felipe/apparmor.d
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat(profile): clean superfluous openssl abstraction includes

Browse source 
apparmor.d equivalent of https://gitlab.com/apparmor/apparmor/-/merge_requests/1179
This commit is contained in:
Alexandre Pujol 2024-03-12 16:00:44 +00:00
parent d5972cdf1d
commit 467c38724a
No known key found for this signature in database
GPG key ID: C5469996F0DF68EC
173 changed files with 0 additions and 180 deletions
Download patch file Download diff file Expand all files Collapse all files

1
apparmor.d/profiles-s-z/s3fs
View file

@ -10,7 +10,6 @@ include <tunables/global>
profile s3fs @{exec_path} {
include <abstractions/base>
include <abstractions/nameservice-strict>
include <abstractions/openssl>
include <abstractions/ssl_certs>
network inet dgram,

1
apparmor.d/profiles-s-z/smplayer
View file

@ -19,7 +19,6 @@ profile smplayer @{exec_path} {
include <abstractions/gtk>
include <abstractions/mesa>
include <abstractions/nameservice-strict>
include <abstractions/openssl>
include <abstractions/qt5-compose-cache-write>
include <abstractions/qt5-settings-write>
include <abstractions/user-download-strict>

1
apparmor.d/profiles-s-z/smtube
View file

@ -19,7 +19,6 @@ profile smtube @{exec_path} {
include <abstractions/mesa>
include <abstractions/nameservice-strict>
include <abstractions/qt5-compose-cache-write>
include <abstractions/openssl>
include <abstractions/ssl_certs>
include <abstractions/gstreamer>

1
apparmor.d/profiles-s-z/spectre-meltdown-checker
View file

@ -148,7 +148,6 @@ profile spectre-meltdown-checker @{exec_path} {
include <abstractions/base>
include <abstractions/consoles>
include <abstractions/nameservice-strict>
include <abstractions/openssl>
include <abstractions/ssl_certs>
deny capability net_admin,

1
apparmor.d/profiles-s-z/speedtest
View file

@ -11,7 +11,6 @@ include <tunables/global>
profile speedtest @{exec_path} {
include <abstractions/base>
include <abstractions/nameservice-strict>
include <abstractions/openssl>
include <abstractions/ssl_certs>
network inet dgram,

1
apparmor.d/profiles-s-z/spotify
View file

@ -21,7 +21,6 @@ profile spotify @{exec_path} {
include <abstractions/desktop>
include <abstractions/graphics>
include <abstractions/nameservice-strict>
include <abstractions/openssl>
include <abstractions/ssl_certs>
network inet dgram,

1
apparmor.d/profiles-s-z/strawberry
View file

@ -22,7 +22,6 @@ profile strawberry @{exec_path} {
include <abstractions/qt5-compose-cache-write>
include <abstractions/qt5-settings-write>
include <abstractions/nameservice-strict>
include <abstractions/openssl>
include <abstractions/ssl_certs>
include <abstractions/devices-usb>
include <abstractions/gstreamer>

1
apparmor.d/profiles-s-z/strawberry-tagreader
View file

@ -11,7 +11,6 @@ include <tunables/global>
profile strawberry-tagreader @{exec_path} {
include <abstractions/base>
include <abstractions/consoles>
include <abstractions/openssl>
include <abstractions/ssl_certs>
signal (receive) set=(term, kill) peer=strawberry,

1
apparmor.d/profiles-s-z/swtpm
View file

@ -9,7 +9,6 @@ include <tunables/global>
@{exec_path} = @{bin}/swtpm
profile swtpm @{exec_path} {
include <abstractions/base>
include <abstractions/openssl>
signal (receive) set=(term) peer=libvirtd,

1
apparmor.d/profiles-s-z/system-config-printer
View file

@ -21,7 +21,6 @@ profile system-config-printer @{exec_path} flags=(complain) {
include <abstractions/freedesktop.org>
include <abstractions/gtk>
include <abstractions/nameservice-strict>
include <abstractions/openssl>
include <abstractions/python>
include <abstractions/wayland>

1
apparmor.d/profiles-s-z/system-config-printer-applet
View file

@ -12,7 +12,6 @@ profile system-config-printer-applet @{exec_path} {
include <abstractions/base>
include <abstractions/python>
include <abstractions/nameservice-strict>
include <abstractions/openssl>
network inet stream,
network inet6 stream,

1
apparmor.d/profiles-s-z/terminator
View file

@ -16,7 +16,6 @@ profile terminator @{exec_path} flags=(attach_disconnected) {
include <abstractions/dconf-write>
include <abstractions/desktop>
include <abstractions/nameservice-strict>
include <abstractions/openssl>
include <abstractions/python>
capability sys_ptrace,

1
apparmor.d/profiles-s-z/thunderbird
View file

@ -27,7 +27,6 @@ profile thunderbird @{exec_path} {
include <abstractions/fontconfig-cache-read>
include <abstractions/graphics>
include <abstractions/nameservice-strict>
include <abstractions/openssl>
include <abstractions/ssl_certs>
include <abstractions/thumbnails-cache-read>
include <abstractions/uim>

1
apparmor.d/profiles-s-z/transmission-gtk
View file

@ -13,7 +13,6 @@ profile transmission-gtk @{exec_path} {
include <abstractions/desktop>
include <abstractions/graphics>
include <abstractions/nameservice-strict>
include <abstractions/openssl>
include <abstractions/ssl_certs>
include <abstractions/trash>
include <abstractions/user-download-strict>

