felipe/apparmor.d
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

update apparmor profiles

Browse source
This commit is contained in:
Mikhail Morfikov 2021-03-13 09:47:36 +01:00
parent 0f64093e46
commit 5b12c89dba
No known key found for this signature in database
GPG key ID: 32D9CB634796CCA1
48 changed files with 755 additions and 67 deletions
Download patch file Download diff file Expand all files Collapse all files

6
apparmor.d/abstractions/fontconfig-cache-read
View file

@ -41,3 +41,9 @@
deny /usr/local/share/fonts/.uuid{,.NEW,.LCK,.TMP-*} w,
/usr/share/**/.uuid r,
deny /usr/share/**/.uuid{,.NEW,.LCK,.TMP-*} w,
# For Google Fonts downloaded via font-manager
owner "@{HOME}/.local/share/fonts/Google Fonts/.uuid" r,
deny "@{HOME}/.local/share/fonts/Google Fonts/.uuid{,.NEW,.LCK,.TMP-*}" w,
owner "@{HOME}/.local/share/fonts/Google Fonts/**/.uuid" r,
deny "@{HOME}/.local/share/fonts/Google Fonts/**/.uuid{,.NEW,.LCK,.TMP-*}" w,

7
apparmor.d/abstractions/fontconfig-cache-write
View file

@ -25,3 +25,10 @@
link /usr/local/share/fonts/.uuid.LCK -> /usr/local/share/fonts/.uuid.TMP-*,
/usr/share/**/.uuid{,.NEW,.LCK,.TMP-*} r,
deny /usr/share/**/.uuid{,.NEW,.LCK,.TMP-*} w,
# For Google Fonts downloaded via font-manager (###FIXME### when they fix resolving of vars)
owner "@{HOME}/.local/share/fonts/Google Fonts/.uuid{,.NEW,.LCK,.TMP-*}" rw,
link "@{HOME}/.local/share/fonts/Google Fonts/.uuid.LCK" -> "/home/*/.local/share/fonts/Google Fonts/.uuid.TMP-*",
owner "@{HOME}/.local/share/fonts/Google Fonts/**/.uuid{,.NEW,.LCK,.TMP-*}" rw,
link "@{HOME}/.local/share/fonts/Google Fonts/**/.uuid.LCK" -> "/home/*/.local/share/fonts/Google Fonts/**/.uuid.TMP-*",

6
apparmor.d/abstractions/trash
View file

@ -26,6 +26,8 @@
owner @{HOME}/.local/share/Trash/files/{,**} rw,
owner @{HOME}/.local/share/Trash/info/ rw,
owner @{HOME}/.local/share/Trash/info/*.trashinfo{,.*} rw,
owner @{HOME}/.local/share/Trash/expunged/ rw,
owner @{HOME}/.local/share/Trash/expunged/[0-9]* rw,
# Partitions' trash location when the admin creates the .Trash/ folder in the top lvl dir
owner /media/*/.Trash/ rw,
@ -35,6 +37,8 @@
owner /media/*/.Trash/[0-9]*/files/{,**} rw,
owner /media/*/.Trash/[0-9]*/info/ rw,
owner /media/*/.Trash/[0-9]*/info/*.trashinfo{,.*} rw,
owner /media/*/.Trash/[0-9]*/expunged/ rw,
owner /media/*/.Trash/[0-9]*/expunged/[0-9]* rw,
# Partitions' trash location when the admin doesn't create the .Trash/ folder in the top lvl dir
owner /media/*/.Trash-[0-9]*/ rw,
@ -43,3 +47,5 @@
owner /media/*/.Trash-[0-9]*/files/{,**} rw,
owner /media/*/.Trash-[0-9]*/info/ rw,
owner /media/*/.Trash-[0-9]*/info/*.trashinfo{,.*} rw,
owner /media/*/.Trash-[0-9]*/expunged/ rw,
owner /media/*/.Trash-[0-9]*/expunged/[0-9]* rw,