feat(dbus): rewrite some dbus rules (1).
This commit is contained in:
Alexandre Pujol
parent
d6888a65c4
commit
6d1ff256af
32 changed files with 248 additions and 383 deletions
|
|
@ -1,5 +1,5 @@
|
|||
# apparmor.d - Full set of apparmor profiles
|
||||
# Copyright (C) 2021 Alexandre Pujol <alexandre@pujol.io>
|
||||
# Copyright (C) 2021-2023 Alexandre Pujol <alexandre@pujol.io>
|
||||
# SPDX-License-Identifier: GPL-2.0-only
|
||||
|
||||
abi <abi/3.0>,
|
||||
|
|
@ -9,6 +9,7 @@ include <tunables/global>
|
|||
@{exec_path} = @{lib}/{,evolution-data-server/}evolution-source-registry
|
||||
profile evolution-source-registry @{exec_path} {
|
||||
include <abstractions/base>
|
||||
include <abstractions/bus/vfs>
|
||||
include <abstractions/dbus-session-strict>
|
||||
include <abstractions/dconf-write>
|
||||
include <abstractions/nameservice-strict>
|
||||
|
|
@ -21,31 +22,26 @@ profile evolution-source-registry @{exec_path} {
|
|||
network inet6 dgram,
|
||||
network netlink raw,
|
||||
|
||||
dbus bind bus=session name=org.gnome.evolution.dataserver.Sources@{int},
|
||||
|
||||
dbus receive bus=session path=/org/gnome/evolution/dataserver/SourceManager{,/**}
|
||||
interface={org.freedesktop.DBus.ObjectManager,org.freedesktop.DBus.Properties}
|
||||
peer=(name=:*),
|
||||
|
||||
dbus send bus=session path=/org/gnome/evolution/dataserver/SourceManager{,/**}
|
||||
interface=org.freedesktop.DBus.Properties
|
||||
peer=(name=org.freedesktop.DBus),
|
||||
|
||||
dbus receive bus=session
|
||||
interface=org.freedesktop.DBus.Introspectable
|
||||
member=Introspect
|
||||
peer=(name=:*, label=gnome-shell),
|
||||
|
||||
dbus receive bus=session path=/org/gnome/evolution/dataserver/SourceManager
|
||||
interface=org.freedesktop.DBus.ObjectManager
|
||||
peer=(name=:*, label=evolution-*),
|
||||
|
||||
dbus receive bus=session path=/org/gnome/evolution/dataserver/SourceManager{,/*}
|
||||
interface=org.freedesktop.DBus.Properties
|
||||
peer=(name=:*, label=evolution-*-factory),
|
||||
|
||||
dbus send bus=session path=/org/gnome/OnlineAccounts
|
||||
interface=org.freedesktop.DBus.ObjectManager
|
||||
member=GetManagedObjects
|
||||
member=GetManagedObjects
|
||||
peer=(name=:*, label=goa-daemon),
|
||||
|
||||
dbus send bus=session path=/org/gtk/vfs/mounttracker
|
||||
interface=org.gtk.vfs.MountTracker
|
||||
member=ListMountableInfo
|
||||
peer=(name=:*, label=gvfsd),
|
||||
|
||||
dbus bind bus=session name=org.gnome.evolution.dataserver.Sources[0-9],
|
||||
|
||||
@{exec_path} mr,
|
||||
|
||||
/usr/share/glib-2.0/schemas/gschemas.compiled r,
|
||||
|
|
|
|||
|
|
@ -27,42 +27,28 @@ profile gdm @{exec_path} flags=(attach_disconnected) {
|
|||
|
||||
signal (send) set=(term),
|
||||
|
||||
dbus (send,receive) bus=system path=/org/freedesktop/Accounts/User@{uid}
|
||||
interface=org.freedesktop.{DBus.Properties,Accounts.User}
|
||||
member={Changed,GetAll,PropertiesChanged},
|
||||
|
||||
dbus send bus=system path=/org/freedesktop/Accounts
|
||||
interface=org.freedesktop.{DBus.Properties,Accounts}
|
||||
member={GetAll,ListCachedUsers,FindUserByName},
|
||||
|
||||
dbus receive bus=system path=/org/freedesktop/Accounts
|
||||
dbus bind bus=system name=org.gnome.DisplayManager,
|
||||
dbus receive bus=system path=/org/gnome/DisplayManager/Manager
|
||||
interface=org.gnome.DisplayManager.Manager
|
||||
peer=(name=:*, label="{gnome-shell,gdm-*-session}"),
|
||||
dbus receive bus=system path=/org/gnome/DisplayManager/Manager
|
||||
interface=org.freedesktop.DBus.Properties
|
||||
member=PropertiesChanged
|
||||
peer=(name=:*, label=accounts-daemon),
|
||||
peer=(name=:*, label=gnome-shell),
|
||||
|
||||
dbus receive bus=system path=/org/freedesktop/Accounts
|
||||
interface=org.freedesktop.Accounts
|
||||
member=UserAdded
|
||||
peer=(name=:*, label=accounts-daemon),
|
||||
dbus send bus=system path=/org/freedesktop/login1/seat/seat@{int}
|
||||
interface=org.freedesktop.DBus.Properties
|
||||
member=Get
|
||||
peer=(name=:*, label=systemd-logind),
|
||||
|
||||
dbus send bus=system path=/org/freedesktop/login[0-9]
|
||||
interface=org.freedesktop.login1.Manager
|
||||
member={ListSeats,ActivateSessionOnSeat,UnlockSession},
|
||||
dbus receive bus=system path=/org/freedesktop/login1/seat/seat@{int}
|
||||
interface=org.freedesktop.DBus.Properties
|
||||
member={Get,PropertiesChanged}
|
||||
peer=(name=:*, label=systemd-logind),
|
||||
|
||||
dbus send bus=system path=/org/freedesktop/DBus
|
||||
interface=org.freedesktop.DBus
|
||||
member={GetConnectionUnixProcessID,GetConnectionUnixUser,RequestName},
|
||||
|
||||
dbus receive bus=system path=/org/freedesktop/login[0-9]/seat/seat[0-9]
|
||||
interface=org.freedesktop.DBus.Properties
|
||||
member=PropertiesChanged,
|
||||
|
||||
dbus receive bus=system path=/org/gnome/DisplayManager/Manager
|
||||
interface={org.freedesktop.DBus.Properties,org.gnome.DisplayManager.Manager}
|
||||
member={RegisterDisplay,Get,RegisterSession,GetAll,OpenReauthenticationChannel,OpenSession},
|
||||
|
||||
dbus bind bus=system
|
||||
name=org.gnome.DisplayManager,
|
||||
member={GetConnectionUnixProcessID,GetConnectionUnixUser}
|
||||
peer=(name=org.freedesktop.DBus, label=dbus-daemon),
|
||||
|
||||
@{exec_path} mr,
|
||||
|
||||
|
|
|
|||
|
|
@ -65,20 +65,16 @@ profile gdm-xsession @{exec_path} {
|
|||
|
||||
profile dbus {
|
||||
include <abstractions/base>
|
||||
include <abstractions/dbus-session-strict>
|
||||
|
||||
dbus send bus=session path=/org/freedesktop/systemd1
|
||||
interface=org.freedesktop.systemd1.Manager
|
||||
member=SetEnvironment
|
||||
peer=(name=org.freedesktop.systemd1),
|
||||
|
||||
@{bin}/dbus-update-activation-environment mr,
|
||||
|
||||
owner @{run}/user/@{uid}/bus rw,
|
||||
|
||||
dbus send bus=session path=/org/freedesktop/DBus
|
||||
interface=org.freedesktop.DBus
|
||||
member={Hello,UpdateActivationEnvironment}
|
||||
peer=(name=org.freedesktop.DBus, label=dbus-daemon),
|
||||
|
||||
dbus send bus=session path=/org/freedesktop/systemd[0-9]*
|
||||
interface=org.freedesktop.systemd[0-9]*.Manager
|
||||
member=SetEnvironment
|
||||
peer=(name=org.freedesktop.systemd[0-9]*),
|
||||
|
||||
owner @{HOME}/.xsession-errors w,
|
||||
|
||||
/dev/tty rw,
|
||||
/dev/tty@{int} rw,
|
||||
|
|
|
|||
|
|
