Alexandre Pujol
parent
245898a9d2
commit
52a2ae8c23
19 changed files with 48 additions and 28 deletions
|
|
@ -17,9 +17,7 @@ profile gnome-extension-gsconnect @{exec_path} {
|
|||
include <abstractions/bus-session>
|
||||
include <abstractions/bus-system>
|
||||
include <abstractions/dconf-write>
|
||||
include <abstractions/fonts>
|
||||
include <abstractions/freedesktop.org>
|
||||
include <abstractions/gtk>
|
||||
include <abstractions/gnome-strict>
|
||||
include <abstractions/nameservice-strict>
|
||||
include <abstractions/p11-kit>
|
||||
include <abstractions/ssl_certs>
|
||||
|
|
@ -32,10 +30,10 @@ profile gnome-extension-gsconnect @{exec_path} {
|
|||
|
||||
@{exec_path} mr,
|
||||
|
||||
@{sh_path} rix,
|
||||
@{bin}/env rix,
|
||||
@{bin}/gjs-console rix,
|
||||
@{bin}/openssl rix,
|
||||
@{sh_path} rix,
|
||||
@{bin}/ssh-add rix,
|
||||
|
||||
@{bin}/ssh-keygen rPx,
|
||||
|
|
@ -49,18 +47,12 @@ profile gnome-extension-gsconnect @{exec_path} {
|
|||
@{share_dirs}/{,**} r,
|
||||
@{share_dirs}/gsconnect-preferences rix,
|
||||
|
||||
/etc/machine-id r,
|
||||
|
||||
owner @{user_cache_dirs}/gsconnect/{,**} rw,
|
||||
|
||||
owner @{user_config_dirs}/ r,
|
||||
|
||||
owner @{user_config_dirs}/gsconnect/{,**} rw,
|
||||
owner @{user_config_dirs}/mimeapps.list w,
|
||||
owner @{user_config_dirs}/mimeapps.list.@{rand6} rw,
|
||||
|
||||
owner @{user_share_dirs}/ r,
|
||||
|
||||
owner @{run}/user/@{uid}/gsconnect/ w,
|
||||
|
||||
@{sys}/devices/virtual/dmi/id/chassis_type r,
|
||||
|
|
|
|||
|
|
@ -38,6 +38,7 @@ profile gnome-keyring-daemon @{exec_path} flags=(attach_disconnected) {
|
|||
|
||||
@{bin}/ssh-add rix,
|
||||
@{bin}/ssh-agent rPx,
|
||||
@{lib}/gcr-ssh-askpass rPUx,
|
||||
|
||||
/etc/gcrypt/hwf.deny r,
|
||||
|
||||
|
|
|
|||
|
|
@ -78,6 +78,7 @@ profile gnome-software @{exec_path} {
|
|||
owner @{user_cache_dirs}/flatpak/{,**} rwl,
|
||||
owner @{user_cache_dirs}/gnome-software/{,**} rw,
|
||||
|
||||
owner @{user_config_dirs}/flatpak/{,**} r,
|
||||
owner @{user_config_dirs}/pulse/*.conf r,
|
||||
|
||||
owner @{user_share_dirs}/ r,
|
||||
|
|
|
|||
|
|
@ -12,6 +12,7 @@ profile gnome-tweaks @{exec_path} {
|
|||
include <abstractions/audio-client>
|
||||
include <abstractions/dconf-write>
|
||||
include <abstractions/gnome-strict>
|
||||
include <abstractions/graphics>
|
||||
include <abstractions/python>
|
||||
include <abstractions/thumbnails-cache-read>
|
||||
|
||||
|
|
@ -38,6 +39,9 @@ profile gnome-tweaks @{exec_path} {
|
|||
owner @{user_share_dirs}/gnome-shell/extensions/**/schemas/* r,
|
||||
owner @{user_share_dirs}/recently-used.xbel* rw,
|
||||
|
||||
@{run}/udev/data/+input:input@{int} r, # for mouse, keyboard, touchpad
|
||||
@{run}/udev/data/c13:@{int} r, # for /dev/input/*
|
||||
|
||||
owner @{PROC}/@{pid}/fd/ r,
|
||||
|
||||
deny owner @{user_share_dirs}/gvfs-metadata/{,*} r,
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue