feat(profiles): better integration with openSUSE.

See #134
2023-03-27 22:22:36 +01:00 · 2023-03-27 22:22:36 +01:00 · 41766ebd2a
commit 41766ebd2a
parent 4ca3ced1a5
20 changed files with 82 additions and 30 deletions
--- a/apparmor.d/groups/gpg/gpgsm
+++ b/apparmor.d/groups/gpg/gpgsm
@ -16,6 +16,8 @@ profile gpgsm @{exec_path} {

  @{exec_path} mr,

+  /usr/share/gnupg/* r,
+
  /etc/gcrypt/hwf.deny r,

  deny /usr/bin/.gnupg/ w,
--- a/apparmor.d/groups/gpg/scdaemon
+++ b/apparmor.d/groups/gpg/scdaemon
@ -24,6 +24,8 @@ profile scdaemon @{exec_path} {
  owner @{run}/user/@{uid}/gnupg/S.scdaemon rw,
  owner @{run}/user/@{uid}/gnupg/d.*/S.scdaemon rw,

+  owner /var/tmp/zypp.??????/zypp-trusted-*/S.scdaemon w,
+
  @{PROC}/@{pid}/task/@{tid}/comm rw,

  @{sys}/devices/pci[0-9]*/**/bConfigurationValue r,