cleanup

2024-05-30 21:59:04 +02:00 · 2024-05-30 21:59:04 +02:00 · 67bed8fdd6
commit 67bed8fdd6
parent 492ee703af
7 changed files with 16 additions and 22 deletions
--- a/apparmor.d/profiles-a-f/atool
+++ b/apparmor.d/profiles-a-f/atool
@ -1,6 +1,5 @@
 # apparmor.d - Full set of apparmor profiles
-# Copyright (C) 2019-2021 Mikhail Morfikov
+# Copyright (C) 2024 valoq <valoq@mailbox.org>
 # Copyright (C) 2023-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
 abi <abi/3.0>,
@ -8,9 +7,10 @@ abi <abi/3.0>,
 include <tunables/global>
@{exec_path} = @{bin}/atool
-profile atool /{,usr/}{,s}bin/atool {
+profile atool @{exec_path} {
  include <abstractions/base>
-  include <abstractions/user-write>
+  include <abstractions/perl>
  include <abstractions/user-write-strict>
  @{exec_path} mr,
@ -46,7 +46,5 @@ profile atool /{,usr/}{,s}bin/atool {
  @{bin}/xz rix,
  @{bin}/zip rix,
  /usr/share/perl5/{,**} r,
  include if exists <local/atool>
 }
--- a/apparmor.d/profiles-a-f/exiftool
+++ b/apparmor.d/profiles-a-f/exiftool
@ -1,6 +1,5 @@
 # apparmor.d - Full set of apparmor profiles
-# Copyright (C) 2019-2021 Mikhail Morfikov
+# Copyright (C) 2024 valoq <valoq@mailbox.org>
 # Copyright (C) 2023-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
 abi <abi/3.0>,
@ -10,11 +9,9 @@ include <tunables/global>
@{exec_path} = @{bin}/vendor_perl/exiftool
 profile exiftool @{exec_path} {
  include <abstractions/base>
-  include <abstractions/user-read>
+  include <abstractions/user-read-strict>
  @{exec_path} mr,
  /usr/share/perl5/{,**} r,
  include if exists <local/exiftool>
 }
--- a/apparmor.d/profiles-g-l/highlight
+++ b/apparmor.d/profiles-g-l/highlight
@ -1,23 +1,22 @@
 # apparmor.d - Full set of apparmor profiles
-# Copyright (C) 2019-2021 Mikhail Morfikov
+# Copyright (C) 2024 valoq <valoq@mailbox.org>
 # Copyright (C) 2023-2024 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
 abi <abi/3.0>,
 include <tunables/global>
-@{exec_path} = @{bin}/
+@{exec_path} = @{bin}/highlight
-profile highlight /{,usr/}{,s}bin/highlight {
+profile highlight @{exec_path} {
  include <abstractions/base>
  include <abstractions/nameservice-strict>
-  include <abstractions/user-read>
+  include <abstractions/user-read-strict>
  @{exec_path} mr,
  /etc/machine-id r,
  /etc/highlight/{,**} r,
  /usr/share/highlight/{,**} r,
  @{exec_path} mr,
  include if exists <local/highlight>
 }
--- a/apparmor.d/profiles-g-l/imv-wayland
+++ b/apparmor.d/profiles-g-l/imv-wayland
@ -1,5 +1,5 @@
 # apparmor.d - Full set of apparmor profiles
-# Copyright (C) 2021-2024 Alexandre Pujol <alexandre@pujol.io>
+# Copyright (C) 2024 valoq <valoq@mailbox.org>
 # SPDX-License-Identifier: GPL-2.0-only
 abi <abi/3.0>,
--- a/apparmor.d/profiles-m-r/mediainfo
+++ b/apparmor.d/profiles-m-r/mediainfo
@ -10,7 +10,7 @@ include <tunables/global>
@{exec_path} = @{bin}/mediainfo
 profile mediainfo @{exec_path} {
  include <abstractions/base>
-  include <abstractions/user-read>
+  include <abstractions/user-read-strict>
  @{exec_path} mr,
--- a/apparmor.d/profiles-m-r/mediainfo-gui
+++ b/apparmor.d/profiles-m-r/mediainfo-gui
@ -15,7 +15,7 @@ profile mediainfo-gui @{exec_path} {
  include <abstractions/fonts>
  include <abstractions/freedesktop.org>
  include <abstractions/gtk>
-  include <abstractions/user-read>
+  include <abstractions/user-read-strict>
  @{exec_path} mr,
--- a/apparmor.d/profiles-s-z/zathura
+++ b/apparmor.d/profiles-s-z/zathura
@ -1,5 +1,5 @@
 # apparmor.d - Full set of apparmor profiles
-# Copyright (C) 2021-2024 Alexandre Pujol <alexandre@pujol.io>
+# Copyright (C) 2024 valoq <valoq@mailbox.org>
 # SPDX-License-Identifier: GPL-2.0-only
 abi <abi/3.0>,