feat(dbus): add new dbus abstraction

2023-12-05 20:30:34 +00:00 · 2023-12-05 20:30:34 +00:00 · 95b62568b1
commit 95b62568b1
parent 94ff73c51b
5 changed files with 70 additions and 0 deletions
--- a/apparmor.d/abstractions/bus/avahi
+++ b/apparmor.d/abstractions/bus/avahi
@ -0,0 +1,25 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2023 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
  dbus send bus=system path=/
       interface=org.freedesktop.DBus.Peer
       member=Ping
       peer=(name=org.freedesktop.Avahi, label=avahi-daemon),
  dbus send bus=system path=/
       interface=org.freedesktop.Avahi.Server
       member={GetAPIVersion,GetState,Service*New}
       peer=(name=org.freedesktop.Avahi, label=avahi-daemon),
  dbus send bus=system path=/Client@{int}/ServiceBrowser@{int}
       interface=org.freedesktop.Avahi.ServiceBrowser
       member=Free
       peer=(name=org.freedesktop.Avahi, label=avahi-daemon),
  dbus receive bus=system path=/Client@{int}/ServiceBrowser@{int}
       interface=org.freedesktop.Avahi.ServiceBrowser
       member={ItemNew,AllForNow,CacheExhausted}
       peer=(name=:*, label=avahi-daemon),
  include if exists <abstractions/bus/avahi.d>
--- a/apparmor.d/abstractions/bus/bluetooth
+++ b/apparmor.d/abstractions/bus/bluetooth
@ -0,0 +1,10 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2023 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
  dbus receive bus=system path=/org/bluez/hci@{int}{,/**}
       interface=org.freedesktop.DBus.Properties
       member=PropertiesChanged
       peer=(name=:*, label=bluetoothd),
  include if exists <abstractions/bus/bluetooth.d>
--- a/apparmor.d/abstractions/bus/modem-manager
+++ b/apparmor.d/abstractions/bus/modem-manager
@ -0,0 +1,15 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2023 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
  dbus send bus=system path=/org/freedesktop/ModemManager1
       interface=org.freedesktop.DBus.ObjectManager
       member=GetManagedObjects
       peer=(name=:*, label=ModemManager),
  dbus send bus=system path=/org/freedesktop/ModemManager1
       interface=org.freedesktop.DBus.Properties
       member=GetAll
       peer=(name=:*, label=ModemManager),
  include if exists <abstractions/bus/modem-manager.d>
--- a/apparmor.d/abstractions/bus/timedate
+++ b/apparmor.d/abstractions/bus/timedate
@ -0,0 +1,10 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2023 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
  dbus send bus=system path=/org/freedesktop/timedate1
       interface=org.freedesktop.DBus.Properties
       member=GetAll
       peer=(name=:*, label=systemd-timedated),
  include if exists <abstractions/bus/timedate.d>
--- a/apparmor.d/abstractions/bus/wpa-supplicant
+++ b/apparmor.d/abstractions/bus/wpa-supplicant
@ -0,0 +1,10 @@
 # apparmor.d - Full set of apparmor profiles
 # Copyright (C) 2023 Alexandre Pujol <alexandre@pujol.io>
 # SPDX-License-Identifier: GPL-2.0-only
  dbus send bus=system path=/fi/w1/wpa_supplicant1
       interface=org.freedesktop.DBus.Properties
       member={GetAll,PropertiesChanged}
       peer=(name=:*, label=wpa-supplicant),
  include if exists <abstractions/bus/wpa-supplicant.d>