From acdea14dcd5df56701c85091eb964459946f1c71 Mon Sep 17 00:00:00 2001 From: Besanon Date: Wed, 5 Jun 2024 16:09:26 +0200 Subject: [PATCH] Create qpdfview --- apparmor.d/groups/lxqt/qpdfview | 67 +++++++++++++++++++++++++++++++++ 1 file changed, 67 insertions(+) create mode 100644 apparmor.d/groups/lxqt/qpdfview diff --git a/apparmor.d/groups/lxqt/qpdfview b/apparmor.d/groups/lxqt/qpdfview new file mode 100644 index 000000000..52db55810 --- /dev/null +++ b/apparmor.d/groups/lxqt/qpdfview @@ -0,0 +1,67 @@ +# apparmor.d - Full set of apparmor profiles +# Copyright (C) 2023-2024 Alexandre Pujol +# Copyright (C) 2024 Besanon +# SPDX-License-Identifier: GPL-2.0-only + +abi , + +include + +@{exec_path} = @{bin}/qpdfview +profile qpdfview @{exec_path} { + include + include + include + include + include + include + include + include + include + include + + @{exec_path} mr, + + # For PDF's internal compression + @{bin}/gzip rix, + @{bin}/bzip2 rix, + @{bin}/xz rix, + + @{lib}/firefox/firefox rPUx, + @{open_path} rPx -> child-open, + + /usr/share/poppler/** r, + /usr/share/qt5ct/** r, + /usr/share/djvu/** r, + /usr/share/icu/73.2/icudt73l.dat r, + + /etc/fstab r, + /etc/machine-id r, + + /var/lib/dbus/machine-id r, + + owner @{HOME}/ r, + owner @{user_documents_dirs}/{,**} rw, + owner @{user_books_dirs}/{,**} rw, + owner @{user_torrents_dirs}/{,**} rw, + owner @{user_work_dirs}/{,**} rw, + + owner @{user_config_dirs}/qpdfview/ rw, + owner @{user_config_dirs}/qpdfview/* rwkl -> @{user_config_dirs}/qpdfview/#@{int}, + + owner @{user_share_dirs}/qpdfview/ rw, + owner @{user_share_dirs}/qpdfview/** rwk, + + owner @{user_config_dirs}/qt5ct/{,**} r, + + owner /tmp/@{hex} rw, + owner /tmp/#@{int} rw, + owner /tmp/qpdfview.*.pdf rwl -> /tmp/#@{int}, + + owner /dev/shm/#@{int} rw, + owner /dev/tty@{int} rw, + + include if exists +} + +