From 630e785787437d2f1935e115ecba90c782912f1b Mon Sep 17 00:00:00 2001 From: Alexandre Pujol Date: Tue, 8 Oct 2024 22:59:50 +0100 Subject: [PATCH] feat(tunable): remove @{user_tmp_dirs} as it refers to different kind of temp folder. --- apparmor.d/groups/gpg/gpg-agent | 12 ++++++------ apparmor.d/tunables/home.d/apparmor.d | 1 - docs/variables.md | 1 - 3 files changed, 6 insertions(+), 8 deletions(-) diff --git a/apparmor.d/groups/gpg/gpg-agent b/apparmor.d/groups/gpg/gpg-agent index 17e360d09..75bb7583f 100644 --- a/apparmor.d/groups/gpg/gpg-agent +++ b/apparmor.d/groups/gpg/gpg-agent @@ -53,12 +53,12 @@ profile gpg-agent @{exec_path} { owner @{run}/user/@{uid}/gnupg/S.gpg-agent{,.ssh,.browser,.extra} rw, owner @{run}/user/@{uid}/gnupg/sshcontrol r, - owner @{user_tmp_dirs}/**/{.,}gnupg/ rw, - owner @{user_tmp_dirs}/**/{.,}gnupg/*.conf r, - owner @{user_tmp_dirs}/**/{.,}gnupg/private-keys-v1.d/ rw, - owner @{user_tmp_dirs}/**/{.,}gnupg/private-keys-v1.d/@{hex}.key{,.tmp} rw, - owner @{user_tmp_dirs}/**/{.,}gnupg/{,d.@{rand}/}S.gpg-agent{,.ssh,.browser,.extra} rw, - owner @{user_tmp_dirs}/**/{.,}gnupg/sshcontrol r, + owner @{tmp}/**/{.,}gnupg/ rw, + owner @{tmp}/**/{.,}gnupg/*.conf r, + owner @{tmp}/**/{.,}gnupg/private-keys-v1.d/ rw, + owner @{tmp}/**/{.,}gnupg/private-keys-v1.d/@{hex}.key{,.tmp} rw, + owner @{tmp}/**/{.,}gnupg/{,d.@{rand}/}S.gpg-agent{,.ssh,.browser,.extra} rw, + owner @{tmp}/**/{.,}gnupg/sshcontrol r, #aa:only pacman owner /etc/pacman.d/gnupg/ rw, diff --git a/apparmor.d/tunables/home.d/apparmor.d b/apparmor.d/tunables/home.d/apparmor.d index c23a8d956..f1be9acbe 100644 --- a/apparmor.d/tunables/home.d/apparmor.d +++ b/apparmor.d/tunables/home.d/apparmor.d @@ -52,7 +52,6 @@ # User build directories and output @{user_build_dirs}="/tmp/build/" @{user_pkg_dirs}="/tmp/pkg/" -@{user_tmp_dirs}=@{run}/user/@{uid} /tmp/ @{user_img_dirs}=@{HOME}/@{XDG_IMG_DIR} @{MOUNTS}/@{XDG_IMG_DIR} # Other user directories diff --git a/docs/variables.md b/docs/variables.md index b413e61f2..ef2533c0f 100644 --- a/docs/variables.md +++ b/docs/variables.md @@ -68,7 +68,6 @@ title: Variables References | State | `@{user_state_dirs}` | ` @{HOME}/@{XDG_STATE_DIR}` | | Build | `@{user_build_dirs}` | `/tmp/build/` | | Packages | `@{user_pkg_dirs}` | `/tmp/pkg/` | -| Tmp | `@{user_tmp_dirs}` | `@{run}/user/@{uid} /tmp/` |