felipe/apparmor.d
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat(profiles): improve x11 integraion.

Browse source
This commit is contained in:
Alexandre Pujol 2022-12-09 18:53:18 +00:00
parent dd232695d3
commit ac25454f02
No known key found for this signature in database
GPG key ID: C5469996F0DF68EC
9 changed files with 31 additions and 14 deletions
Download patch file Download diff file Expand all files Collapse all files

3
apparmor.d/profiles-s-z/steam
View file

@ -136,6 +136,7 @@ profile steam @{exec_path} {
owner @{user_share_dirs}/vulkan/implicit_layer.d/steam*.json rwk,
owner @{run}/user/@{uid}/.mutter-Xwaylandauth.[0-9A-Z]* rw,
owner @{run}/user/@{uid}/gdm/Xauthority r,
owner /dev/shm/#[0-9]* rw,
owner /dev/shm/fossilize-*-[0-9]*-[0-9]* rw,
@ -198,6 +199,7 @@ profile steam @{exec_path} {
@{PROC}/version r,
owner @{PROC}/@{pid}/autogroup rw,
owner @{PROC}/@{pid}/cmdline rk,
owner @{PROC}/@{pid}/environ r,
owner @{PROC}/@{pid}/fd/ r,
owner @{PROC}/@{pid}/mounts r,
owner @{PROC}/@{pid}/oom_score_adj w,
@ -210,6 +212,7 @@ profile steam @{exec_path} {
/dev/input/event[0-9]* r,
/dev/tty rw,
/dev/uinput w,
/dev/video[0-9]* rw,
audit deny /**.steam_exec_test.sh rw,
deny owner @{user_share_dirs}/gvfs-metadata/{,*} r,

1
apparmor.d/profiles-s-z/steam-game
View file

@ -170,6 +170,7 @@ profile steam-game @{exec_path} flags=(attach_disconnected) {
owner @{run}/pressure-vessel/{,**} rw,
owner @{run}/user/@{uid}/ r,
owner @{run}/user/@{uid}/.mutter-Xwaylandauth.[0-9A-Z]* rw,
owner @{run}/user/@{uid}/gdm/Xauthority r,
owner @{run}/user/@{uid}/orcexec.* mrw, # gstreamer
owner /dev/shm/#[0-9]* rw,

1
apparmor.d/profiles-s-z/steam-gameoverlayui
View file

@ -40,6 +40,7 @@ profile steam-gameoverlayui @{exec_path} {
owner @{user_share_dirs}/Steam/userdata/[0-9]*/{,**} rk,
owner @{run}/user/@{uid}/.mutter-Xwaylandauth.[0-9A-Z]* rw,
owner @{run}/user/@{uid}/gdm/Xauthority r,
owner /dev/shm/u@{uid}-Shm_@{hex} rw,
owner /dev/shm/u@{uid}-ValveIPCSharedObj-* rwk,