feat(profile): update dbus rules for Ubuntu.
This commit is contained in:
Alexandre Pujol
parent
eb2def65a1
commit
3061882809
35 changed files with 142 additions and 26 deletions
|
|
@ -9,6 +9,7 @@ include <tunables/global>
|
|||
@{exec_path} = @{bin}/dconf
|
||||
profile dconf @{exec_path} flags=(attach_disconnected) {
|
||||
include <abstractions/base>
|
||||
include <abstractions/bus-session>
|
||||
include <abstractions/dconf-write>
|
||||
|
||||
capability sys_nice,
|
||||
|
|
|
|||
|
|
@ -13,12 +13,15 @@ profile pipewire-pulse @{exec_path} flags=(attach_disconnected) {
|
|||
include <abstractions/audio-client>
|
||||
include <abstractions/bus-session>
|
||||
include <abstractions/bus-system>
|
||||
include <abstractions/bus/org.freedesktop.RealtimeKit1>
|
||||
include <abstractions/nameservice-strict>
|
||||
|
||||
capability sys_ptrace,
|
||||
|
||||
ptrace read,
|
||||
|
||||
#aa:dbus own bus=session name=org.pulseaudio.Server
|
||||
|
||||
@{exec_path} mr,
|
||||
|
||||
@{bin}/pactl rix,
|
||||
|
|
|
|||
|
|
@ -11,8 +11,10 @@ include <tunables/global>
|
|||
@{exec_path} += @{lib}/polkit-kde-authentication-agent-[0-9]
|
||||
profile polkit-kde-authentication-agent @{exec_path} flags=(attach_disconnected,mediate_deleted) {
|
||||
include <abstractions/base>
|
||||
include <abstractions/bus-accessibility>
|
||||
include <abstractions/bus-session>
|
||||
include <abstractions/bus-system>
|
||||
include <abstractions/bus/org.a11y>
|
||||
include <abstractions/consoles>
|
||||
include <abstractions/fontconfig-cache-read>
|
||||
include <abstractions/graphics>
|
||||
|
|
|
|||
|
|
@ -32,6 +32,11 @@ profile wireplumber @{exec_path} {
|
|||
member=Introspect
|
||||
peer=(name=:*, label=gnome-shell),
|
||||
|
||||
dbus receive bus=system path=/midi{,server@{int}}
|
||||
interface=org.freedesktop.DBus.ObjectManager
|
||||
member=GetManagedObjects
|
||||
peer=(name=@{busname}, label="@{p_bluetoothd}"),
|
||||
|
||||
@{exec_path} mr,
|
||||
|
||||
/opt/intel/oneapi/{compiler,lib,mkl}/**/ r,
|
||||
|
|
|
|||
|
|
@ -52,6 +52,8 @@ profile xdg-desktop-portal @{exec_path} flags=(attach_disconnected) {
|
|||
|
||||
#aa:dbus own bus=session name=org.freedesktop.background.Monitor path=/org/freedesktop/background/monitor
|
||||
|
||||
#aa:dbus talk bus=session name=org.freedesktop.FileManager1 label=nautilus
|
||||
#aa:dbus talk bus=session name=org.freedesktop.impl.portal.FileChooser label=xdg-desktop-portal-gnome
|
||||
#aa:dbus talk bus=session name=org.freedesktop.portal.Documents path=/org/freedesktop/portal/documents label=xdg-document-portal
|
||||
|
||||
dbus receive bus=session
|
||||
|
|
|
|||
|
|
@ -30,7 +30,8 @@ profile xdg-document-portal @{exec_path} flags=(attach_disconnected) {
|
|||
|
||||
unix (send receive) type=stream peer=(label=xdg-document-portal//fusermount),
|
||||
|
||||
#aa:dbus own bus=session name=org.freedesktop.portal.Documents path=/org/freedesktop/portal/documents
|
||||
#aa:dbus own bus=session name=org.freedesktop.portal.{Documents,FileTransfer} path=/org/freedesktop/portal/documents
|
||||
#aa:dbus talk bus=session name=org.freedesktop.impl.portal.PermissionStore label=xdg-permission-store
|
||||
|
||||
dbus receive bus=session
|
||||
interface=org.freedesktop.DBus.Introspectable
|
||||
|
|
|
|||
|
|
@ -55,6 +55,11 @@ profile evolution-addressbook-factory @{exec_path} {
|
|||
member=Introspect
|
||||
peer=(name=@{busname}, label=gnome-shell),
|
||||
|
||||
dbus receive bus=session path=/org/gnome/evolution/dataserver/**
|
||||
interface=org.freedesktop.DBus.Properties
|
||||
member=GetAll
|
||||
peer=(name=@{busname}, label=obexd),
|
||||
|
||||
@{exec_path} mr,
|
||||
@{exec_path}-subprocess rix,
|
||||
|
||||
|
|
|
|||
|
|
@ -17,8 +17,10 @@ profile gjs-console @{exec_path} flags=(attach_disconnected) {
|
|||
include <abstractions/bus-accessibility>
|
||||
include <abstractions/bus-session>
|
||||
include <abstractions/bus-system>
|
||||
include <abstractions/bus/org.a11y>
|
||||
include <abstractions/bus/org.freedesktop.portal.Desktop>
|
||||
include <abstractions/bus/org.gnome.Shell.Introspect>
|
||||
include <abstractions/bus/org.gtk.Private.RemoteVolumeMonitor>
|
||||
include <abstractions/bus/org.gtk.vfs.MountTracker>
|
||||
include <abstractions/consoles>
|
||||
include <abstractions/dconf-write>
|
||||
|
|
|
|||
|
|
@ -23,7 +23,6 @@ profile gnome-calendar @{exec_path} {
|
|||
network netlink raw,
|
||||
|
||||
#aa:dbus own bus=session name=org.gnome.Calendar
|
||||
#aa-dbus own bus=session name=org.gnome.Calendar.SearchProvider interface+=org.gnome.Shell.SearchProvider2
|
||||
|
||||
#aa:dbus talk bus=session name=org.gnome.evolution.dataserver.AddressBook@{int} label=evolution-addressbook-factory
|
||||
#aa:dbus talk bus=session name=org.gnome.evolution.dataserver.Calendar@{int} label=evolution-calendar-factory
|
||||
|
|
@ -32,6 +31,7 @@ profile gnome-calendar @{exec_path} {
|
|||
#aa:dbus talk bus=session name=org.gnome.evolution.dataserver.Sources@{int} label=evolution-source-registry
|
||||
#aa:dbus talk bus=session name=org.gnome.OnlineAccounts label=goa-daemon
|
||||
#aa:dbus talk bus=session name=org.gnome.SettingsDaemon.Color label=gsd-color
|
||||
#aa:dbus talk bus=session name=org.gnome.Shell.SearchProvider2 path=/org/gnome/Calendar/SearchProvider label=gnome-shell
|
||||
#aa:dbus talk bus=system name=org.freedesktop.GeoClue2 label="@{p_geoclue}"
|
||||
|
||||
dbus send bus=session path=/org/gnome/evolution/dataserver/SourceManager{,/**}
|
||||
|
|
|
|||
|
|
@ -11,13 +11,13 @@ profile gnome-characters @{exec_path} {
|
|||
include <abstractions/base>
|
||||
include <abstractions/bus-system>
|
||||
include <abstractions/bus/org.freedesktop.portal.Desktop>
|
||||
include <abstractions/bus/org.gnome.Shell.SearchProvider2>
|
||||
include <abstractions/bus/org.gtk.vfs.MountTracker>
|
||||
include <abstractions/common/gnome>
|
||||
include <abstractions/fontconfig-cache-read>
|
||||
include <abstractions/nameservice-strict>
|
||||
|
||||
#aa:dbus own bus=session name=org.gnome.Characters
|
||||
#aa-dbus talk bus=session name=org.gnome.Shell.SearchProvider2 label=gnome-shell
|
||||
|
||||
@{exec_path} mr,
|
||||
|
||||
|
|
|
|||
|
|
@ -14,6 +14,7 @@ profile gnome-control-center @{exec_path} flags=(attach_disconnected) {
|
|||
include <abstractions/bus-session>
|
||||
include <abstractions/bus-system>
|
||||
include <abstractions/bus/org.a11y>
|
||||
include <abstractions/bus/org.freedesktop.Avahi>
|
||||
include <abstractions/bus/org.freedesktop.portal.Desktop>
|
||||
include <abstractions/bus/org.gtk.vfs.MountTracker>
|
||||
include <abstractions/cups-client>
|
||||
|
|
@ -42,9 +43,7 @@ profile gnome-control-center @{exec_path} flags=(attach_disconnected) {
|
|||
#aa:dbus talk bus=session name=org.freedesktop.impl.portal.PermissionStore label=xdg-permission-store
|
||||
#aa:dbus talk bus=session name=org.gnome.Mutter label=gnome-shell
|
||||
#aa:dbus talk bus=session name=org.gnome.SessionManager label=gnome-session-binary
|
||||
#aa:dbus talk bus=session name=org.gnome.SettingsDaemon.Color label=gsd-color
|
||||
#aa:dbus talk bus=session name=org.gnome.SettingsDaemon.Power label=gsd-power
|
||||
#aa:dbus talk bus=session name=org.gnome.SettingsDaemon.Rfkill label=gsd-rfkill
|
||||
#aa:dbus talk bus=session name=org.gnome.SettingsDaemon.* label="gsd-*"
|
||||
#aa:dbus talk bus=session name=org.gnome.Shell label=gnome-shell
|
||||
|
||||
#aa:dbus talk bus=system name=com.ubuntu.WhoopsiePreferences label=whoopsie-preferences
|
||||
|
|
|
|||
|
|
@ -17,6 +17,8 @@ profile gnome-extension-gsconnect @{exec_path} {
|
|||
include <abstractions/bus-session>
|
||||
include <abstractions/bus-system>
|
||||
include <abstractions/bus/org.a11y>
|
||||
include <abstractions/bus/org.freedesktop.FileManager1>
|
||||
include <abstractions/bus/org.freedesktop.hostname1>
|
||||
include <abstractions/bus/org.freedesktop.login1.Session>
|
||||
include <abstractions/bus/org.freedesktop.NetworkManager>
|
||||
include <abstractions/bus/org.gtk.Notifications>
|
||||
|
|
|
|||
|
|
@ -25,7 +25,6 @@ profile gnome-shell @{exec_path} flags=(attach_disconnected,mediate_deleted) {
|
|||
include <abstractions/bus/org.freedesktop.impl.portal.PermissionStore>
|
||||
include <abstractions/bus/org.freedesktop.locale1>
|
||||
include <abstractions/bus/org.freedesktop.login1.Session>
|
||||
include <abstractions/bus/org.freedesktop.NetworkManager>
|
||||
include <abstractions/bus/org.freedesktop.Notifications>
|
||||
include <abstractions/bus/org.freedesktop.PackageKit>
|
||||
include <abstractions/bus/org.freedesktop.PolicyKit1>
|
||||
|
|
@ -87,7 +86,8 @@ profile gnome-shell @{exec_path} flags=(attach_disconnected,mediate_deleted) {
|
|||
#aa:dbus talk bus=system name=org.freedesktop.bolt label=boltd
|
||||
#aa:dbus talk bus=system name=org.freedesktop.ColorManager label="@{p_colord}"
|
||||
#aa:dbus talk bus=system name=org.freedesktop.login1 label="@{p_systemd_logind}"
|
||||
#aa:dbus talk bus=system name=org.freedesktop.UPower.PowerProfiles label=@{p_power_profiles_daemon}
|
||||
#aa:dbus talk bus=system name=org.freedesktop.NetworkManager label=NetworkManager
|
||||
#aa:dbus talk bus=system name=org.freedesktop.UPower.PowerProfiles label="@{p_power_profiles_daemon}"
|
||||
#aa:dbus talk bus=system name=org.gnome.DisplayManager label=gdm
|
||||
|
||||
#aa:dbus talk bus=session name=com.rastersoft.ding label=gnome-extension-ding
|
||||
|
|
|
|||
|
|
@ -9,6 +9,12 @@ include <tunables/global>
|
|||
@{exec_path} = @{bin}/gnome-software
|
||||
profile gnome-software @{exec_path} {
|
||||
include <abstractions/base>
|
||||
include <abstractions/bus-system>
|
||||
include <abstractions/bus/org.freedesktop.Accounts>
|
||||
include <abstractions/bus/org.freedesktop.NetworkManager>
|
||||
include <abstractions/bus/org.gnome.Shell.SearchProvider2>
|
||||
include <abstractions/bus/org.gtk.Notifications>
|
||||
include <abstractions/bus/org.gtk.vfs.MountTracker>
|
||||
include <abstractions/common/gnome>
|
||||
include <abstractions/fontconfig-cache-write>
|
||||
include <abstractions/nameservice-strict>
|
||||
|
|
@ -24,6 +30,11 @@ profile gnome-software @{exec_path} {
|
|||