@ -14,6 +14,7 @@ include <tunables/global>
|
|||
profile gjs-console @{exec_path} flags=(attach_disconnected) {
|
||||
include <abstractions/base>
|
||||
include <abstractions/dbus-session-strict>
|
||||
include <abstractions/dbus-strict>
|
||||
include <abstractions/dconf-write>
|
||||
include <abstractions/dri-common>
|
||||
include <abstractions/dri-enumerate>
|
||||
|
|
@ -31,14 +32,36 @@ profile gjs-console @{exec_path} flags=(attach_disconnected) {
|
|||
|
||||
signal (receive) set=(term hup) peer=gdm*,
|
||||
|
||||
dbus send bus=session path=/org/freedesktop/DBus
|
||||
interface=org.freedesktop.DBus
|
||||
member={RequestName,ReleaseName}
|
||||
peer=(name=org.freedesktop.DBus, label=dbus-daemon),
|
||||
dbus bind bus=session name=org.gnome.Shell.Notifications,
|
||||
|
||||
dbus bind bus=session name=org.gnome.ScreenSaver,
|
||||
dbus receive bus=session path=/org/gnome/ScreenSaver
|
||||
interface=org.gnome.ScreenSaver
|
||||
peer=(name=:*), # all members
|
||||
dbus receive bus=session path=/org/gnome/ScreenSaver
|
||||
interface=org.freedesktop.DBus.Properties
|
||||
peer=(name=:*), # all members
|
||||
dbus send bus=session path=/org/gnome/ScreenSaver
|
||||
interface=org.gnome.ScreenSaver
|
||||
peer=(name=:*), # all members
|
||||
dbus send bus=session path=/org/gnome/ScreenSaver
|
||||
interface=org.freedesktop.DBus.Properties
|
||||
peer=(name=:*), # all members
|
||||
|
||||
dbus bind bus=session name=org.freedesktop.Notifications,
|
||||
dbus receive bus=session path=/org/freedesktop/Notifications
|
||||
interface=org.freedesktop.DBus.Properties
|
||||
peer=(name=:*), # all members
|
||||
dbus send bus=session path=/org/freedesktop/Notifications
|
||||
interface=org.freedesktop.DBus.Properties
|
||||
member=GetAll
|
||||
peer=(name=:*), # all members
|
||||
|
||||
dbus bind bus=session name=org.gnome.Shell.Screencast,
|
||||
dbus receive bus=session path=/org/gnome/Shell/Screencast
|
||||
interface=org.freedesktop.DBus.Properties
|
||||
peer=(name=:*), # all members
|
||||
dbus send bus=session path=/org/gnome/Mutter/ScreenCast
|
||||
interface=org.freedesktop.DBus.Properties
|
||||
peer=(name=:*, label=gnome-shell),
|
||||
|
||||
dbus receive bus=session
|
||||
|
|
@ -46,31 +69,13 @@ profile gjs-console @{exec_path} flags=(attach_disconnected) {
|
|||
member=Introspect
|
||||
peer=(name=:*, label=gnome-shell),
|
||||
|
||||
dbus receive bus=session path=/org/freedesktop/Notifications
|
||||
interface=org.freedesktop.DBus.Properties
|
||||
member=GetAll
|
||||
peer=(name=:*, label=gnome-extension-ding),
|
||||
|
||||
dbus receive bus=session path=/org/gnome/Shell/Screencast
|
||||
interface=org.freedesktop.DBus.Properties
|
||||
member=GetAll
|
||||
dbus (send, receive) bus=session path=/org/gnome/Shell/Introspect
|
||||
interface=org.gnome.Shell.Introspect
|
||||
peer=(name=:*, label=gnome-shell),
|
||||
|
||||
dbus (send,receive) bus=session path=/org/gnome/ScreenSaver
|
||||
interface=org.gnome.ScreenSaver,
|
||||
|
||||
dbus receive bus=session path=/org/gnome/Shell/Introspect
|
||||
dbus (send, receive) bus=session path=/org/gnome/Shell/Introspect
|
||||
interface=org.freedesktop.DBus.Properties
|
||||
peer=(name=:*, label=gnome-shell),
|
||||
|
||||
dbus bind bus=session name=org.gnome.ScreenSaver,
|
||||
|
||||
dbus bind bus=session name=org.freedesktop.Notifications,
|
||||
|
||||
dbus bind bus=session name=org.gnome.Shell.Notifications,
|
||||
|
||||
dbus bind bus=session name=org.gnome.Shell.Screencast,
|
||||
|
||||
@{exec_path} mr,
|
||||
@{bin}/ r,
|
||||
@{bin}/[a-z0-9]* rPUx,
|
||||
|
|
|
|||
|
|
@ -10,6 +10,7 @@ include <tunables/global>
|
|||
profile gnome-extension-ding @{exec_path} {
|
||||
include <abstractions/base>
|
||||
include <abstractions/bus/atspi>
|
||||
include <abstractions/bus/vfs>
|
||||
include <abstractions/dbus-accessibility-strict>
|
||||
include <abstractions/dbus-session-strict>
|
||||
include <abstractions/dbus-strict>
|
||||
|
|
@ -21,126 +22,62 @@ profile gnome-extension-ding @{exec_path} {
|
|||
|
||||
unix (send,receive) type=stream addr=none peer=(label=gnome-shell),
|
||||
|
||||
dbus send bus=session path=/org/freedesktop/DBus
|
||||
interface=org.freedesktop.DBus
|
||||
member={RequestName,ReleaseName}
|
||||
peer=(name=org.freedesktop.DBus, label=dbus-daemon),
|
||||
dbus bind bus=session name=com.rastersoft.ding,
|
||||
|
||||
dbus send bus=system path=/org/freedesktop/DBus
|
||||
interface=org.freedesktop.DBus
|
||||
member={ListNames,ListActivatableNames},
|
||||
dbus receive bus=session path=/com/rastersoft/ding
|
||||
interface={org.gtk.Actions,org.freedesktop.DBus.Properties}
|
||||
peer=(name=:*, label=gnome-shell),
|
||||
|
||||
dbus send bus=session path=/org/freedesktop/DBus
|
||||
interface=org.freedesktop.DBus
|
||||
member={RequestName,ReleaseName,ListNames,ListActivatableNames}
|
||||
peer=(name=org.freedesktop.DBus, label=dbus-daemon),
|
||||
|
||||
dbus send bus=system path=/org/freedesktop/DBus
|
||||
interface=org.freedesktop.DBus.Properties
|
||||
member=GetAll
|
||||
peer=(name=org.freedesktop.DBus, label=dbus-daemon),
|
||||
|
||||
dbus send bus=session path=/org/freedesktop/DBus
|
||||
interface=org.freedesktop.DBus.Properties
|
||||
member=GetAll
|
||||
peer=(name=org.freedesktop.DBus, label=dbus-daemon),
|
||||
|
||||
dbus send bus=session path=/org/freedesktop/DBus
|
||||
interface=org.freedesktop.DBus.Introspectable
|
||||
member=Introspect
|
||||
peer=(name=org.freedesktop.DBus, label=dbus-daemon),
|
||||
|
||||
dbus send bus=system path=/net/hadess/SwitcherooControl
|
||||
interface=org.freedesktop.DBus.Properties
|
||||
member=GetAll,
|
||||
|
||||
dbus send bus=session path=/org/freedesktop/Notifications
|
||||
interface=org.freedesktop.DBus.Properties
|
||||
member=GetAll
|
||||
peer=(name=:*, label=gjs-console),
|
||||
|
||||
dbus send bus=session path=/org/gtk/vfs/metadata
|
||||
interface=org.freedesktop.DBus.Properties
|
||||
member=GetAll
|
||||
peer=(name=:*, label=gvfsd-metadata),
|
||||
|
||||
dbus send bus=session path=/org/gtk/vfs/Daemon
|
||||
interface=org.gtk.vfs.Daemon
|
||||
member=ListMonitorImplementations
|
||||
peer=(name=:*, label=gvfsd),
|
||||
|
||||
dbus receive bus=session path=/org/gnome/SessionManager
|
||||
interface=org.gnome.SessionManager
|
||||
member=ClientRemoved
|
||||
peer=(name=:*, label=gnome-session-binary),
|
||||
dbus send bus=session path=/com/rastersoft/ding{,**}
|
||||
interface=org.gtk.Actions
|
||||
peer=(label=gnome-shell),
|
||||
|
||||
dbus send bus=session path=/org/gtk/Private/RemoteVolumeMonitor
|
||||
interface=org.gtk.Private.RemoteVolumeMonitor
|
||||
member={IsSupported,List}
|
||||
peer=(name=:*, label=gvfs-*-monitor),
|
||||
|
||||
dbus send bus=session path=/org/gtk/vfs/mounttracker
|
||||
interface=org.gtk.vfs.MountTracker
|
||||
member={ListMounts2,ListMountableInfo}
|
||||
peer=(name=:*, label=gvfsd),
|
||||
|
||||
dbus receive bus=session path=/org/gtk/vfs/mounttracker
|
||||
interface=org.gtk.vfs.MountTracker
|
||||
member=Mounted
|
||||
peer=(name=:*, label=gvfsd),
|
||||
|
||||
dbus send bus=session path=/org/gtk/Settings
|
||||
dbus (send, receive) bus=session path=/org/freedesktop/FileManager1
|
||||
interface=org.freedesktop.DBus.Properties
|
||||
member=GetAll
|
||||
peer=(name=:*, label=gsd-xsettings),
|
||||
peer=(name=:*, label=nautilus),
|
||||
|
||||
dbus send bus=accessibility path=/org/a11y/atspi/registry
|
||||
interface=org.a11y.atspi.Registry
|
||||
member=GetRegisteredEvents
|
||||
peer=(name=org.a11y.atspi.Registry), # all peer's labels
|
||||
|
||||
dbus receive bus=accessibility path=/org/a11y/atspi/registry
|
||||
interface=org.a11y.atspi.Registry
|
||||
member=EventListenerDeregistered
|
||||
peer=(name=:*, label=at-spi2-registryd),
|
||||
|
||||
dbus send bus=accessibility path=/org/a11y/atspi/registry/deviceeventcontroller
|
||||
interface=org.a11y.atspi.DeviceEventController
|
||||
member={GetKeystrokeListeners,GetDeviceEventListeners}
|
||||
peer=(name=org.a11y.atspi.Registry), # all peer's labels
|
||||
|
||||
dbus send bus=accessibility path=/org/a11y/atspi/accessible/root
|
||||
interface=org.a11y.atspi.Socket
|
||||
member=Embed
|
||||
peer=(name=org.a11y.atspi.Registry), # all peer's labels
|
||||
|
||||
dbus send bus=session path=/org/a11y/bus
|
||||
interface=org.a11y.Bus
|
||||
member=GetAddress
|
||||
peer=(name=org.a11y.Bus, label=at-spi-bus-launcher),
|
||||
|
||||
dbus receive bus=accessibility path=/org/a11y/atspi/accessible/root
|
||||
interface=org.freedesktop.DBus.Properties
|
||||
member=Set
|
||||
peer=(name=:*, label=at-spi2-registryd),
|
||||
|
||||
dbus send bus=session path=/com/rastersoft/dingextension/control
|
||||
interface=org.gtk.Actions
|
||||
member=DescribeAll
|
||||
peer=(name=com.rastersoft.dingextension, label=gnome-shell),
|
||||
|
||||
dbus receive bus=session path=/com/rastersoft/ding
|
||||
interface=org.gtk.Actions
|
||||
member=DescribeAll
|
||||
peer=(name=:*, label=gnome-shell),
|
||||
|
||||
dbus receive bus=session path=/com/rastersoft/ding
|
||||
dbus send bus=session path=/org/freedesktop/Notifications
|
||||
interface=org.freedesktop.DBus.Properties
|
||||
member=GetAll
|
||||
peer=(name=:*, label=gnome-shell),
|
||||
peer=(name=:*, label=gjs-console),
|
||||
|
||||
dbus bind bus=session
|
||||
name=com.rastersoft.ding,
|
||||
dbus send bus=session path=/org/gnome/Nautilus/FileOperations*
|
||||
interface=org.freedesktop.DBus.Properties
|
||||
member=GetAll
|
||||
peer=(name=:*, label=nautilus),
|
||||
|
||||
dbus send bus=session path=/org/gtk/vfs/Daemon
|
||||
interface=org.gtk.vfs.Daemon
|
||||
member=ListMonitorImplementations
|
||||
peer=(name=:*, label=gvfsd),
|
||||
|
||||
dbus send bus=session path=/org/gtk/vfs/metadata
|
||||
interface=org.freedesktop.DBus.Properties
|
||||
member=GetAll
|
||||
peer=(name=:*, label=gvfsd-metadata),
|
||||
dbus receive bus=session path=/org/gtk/vfs/metadata
|
||||
interface=org.gtk.vfs.Metadata
|
||||
member=AttributeChanged
|
||||
peer=(name=:*, label=gvfsd-metadata),
|
||||
|
||||
dbus send bus=session path=/org/freedesktop/DBus
|
||||
interface=org.freedesktop.DBus.Introspectable
|
||||
member=Introspect
|
||||
peer=(name=org.freedesktop.DBus, label=dbus-daemon),
|
||||
dbus send bus=session path=/org/gnome/Nautilus/FileOperations2
|
||||
interface=org.freedesktop.DBus.Introspectable
|
||||
member=Introspect
|
||||
peer=(name=:*, label=nautilus),
|
||||
|
||||
dbus send bus=session path=/org/freedesktop/DBus
|
||||
interface=org.freedesktop.DBus
|
||||
peer=(name=org.freedesktop.DBus, label=dbus-daemon),
|
||||
|
||||
@{exec_path} mr,
|
||||
|
||||
|
|
|
|||
|
|
@ -38,7 +38,7 @@ profile gnome-session-binary @{exec_path} flags=(attach_disconnected) {
|
|||
|
||||
dbus send bus=session path=/org/freedesktop/DBus
|
||||
interface=org.freedesktop.DBus
|
||||
member={ReleaseName,UpdateActivationEnvironment,GetConnectionUnixUser,GetConnectionUnixProcessID}
|
||||
member={GetConnectionUnixUser,GetConnectionUnixProcessID,UpdateActivationEnvironment}
|
||||
peer=(name=org.freedesktop.DBus label=dbus-daemon),
|
||||
|
||||
dbus send bus=system path=/org/freedesktop/login1
|
||||
|
|
|
|||
|
|
@ -12,10 +12,10 @@ profile gnome-shell @{exec_path} flags=(attach_disconnected) {
|
|||
include <abstractions/app-launcher-user>
|
||||
include <abstractions/audio>
|
||||
include <abstractions/bus/atspi>
|
||||
include <abstractions/bus/network-manager>
|
||||
include <abstractions/bus/polkit>
|
||||
include <abstractions/bus/vfs>
|
||||
include <abstractions/dbus-accessibility-strict>
|
||||
include <abstractions/dbus-gtk>
|
||||
include <abstractions/dbus-network-manager-strict>
|
||||
include <abstractions/dbus-session-strict>
|
||||
include <abstractions/dbus-strict>
|
||||
include <abstractions/dconf-write>
|
||||
|
|
|
|||
|
|
@ -42,11 +42,10 @@ profile goa-daemon @{exec_path} {
|
|||
interface=org.freedesktop.DBus.ObjectManager
|
||||
member=GetManagedObjects
|
||||
peer=(name=:*, label=goa-identity-service),
|
||||
|
||||
dbus receive bus=session path=/org/gnome/OnlineAccounts
|
||||
interface=org.freedesktop.DBus.ObjectManager
|
||||
member=GetManagedObjects
|
||||
peer=(name=:*, label="{gvfs-goa-volume-monitor,goa-daemon,goa-identity-service,evolution-source-registry,unconfined}"),
|
||||
dbus send bus=session path=/org/gnome/Identity/Manager
|
||||
interface=org.freedesktop.DBus.Properties
|
||||
member=GetAll
|
||||
peer=(name=:*, label=goa-identity-service),
|
||||
|
||||
dbus receive bus=session
|
||||
interface=org.freedesktop.DBus.Introspectable
|
||||
|
|
|
|||