1
apparmor.d/profiles-s-z/transmission-qt
View file

@ -14,7 +14,6 @@ profile transmission-qt @{exec_path} {
include <abstractions/fontconfig-cache-read>
include <abstractions/graphics>
include <abstractions/nameservice-strict>
include <abstractions/openssl>
include <abstractions/private-files-strict>
include <abstractions/qt5-settings-write>
include <abstractions/ssl_certs>

1
apparmor.d/profiles-s-z/udisksd
View file

@ -15,7 +15,6 @@ profile udisksd @{exec_path} flags=(attach_disconnected) {
include <abstractions/bus/org.freedesktop.PolicyKit1>
include <abstractions/disks-write>
include <abstractions/nameservice-strict>
include <abstractions/openssl>
capability chown,
capability dac_override,

1
apparmor.d/profiles-s-z/update-ca-certificates
View file

@ -11,7 +11,6 @@ include <tunables/global>
profile update-ca-certificates @{exec_path} {
include <abstractions/base>
include <abstractions/consoles>
include <abstractions/openssl>
include <abstractions/ssl_certs>
@{exec_path} rmix,

1
apparmor.d/profiles-s-z/update-pciids
View file

@ -45,7 +45,6 @@ profile update-pciids @{exec_path} {
profile browse {
include <abstractions/base>
include <abstractions/nameservice-strict>
include <abstractions/openssl>
include <abstractions/ssl_certs>
network inet dgram,

1
apparmor.d/profiles-s-z/update-smart-drivedb
View file

@ -64,7 +64,6 @@ profile update-smart-drivedb @{exec_path} {
include <abstractions/base>
include <abstractions/consoles>
include <abstractions/nameservice-strict>
include <abstractions/openssl>
include <abstractions/ssl_certs>
network inet dgram,

1
apparmor.d/profiles-s-z/vidcutter
View file

@ -16,7 +16,6 @@ profile vidcutter @{exec_path} {
include <abstractions/fontconfig-cache-read>
include <abstractions/graphics>
include <abstractions/nameservice-strict>
include <abstractions/openssl>
include <abstractions/python>
include <abstractions/qt5-compose-cache-write>
include <abstractions/qt5-settings-write>

1
apparmor.d/profiles-s-z/virt-manager
View file

@ -19,7 +19,6 @@ profile virt-manager @{exec_path} flags=(attach_disconnected) {
include <abstractions/graphics>
include <abstractions/gstreamer>
include <abstractions/nameservice-strict>
include <abstractions/openssl>
include <abstractions/python>
include <abstractions/ssl_certs>
include <abstractions/thumbnails-cache-read>

1
apparmor.d/profiles-s-z/vlc-cache-gen
View file

@ -9,7 +9,6 @@ include <tunables/global>
@{exec_path} = @{lib}/vlc/vlc-cache-gen
profile vlc-cache-gen @{exec_path} {
include <abstractions/base>
include <abstractions/openssl>
@{exec_path} mr,

1
apparmor.d/profiles-s-z/vsftpd
View file

@ -11,7 +11,6 @@ include <tunables/global>
profile vsftpd @{exec_path} {
include <abstractions/base>
include <abstractions/nameservice>
include <abstractions/openssl>
# Only for local users authentication
include <abstractions/authentication>

1
apparmor.d/profiles-s-z/wpa-supplicant
View file

@ -12,7 +12,6 @@ profile wpa-supplicant @{exec_path} flags=(attach_disconnected) {
include <abstractions/base>
include <abstractions/bus-system>
include <abstractions/nameservice-strict>
include <abstractions/openssl>
capability chown,
capability dac_override,

1
apparmor.d/profiles-s-z/yadifad
View file

@ -7,7 +7,6 @@ include <tunables/global>
profile yadifad @{exec_path} {
include <abstractions/base>
include <abstractions/nameservice-strict>
include <abstractions/openssl>
include <abstractions/nis>
capability dac_override,

1
apparmor.d/profiles-s-z/youtube-dl
View file

@ -16,7 +16,6 @@ profile youtube-dl @{exec_path} {
include <abstractions/fonts>
include <abstractions/freedesktop.org>
include <abstractions/nameservice-strict>
include <abstractions/openssl>
include <abstractions/python>
include <abstractions/ssl_certs>
include <abstractions/user-download-strict>

1
apparmor.d/profiles-s-z/youtube-viewer
View file

@ -13,7 +13,6 @@ profile youtube-viewer @{exec_path} {
include <abstractions/consoles>
include <abstractions/nameservice-strict>
include <abstractions/perl>
include <abstractions/openssl>
include <abstractions/ssl_certs>
signal (receive) set=(hup, winch) peer=gtk-youtube-viewer//xterm,

1
apparmor.d/profiles-s-z/yt-dlp
View file

@ -12,7 +12,6 @@ profile yt-dlp @{exec_path} {
include <abstractions/base>
include <abstractions/consoles>
include <abstractions/nameservice-strict>
include <abstractions/openssl>
include <abstractions/python>
include <abstractions/ssl_certs>
include <abstractions/user-download-strict>

1
apparmor.d/profiles-s-z/ytdl
View file

@ -11,7 +11,6 @@ include <tunables/global>
profile ytdl @{exec_path} {
include <abstractions/base>
include <abstractions/nameservice-strict>
include <abstractions/openssl>
include <abstractions/python>
include <abstractions/ssl_certs>
include <abstractions/user-download-strict>