mount fstype=fuse.revokefs-fuse options=(rw, nosuid, nodev) -> /var/tmp/flatpak-cache-*/*/,
|
||||
umount /var/tmp/flatpak-cache-*/*/,
|
||||
|
||||
#aa:dbus own bus=session name=org.freedesktop.PackageKit
|
||||
#aa:dbus own bus=session name=org.gnome.Software interface+=org.freedesktop.Application
|
||||
|
||||
#aa:dbus talk bus=system name=org.freedesktop.PackageKit path=/ label="@{p_packagekitd}"
|
||||
|
||||
@{exec_path} mr,
|
||||
|
||||
@{bin}/baobab rPUx,
|
||||
|
|
|
|||
|
|
@ -9,6 +9,10 @@ include <tunables/global>
|
|||
@{exec_path} = @{bin}/gnome-system-monitor
|
||||
profile gnome-system-monitor @{exec_path} flags=(attach_disconnected) {
|
||||
include <abstractions/base>
|
||||
include <abstractions/bus/org.freedesktop.portal.Desktop>
|
||||
include <abstractions/bus/org.gtk.Private.RemoteVolumeMonitor>
|
||||
include <abstractions/bus/org.gtk.vfs.Daemon>
|
||||
include <abstractions/bus/org.gtk.vfs.MountTracker>
|
||||
include <abstractions/common/gnome>
|
||||
include <abstractions/nameservice-strict>
|
||||
|
||||
|
|
|
|||
|
|
@ -9,7 +9,6 @@ include <tunables/global>
|
|||
@{exec_path} = @{lib}/gsd-media-keys
|
||||
profile gsd-media-keys @{exec_path} flags=(attach_disconnected) {
|
||||
include <abstractions/base>
|
||||
include <abstractions/consoles>
|
||||
include <abstractions/audio-client>
|
||||
include <abstractions/bus-accessibility>
|
||||
include <abstractions/bus-session>
|
||||
|
|
@ -21,6 +20,8 @@ profile gsd-media-keys @{exec_path} flags=(attach_disconnected) {
|
|||
include <abstractions/bus/org.gnome.Mutter.IdleMonitor>
|
||||
include <abstractions/bus/org.gnome.SessionManager>
|
||||
include <abstractions/bus/org.gtk.vfs.MountTracker>
|
||||
include <abstractions/bus/org.mpris.MediaPlayer2.Player>
|
||||
include <abstractions/consoles>
|
||||
include <abstractions/dconf-write>
|
||||
include <abstractions/fontconfig-cache-write>
|
||||
include <abstractions/gnome-strict>
|
||||
|
|
@ -38,7 +39,7 @@ profile gsd-media-keys @{exec_path} flags=(attach_disconnected) {
|
|||
dbus send bus=system path=/org/freedesktop/login1
|
||||
interface=org.freedesktop.login1.Manager
|
||||
member=PowerOff
|
||||
peer=(name=:*, label="@{p_systemd_logind}"),
|
||||
peer=(name=@{busname}, label="@{p_systemd_logind}"),
|
||||
|
||||
dbus send bus=session path=/
|
||||
interface=org.freedesktop.DBus
|
||||
|
|
@ -48,17 +49,12 @@ profile gsd-media-keys @{exec_path} flags=(attach_disconnected) {
|
|||
dbus send bus=session path=/org/gnome/SettingsDaemon/Power
|
||||
interface=org.freedesktop.DBus.Properties
|
||||
member=GetAll
|
||||
peer=(name=:*, label=gsd-power),
|
||||
peer=(name=@{busname}, label=gsd-power),
|
||||
|
||||
dbus receive bus=session path=/org/gnome/SettingsDaemon/Power
|
||||
interface=org.freedesktop.DBus.Properties
|
||||
member=PropertiesChanged
|
||||
peer=(name=:*, label=gsd-power),
|
||||
|
||||
dbus send bus=session path=/org/mpris/MediaPlayer2
|
||||
interface=org.freedesktop.DBus.Properties
|
||||
member=GetAll
|
||||
peer=(name=:*),
|
||||
peer=(name=@{busname}, label=gsd-power),
|
||||
|
||||
@{exec_path} mr,
|
||||
|
||||
|
|
|
|||
|
|
@ -18,6 +18,7 @@ profile gsd-power @{exec_path} flags=(attach_disconnected) {
|
|||
include <abstractions/bus/org.freedesktop.hostname1>
|
||||
include <abstractions/bus/org.freedesktop.login1.Session>
|
||||
include <abstractions/bus/org.freedesktop.login1>
