diff --git a/apparmor.d/profiles-a-f/atool b/apparmor.d/profiles-a-f/atool new file mode 100644 index 000000000..96a8cda73 --- /dev/null +++ b/apparmor.d/profiles-a-f/atool @@ -0,0 +1,52 @@ +# apparmor.d - Full set of apparmor profiles +# Copyright (C) 2019-2021 Mikhail Morfikov +# Copyright (C) 2023-2024 Alexandre Pujol +# SPDX-License-Identifier: GPL-2.0-only + +abi , + +include + +@{exec_path} = @{bin}/atool +profile atool /{,usr/}{,s}bin/atool { + include + include + + @{exec_path} mr, + + @{bin}/7z rix, + @{bin}/arc rix, + @{bin}/arj rix, + @{bin}/bzip2 rix, + @{bin}/bzip2 rix, + @{bin}/bzip rix, + @{bin}/compress rix, + @{bin}/cpio rix, + @{bin}/gunzip rix, + @{bin}/gzip rix, + @{bin}/gzip rix, + @{bin}/jar rix, + @{bin}/lha rix, + @{bin}/lrunzip rix, + @{bin}/lrzcat rix, + @{bin}/lrzip rix, + @{bin}/lrz rix, + @{bin}/lrztar rix, + @{bin}/lrzuntar rix, + @{bin}/lzip rix, + @{bin}/lzma rix, + @{bin}/lzop rix, + @{bin}/lzop rix, + @{bin}/rar rix, + @{bin}/tar rix, + @{bin}/unace rix, + @{bin}/unrar rix, + @{bin}/unxz rix, + @{bin}/unzip rix, + @{bin}/xz rix, + @{bin}/zip rix, + + /usr/share/perl5/{,**} r, + + include if exists +} diff --git a/apparmor.d/profiles-a-f/exiftool b/apparmor.d/profiles-a-f/exiftool new file mode 100644 index 000000000..c46b8edbb --- /dev/null +++ b/apparmor.d/profiles-a-f/exiftool @@ -0,0 +1,20 @@ +# apparmor.d - Full set of apparmor profiles +# Copyright (C) 2019-2021 Mikhail Morfikov +# Copyright (C) 2023-2024 Alexandre Pujol +# SPDX-License-Identifier: GPL-2.0-only + +abi , + +include + +@{exec_path} = @{bin}/vendor_perl/exiftool +profile exiftool @{exec_path} { + include + include + + @{exec_path} mr, + + /usr/share/perl5/{,**} r, + + include if exists +} diff --git a/apparmor.d/profiles-g-l/highlight b/apparmor.d/profiles-g-l/highlight new file mode 100644 index 000000000..5fc2cde0f --- /dev/null +++ b/apparmor.d/profiles-g-l/highlight @@ -0,0 +1,23 @@ +# apparmor.d - Full set of apparmor profiles +# Copyright (C) 2019-2021 Mikhail Morfikov +# Copyright (C) 2023-2024 Alexandre Pujol +# SPDX-License-Identifier: GPL-2.0-only + +abi , + +include + +@{exec_path} = @{bin}/ +profile highlight /{,usr/}{,s}bin/highlight { + include + include + include + + /etc/machine-id r, + /etc/highlight/{,**} r, + /usr/share/highlight/{,**} r, + + @{exec_path} mr, + + include if exists +} diff --git a/apparmor.d/profiles-m-r/mediainfo b/apparmor.d/profiles-m-r/mediainfo index 788b12455..143cda76b 100644 --- a/apparmor.d/profiles-m-r/mediainfo +++ b/apparmor.d/profiles-m-r/mediainfo @@ -10,12 +10,9 @@ include @{exec_path} = @{bin}/mediainfo profile mediainfo @{exec_path} { include - include + include @{exec_path} mr, - owner @{user_music_dirs}/** r, - owner @{user_videos_dirs}/** r, - include if exists } diff --git a/apparmor.d/profiles-m-r/mediainfo-gui b/apparmor.d/profiles-m-r/mediainfo-gui index 72dc273a9..6ef4bd5a0 100644 --- a/apparmor.d/profiles-m-r/mediainfo-gui +++ b/apparmor.d/profiles-m-r/mediainfo-gui @@ -15,14 +15,12 @@ profile mediainfo-gui @{exec_path} { include include include - include + include @{exec_path} mr, @{bin}/xdg-open rCx -> open, - owner @{user_music_dirs}/** r, - owner @{user_videos_dirs}/** r, profile open { include