Profile update.
This commit is contained in:
Alexandre Pujol
parent
749859920e
commit
49bddc0382
11 changed files with 24 additions and 18 deletions
|
|
@ -7,7 +7,7 @@ abi <abi/3.0>,
|
|||
include <tunables/global>
|
||||
|
||||
@{exec_path} = /{usr/,}bin/blueman-*
|
||||
profile blueman @{exec_path} {
|
||||
profile blueman @{exec_path} flags=(attach_disconnected) {
|
||||
include <abstractions/base>
|
||||
include <abstractions/python>
|
||||
include <abstractions/fonts>
|
||||
|
|
@ -78,6 +78,9 @@ profile blueman @{exec_path} {
|
|||
|
||||
@{run}/user/1000/gdm/Xauthority r,
|
||||
|
||||
# file_inherit
|
||||
/dev/dri/card[0-9]* rw,
|
||||
|
||||
profile open {
|
||||
include <abstractions/base>
|
||||
include <abstractions/xdg-open>
|
||||
|
|
|
|||
|
|
@ -13,6 +13,7 @@ profile blueman-mechanism @{exec_path} {
|
|||
include <abstractions/python>
|
||||
include <abstractions/nameservice-strict>
|
||||
|
||||
capability mknod,
|
||||
capability net_admin,
|
||||
deny capability sys_nice,
|
||||
|
||||
|
|
|
|||
|
|
@ -9,6 +9,8 @@ include <tunables/global>
|
|||
@{exec_path} = /{usr/,}bin/Xwayland
|
||||
profile xwayland @{exec_path} flags=(attach_disconnected) {
|
||||
include <abstractions/base>
|
||||
include <abstractions/dri-common>
|
||||
include <abstractions/dri-enumerate>
|
||||
include <abstractions/mesa>
|
||||
include <abstractions/nameservice-strict>
|
||||
|
||||
|
|
@ -19,13 +21,9 @@ profile xwayland @{exec_path} flags=(attach_disconnected) {
|
|||
/{usr/,}bin/{,ba,da}sh rix,
|
||||
/{usr/,}bin/xkbcomp rPx,
|
||||
|
||||
/usr/share/drirc.d/{,*} r,
|
||||
/usr/share/glvnd/egl_vendor.d/{,*.json} r,
|
||||
/usr/share/X11/xkb/rules/evdev r,
|
||||
|
||||
/dev/dri/card[0-9]* rw,
|
||||
/dev/dri/renderD[0-9]* rw,
|
||||
|
||||
# TMP files
|
||||
owner /tmp/server-[0-9]*.xkm rwk,
|
||||
|
||||
|
|
@ -36,12 +34,6 @@ profile xwayland @{exec_path} flags=(attach_disconnected) {
|
|||
# Needed for Mutter
|
||||
owner @{run}/user/@{uid}/.mutter-Xwaylandauth.[a-zA-z0-9]* rw,
|
||||
|
||||
@{sys}/devices/pci[0-9]*/**/uevent r,
|
||||
@{sys}/devices/pci[0-9]*/**/vendor r,
|
||||
@{sys}/devices/pci[0-9]*/**/device r,
|
||||
@{sys}/devices/pci[0-9]*/**/subsystem_vendor r,
|
||||
@{sys}/devices/pci[0-9]*/**/subsystem_device r,
|
||||
|
||||
owner @{PROC}/@{pids}/cmdline r,
|
||||
|
||||
include if exists <local/xwayland>
|
||||
|
|
|
|||
|
|
@ -17,5 +17,8 @@ profile glib-pacrunner @{exec_path} {
|
|||
|
||||
@{exec_path} mr,
|
||||
|
||||
@{PROC}/cmdline r,
|
||||
@{PROC}/sys/kernel/osrelease r,
|
||||
|
||||
include if exists <local/glib-pacrunner>
|
||||
}
|
||||
|
|
|
|||
|
|
@ -25,6 +25,8 @@ profile gio-launch-desktop @{exec_path} {
|
|||
|
||||
# User files
|
||||
owner @{PROC}/@{pid}/fd/ r,
|
||||
owner @{PROC}/@{pid}/mountinfo r,
|
||||
owner @{PROC}/@{pid}/mounts r,
|
||||
|
||||
# file_inherit
|
||||
owner @{HOME}/.xsession-errors w,
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue