felipe/apparmor.d
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat(profile): general update.

Browse source
This commit is contained in:
Alexandre Pujol 2023-12-17 17:39:56 +00:00
parent ee328f727b
commit a46dfaad61
No known key found for this signature in database
GPG key ID: C5469996F0DF68EC
17 changed files with 59 additions and 80 deletions
Download patch file Download diff file Expand all files Collapse all files

3
apparmor.d/groups/gnome/epiphany-search-provider
View file

@ -36,6 +36,9 @@ profile epiphany-search-provider @{exec_path} {
owner @{user_cache_dirs}/epiphany/{,**} rwk,
owner @{user_share_dirs}/epiphany/{,**} rwk,
owner /tmp/ContentRuleList@{rand6} rw,
owner /tmp/Serialized* rw,
@{sys}/devices/virtual/dmi/id/chassis_type r,
@{sys}/fs/cgroup/user.slice/user-@{uid}.slice/user@@{uid}.service/session.slice/dbus.service/memory.* r,

3
apparmor.d/groups/gnome/gdm
View file

@ -65,8 +65,7 @@ profile gdm @{exec_path} flags=(attach_disconnected) {
@{run}/gdm{3,}/gdm.pid rw,
@{run}/gdm{3,}/greeter/ rw,
@{run}/systemd/seats/seat@{int} r,
@{run}/systemd/sessions/* r,
@{run}/systemd/sessions/*.ref r,
@{run}/systemd/sessions/* r,
@{run}/systemd/users/@{uid} r,
@{run}/udev/data/+drm:card[0-9]-* r, # for screen outputs

3
apparmor.d/groups/gnome/gdm-generate-config
View file

@ -31,6 +31,9 @@ profile gdm-generate-config @{exec_path} {
/var/lib/ r,
/var/lib/gdm{3,}/{,**} r,
/var/lib/gdm{3,}/greeter-dconf-defaults rw,
/var/lib/gdm{3,}/greeter-dconf-defaults.@{rand6} w,
@{PROC}/ r,
@{PROC}/@{pid}/cgroup r,
@{PROC}/@{pid}/cmdline r,

11
apparmor.d/groups/gnome/gnome-contacts
View file

@ -9,6 +9,10 @@ include <tunables/global>
@{exec_path} = @{bin}/gnome-contacts
profile gnome-contacts @{exec_path} {
include <abstractions/base>
include <abstractions/bus-accessibility>
include <abstractions/bus-session>
include <abstractions/bus/org.a11y>
include <abstractions/bus/org.freedesktop.portal.Desktop>
include <abstractions/dconf-write>
include <abstractions/dri-common>
include <abstractions/dri-enumerate>
@ -23,9 +27,12 @@ profile gnome-contacts @{exec_path} {
network netlink raw,
@{exec_path} mr,
# dbus: own bus=session name=org.gnome.Contacts
/usr/share/applications/{,*.desktop} r,
# dbus: talk bus=session name=org.gnome.evolution.dataserver.AddressBookFactory label=evolution-addressbook-factory
# dbus: talk bus=session name=org.gnome.evolution.dataserver.Source label=evolution-source-registry
@{exec_path} mr,
owner @{user_cache_dirs}/evolution/addressbook/{,**} r,
owner @{user_config_dirs}/gnome-contacts/{,**} rw,