diff --git a/apparmor.d/abstractions/bus/avahi b/apparmor.d/abstractions/bus/avahi new file mode 100644 index 000000000..f5fb4c82d --- /dev/null +++ b/apparmor.d/abstractions/bus/avahi @@ -0,0 +1,25 @@ +# apparmor.d - Full set of apparmor profiles +# Copyright (C) 2023 Alexandre Pujol +# SPDX-License-Identifier: GPL-2.0-only + + dbus send bus=system path=/ + interface=org.freedesktop.DBus.Peer + member=Ping + peer=(name=org.freedesktop.Avahi, label=avahi-daemon), + + dbus send bus=system path=/ + interface=org.freedesktop.Avahi.Server + member={GetAPIVersion,GetState,Service*New} + peer=(name=org.freedesktop.Avahi, label=avahi-daemon), + + dbus send bus=system path=/Client@{int}/ServiceBrowser@{int} + interface=org.freedesktop.Avahi.ServiceBrowser + member=Free + peer=(name=org.freedesktop.Avahi, label=avahi-daemon), + + dbus receive bus=system path=/Client@{int}/ServiceBrowser@{int} + interface=org.freedesktop.Avahi.ServiceBrowser + member={ItemNew,AllForNow,CacheExhausted} + peer=(name=:*, label=avahi-daemon), + + include if exists diff --git a/apparmor.d/abstractions/bus/bluetooth b/apparmor.d/abstractions/bus/bluetooth new file mode 100644 index 000000000..0c10e9542 --- /dev/null +++ b/apparmor.d/abstractions/bus/bluetooth @@ -0,0 +1,10 @@ +# apparmor.d - Full set of apparmor profiles +# Copyright (C) 2023 Alexandre Pujol +# SPDX-License-Identifier: GPL-2.0-only + + dbus receive bus=system path=/org/bluez/hci@{int}{,/**} + interface=org.freedesktop.DBus.Properties + member=PropertiesChanged + peer=(name=:*, label=bluetoothd), + + include if exists diff --git a/apparmor.d/abstractions/bus/modem-manager b/apparmor.d/abstractions/bus/modem-manager new file mode 100644 index 000000000..521251b57 --- /dev/null +++ b/apparmor.d/abstractions/bus/modem-manager @@ -0,0 +1,15 @@ +# apparmor.d - Full set of apparmor profiles +# Copyright (C) 2023 Alexandre Pujol +# SPDX-License-Identifier: GPL-2.0-only + + dbus send bus=system path=/org/freedesktop/ModemManager1 + interface=org.freedesktop.DBus.ObjectManager + member=GetManagedObjects + peer=(name=:*, label=ModemManager), + + dbus send bus=system path=/org/freedesktop/ModemManager1 + interface=org.freedesktop.DBus.Properties + member=GetAll + peer=(name=:*, label=ModemManager), + + include if exists diff --git a/apparmor.d/abstractions/bus/timedate b/apparmor.d/abstractions/bus/timedate new file mode 100644 index 000000000..8d092b955 --- /dev/null +++ b/apparmor.d/abstractions/bus/timedate @@ -0,0 +1,10 @@ +# apparmor.d - Full set of apparmor profiles +# Copyright (C) 2023 Alexandre Pujol +# SPDX-License-Identifier: GPL-2.0-only + + dbus send bus=system path=/org/freedesktop/timedate1 + interface=org.freedesktop.DBus.Properties + member=GetAll + peer=(name=:*, label=systemd-timedated), + + include if exists diff --git a/apparmor.d/abstractions/bus/wpa-supplicant b/apparmor.d/abstractions/bus/wpa-supplicant new file mode 100644 index 000000000..fd82848c1 --- /dev/null +++ b/apparmor.d/abstractions/bus/wpa-supplicant @@ -0,0 +1,10 @@ +# apparmor.d - Full set of apparmor profiles +# Copyright (C) 2023 Alexandre Pujol +# SPDX-License-Identifier: GPL-2.0-only + + dbus send bus=system path=/fi/w1/wpa_supplicant1 + interface=org.freedesktop.DBus.Properties + member={GetAll,PropertiesChanged} + peer=(name=:*, label=wpa-supplicant), + + include if exists