felipe/apparmor.d
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat(profile): general update.

Browse source
This commit is contained in:
Alexandre Pujol 2024-07-15 23:12:39 +01:00
parent 9b2470462f
commit 6cd01064ae
No known key found for this signature in database
GPG key ID: C5469996F0DF68EC
27 changed files with 59 additions and 18 deletions
Download patch file Download diff file Expand all files Collapse all files

1
apparmor.d/abstractions/app/sudo
View file

@ -41,6 +41,7 @@
/ r,
/etc/machine-id r,
/var/db/sudo/lectured/ r,
owner /var/lib/sudo/ts/ rw,
owner /var/lib/sudo/ts/@{uid} rwk,
owner /var/log/sudo.log wk,

2
apparmor.d/abstractions/common/systemd
View file

@ -3,7 +3,7 @@
# Copyright (C) 2021-2024 Alexandre Pujol <alexandre@pujol.io>
# SPDX-License-Identifier: GPL-2.0-only
ptrace (read) peer=@{p_systemd},
ptrace read peer=@{p_systemd},
@{sys}/firmware/efi/efivars/SecureBoot-@{uuid} r,
@{sys}/fs/cgroup/system.slice/@{profile_name}.service/memory.pressure rw,

2
apparmor.d/abstractions/gnome-strict
View file

@ -13,6 +13,8 @@
member=Introspect
peer=(name=:*, label=gnome-shell),
/usr/share/icu/@{int}.@{int}/*.dat r,
/usr/{local/,}share/ r,
/usr/{local/,}share/glib-@{int}.@{int}/schemas/** r,
/usr/{local/,}share/gvfs/remote-volume-monitors/{,*} r,