feat(profile): general update.
This commit is contained in:
Alexandre Pujol
parent
1c999ca921
commit
555b5e3c3f
43 changed files with 142 additions and 124 deletions
|
|
@ -1,53 +0,0 @@
|
|||
# apparmor.d - Full set of apparmor profiles
|
||||
# Copyright (C) 2020-2021 Mikhail Morfikov
|
||||
# Copyright (C) 2021-2024 Alexandre Pujol <alexandre@pujol.io>
|
||||
# SPDX-License-Identifier: GPL-2.0-only
|
||||
|
||||
abi <abi/3.0>,
|
||||
|
||||
include <tunables/global>
|
||||
|
||||
@{exec_path} = /opt/SPFlashTool/flash_tool{,.sh}
|
||||
profile spflashtool @{exec_path} {
|
||||
include <abstractions/base>
|
||||
include <abstractions/X>
|
||||
include <abstractions/fonts>
|
||||
include <abstractions/fontconfig-cache-read>
|
||||
include <abstractions/freedesktop.org>
|
||||
|
||||
@{exec_path} mrix,
|
||||
|
||||
# SPFlashTool installation files
|
||||
/opt/SPFlashTool/{,**} r,
|
||||
/opt/SPFlashTool/lib*.so mr,
|
||||
/opt/SPFlashTool/lib/lib*.so.[0-9]* mr,
|
||||
/opt/SPFlashTool/*.ini rk,
|
||||
|
||||
# Session logs
|
||||
owner /tmp/SP_FT_Logs/ rw,
|
||||
owner /tmp/SP_FT_Logs/SP_FT_Dump_*/ rw,
|
||||
owner /tmp/SP_FT_Logs/SP_FT_Dump_*1/QT_FLASH_TOOL.log w,
|
||||
owner /tmp/SP_FT_Logs/SP_FT_Dump_*/BROM_DLL_V[0-9]*.log w,
|
||||
owner /tmp/SP_FT_Logs/SP_FT_Dump_*/GLB_[0-9]*-[0-9]*_[0-9]*.log w,
|
||||
owner /tmp/SP_FT_Logs/SP_FT_Dump_*/QT_FLASH_TOOL.log w,
|
||||
owner /tmp/SP_FT_Logs/SP_FT_Dump_*/ADPT_[0-9]*-[0-9]*_[0-9]*.log w,
|
||||
|
||||
# For reading the scatter.txt file
|
||||
owner /**/scatter.txt r,
|
||||
|
||||
owner @{user_config_dirs}/Trolltech.conf rwk,
|
||||
|
||||
owner @{user_config_dirs}/MTK/ rw,
|
||||
owner @{user_config_dirs}/MTK/Clipper.conf rwk,
|
||||
|
||||
/dev/ r,
|
||||
# For reading/writing from/to phone flash memory
|
||||
/dev/ttyACM[0-9]* rw,
|
||||
|
||||
@{sys}/devices/@{pci}/{idVendor,idProduct} r,
|
||||
|
||||
# Silence the noise
|
||||
/opt/SPFlashTool/** w,
|
||||
|
||||
include if exists <local/spflashtool>
|
||||
}
|
||||
|
|
@ -29,7 +29,8 @@ profile switcheroo-control @{exec_path} flags=(attach_disconnected) {
|
|||
@{sys}/class/ r,
|
||||
@{sys}/class/drm/ r,
|
||||
@{sys}/devices/@{pci}/boot_vga r,
|
||||
@{sys}/devices/{pci[0-9]*,virtual}/**/uevent r,
|
||||
@{sys}/devices/@{pci}/uevent r,
|
||||
@{sys}/devices/virtual/**/uevent r,
|
||||
|
||||
include if exists <local/switcheroo-control>
|
||||
}
|
||||
|
|
|
|||
|
|
@ -78,9 +78,7 @@ profile udisksd @{exec_path} flags=(attach_disconnected) {
|
|||
@{bin}/fsck.fat rPx,
|
||||
@{bin}/lvm rPUx,
|
||||
@{bin}/mke2fs rPx,
|
||||
@{bin}/mkfs.btrfs rPx,
|
||||
@{bin}/mkfs.ext{2,3,4} rPx,
|
||||
@{bin}/mkfs.fat rPx,
|
||||
@{bin}/mkfs.* rPx,
|
||||
@{bin}/mount.exfat-fuse rPUx,
|
||||
@{bin}/ntfs-3g rPx,
|
||||
@{bin}/ntfsfix rPx,
|
||||
|
|
@ -94,7 +92,7 @@ profile udisksd @{exec_path} flags=(attach_disconnected) {
|
|||
/etc/fstab r,
|
||||
/etc/crypttab r,
|
||||
|
||||
/var/lib/udisks2/ r,
|
||||
/var/lib/udisks2/{,**} r,
|
||||
/var/lib/udisks2/mounted-fs{,*} rw,
|
||||
|
||||
# Be able to create/delete dirs for removable media
|
||||
|
|
@ -113,7 +111,6 @@ profile udisksd @{exec_path} flags=(attach_disconnected) {
|
|||
|
||||
@{run}/udev/data/+pci:* r,
|
||||
@{run}/udev/data/+platform:* r,
|
||||
|
||||
@{run}/udev/data/c@{dynamic}:@{int} r, # For dynamic assignment range 234 to 254, 384 to 511
|
||||
|
||||
@{sys}/bus/ r,
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue