feat(profiles): add dbus rules for some common profiles.
This commit is contained in:
Alexandre Pujol
parent
e949654614
commit
583d7a15f0
43 changed files with 584 additions and 6 deletions
|
|
@ -23,6 +23,33 @@ profile accounts-daemon @{exec_path} flags=(attach_disconnected) {
|
|||
|
||||
ptrace (read) peer=unconfined,
|
||||
|
||||
dbus (send,receive) bus=system path=/org/freedesktop/PolicyKit[0-9]/Authority
|
||||
interface=org.freedesktop.PolicyKit[0-9].Authority
|
||||
member={CheckAuthorization,Changed},
|
||||
|
||||
dbus (send,receive) bus=system path=/org/freedesktop/Accounts/User[0-9]*
|
||||
interface=org.freedesktop.DBus.Properties
|
||||
member={PropertiesChanged,GetAll},
|
||||
|
||||
dbus (send,receive) bus=system path=/org/freedesktop/Accounts/User[0-9]*
|
||||
interface=org.freedesktop.Accounts.User
|
||||
member={Changed,SetLanguage},
|
||||
|
||||
dbus send bus=system path=/org/freedesktop/PolicyKit[0-9]/Authority
|
||||
interface=org.freedesktop.DBus.Properties
|
||||
member=GetAll,
|
||||
|
||||
dbus receive bus=system path=/org/freedesktop/Accounts
|
||||
interface=org.freedesktop.Accounts
|
||||
member={FindUserByName,ListCachedUsers},
|
||||
|
||||
dbus receive bus=system path=/org/freedesktop/Accounts
|
||||
interface=org.freedesktop.DBus.Properties
|
||||
member=GetAll,
|
||||
|
||||
dbus bind bus=system
|
||||
name=org.freedesktop.Accounts,
|
||||
|
||||
@{exec_path} mr,
|
||||
|
||||
/usr/share/accountsservice/{,**} r,
|
||||
|
|
|
|||
|
|
@ -17,12 +17,24 @@ profile colord @{exec_path} flags=(attach_disconnected) {
|
|||
|
||||
network netlink raw,
|
||||
|
||||
dbus send
|
||||
bus=system
|
||||
path=/org/freedesktop/ColorManager/devices/xrandr_*
|
||||
dbus (send,receive) bus=system path=/org/freedesktop/ColorManager{,/**}
|
||||
interface=org.freedesktop.{DBus.Properties,ColorManager},
|
||||
|
||||
dbus send bus=system path=/org/freedesktop/DBus
|
||||
interface=org.freedesktop.DBus
|
||||
member={GetConnectionUnixProcessID,GetConnectionUnixUser,RequestName},
|
||||
|
||||
dbus send bus=system path=/org/freedesktop/PolicyKit[0-9]/Authority
|
||||
interface=org.freedesktop.DBus.Properties
|
||||
member=GetAll,
|
||||
|
||||
dbus send bus=system path=/org/freedesktop/PolicyKit[0-9]/Authority
|
||||
interface=org.freedesktop.PolicyKit[0-9].Authority
|
||||
member=CheckAuthorization,
|
||||
|
||||
dbus bind bus=system
|
||||
name=org.freedesktop.ColorManager,
|
||||
|
||||
@{exec_path} mr,
|
||||
|
||||
/{usr/,}lib/colord/colord-sane rPx,
|
||||
|
|
|
|||
|
|
@ -16,6 +16,17 @@ profile colord-sane @{exec_path} flags=(attach_disconnected,complain) {
|
|||
|
||||
network netlink raw,
|
||||
|
||||
dbus (send,receive) bus=system path=/org/freedesktop/ColorManager
|
||||
interface=org.freedesktop.ColorManager,
|
||||
|
||||
dbus send bus=system path=/
|
||||
interface=org.freedesktop.Avahi.Server
|
||||
member={GetAPIVersion,GetState,ServiceBrowserNew},
|
||||
|
||||
dbus receive bus=system path=/Client[0-9]/ServiceBrowser[0-9]
|
||||
interface=org.freedesktop.Avahi.ServiceBrowser
|
||||
member={CacheExhausted,AllForNow},
|
||||
|
||||
@{exec_path} mr,
|
||||
|
||||
/usr/share/snmp/mibs/{,*} r,
|
||||
|
|
|
|||
|
|
@ -20,6 +20,16 @@ profile pipewire-media-session @{exec_path} {
|
|||
network bluetooth stream,
|
||||
network netlink raw,
|
||||
|
||||
dbus send bus=system path=/org/freedesktop/RealtimeKit[0-9]
|
||||
interface=org.freedesktop.DBus.Properties
|
||||
member=Get
|
||||
peer=(name=org.freedesktop.RealtimeKit1),
|
||||
|
||||
dbus send bus=system path=/org/freedesktop/RealtimeKit[0-9]
|
||||
interface=org.freedesktop.RealtimeKit1
|
||||
member=MakeThreadRealtime
|
||||
peer=(name=org.freedesktop.RealtimeKit1),
|
||||
|
||||
@{exec_path} mr,
|
||||
|
||||
/usr/share/alsa-card-profile/{,**} r,
|
||||
|
|
|
|||
|
|
@ -22,6 +22,25 @@ profile polkitd @{exec_path} {
|
|||
|
||||
ptrace (read),
|
||||
|
||||
dbus send bus=system path=/org/freedesktop/DBus
|
||||
interface=org.freedesktop.DBus
|
||||
member={GetConnectionUnixUser,GetConnectionUnixProcessID,RequestName},
|
||||
|
||||
dbus send bus=system path=/org/freedesktop/PolicyKit[0-9]/Authority
|
||||
interface=org.freedesktop.PolicyKit[0-9].Authority
|
||||
member={Changed,BeginAuthentication},
|
||||
|
||||
dbus receive bus=system path=/org/freedesktop/PolicyKit[0-9]/Authority
|
||||
interface=org.freedesktop.PolicyKit[0-9].Authority
|
||||
member={GetAll,CheckAuthorization,RegisterAuthenticationAgent,AuthenticationAgentResponse2,EnumerateActions,CancelCheckAuthorization},
|
||||
|
||||
dbus receive bus=system path=/org/freedesktop/PolicyKit[0-9]/Authority
|
||||
interface=org.freedesktop.DBus.Properties
|
||||
member=GetAll,
|
||||
|
||||
dbus bind bus=system
|
||||
name=org.freedesktop.PolicyKit[0-9],
|
||||
|
||||
@{exec_path} mr,
|
||||
|
||||
@{PROC}/@{pids}/stat r,
|
||||
|
|
|
|||
|
|
@ -16,6 +16,20 @@ profile upowerd @{exec_path} flags=(attach_disconnected) {
|
|||
|
||||
network netlink raw,
|
||||
|
||||
dbus (send,receive) bus=system path=/org/freedesktop/UPower{,/**}
|
||||
interface=org.freedesktop.{DBus.Properties,UPower*},
|
||||
|
||||
dbus (send,receive) bus=system path=/org/freedesktop/login[0-9]
|
||||
interface=org.freedesktop.DBus.Properties
|
||||
member={PropertiesChanged,GetAll},
|
||||
|
||||
dbus send bus=system path=/org/freedesktop/login[0-9]
|
||||
interface=org.freedesktop.login[0-9].Manager
|
||||
member=Inhibit,
|
||||
|
||||
dbus bind bus=system
|
||||
name=org.freedesktop.UPower,
|
||||
|
||||
@{exec_path} mr,
|
||||
|
||||
/etc/UPower/ r,
|
||||
|
|
|
|||
|
|
@ -21,6 +21,22 @@ profile xdg-desktop-portal @{exec_path} flags=(attach_disconnected) {
|
|||
|
||||
ptrace (read),
|
||||
|
||||
dbus send bus=system path=/org/freedesktop/NetworkManager
|
||||
interface=org.freedesktop.DBus.Properties
|
||||
member=GetAll,
|
||||
|
||||
dbus send bus=system path=/org/freedesktop/RealtimeKit[0-9]
|
||||
interface=org.freedesktop.DBus.Properties
|
||||
member={GetAll,Get},
|
||||
|
||||
dbus send bus=system path=/net/hadess/PowerProfiles
|
||||
interface=org.freedesktop.DBus.Properties
|
||||
member=GetAll,
|
||||
|
||||
dbus receive bus=system path=/org/freedesktop/NetworkManager
|
||||
interface=org.freedesktop.NetworkManager
|
||||
member=StateChanged,
|
||||
|
||||
@{exec_path} mr,
|
||||
|
||||
/{usr/,}bin/{,ba,da}sh rix,
|
||||
|
|
|
|||
|
|
@ -19,6 +19,14 @@ profile xdg-desktop-portal-gnome @{exec_path} {
|
|||
include <abstractions/user-download>
|
||||
include <abstractions/user-read>
|
||||
|
||||
dbus send bus=system path=/org/freedesktop/Accounts/User[0-9]*
|
||||
interface=org.freedesktop.DBus.Properties
|
||||
member=GetAll,
|
||||
|
||||
dbus receive bus=system path=/org/freedesktop/Accounts/User[0-9]*
|
||||
interface=org.freedesktop.Accounts.User
|
||||
member=Changed,
|
||||
|
||||
@{exec_path} mr,
|
||||
|
||||
/usr/share/glib-2.0/schemas/gschemas.compiled r,
|
||||
|
|
|
|||
|
|
@ -20,6 +20,14 @@ profile xdg-desktop-portal-gtk @{exec_path} {
|
|||
include <abstractions/user-download>
|
||||
include <abstractions/user-write>
|
||||
|
||||
dbus send bus=system path=/org/freedesktop/Accounts/User[0-9]*
|
||||
interface=org.freedesktop.DBus.Properties
|
||||
member=GetAll,
|
||||
|
||||
dbus receive bus=system path=/org/freedesktop/Accounts/User[0-9]*
|
||||
interface=org.freedesktop.Accounts.User
|
||||
member=Changed,
|
||||
|
||||
@{exec_path} mr,
|
||||
|
||||
/usr/share/glib-2.0/schemas/gschemas.compiled r,
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue