From a93400280e22763d8901f26cfdd1eae982c3badc Mon Sep 17 00:00:00 2001 From: EricLin0509 <143688917+EricLin0509@users.noreply.github.com> Date: Wed, 4 Sep 2024 01:29:03 +0800 Subject: [PATCH] Add support for wemeet (#462) * initial support for wemeet * Some small fixes --- apparmor.d/profiles-s-z/wemeet | 63 ++++++++++++++++++++++++++++++++++ 1 file changed, 63 insertions(+) create mode 100644 apparmor.d/profiles-s-z/wemeet diff --git a/apparmor.d/profiles-s-z/wemeet b/apparmor.d/profiles-s-z/wemeet new file mode 100644 index 000000000..e866b5e51 --- /dev/null +++ b/apparmor.d/profiles-s-z/wemeet @@ -0,0 +1,63 @@ +# apparmor.d - Full set of apparmor profiles +# Copyright (C) 2024 EricLin +# SPDX-License-Identifier: GPL-2.0-only + +abi , + +include + +@{exec_path} = @{bin}/wemeet +@{exec_path} += /opt/wemeet/bin/wemeetapp +@{exec_path} += /opt/wemeet/bin/QtWebEngineProcess +profile wemeet @{exec_path} flags=(attach_disconnected) { + include + include + include + include + include + include + include + include + include + + network netlink raw, + network netlink dgram, + network inet stream, + network inet dgram, + network inet6 dgram, + network inet6 stream, + + @{exec_path} mr, + + @{sh_path} r, + @{bin}/basename rix, + @{bin}/bwrap rix, + @{bin}/id rix, + @{bin}/mkdir rix, + /opt/wemeet/bin/** rix, + + /etc/machine-id r, + /var/cache/ w, + + owner @{user_share_dirs}/wemeetapp/ rw, + owner @{user_share_dirs}/wemeetapp/** rwlk -> @{user_share_dirs}/wemeetapp/**, + + @{PROC}/ r, + @{PROC}/asound/ r, + @{PROC}/@{pid}/net/route r, + @{PROC}/@{pid}/net/wireless r, + @{PROC}/@{pid}/stat r, + @{PROC}/@{pid}/statm r, + @{PROC}/sys/fs/inotify/max_user_watches r, + owner @{PROC}/@{pid}/cmdline r, + + /dev/ r, + /dev/tty rw, + /dev/shm/ r, + /dev/pts/@{int} rw, + + include if exists + +} + +# vim:syntax=apparmor