feat(profile): general update.
This commit is contained in:
Alexandre Pujol
parent
1c999ca921
commit
555b5e3c3f
43 changed files with 142 additions and 124 deletions
|
|
@ -56,6 +56,7 @@ profile gnome-control-center @{exec_path} flags=(attach_disconnected) {
|
|||
/usr/share/language-tools/language2locale rix,
|
||||
/usr/share/language-tools/language-options rPUx,
|
||||
|
||||
/opt/**/share/icons/{,**} r,
|
||||
/snap/*/@{int}/**.png r,
|
||||
/usr/share/backgrounds/{,**} r,
|
||||
/usr/share/cups/data/testprint r,
|
||||
|
|
@ -71,11 +72,11 @@ profile gnome-control-center @{exec_path} flags=(attach_disconnected) {
|
|||
/usr/share/pipewire/client.conf r,
|
||||
/usr/share/thumbnailers/{,*} r,
|
||||
/usr/share/wallpapers/{,**} r,
|
||||
/usr/share/xml/iso-codes/iso_[0-9]*-[0-9]*.xml r,
|
||||
/usr/share/xml/iso-codes/{,**} r,
|
||||
|
||||
/etc/cups/client.conf r,
|
||||
/etc/machine-info r,
|
||||
/etc/pipewire/client.conf.d/ r,
|
||||
/etc/pipewire/client.conf.d/{,**} r,
|
||||
/etc/rygel.conf r,
|
||||
/etc/security/pwquality.conf r,
|
||||
/etc/security/pwquality.conf.d/{,**} r,
|
||||
|
|
@ -92,14 +93,18 @@ profile gnome-control-center @{exec_path} flags=(attach_disconnected) {
|
|||
owner @{HOME}/.cert/nm-openvpn/*.pem r,
|
||||
owner @{HOME}/.face r,
|
||||
owner @{HOME}/@{XDG_WALLPAPERS_DIR}/{,**} r,
|
||||
|
||||
owner @{user_cache_dirs}/gnome-control-center/{,**} rw,
|
||||
owner @{user_cache_dirs}/thumbnails/{,**} rw,
|
||||
|
||||
owner @{user_config_dirs}/gnome-control-center/{,**} rw,
|
||||
owner @{user_config_dirs}/ibus/bus/ r,
|
||||
owner @{user_config_dirs}/ibus/bus/@{md5}-unix-{,wayland-}@{int} r,
|
||||
owner @{user_config_dirs}/mimeapps.list{,.@{rand6}} rw,
|
||||
owner @{user_config_dirs}/rygel.conf{,.@{rand6}} rw,
|
||||
|
||||
owner @{user_games_dirs}/**.png r,
|
||||
|
||||
owner @{user_share_dirs}/backgrounds/{,**} rw,
|
||||
owner @{user_share_dirs}/gnome-remote-desktop/ w,
|
||||
owner @{user_share_dirs}/gnome-remote-desktop/rdp-tls.{crt,key}{,.@{rand6}} rw,
|
||||
|
|
@ -108,15 +113,15 @@ profile gnome-control-center @{exec_path} flags=(attach_disconnected) {
|
|||
|
||||
owner /tmp/gdkpixbuf-xpm-tmp.@{rand6} rw,
|
||||
|
||||
owner @{run}/user/@{uid}/gnome-shell-disable-extensions w,
|
||||
owner @{run}/user/@{uid}/gnome-control-center-region-needs-restart w,
|
||||
owner @{run}/user/@{uid}/pipewire-@{int} rw,
|
||||
owner @{run}/user/@{uid}/gvfsd/socket-@{rand8} rw,
|
||||
@{run}/cups/cups.sock rw,
|
||||
@{run}/samba/ rw,
|
||||
@{run}/systemd/sessions/ r,
|
||||
@{run}/systemd/sessions/* r,
|
||||
@{run}/systemd/users/@{uid} r,
|
||||
owner @{run}/user/@{uid}/gnome-control-center-region-needs-restart w,
|
||||
owner @{run}/user/@{uid}/gnome-shell-disable-extensions w,
|
||||
owner @{run}/user/@{uid}/gvfsd/socket-@{rand8} rw,
|
||||
owner @{run}/user/@{uid}/pipewire-@{int} rw,
|
||||
|
||||
@{run}/udev/data/+dmi:* r,
|
||||
@{run}/udev/data/+input:input@{int} r, # for mouse, keyboard, touchpad
|
||||
|
|
|
|||
|
|
@ -18,7 +18,7 @@ profile gnome-session-ctl @{exec_path} {
|
|||
dbus send bus=session path=/org/freedesktop/systemd1
|
||||
interface=org.freedesktop.systemd1.Manager
|
||||
member={StartUnit,StopUnit}
|
||||
peer=(name=org.freedesktop.systemd1, label="@{systemd}"),
|
||||
peer=(name=org.freedesktop.systemd1, label="@{systemd_user}"),
|
||||
|
||||
dbus send bus=session path=/org/gnome/SessionManager
|
||||
interface=org.gnome.SessionManager
|
||||
|
|
|
|||
|
|
@ -63,6 +63,7 @@ profile gnome-shell @{exec_path} flags=(attach_disconnected) {
|
|||
network unix stream,
|
||||
|
||||
ptrace (read),
|
||||
ptrace (readby) peer=pipewire,
|
||||
|
||||
signal (receive) set=(cont, term) peer=systemd-user,
|
||||
signal (receive) set=(term, hup) peer=gdm*,
|
||||
|
|
@ -178,7 +179,7 @@ profile gnome-shell @{exec_path} flags=(attach_disconnected) {
|
|||
dbus receive bus=session path=/org/freedesktop/systemd1
|
||||
interface=org.freedesktop.systemd1.Manager
|
||||
member=JobRemoved
|
||||
peer=(name=:*, label="@{systemd}"),
|
||||
peer=(name=:*, label="@{systemd_user}"),
|
||||
|
||||
dbus send bus=session path=/MenuBar
|
||||
interface=com.canonical.dbusmenu
|
||||
|
|
@ -213,19 +214,18 @@ profile gnome-shell @{exec_path} flags=(attach_disconnected) {
|
|||
|
||||
/usr/share/gnome-shell/extensions/ding@rastersoft.com/{,*/}ding.js rPx,
|
||||
|
||||
/opt/**/share/icons/{,**} r,
|
||||
/opt/*/**/*.png r,
|
||||
/snap/*/@{uid}/**.png r,
|
||||
/usr/share/{,zoneinfo-}icu/{,**} r,
|
||||
/usr/share/**.{png,jpg,svg} r,
|
||||
/usr/share/app-info/icons/{,**} r,
|
||||
/usr/share/**/icons/{,**} r,
|
||||
/usr/share/backgrounds/{,**} r,
|
||||
/usr/share/byobu/desktop/byobu* r,
|
||||
/usr/share/dconf/profile/gdm r,
|
||||
/usr/share/desktop-base/** r,
|
||||
/usr/share/desktop-directories/{,*.directory} r,
|
||||
/usr/share/egl/{,**} r,
|
||||
/usr/share/evolution-data-server/icons/{,**} r,
|
||||
/usr/share/firefox{,-esr}/browser/chrome/icons/{,**} r,
|
||||
/usr/share/gdm/BuiltInSessions/{,*.desktop} r,
|
||||
/usr/share/gdm/greeter-dconf-defaults r,
|
||||
/usr/share/gdm/greeter/applications/{,**} r,
|
||||
|
|
@ -238,7 +238,7 @@ profile gnome-shell @{exec_path} flags=(attach_disconnected) {
|
|||
/usr/share/pipewire/client.conf r,
|
||||
/usr/share/wallpapers/** r,
|
||||
/usr/share/wayland-sessions/{,*.desktop} r,
|
||||
/usr/share/xml/iso-codes/iso_[0-9]*-[0-9]*.xml r,
|
||||
/usr/share/xml/iso-codes/{,**} r,
|
||||
|
||||
/.flatpak-info r,
|
||||
/etc/fstab r,
|
||||
|
|
@ -340,7 +340,7 @@ profile gnome-shell @{exec_path} flags=(attach_disconnected) {
|
|||
@{run}/udev/data/+sound:card@{int} r, # for sound
|
||||
@{run}/udev/data/+usb* r, # for USB mouse and keyboard
|
||||
@{run}/udev/data/+i2c:* r,
|
||||
@{run}/udev/data/+hid:* r , # for HID-Compliant Keyboard
|
||||
@{run}/udev/data/+hid:* r, # for HID-Compliant Keyboard
|
||||
@{run}/udev/data/c10:@{int} r, # for non-serial mice, misc features
|
||||
@{run}/udev/data/c13:@{int} r, # for /dev/input/*
|
||||
@{run}/udev/data/c189:@{int} r, # for /dev/bus/usb/**
|
||||
|
|
|
|||
|
|
@ -36,6 +36,7 @@ profile gnome-system-monitor @{exec_path} flags=(attach_disconnected) {
|
|||
|
||||
@{run}/systemd/sessions/* r,
|
||||
@{run}/systemd/sessions/*.ref r,
|
||||
@{run}/mount/utab r,
|
||||
|
||||
@{sys}/devices/@{pci}/net/*/statistics/collisions r,
|
||||
@{sys}/devices/@{pci}/net/*/statistics/rx_{bytes,errors,packets} r,
|
||||
|
|
|
|||
|
|
@ -39,7 +39,7 @@ profile org.gnome.NautilusPreviewer @{exec_path} {
|
|||
|
||||
@{run}/udev/data/c@{dynamic}:@{int} r, # For dynamic assignment range 234 to 254, 384 to 511
|
||||
|
||||
@{sys}/fs/cgroup/user.slice/user-@{uid}.slice/user@@{uid}.service/app.slice/a*org.gnome.NautilusPreviewer.slice/*/memory.* r,
|
||||
@{sys}/fs/cgroup/user.slice/user-@{uid}.slice/user@@{uid}.service/app.slice/*org.gnome.NautilusPreviewer.slice/*/memory.* r,
|
||||
@{sys}/fs/cgroup/user.slice/user-@{uid}.slice/user@@{uid}.service/session.slice/dbus.service/memory.* r,
|
||||
|
||||
@{PROC}/@{pid}/cgroup r,
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue