felipe/apparmor.d
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

update profiles for apparmor3

Browse source
This commit is contained in:
Mikhail Morfikov 2020-12-10 22:33:39 +01:00
parent 503cf496bf
commit 7067edcf70
No known key found for this signature in database
GPG key ID: 32D9CB634796CCA1
776 changed files with 6867 additions and 5199 deletions
Download patch file Download diff file Expand all files Collapse all files

40
apparmor.d/atom
View file

@ -9,30 +9,30 @@
#
# ------------------------------------------------------------------
#abi <abi/3.0>,
abi <abi/3.0>,
#include <tunables/global>
include <tunables/global>
@{exec_path} = /usr/share/atom{,-beta,-nightly,-dev}/atom /{usr/,}bin/atom
profile atom @{exec_path} {
#include <abstractions/base>
#include <abstractions/opencl-intel>
#include <abstractions/gtk>
#include <abstractions/freedesktop.org>
#include <abstractions/fonts>
#include <abstractions/fontconfig-cache-read>
#include <abstractions/nameservice-strict>
#include <abstractions/enchant>
include <abstractions/base>
include <abstractions/opencl-intel>
include <abstractions/gtk>
include <abstractions/freedesktop.org>
include <abstractions/fonts>
include <abstractions/fontconfig-cache-read>
include <abstractions/nameservice-strict>
include <abstractions/enchant>
# The following doesn't seem to be needed
##include <abstractions/mesa>
##include <abstractions/consoles>
##include <abstractions/audio>
##include <abstractions/user-download-strict>
#include <abstractions/thumbnails-cache-read>
include <abstractions/thumbnails-cache-read>
##include <abstractions/zsh>
##include <abstractions/fzf>
#include <abstractions/deny-dconf>
#include <abstractions/deny-root-dir-access>
include <abstractions/deny-dconf>
include <abstractions/deny-root-dir-access>
ptrace (read) peer=child-lsb_release,
ptrace (read) peer=xdg-settings,
@ -169,10 +169,10 @@ profile atom @{exec_path} {
profile gpg {
#include <abstractions/base>
#include <abstractions/consoles>
#include <abstractions/fonts>
#include <abstractions/fontconfig-cache-read>
include <abstractions/base>
include <abstractions/consoles>
include <abstractions/fonts>
include <abstractions/fontconfig-cache-read>
/{usr/,}bin/gpg mr,
@ -186,8 +186,8 @@ profile atom @{exec_path} {
}
profile open {
#include <abstractions/base>
#include <abstractions/xdg-open>
include <abstractions/base>
include <abstractions/xdg-open>
/{usr/,}bin/xdg-open mr,
@ -203,5 +203,5 @@ profile atom @{exec_path} {
}
#include if exists <local/atom>
include if exists <local/atom>
}