diff --git a/apparmor.d/groups/lxqt/lxqt-panel b/apparmor.d/groups/lxqt/lxqt-panel index 5fff9aaff..afe5e0e52 100644 --- a/apparmor.d/groups/lxqt/lxqt-panel +++ b/apparmor.d/groups/lxqt/lxqt-panel @@ -3,42 +3,33 @@ # Copyright (C) 2024 Besanon # SPDX-License-Identifier: GPL-2.0-only -#include +abi , + +include @{exec_path} = @{bin}/lxqt-panel -profile lxqt-panel @{exec_path} { +profile lxqt-panel @{exec_path} flags=(complain) { include - include + include include include include include +# network inet raw, +# network inet6 raw, + network inet dgram, + network inet stream, + network netlink raw, + network packet dgram, + @{exec_path} mr, @{bin}/exo-open rix, @{bin}/nm-connection-editor rPx, @{bin}/xdg-open rPx, - @{bin}/obconf-qt rPx, @{bin}/ControlPanel rPx, - @{bin}/lxqt-admin-user rPx, - @{bin}/lxqt-admin-user-helper rPx, - @{bin}/lxqt-archiver rPx, - @{bin}/lxqt-config rPx, - @{bin}/lxqt-config-session rPx, - @{bin}/lxqt-config-input rPx, - @{bin}/lxqt-config-monitor rPx, - @{bin}/lxqt-config-appearance rPx, - @{bin}/lxqt-config-locate rPx, - @{bin}/lxqt-monitor rPx, - @{bin}/lxqt-notificationd rPx, - @{bin}/lxqt-powermanagement rPx, - @{bin}/lxqt-session rPx, - @{bin}/lxqt-monitor rPx, - @{bin}/lxqt-leave rPx, - @{bin}/lxqt-about rPx, - @{bin}/lxqt-openssh-askpass rPx, /usr/lib{,32,64}/lxqt-panel/*.so mr, # LXQT-Plugins /usr/lib{,32,64}/lxqt-config/*.so mr, # LXQT-Plugins @@ -73,8 +64,6 @@ profile lxqt-panel @{exec_path} { @{sys}/devices/system/cpu/cpufreq/policy@{int}/scaling_{cur,min,max}_freq r, @{sys}/class/i2c-adapter/ r, - @{sys}/devices/@{pci_bus}/{,**} r, - @{sys}/devices/@{pci_bus}/**/**/** r, @{PROC}/@{pid}/fd/ r, @{PROC}/@{pid}/net/dev r, @@ -85,5 +74,6 @@ profile lxqt-panel @{exec_path} { /dev/pts/[0-9]* rw, /dev/snd/controlC[0-9]* rw, + include if exists }