|
||||
include <abstractions/bus/org.freedesktop.Notifications>
|
||||
include <abstractions/bus/org.freedesktop.systemd1>
|
||||
include <abstractions/bus/org.freedesktop.UPower.PowerProfiles>
|
||||
include <abstractions/bus/org.freedesktop.UPower>
|
||||
|
|
|
|||
|
|
@ -30,7 +30,7 @@ profile gsd-print-notifications @{exec_path} flags=(attach_disconnected) {
|
|||
|
||||
dbus receive bus=system path=/org/cups/cupsd/Notifier
|
||||
interface=org.cups.cupsd.Notifier
|
||||
member=ServerStarted
|
||||
member={ServerStarted,PrinterDeleted,PrinterStopped}
|
||||
peer=(name=@{busname}, label=cups-notifier-dbus),
|
||||
|
||||
dbus receive bus=session
|
||||
|
|
@ -38,6 +38,24 @@ profile gsd-print-notifications @{exec_path} flags=(attach_disconnected) {
|
|||
member=Introspect
|
||||
peer=(name=@{busname}, label=gnome-shell),
|
||||
|
||||
dbus send bus=system path=/
|
||||
interface=org.freedesktop.Avahi.Server
|
||||
member=RecordBrowserNew
|
||||
peer=(name=org.freedesktop.Avahi, label=avahi-daemon),
|
||||
dbus send bus=system path=/Client@{int}/RecordBrowser@{int}
|
||||
interface=org.freedesktop.Avahi.RecordBrowser
|
||||
member=Free
|
||||
peer=(name=org.freedesktop.Avahi, label=avahi-daemon),
|
||||
|
||||
dbus receive bus=system path=/Client@{int}/RecordBrowser@{int}
|
||||
interface=org.freedesktop.Avahi.RecordBrowser
|
||||
member={CacheExhausted,ItemNew}
|
||||
peer=(name=@{busname}, label=avahi-daemon),
|
||||
dbus receive bus=system path=/Client4/RecordBrowser3
|
||||
interface=org.freedesktop.Avahi.RecordBrowser
|
||||
member=ItemNew
|
||||
peer=(name=@{busname}, label=avahi-daemon),
|
||||
|
||||
@{exec_path} mr,
|
||||
@{lib}/gsd-printer rPx,
|
||||
|
||||
|
|
|
|||
|
|
@ -36,10 +36,20 @@ profile gsd-xsettings @{exec_path} {
|
|||
|
||||
#aa:dbus talk bus=session name=org.gnome.Mutter.X11 label=gnome-shell
|
||||
|
||||
dbus send bus=session path=/org/freedesktop/DBus
|
||||
interface=org.freedesktop.DBus
|
||||
member=GetId
|
||||
peer=(name=org.freedesktop.DBus, label="@{p_dbus_session}"),
|
||||
|
||||
dbus receive bus=system path=/org/freedesktop/Accounts
|
||||
interface=org.freedesktop.Accounts
|
||||
member=UserAdded
|
||||
peer=(name=@{busname}, label="@{p_accounts_daemon}"),
|
||||
|
||||
dbus send bus=system path=/org/freedesktop/Accounts/User@{uid}
|
||||
interface=org.freedesktop.Accounts.User
|
||||
member=SetInputSources
|
||||
peer=(name=:*, label="@{p_accounts_daemon}"),
|
||||
peer=(name=@{busname}, label="@{p_accounts_daemon}"),
|
||||
|
||||
@{exec_path} mr,
|
||||
@{sh_path} mr,
|
||||
|
|
|
|||
|
|
@ -12,6 +12,8 @@ profile loupe @{exec_path} flags=(attach_disconnected) {
|
|||
include <abstractions/bus-accessibility>
|
||||
include <abstractions/bus-session>
|
||||
include <abstractions/bus-system>
|
||||
include <abstractions/bus/org.a11y>
|
||||
include <abstractions/bus/org.freedesktop.portal.Desktop>
|
||||
include <abstractions/dconf-write>
|
||||
include <abstractions/gnome-strict>
|
||||
include <abstractions/graphics>
|
||||
|
|
|
|||
|
|
@ -31,9 +31,10 @@ profile nautilus @{exec_path} flags=(attach_disconnected) {
|
|||
unix type=stream peer=(label=gnome-shell),
|
||||
|
||||
#aa:dbus own bus=session name=org.freedesktop.FileManager1
|
||||
#aa:dbus own bus=session name=org.gnome.Nautilus interface+="org.gtk.{Application,Actions}"
|
||||
#aa:dbus own bus=session name=org.gnome.Nautilus interface+=org.gtk.{Application,Actions}
