felipe/apparmor.d
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat(profiles): add the dconf-write abstraction.

Browse source
This commit is contained in:
Alexandre Pujol 2022-06-09 21:55:55 +01:00
parent 583d7a15f0
commit 5d45b8e7a7
No known key found for this signature in database
GPG key ID: C5469996F0DF68EC
104 changed files with 124 additions and 371 deletions
Download patch file Download diff file Expand all files Collapse all files

5
apparmor.d/profiles-g-l/gajim
View file

@ -9,6 +9,7 @@ include <tunables/global>
@{exec_path} = /{usr/,}bin/gajim
profile gajim @{exec_path} {
include <abstractions/base>
include <abstractions/dconf-write>
include <abstractions/X>
include <abstractions/gtk>
include <abstractions/fonts>
@ -92,10 +93,6 @@ profile gajim @{exec_path} {
/tmp/ r,
owner /tmp/* rw,
include <abstractions/dconf>
owner @{run}/user/@{uid}/dconf/ rw,
owner @{run}/user/@{uid}/dconf/user rw,
# Silencer
deny /usr/share/gajim/** w,
deny /usr/lib/python3/dist-packages/** w,

5
apparmor.d/profiles-g-l/gpartedbin
View file

@ -10,6 +10,7 @@ include <tunables/global>
@{exec_path} += @{libexec}/gpartedbin
profile gpartedbin @{exec_path} {
include <abstractions/base>
include <abstractions/dconf-write>
include <abstractions/gtk>
include <abstractions/fonts>
include <abstractions/fontconfig-cache-read>
@ -130,10 +131,6 @@ profile gpartedbin @{exec_path} {
/usr/share/glib-2.0/schemas/gschemas.compiled r,
include <abstractions/dconf>
owner @{run}/user/@{uid}/dconf/ rw,
owner @{run}/user/@{uid}/dconf/user rw,
@{run}/mount/utab r,
# For fsck of the btrfs filesystem

6
apparmor.d/profiles-g-l/hypnotix
View file

@ -15,6 +15,7 @@ include <tunables/global>
@{exec_path} += /{usr/,}lib/hypnotix/hypnotix.py
profile hypnotix @{exec_path} {
include <abstractions/base>
include <abstractions/dconf-write>
include <abstractions/opencl-intel>
include <abstractions/vulkan>
include <abstractions/audio>
@ -62,11 +63,6 @@ profile hypnotix @{exec_path} {
owner @{MOUNTS}/**/ r,
owner /{home,media}/**.@{hypnotix_ext} r,
# To be able to store settings
include <abstractions/dconf>
owner @{run}/user/@{uid}/dconf/ rw,
owner @{run}/user/@{uid}/dconf/user rw,
/usr/share/hypnotix/{,**} r,
owner @{HOME}/.hypnotix/ rw,

5
apparmor.d/profiles-g-l/jami-gnome
View file

@ -9,6 +9,7 @@ include <tunables/global>
@{exec_path} = /{usr/,}bin/jami-gnome
profile jami-gnome @{exec_path} {
include <abstractions/base>
include <abstractions/dconf-write>
include <abstractions/gtk>
include <abstractions/fonts>
include <abstractions/fontconfig-cache-read>
@ -40,10 +41,6 @@ profile jami-gnome @{exec_path} {
/{usr/,}lib/@{multiarch}/webkit2gtk-4.0/WebKitNetworkProcess rix,
/{usr/,}lib/@{multiarch}/webkit2gtk-4.0/WebKitWebProcess rix,
include <abstractions/dconf>
owner @{run}/user/@{uid}/dconf/ rw,
owner @{run}/user/@{uid}/dconf/user rw,
/usr/share/glib-2.0/schemas/gschemas.compiled r,
/usr/share/ring/{,**} r,