felipe/apparmor.d
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

chore(profile): remove trailing whitespace in profiles.

Browse source
This commit is contained in:
Alexandre Pujol 2024-10-22 20:03:24 +01:00
parent 88b362f7fb
commit 38b973c596
No known key found for this signature in database
GPG key ID: C5469996F0DF68EC
143 changed files with 184 additions and 181 deletions
Download patch file Download diff file Expand all files Collapse all files

2
apparmor.d/profiles-a-f/acpi-powerbtn
View file

@ -57,7 +57,7 @@ profile acpi-powerbtn flags=(attach_disconnected) {
profile systemctl {
include <abstractions/base>
include <abstractions/app/systemctl>
include if exists <local/acpi-powerbtn_systemctl>
}

4
apparmor.d/profiles-a-f/anyremote
View file

@ -80,10 +80,10 @@ profile anyremote @{exec_path} {
@{bin}/convert-im6.q16 mr,
/usr/share/anyremote/cfg-data/Icons/common/*.png r,
/usr/share/ImageMagick-[0-9]/*.xml rw,
/etc/ImageMagick-[0-9]/*.xml r,
owner @{HOME}/.anyRemote/*.png rw,
owner @{HOME}/.kde/share/apps/amarok/albumcovers/cache/* r,

2
apparmor.d/profiles-a-f/appstreamcli
View file

@ -47,7 +47,7 @@ profile appstreamcli @{exec_path} flags=(complain) {
/var/log/cron-apt/temp w,
owner /var/cache/app-info/{,**} rw,
owner /var/cache/swcatalog/{,**} rw,
owner @{user_cache_dirs}/ rw,
owner @{user_cache_dirs}/appstream-cache-*.mdb rw,
owner @{user_cache_dirs}/appstream/ rw,

2
apparmor.d/profiles-a-f/borg
View file

@ -111,7 +111,7 @@ profile borg @{exec_path} {
/etc/fuse.conf r,
@{MOUNTS}/ r,
@{MOUNTS}/*/ r,
@{MOUNTS}/*/ r,
@{PROC}/@{pids}/mounts r,

2
apparmor.d/profiles-a-f/briar-desktop-tor
View file

@ -14,7 +14,7 @@ profile briar-desktop-tor {
network netlink raw,
signal send set=term peer=briar-desktop-tor//obfs4proxy,
signal send set=term peer=briar-desktop-tor//snowflake,
signal send set=term peer=briar-desktop-tor//snowflake,
owner @{HOME}/.briar/desktop/tor/.tor/{,**} rw,
owner @{HOME}/.briar/desktop/tor/.tor/lock k,

1
apparmor.d/profiles-a-f/btrfs
View file

@ -59,7 +59,6 @@ profile btrfs @{exec_path} flags=(attach_disconnected) {
/dev/btrfs-control rw,
/dev/pts/@{int} rw,
/dev/tty@{int} rw,
include if exists <local/btrfs>
}

2
apparmor.d/profiles-a-f/cups-notifier-dbus
View file

@ -21,7 +21,7 @@ profile cups-notifier-dbus @{exec_path} {
owner /var/spool/cups/tmp/cups-dbus-notifier-lockfile rw,
owner @{tmp}/cups-dbus-notifier-lockfile rwk,
include if exists <local/cups-notifier-dbus>
}

2
apparmor.d/profiles-a-f/cupsd
View file

@ -95,7 +95,7 @@ profile cupsd @{exec_path} flags=(attach_disconnected) {
@{PROC}/@{pids}/fd/ r,
owner @{PROC}/@{pid}/mounts r,
owner @{tmp}/*_latest_print_info w,
/dev/tty rw,

4
apparmor.d/profiles-a-f/dig
View file

@ -27,9 +27,9 @@ profile dig @{exec_path} {
owner @{HOME}/.digrc r,
owner @{HOME}/batch_mode.dig r,
owner @{HOME}/tsig.key r,
/tmp/batch_mode.dig r,
owner @{PROC}/@{pids}/task/@{tid}/comm rw,
include if exists <local/dig>

2
apparmor.d/profiles-a-f/discord
View file

@ -12,7 +12,7 @@ include <tunables/global>
@{config_dirs} = @{user_config_dirs}/@{name} @{user_config_dirs}/discordptb
@{cache_dirs} = @{user_cache_dirs}/@{name}
@{exec_path} = @{bin}/discord{,-ptb} @{lib_dirs}/Discord{,PTB}
@{exec_path} = @{bin}/discord{,-ptb} @{lib_dirs}/Discord{,PTB}
profile discord @{exec_path} {
include <abstractions/base>
include <abstractions/audio-client>

2
apparmor.d/profiles-a-f/discord-chrome-sandbox
View file

@ -8,7 +8,7 @@ abi <abi/4.0>,
include <tunables/global>
@{name} = discord
@{lib_dirs} = /usr/share/@{name} /opt/@{name}
@{lib_dirs} = /usr/share/@{name} /opt/@{name}
@{config_dirs} = @{user_config_dirs}/@{name} @{user_config_dirs}/discordptb
@{cache_dirs} = @{user_cache_dirs}/@{name}

2
apparmor.d/profiles-a-f/dkms-autoinstaller
View file

@ -40,7 +40,7 @@ profile dkms-autoinstaller @{exec_path} {
profile systemctl {
include <abstractions/base>
include <abstractions/app/systemctl>
include if exists <local/dkms-autoinstaller_systemctl>
}

6
apparmor.d/profiles-a-f/dnscrypt-proxy
View file

@ -27,17 +27,17 @@ profile dnscrypt-proxy @{exec_path} {
@{exec_path} mrix,
/etc/dnscrypt-proxy/{,**} r,
owner /etc/dnscrypt-proxy/public-resolvers.md rw,
owner /etc/dnscrypt-proxy/public-resolvers.md.minisig rw,
owner /etc/dnscrypt-proxy/relays.md rw,
owner /etc/dnscrypt-proxy/relays.md.minisig rw,
owner /etc/dnscrypt-proxy/sf-*.tmp rw,
/var/cache/private/dnscrypt-proxy/{,**} r,
/var/cache/private/dnscrypt-proxy/public-resolvers.md{,.minisig} rw,
/var/cache/private/dnscrypt-proxy/sf-*.tmp rw,
/var/log/dnscrypt-proxy/ r,
/var/log/dnscrypt-proxy/*.log w,
/var/log/private/dnscrypt-proxy/ rw,

2
apparmor.d/profiles-a-f/element-desktop
View file

@ -7,7 +7,7 @@ abi <abi/4.0>,
include <tunables/global>
@{name} = {E,e}lement
@{lib_dirs} = @{lib}/@{name}
@{lib_dirs} = @{lib}/@{name}
@{config_dirs} = @{user_config_dirs}/@{name}
@{cache_dirs} = @{user_cache_dirs}/@{name}

2
apparmor.d/profiles-a-f/findmnt
View file

@ -20,7 +20,7 @@ profile findmnt @{exec_path} flags=(attach_disconnected,complain) {
/etc/fstab r,
/etc/mtab r,
@{PROC}/@{pids}/mountinfo r,
# File Inherit

6
apparmor.d/profiles-a-f/flatpak-app
View file

@ -3,11 +3,11 @@
# SPDX-License-Identifier: GPL-2.0-only
# Default profile for all flatpak applications. Ideally, this profile should be
# generated by flatpak itself with settings from the flatpak manifest and
# generated by flatpak itself with settings from the flatpak manifest and
# fully separated from bwrap.
# Note: This profile used to be split in two (flatpak-bwrap & flatpak-app) in order
# to separate bwrap from the sandboxed app itself. It was generating issue with
# to separate bwrap from the sandboxed app itself. It was generating issue with
# zypak-sandbox, therefore the profiles have been merged. Meanwhile, to install
# some applications, flatpak needs write access to the sandbox content. This is
# done through bwrap and therefore in this profile.
@ -15,7 +15,7 @@
# 1. All of this will have to be improved. However, as of today, it is the only
# way to not break some (major) flatpak app.
# 2. It is not a big deal as flatpak is responsible for the sandbox anyway.
# This this only defence in depth.
# This this only defence in depth.
# 3. The main purpose of this profile is to ensure all processes are confined.
abi <abi/4.0>,

2
apparmor.d/profiles-a-f/flatpak-session-helper
View file

@ -43,7 +43,7 @@ profile flatpak-session-helper @{exec_path} flags=(attach_disconnected) {
owner @{run}/user/@{uid}/.flatpak-helper/{,**} rw,
owner @{run}/user/@{uid}/.flatpak-helper/pkcs11-flatpak-@{int} rw,
owner @{PROC}/@{pids}/fd/ r,
/dev/ptmx rw,

2
apparmor.d/profiles-a-f/fractal
View file

@ -27,7 +27,7 @@ profile fractal @{exec_path} flags=(attach_disconnected) {
/usr/share/xml/iso-codes/{,**} r,
owner @{tmp}/.@{rand6} rw,
owner @{tmp}/.@{rand6} rw,
owner @{tmp}/.goutputstream-@{rand6} rw,
owner @{tmp}/@{rand6} rw,

2
apparmor.d/profiles-a-f/freetube
View file

@ -8,7 +8,7 @@ abi <abi/4.0>,
include <tunables/global>
@{name} = {F,f}ree{T,t}ube{,-vue}
@{lib_dirs} = @{lib}/@{name} /opt/@{name}
@{lib_dirs} = @{lib}/@{name} /opt/@{name}
@{config_dirs} = @{user_config_dirs}/@{name}
@{cache_dirs} = @{user_cache_dirs}/@{name}

2
apparmor.d/profiles-a-f/fwupd
View file

@ -149,7 +149,7 @@ profile fwupd @{exec_path} flags=(attach_disconnected,complain) {
@{bin}/gpg-agent rix,
@{lib}/{,gnupg/}scdaemon rix,
owner /var/lib/fwupd/gnupg/ rw,
owner /var/lib/fwupd/gnupg/** rwkl -> /var/lib/fwupd/gnupg/**,

2
apparmor.d/profiles-a-f/fwupdmgr
View file

@ -28,7 +28,7 @@ profile fwupdmgr @{exec_path} flags=(attach_disconnected) {
network netlink raw,
#aa:dbus talk bus=system name=org.freedesktop.fwupd label=fwupd path=/
@{exec_path} mr,
@{bin}/dbus-launch Cx -> bus,