|
||||
#aa:dbus own bus=session name=org.gnome.Nautilus.SearchProvider interface+=org.gnome.Shell.SearchProvider2
|
||||
|
||||
#aa:dbus talk bus=session name=org.freedesktop.Application path=/ label="*"
|
||||
#aa:dbus talk bus=session name=org.gnome.Settings label=gnome-control-center
|
||||
#aa:dbus talk bus=session name=org.gtk.MountOperationHandler label=gnome-shell
|
||||
#aa:dbus talk bus=session name=org.gtk.Notifications label=gnome-shell
|
||||
|
|
@ -49,6 +50,11 @@ profile nautilus @{exec_path} flags=(attach_disconnected) {
|
|||
member=Print
|
||||
peer=(name=@{busname}, label=nautilus),
|
||||
|
||||
dbus send bus=session path=/org/freedesktop/DBus
|
||||
interface=org.freedesktop.DBus.Properties
|
||||
member=GetAll
|
||||
peer=(name=org.freedesktop.DBus, label="@{p_dbus_session}"),
|
||||
|
||||
dbus send bus=session path=/org/freedesktop/DBus
|
||||
interface=org.freedesktop.DBus
|
||||
member=ListActivatableNames
|
||||
|
|
|
|||
|
|
@ -9,6 +9,7 @@ include <tunables/global>
|
|||
@{exec_path} = @{bin}/papers
|
||||
profile papers @{exec_path} {
|
||||
include <abstractions/base>
|
||||
include <abstractions/bus/org.freedesktop.portal.Desktop>
|
||||
include <abstractions/common/gnome>
|
||||
include <abstractions/ssl_certs>
|
||||
include <abstractions/user-download-strict>
|
||||
|
|
|
|||
|
|
@ -9,6 +9,7 @@ include <tunables/global>
|
|||
@{exec_path} = @{bin}/ptyxis
|
||||
profile ptyxis @{exec_path} {
|
||||
include <abstractions/base>
|
||||
include <abstractions/bus/org.gtk.vfs.MountTracker>
|
||||
include <abstractions/common/gnome>
|
||||
include <abstractions/consoles>
|
||||
|
||||
|
|
|
|||
|
|
@ -9,9 +9,12 @@ include <tunables/global>
|
|||
@{exec_path} = @{lib}/ptyxis-agent
|
||||
profile ptyxis-agent @{exec_path} {
|
||||
include <abstractions/base>
|
||||
include <abstractions/bus-session>
|
||||
include <abstractions/bus/org.gtk.vfs.MountTracker>
|
||||
include <abstractions/consoles>
|
||||
include <abstractions/nameservice-strict>
|
||||
include <abstractions/dconf-write>
|
||||
include <abstractions/gsettings>
|
||||
include <abstractions/nameservice-strict>
|
||||
|
||||
signal send set=hup peer=unconfined,
|
||||
|
||||
|
|
|
|||
|
|
@ -9,6 +9,7 @@ include <tunables/global>
|
|||
@{exec_path} = @{bin}/wg-quick
|
||||
profile wg-quick @{exec_path} flags=(attach_disconnected) {
|
||||
include <abstractions/base>
|
||||
include <abstractions/bus-system>
|
||||
include <abstractions/consoles>
|
||||
include <abstractions/nameservice-strict>
|
||||
|
||||
|
|
|
|||
|
|
@ -35,12 +35,12 @@ profile polkit-agent-helper @{exec_path} flags=(attach_disconnected) {
|
|||
dbus send bus=system path=/org/freedesktop/PolicyKit1/Authority
|
||||
interface=org.freedesktop.DBus.Properties
|
||||
member=GetAll
|
||||
peer=(name=:*, label="@{p_polkitd}"),
|
||||
peer=(name=@{busname}, label="@{p_polkitd}"),
|
||||
|
||||
dbus send bus=system path=/org/freedesktop/PolicyKit1/Authority
|
||||
interface=org.freedesktop.PolicyKit1.Authority
|
||||
member=AuthenticationAgentResponse2
|
||||
peer=(name=:*, label="@{p_polkitd}"),
|
||||
peer=(name=@{busname}, label="@{p_polkitd}"),
|
||||
|
||||
@{exec_path} mr,
|
||||
|
||||
|
|
|
|||
|
|
@ -21,8 +21,15 @@ profile resolvectl @{exec_path} flags=(attach_disconnected) {
|
|||
|
||||
signal send set=cont peer=child-pager,
|
||||
