-session-check-accelerated-gles-helper rix, @{libexec}/gnome-session-failed rix, @{libexec}/gnome-shell-overrides-migration.sh rix, + @{libexec}/gsd-* rPx, + + # TODO: rCx gio-launch-desktop and put all the following program in this + # subprofile. Not done yet as it breaks compatibility with Ubuntu/Debian + /{usr/,}lib/gio-launch-desktop rix, /{usr/,}bin/aa-notify rPx, + /{usr/,}bin/baloo_file rPUx, /{usr/,}bin/blueman-applet rPx, /{usr/,}bin/firewall-applet rPUx, /{usr/,}bin/gnome-keyring-daemon rPx, /{usr/,}bin/gnome-shell rPx, + /{usr/,}bin/gnome-software rPUx, /{usr/,}bin/im-launch rPx, + /{usr/,}bin/parcellite rPUx, /{usr/,}bin/pkcs11-register rPx, /{usr/,}bin/snap rPUx, /{usr/,}bin/spice-vdagent rPx, @@ -163,18 +171,14 @@ profile gnome-session-binary @{exec_path} flags=(attach_disconnected) { /{usr/,}bin/update-notifier rPx, /{usr/,}bin/xbrlapi rPx, /{usr/,}bin/xdg-user-dirs-update rPx, - /{usr/,}bin/parcellite rPUx, - /{usr/,}bin/baloo_file rPUx, - /{usr/,}bin/gnome-software rPUx, - /{usr/,}share/libpam-kwallet-common/pam_kwallet_init rPUx, - /{usr/,}lib/update-notifier/ubuntu-advantage-notification rPx, /{usr/,}lib/@{multiarch}/libexec/kdeconnectd rPUx, /{usr/,}lib/@{multiarch}/xapps/sn-watcher/xapp-sn-watcher rPUx, /{usr/,}lib/caribou/caribou rPUx, + /{usr/,}lib/update-notifier/ubuntu-advantage-notification rPx, + /{usr/,}share/libpam-kwallet-common/pam_kwallet_init rPUx, @{libexec}/deja-dup/deja-dup-monitor rPUx, - @{libexec}/at-spi-bus-launcher rPx, @{libexec}/evolution-data-server/evolution-alarm-notify rPx, - @{libexec}/gsd-* rPx, + @{libexec}/gsd-disk-utility-notify rPx, /usr/share/applications/{,**} r, /usr/share/dconf/profile/gdm r,