felipe/apparmor.d
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat(profile): general update.

Browse source
This commit is contained in:
Alexandre Pujol 2024-04-28 13:50:48 +01:00
parent e44b0613c7
commit 65d0cfafe4
No known key found for this signature in database
GPG key ID: C5469996F0DF68EC
54 changed files with 169 additions and 107 deletions
Download patch file Download diff file Expand all files Collapse all files

1
apparmor.d/profiles-s-z/scrcpy
View file

@ -10,6 +10,7 @@ include <tunables/global>
profile scrcpy @{exec_path} {
include <abstractions/base>
include <abstractions/audio-client>
include <abstractions/consoles>
include <abstractions/dconf-write>
include <abstractions/desktop>
include <abstractions/graphics>

17
apparmor.d/profiles-s-z/snap
View file

@ -83,15 +83,16 @@ profile snap @{exec_path} {
@{run}/snapd.socket rw,
@{sys}/kernel/mm/transparent_hugepage/hpage_pmd_size r,
@{sys}/kernel/security/apparmor/features/ r,
@{sys}/kernel/security/apparmor/features/{,**} r,
@{PROC}/@{pids}/cgroup r,
@{PROC}/@{pids}/mountinfo r,
@{PROC}/cgroups r,
@{PROC}/cmdline r,
@{PROC}/sys/kernel/random/uuid r,
@{PROC}/sys/kernel/seccomp/actions_avail r,
@{PROC}/version r,
@{PROC}/@{pids}/cgroup r,
@{PROC}/@{pids}/mountinfo r,
@{PROC}/cgroups r,
@{PROC}/cmdline r,
@{PROC}/sys/kernel/random/uuid r,
@{PROC}/sys/kernel/seccomp/actions_avail r,
@{PROC}/version r,
owner @{PROC}/@{pid}/mounts r,
/dev/tty@{int} rw,
/dev/ttyS@{int} rw,

1
apparmor.d/profiles-s-z/tune2fs
View file

@ -10,6 +10,7 @@ include <tunables/global>
@{exec_path} = @{bin}/{tune2fs,e2label}
profile tune2fs @{exec_path} {
include <abstractions/base>
include <abstractions/consoles>
include <abstractions/disks-write>
include <abstractions/nameservice-strict>
include <abstractions/private-files-strict>

4
apparmor.d/profiles-s-z/vlc
View file

@ -26,7 +26,7 @@ profile vlc @{exec_path} {
include <abstractions/gstreamer>
include <abstractions/ibus>
include <abstractions/nameservice-strict>
include <abstractions/qt5>
include <abstractions/qt5-settings-write>
include <abstractions/ssl_certs>
include <abstractions/user-download-strict>
@ -71,6 +71,8 @@ profile vlc @{exec_path} {
owner @{PROC}/@{pid}/mounts r,
owner @{PROC}/@{pid}/task/@{tid}/comm rw,
@{run}/mount/utab r,
/dev/shm/#@{int} rw,
/dev/snd/ r,
/dev/tty r,