|
||||
unix bind type=stream addr=@@{udbus}/bus/resolvconf/system,
|
||||
|
||||
#aa:dbus talk bus=system name=org.freedesktop.resolve1 label="@{p_systemd_resolved}"
|
||||
|
||||
#aa:dbus talk bus=system name=org.freedesktop.network1 label="@{p_systemd_networkd}"
|
||||
dbus send bus=system path=/org/freedesktop/network1
|
||||
interface=org.freedesktop.network1.Manager
|
||||
member=SetLinkDNSEx
|
||||
peer=(name=org.freedesktop.network1),
|
||||
|
||||
@{exec_path} mr,
|
||||
|
||||
|
|
|
|||
|
|
@ -9,19 +9,23 @@ include <tunables/global>
|
|||
@{exec_path} = @{bin}/software-properties-gtk
|
||||
profile software-properties-gtk @{exec_path} {
|
||||
include <abstractions/base>
|
||||
include <abstractions/common/apt>
|
||||
include <abstractions/audio-client>
|
||||
include <abstractions/bus-accessibility>
|
||||
include <abstractions/bus-session>
|
||||
include <abstractions/bus-system>
|
||||
include <abstractions/bus/org.a11y>
|
||||
include <abstractions/bus/org.freedesktop.portal.Desktop>
|
||||
include <abstractions/bus/org.gtk.vfs.MountTracker>
|
||||
include <abstractions/common/apt>
|
||||
include <abstractions/dconf-write>
|
||||
include <abstractions/gnome-strict>
|
||||
include <abstractions/nameservice-strict>
|
||||
include <abstractions/python>
|
||||
|
||||
#aa:dbus own bus=session name=com.ubuntu.SoftwareProperties
|
||||
|
||||
#aa:dbus talk bus=system name=com.canonical.UbuntuAdvantage label=ubuntu-advantage-desktop-daemon
|
||||
#aa:dbus talk bus=system name=com.ubuntu.SoftwareProperties path=/ label=software-properties-dbus
|
||||
|
||||
@{exec_path} mr,
|
||||
|
||||
|
|
|
|||
|
|
@ -14,6 +14,7 @@ profile update-notifier @{exec_path} {
|
|||
include <abstractions/bus-session>
|
||||
include <abstractions/bus-system>
|
||||
include <abstractions/bus/org.a11y>
|
||||
include <abstractions/bus/org.freedesktop.Notifications>
|
||||
include <abstractions/bus/org.gtk.vfs.MountTracker>
|
||||
include <abstractions/bus/org.kde.StatusNotifierWatcher>
|
||||
include <abstractions/common/apt>
|
||||
|
|
|
|||
|
|
@ -9,6 +9,9 @@ include <tunables/global>
|
|||
@{exec_path} = @{bin}/alacarte
|
||||
profile alacarte @{exec_path} flags=(attach_disconnected) {
|
||||
include <abstractions/base>
|
||||
include <abstractions/bus-accessibility>
|
||||
include <abstractions/bus-session>
|
||||
include <abstractions/bus/org.a11y>
|
||||
include <abstractions/dconf-write>
|
||||
include <abstractions/desktop>
|
||||
include <abstractions/python>
|
||||
|
|
|
|||
|
|
@ -17,6 +17,7 @@ profile element-desktop @{exec_path} flags=(attach_disconnected) {
|
|||
include <abstractions/base>
|
||||
include <abstractions/audio-client>
|
||||
include <abstractions/bus-session>
|
||||
include <abstractions/bus/com.canonical.Unity.LauncherEntry>
|
||||
include <abstractions/bus/org.freedesktop.ScreenSaver>
|
||||
include <abstractions/bus/org.kde.StatusNotifierWatcher>
|
||||
include <abstractions/common/electron>
|
||||
|
|
|
|||
|
|
@ -18,6 +18,8 @@ profile libreoffice @{exec_path} {
|
|||
include <abstractions/bus/org.freedesktop.Avahi>
|
||||
include <abstractions/bus/org.freedesktop.portal.Desktop>
|
||||
include <abstractions/bus/org.gnome.SessionManager>
|
||||
include <abstractions/bus/org.gtk.Private.RemoteVolumeMonitor>
|
||||
include <abstractions/bus/org.gtk.vfs.Daemon>
|
||||
include <abstractions/bus/org.gtk.vfs.MountTracker>
|
||||
include <abstractions/cups-client>
|
||||
include <abstractions/dconf-write>
|
||||
|
|
|
|||
|
|
@ -10,9 +10,11 @@ include <tunables/global>
|
|||
profile pinentry-gnome3 @{exec_path} {
|
||||
include <abstractions/base>
|
||||
include <abstractions/bus-session>
|
||||
include <abstractions/bus/org.gnome.keyring.internal.Prompter>
|
||||
include <abstractions/bus/org.gnome.ScreenSaver>
|
||||
include <abstractions/consoles>
|
||||
|
||||
signal (receive) set=(int) peer=gpg-agent,
|
||||
signal receive set=int,
|
||||
|
||||
@{exec_path} mr,
|
||||
|
||||
|
|
|
|||
|
|
@ -21,10 +21,13 @@ profile spotify @{exec_path} flags=(attach_disconnected) {
|
|||
include <abstractions/bus-session>
|
||||
include <abstractions/bus/org.a11y>
|
||||
include <abstractions/bus/org.freedesktop.Notifications>
|
||||
include <abstractions/bus/org.freedesktop.portal.Desktop>
|
||||
include <abstractions/bus/org.freedesktop.ScreenSaver>
|
||||
include <abstractions/bus/org.freedesktop.secrets>
|
||||
include <abstractions/bus/org.gnome.SettingsDaemon.MediaKeys>
|
||||
include <abstractions/bus/org.gtk.vfs.MountTracker>
|
||||
include <abstractions/bus/org.kde.StatusNotifierWatcher>
|
||||
include <abstractions/bus/org.mpris.MediaPlayer2.Player>
|
||||
include <abstractions/bus/session/org.freedesktop.systemd1>
|
||||
include <abstractions/common/electron>
|
||||
include <abstractions/devices-usb-read>
|
||||
|
|
@ -36,8 +39,16 @@ profile spotify @{exec_path} flags=(attach_disconnected) {
|
|||
network netlink raw,
|
||||
|
||||
#aa:dbus own bus=session name=org.mpris.MediaPlayer2.spotify
|
||||
|
||||
#aa:dbus talk bus=session name=org.ayatana.NotificationItem label=gnome-shell
|
||||
#aa:dbus talk bus=session name=org.freedesktop.portal.{d,D}esktop label=xdg-desktop-portal
|
||||
#aa:dbus talk bus=session name=org.gnome.SettingsDaemon.MediaKeys label=gsd-media-keys
|
||||
|
||||
dbus send bus=session path=/org/freedesktop/portal/desktop
|
||||
interface=org.freedesktop.portal.Secret
|
||||
member=RetrieveSecret
|
||||
peer=(name=org.freedesktop.portal.Desktop, label=xdg-desktop-portal),
|
||||
|
||||
|
||||
@{exec_path} mrix,
|
||||
|
||||
|
|
|
|||
|
|
@ -6,7 +6,7 @@ abi <abi/4.0>,
|
|||
|
||||
include <tunables/global>
|
||||
|
||||
@{name} = super{p,P}roductivity
|
||||
@{name} = super{p,P}roductivity Super?Productivity
|
||||
@{domain} = org.chromium.Chromium
|
||||
@{lib_dirs} = /opt/@{name}
|
||||
@{config_dirs} = @{user_config_dirs}/@{name}
|
||||
|
|
@ -16,7 +16,16 @@ include <tunables/global>
|
|||
profile superproductivity @{exec_path} flags=(attach_disconnected) {
|
||||
include <abstractions/base>
|
||||
include <abstractions/audio-client>
|
||||
include <abstractions/bus-accessibility>
|
||||
include <abstractions/bus-session>
|
||||
include <abstractions/bus/com.canonical.dbusmenu>
|
||||
include <abstractions/bus/org.a11y>
|
||||
include <abstractions/bus/org.freedesktop.Notifications>
|
||||
include <abstractions/bus/org.freedesktop.portal.Desktop>
|
||||
include <abstractions/bus/org.gnome.Mutter.IdleMonitor>
|
||||
include <abstractions/bus/org.gnome.SessionManager>
|
||||
include <abstractions/bus/org.gtk.vfs.MountTracker>
|
||||
include <abstractions/bus/org.kde.StatusNotifierItem>
|
||||
include <abstractions/common/electron>
|
||||
|
||||
network inet stream,
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue