felipe/apparmor.d
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat(dbus): dbus rules cleanup (1)

Browse source 
- move common rule to abs
- ensure peer name or label are always present
- try to make rule more standard/easier to read
This commit is contained in:
Alexandre Pujol 2023-11-30 22:39:44 +00:00
parent 9517800a9d
commit 8a49f2ebe1
No known key found for this signature in database
GPG key ID: C5469996F0DF68EC
16 changed files with 133 additions and 256 deletions
Download patch file Download diff file Expand all files Collapse all files

11
apparmor.d/groups/freedesktop/polkitd
View file

@ -21,10 +21,7 @@ profile polkitd @{exec_path} flags=(attach_disconnected) {
ptrace (read),
dbus (send) bus=system path=/org/freedesktop/DBus
interface=org.freedesktop.DBus
member={GetConnectionUnixProcessID,GetConnectionUnixUser,RequestName,ReleaseName}
peer=(name=org.freedesktop.DBus, label=dbus-daemon),
dbus (bind) bus=system name=org.freedesktop.PolicyKit1,
dbus (send,receive) bus=system path=/org/freedesktop/PolicyKit1/*
interface=org.freedesktop.{DBus.Introspectable,DBus.Properties,PolicyKit1.*}, # all members
@ -33,8 +30,10 @@ profile polkitd @{exec_path} flags=(attach_disconnected) {
interface=org.freedesktop.PolicyKit1.AuthenticationAgent
peer=(name=:*), # all members
dbus (bind) bus=system
name=org.freedesktop.PolicyKit1,
dbus (send) bus=system path=/org/freedesktop/DBus
interface=org.freedesktop.DBus
member={GetConnectionUnixProcessID,GetConnectionUnixUser}
peer=(name=org.freedesktop.DBus, label=dbus-daemon),
@{exec_path} mr,