|
|
@ -39,6 +39,11 @@ profile gsd-printer @{exec_path} flags=(attach_disconnected) {
|
|||
member={EndSession,QueryEndSession,CancelEndSession,Stop}
|
||||
peer=(name=:*, label=gnome-session-binary),
|
||||
|
||||
dbus receive bus=session path=/org/gnome/SessionManager/Presence
|
||||
interface=org.gnome.SessionManager.Presence
|
||||
member=StatusChanged
|
||||
peer=(name=:*, label=gnome-session-binary),
|
||||
|
||||
dbus receive bus=session
|
||||
interface=org.freedesktop.DBus.Introspectable
|
||||
member=Introspect
|
||||
|
|
|
|||
|
|
@ -9,6 +9,7 @@ include <tunables/global>
|
|||
@{exec_path} = @{lib}/mutter-x11-frames
|
||||
profile mutter-x11-frames @{exec_path} {
|
||||
include <abstractions/base>
|
||||
include <abstractions/dbus-session-strict>
|
||||
include <abstractions/dconf-write>
|
||||
include <abstractions/dri-common>
|
||||
include <abstractions/dri-enumerate>
|
||||
|
|
@ -22,6 +23,11 @@ profile mutter-x11-frames @{exec_path} {
|
|||
include <abstractions/wayland>
|
||||
include <abstractions/X-strict>
|
||||
|
||||
dbus receive bus=session path=/
|
||||
interface=org.freedesktop.DBus.Introspectable
|
||||
member=Introspect
|
||||
peer=(name=:*, label=gnome-shell),
|
||||
|
||||
@{exec_path} mr,
|
||||
|
||||
/usr/share/dconf/profile/gdm r,
|
||||
|
|
|
|||
|
|
@ -27,16 +27,17 @@ profile tracker-extract @{exec_path} flags=(attach_disconnected) {
|
|||
signal (receive) set=(term) peer=gdm,
|
||||
|
||||
dbus bind bus=session name=org.freedesktop.Tracker3.Miner.Extract,
|
||||
dbus send bus=session path=/org/freedesktop/Tracker3/Miner/**
|
||||
interface=org.freedesktop.Tracker3.Miner
|
||||
peer=(name=org.freedesktop.DBus, label=tracker-miner),
|
||||
dbus send bus=session path=/org/freedesktop/Tracker3/**
|
||||
interface=org.freedesktop.DBus.Properties
|
||||
peer=(name=org.freedesktop.Tracker3.*), # all members
|
||||
dbus receive bus=session path=/org/freedesktop/Tracker3/**
|
||||
interface=org.freedesktop.Tracker3.*
|
||||
peer=(name=:*), # all members
|
||||
|
||||
dbus send bus=session path=/org/freedesktop/Tracker3/**
|
||||
interface=org.freedesktop.DBus.{Peer,Properties}
|
||||
peer=(label=tracker-miner),
|
||||
dbus send bus=session path=/org/freedesktop/Tracker3/**
|
||||
interface=org.freedesktop.Tracker3.*
|
||||
peer=(label=tracker-miner),
|
||||
|
||||
dbus send bus=session path=/org/gtk/Private/RemoteVolumeMonitor
|
||||
interface=org.gtk.Private.RemoteVolumeMonitor
|
||||
member={List,IsSupported,MountAdded}
|
||||
|
|
|
|||
|
|
@ -28,10 +28,9 @@ profile tracker-miner @{exec_path} flags=(attach_disconnected) {
|
|||
dbus (send, receive) bus=session path=/org/freedesktop/Tracker3/**
|
||||
interface=org.freedesktop.Tracker3.*
|
||||
peer=(name=:*), # all members
|
||||
|
||||
dbus receive bus=session path=/org/freedesktop/Tracker3/**
|
||||
interface=org.freedesktop.DBus.{Peer,Properties}
|
||||
peer=(name=:*, label=tracker-extract),
|
||||
peer=(name=:*),
|
||||
|
||||
dbus send bus=system path=/org/freedesktop/UPower{,/devices/DisplayDevice}
|
||||
interface=org.freedesktop.DBus.Properties
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue