felipe/apparmor.d
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Use @{uid} instead of [0-9]* when it denotes the user id.

Browse source
This commit is contained in:
Alexandre Pujol 2021-04-18 19:00:15 +01:00
parent cd4ad5b09c
commit 4a35b7d804
No known key found for this signature in database
GPG key ID: C5469996F0DF68EC
137 changed files with 253 additions and 253 deletions
Download patch file Download diff file Expand all files Collapse all files

2
apparmor.d/groups/apps/android-studio
View file

@ -278,7 +278,7 @@ profile android-studio @{exec_path} {
owner @{HOME}/ r,
owner @{run}/user/[0-9]*/ r,
owner @{run}/user/@{uid}/ r,
# Allowed apps to open
/{usr/,}bin/spacefm rPx,

2
apparmor.d/groups/apps/atom
View file

@ -191,7 +191,7 @@ profile atom @{exec_path} {
owner @{HOME}/ r,
owner @{run}/user/[0-9]*/ r,
owner @{run}/user/@{uid}/ r,
# Allowed apps to open
/{usr/,}lib/firefox/firefox rPUx,

2
apparmor.d/groups/apps/calibre
View file

@ -172,7 +172,7 @@ profile calibre @{exec_path} {
owner @{HOME}/ r,
owner @{run}/user/[0-9]*/ r,
owner @{run}/user/@{uid}/ r,
# Allowed apps to open
/{usr/,}lib/firefox/firefox rPx,

4
apparmor.d/groups/apps/code
View file

@ -125,8 +125,8 @@ profile code @{exec_path} {
owner "/tmp/VSCode Crashes/" rw,
owner /tmp/vscode-typescript[0-9]*/ rw,
owner @{run}/user/[0-9]*/vscode-[0-9a-f]*-*-{shared,main}.sock rw,
owner @{run}/user/[0-9]*/vscode-git-askpass-[0-9a-f]*.sock rw,
owner @{run}/user/@{uid}/vscode-[0-9a-f]*-*-{shared,main}.sock rw,
owner @{run}/user/@{uid}/vscode-git-askpass-[0-9a-f]*.sock rw,
owner /tmp/vscode-ipc-[0-9a-f]*-[0-9a-f]*-[0-9a-f]*-[0-9a-f]*-[0-9a-f]*.sock rw,
# For installing extensions

4
apparmor.d/groups/apps/discord
View file

@ -125,7 +125,7 @@ profile discord @{exec_path} {
owner @{HOME}/.pki/nssdb/{cert9,key4}.db rwk,
owner @{HOME}/.pki/nssdb/{cert9,key4}.db-journal rw,
owner @{run}/user/[0-9]*/discord-ipc-[0-9] rw,
owner @{run}/user/@{uid}/discord-ipc-[0-9] rw,
/var/lib/dbus/machine-id r,
/etc/machine-id r,
@ -200,7 +200,7 @@ profile discord @{exec_path} {
owner @{HOME}/ r,
owner @{run}/user/[0-9]*/ r,
owner @{run}/user/@{uid}/ r,
# Allowed apps to open
/{usr/,}lib/firefox/firefox rPx,

4
apparmor.d/groups/apps/dropbox
View file

@ -110,7 +110,7 @@ profile dropbox @{exec_path} {
owner /tmp/#[0-9]*[0-9] rw,
owner /var/tmp/etilqs_* rw,
@{run}/systemd/users/[0-9]* r,
@{run}/systemd/users/@{uid} r,
deny @{sys}/module/apparmor/parameters/enabled r,
@ -135,7 +135,7 @@ profile dropbox @{exec_path} {
owner @{HOME}/ r,
owner @{run}/user/[0-9]*/ r,
owner @{run}/user/@{uid}/ r,
# Allowed apps to open
/{usr/,}lib/firefox/firefox rPUx,

2
apparmor.d/groups/apps/flameshot
View file

@ -84,7 +84,7 @@ profile flameshot @{exec_path} {
owner @{HOME}/ r,
owner @{run}/user/[0-9]*/ r,
owner @{run}/user/@{uid}/ r,
# Allowed apps to open

4
apparmor.d/groups/apps/freetube
View file

@ -104,7 +104,7 @@ profile freetube @{exec_path} {
/var/lib/dbus/machine-id r,
/etc/machine-id r,
owner @{run}/user/[0-9]*/ r,
owner @{run}/user/@{uid}/ r,
# no new privs
/{usr/,}bin/xdg-settings rPx,
@ -131,7 +131,7 @@ profile freetube @{exec_path} {
owner @{HOME}/ r,
owner @{run}/user/[0-9]*/ r,
owner @{run}/user/@{uid}/ r,
# Allowed apps to open
/{usr/,}lib/firefox/firefox rPx,

2
apparmor.d/groups/apps/okular
View file

@ -109,7 +109,7 @@ profile okular @{exec_path} {
owner @{HOME}/ r,
owner @{run}/user/[0-9]*/ r,
owner @{run}/user/@{uid}/ r,
# Allowed apps to open
/{usr/,}lib/firefox/firefox rPUx,

2
apparmor.d/groups/apps/telegram-desktop
View file

@ -100,7 +100,7 @@ profile telegram-desktop @{exec_path} {
owner @{TELEGRAM_WORK_DIR}/ r,
owner @{run}/user/[0-9]*/ r,
owner @{run}/user/@{uid}/ r,
# Allowed apps to open
/{usr/,}lib/firefox/firefox rPx,

2
apparmor.d/groups/apps/thunderbird
View file

@ -254,7 +254,7 @@ profile thunderbird @{exec_path} {
owner @{HOME}/ r,
owner @{run}/user/[0-9]*/ r,
owner @{run}/user/@{uid}/ r,
# Allowed apps to open
/{usr/,}lib/firefox/firefox rPUx,