felipe/apparmor.d
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Profiles update.

Browse source
This commit is contained in:
Alexandre Pujol 2021-10-22 15:01:43 +01:00
parent b91ddfa493
commit aac0a93080
No known key found for this signature in database
GPG key ID: C5469996F0DF68EC
34 changed files with 136 additions and 144 deletions
Download patch file Download diff file Expand all files Collapse all files

1
apparmor.d/groups/gnome/gnome-calendar
View file

@ -12,6 +12,7 @@ profile gnome-calendar @{exec_path} {
include <abstractions/gnome>
include <abstractions/nameservice-strict>
include <abstractions/openssl>
include <abstractions/p11-kit>
include <abstractions/ssl_certs>
network netlink raw,

5
apparmor.d/groups/gnome/gnome-shell
View file

@ -79,10 +79,7 @@ profile gnome-shell @{exec_path} flags=(attach_disconnected) {
owner @{user_share_dirs}/backgrounds/{,**} rw,
owner @{user_share_dirs}/gnome-shell/{,**} rw,
owner @{user_share_dirs}/gnome-shell/extensions/{,**} r,
owner @{user_share_dirs}/gvfs-metadata/home r,
owner @{user_share_dirs}/gvfs-metadata/home-*.log r,
owner @{user_share_dirs}/gvfs-metadata/root r,
owner @{user_share_dirs}/gvfs-metadata/root-*.log r,
owner @{user_share_dirs}/gvfs-metadata/{,*} r,
owner @{user_cache_dirs}/evolution/addressbook/*/PHOTO-*.JPEG r,
owner @{user_cache_dirs}/gnome-photos/{,**} r,

5
apparmor.d/groups/gnome/gnome-system-monitor
View file

@ -30,10 +30,7 @@ profile gnome-system-monitor @{exec_path} flags=(attach_disconnected) {
/usr/share/gnome-system-monitor/{,**} r,
/usr/share/pixmaps/{,**} r,
owner @{user_share_dirs}/gvfs-metadata/home r,
owner @{user_share_dirs}/gvfs-metadata/home-*.log r,
owner @{user_share_dirs}/gvfs-metadata/root r,
owner @{user_share_dirs}/gvfs-metadata/root-*.log r,
owner @{user_share_dirs}/gvfs-metadata/{,*} r,
include <abstractions/dconf>
owner @{run}/user/@{uid}/dconf/ rw,

6
apparmor.d/groups/gnome/nautilus
View file

@ -44,11 +44,17 @@ profile nautilus @{exec_path} flags=(attach_disconnected) {
owner @{PROC}/@{pid}/fd/ r,
owner @{PROC}/@{pid}/mountinfo r,
owner @{PROC}/@{pid}/net/wireless r,
@{PROC}/sys/kernel/random/boot_id r,
@{run}/mount/utab r,
@{run}/systemd/userdb/ r,
@{sys}/devices/**/hwmon/{,name,temp*,fan*} r,
@{sys}/devices/**/hwmon/**/{,name,temp*,fan*} r,
@{sys}/devices/**/hwmon[0-9]*/{,name,temp*,fan*} r,
@{sys}/devices/**/hwmon[0-9]*/**/{,name,temp*,fan*} r,
/dev/tty rw,
/dev/dri/card[0-9]* rw,