felipe/apparmor.d
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat(profile): general update.

Browse source
This commit is contained in:
Alexandre Pujol 2024-07-15 23:12:39 +01:00
parent 9b2470462f
commit 6cd01064ae
No known key found for this signature in database
GPG key ID: C5469996F0DF68EC
27 changed files with 59 additions and 18 deletions
Download patch file Download diff file Expand all files Collapse all files

1
apparmor.d/profiles-a-f/agetty
View file

@ -34,6 +34,7 @@ profile agetty @{exec_path} {
/etc/os-release r,
/usr/etc/login.defs r,
@{run}/credentials/getty@tty@{int}.service/ r,
@{run}/credentials/serial-getty@ttyS@{int}.service/ r,
owner @{run}/agetty.reload rw,

5
apparmor.d/profiles-a-f/dino-im
View file

@ -11,10 +11,8 @@ include <tunables/global>
profile dino-im @{exec_path} {
include <abstractions/base>
include <abstractions/dconf-write>
include <abstractions/desktop>
include <abstractions/fontconfig-cache-read>
include <abstractions/fonts>
include <abstractions/freedesktop.org>
include <abstractions/gtk>
include <abstractions/nameservice-strict>
include <abstractions/ssl_certs>
@ -46,6 +44,7 @@ profile dino-im @{exec_path} {
owner @{HOME}/.gnupg/ rw,
owner @{HOME}/.gnupg/** rwkl -> @{HOME}/.gnupg/**,
include if exists <local/dino-im_gpg>
}
include if exists <local/dino-im>

2
apparmor.d/profiles-a-f/dkms
View file

@ -104,7 +104,7 @@ profile dkms @{exec_path} flags=(attach_disconnected) {
owner /boot/System.map-* r,
audit owner @{tmp}/tmp.* r,
owner @{tmp}/tmp.@{rand10} r,
@{sys}/module/compression r,

2
apparmor.d/profiles-a-f/fractal
View file

@ -23,6 +23,8 @@ profile fractal @{exec_path} flags=(attach_disconnected) {
@{exec_path} mr,
/usr/share/xml/iso-codes/{,**} r,
owner @{tmp}/.@{rand6} rw,
owner @{tmp}/.goutputstream-@{rand6} rw,
owner @{tmp}/@{rand6} rw,

3
apparmor.d/profiles-a-f/fwupd
View file

@ -142,7 +142,8 @@ profile fwupd @{exec_path} flags=(complain,attach_disconnected) {
owner /var/lib/fwupd/gnupg/ rw,
owner /var/lib/fwupd/gnupg/** rwkl -> /var/lib/fwupd/gnupg/**,
owner @{PROC}/@{pids}/fd/ r,
owner @{PROC}/@{pid}/fd/ r,
owner @{PROC}/@{pid}/task/@{tid}/comm rw,
include if exists <local/fwupd_gpg>
}