felipe/apparmor.d
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

More XDG replacement.

Browse source
This commit is contained in:
Alexandre Pujol 2021-04-01 21:44:23 +01:00
parent 54ac285b7d
commit 84f24133e9
No known key found for this signature in database
GPG key ID: C5469996F0DF68EC
37 changed files with 93 additions and 91 deletions
Download patch file Download diff file Expand all files Collapse all files

10
apparmor.d/groups/gpg/dirmngr
View file

@ -19,11 +19,11 @@ profile dirmngr @{exec_path} {
@{exec_path} mr,
owner @{HOME}/.gnupg/ rw,
owner @{HOME}/.gnupg/dirmngr.conf r,
owner @{HOME}/.gnupg/dirmngr_ldapservers.conf r,
owner @{HOME}/.gnupg/crls.d/ rw,
owner @{HOME}/.gnupg/crls.d/DIR.txt rw,
owner @{HOME}/@{XDG_GPG_DIR}/ rw,
owner @{HOME}/@{XDG_GPG_DIR}/dirmngr.conf r,
owner @{HOME}/@{XDG_GPG_DIR}/dirmngr_ldapservers.conf r,
owner @{HOME}/@{XDG_GPG_DIR}/crls.d/ rw,
owner @{HOME}/@{XDG_GPG_DIR}/crls.d/DIR.txt rw,
/usr/share/gnupg/sks-keyservers.netCA.pem r,

4
apparmor.d/groups/gpg/gpg
View file

@ -24,8 +24,8 @@ profile gpg @{exec_path} {
# GPG config files
owner @{HOME}/ r,
owner @{HOME}/.gnupg/ rw,
owner @{HOME}/.gnupg/** rwkl -> @{HOME}/.gnupg/**,
owner @{HOME}/@{XDG_GPG_DIR}/ rw,
owner @{HOME}/@{XDG_GPG_DIR}/** rwkl -> @{HOME}/@{XDG_GPG_DIR}/**,
owner /var/lib/*/gnupg/ rw,
owner /var/lib/*/gnupg/** rwkl -> /var/lib/*/gnupg/**,

8
apparmor.d/groups/gpg/gpg-agent
View file

@ -19,10 +19,10 @@ profile gpg-agent @{exec_path} {
/usr/share/gnupg/* r,
owner @{HOME}/.gnupg/ rw,
owner @{HOME}/.gnupg/gpg-agent.conf r,
owner @{HOME}/.gnupg/private-keys-v1.d/ rw,
owner @{HOME}/.gnupg/private-keys-v1.d/[0-9A-F]*.key rw,
owner @{HOME}/@{XDG_GPG_DIR}/ rw,
owner @{HOME}/@{XDG_GPG_DIR}/gpg-agent.conf r,
owner @{HOME}/@{XDG_GPG_DIR}/private-keys-v1.d/ rw,
owner @{HOME}/@{XDG_GPG_DIR}/private-keys-v1.d/[0-9A-F]*.key rw,
owner /var/lib/*/.gnupg/ rw,
owner /var/lib/*/.gnupg/private-keys-v1.d/ rw,

2
apparmor.d/groups/gpg/gpgconf
View file

@ -23,7 +23,7 @@ profile gpgconf @{exec_path} {
/{usr/,}bin/pinentry-* rPx,
owner @{HOME}/.gnupg/** rwkl -> @{HOME}/.gnupg/**,
owner @{HOME}/@{XDG_GPG_DIR}/** rwkl -> @{HOME}/@{XDG_GPG_DIR}/**,
owner @{PROC}/@{pid}/task/@{tid}/stat rw,
owner @{PROC}/@{pid}/task/@{tid}/comm rw,

2
apparmor.d/groups/gpg/gpgsm
View file

@ -15,7 +15,7 @@ profile gpgsm @{exec_path} {
deny /usr/bin/.gnupg/ w,
owner @{HOME}/.gnupg/** rwkl -> @{HOME}/.gnupg/**,
owner @{HOME}/@{XDG_GPG_DIR}/** rwkl -> @{HOME}/@{XDG_GPG_DIR}/**,
owner /var/lib/*/.gnupg/** rwkl -> /var/lib/*/.gnupg/**,

2
apparmor.d/groups/gpg/scdaemon
View file

@ -15,7 +15,7 @@ profile scdaemon @{exec_path} {
@{exec_path} mr,
owner @{HOME}/.gnupg/scdaemon.conf r,
owner @{HOME}/@{XDG_GPG_DIR}/scdaemon.conf r,
owner @{run}/user/[0-9]*/gnupg/S.scdaemon rw,