felipe/apparmor.d
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge branch 'tunables' of https://github.com/nobody43/apparmor.d into nobody43-tunables

Browse source 
* 'tunables' of https://github.com/nobody43/apparmor.d:
  dbus temp tails
  Update apparmor.d
  Update gdm-runtime-config
  more unrelated changes
  adjust date-time
  random tails
  rename to int, convert more profiles
  fixes
  tunables
This commit is contained in:
Alexandre Pujol 2023-08-17 20:01:53 +01:00
parent 7b018a60bd
commit 557d905543
No known key found for this signature in database
GPG key ID: C5469996F0DF68EC
198 changed files with 560 additions and 507 deletions
Download patch file Download diff file Expand all files Collapse all files

2
apparmor.d/groups/browsers/chromium-wrapper
View file

@ -38,7 +38,7 @@ profile chromium-wrapper @{exec_path} {
owner @{HOME}/.xsession-errors w,
owner /tmp/chromiumargs.?????? rw,
owner /tmp/chromiumargs.@{rand6} rw,
owner /tmp/tmp.*/ rw,
owner /tmp/tmp.*/** rwk,

7
apparmor.d/groups/browsers/firefox
View file

@ -190,11 +190,12 @@ profile firefox @{exec_path} flags=(attach_disconnected) {
owner @{user_config_dirs}/ r,
owner @{user_config_dirs}/gtk-{3,4}.0/assets/*.svg r,
owner @{user_config_dirs}/ibus/bus/{,@{hex}-unix{,-wayland}-[0-9]*} r,
owner @{user_config_dirs}/mimeapps.list{,.*} rw,
owner @{user_config_dirs}/ibus/bus/ r,
owner @{user_config_dirs}/ibus/bus/@{md5}-unix-{,wayland-}@{int} r,
owner @{user_config_dirs}/mimeapps.list{,.@{rand6}} rw,
owner @{user_share_dirs}/ r,
owner @{user_share_dirs}/applications/userapp-Firefox-??????.desktop{,.??????} rw,
owner @{user_share_dirs}/applications/userapp-Firefox-@{rand6}.desktop{,.@{rand6}} rw,
owner @{user_share_dirs}/mime/packages/user-extension-{htm,html,xht,xhtml,shtml}.xml rw,
owner @{user_share_dirs}/mime/packages/user-extension-{htm,html,xht,xhtml,shtml}.xml.* rw,

4
apparmor.d/groups/browsers/firefox-glxtest
View file

@ -26,9 +26,9 @@ profile firefox-glxtest @{exec_path} {
owner /tmp/firefox/.parentlock rw,
owner /tmp/xauth_?????? r,
owner /tmp/xauth_@{rand6} r,
owner @{run}/user/@{uid}/xauth_?????? r,
owner @{run}/user/@{uid}/xauth_@{rand6} r,
@{sys}/bus/pci/devices/ r,
@{sys}/devices/pci[0-9]*/**/class r,

4
apparmor.d/groups/browsers/firefox-kmozillahelper
View file

@ -40,11 +40,11 @@ profile firefox-kmozillahelper @{exec_path} {
owner @{user_config_dirs}/kmozillahelperrc r,
owner @{user_config_dirs}/kwinrc r,
owner @{run}/user/@{uid}/xauth_* rl,
owner @{run}/user/@{uid}/xauth_@{rand6} rl,
@{PROC}/sys/kernel/core_pattern r,
/dev/tty r,
include if exists <local/firefox-kmozillahelper>
}
}