feat(profiles): general update.
This commit is contained in:
Alexandre Pujol
parent
a3d121fe23
commit
af1eda51bd
27 changed files with 107 additions and 94 deletions
|
|
@ -38,17 +38,17 @@ profile firefox @{exec_path} flags=(attach_disconnected) {
|
|||
capability sys_chroot, # If kernel.unprivileged_userns_clone = 1
|
||||
capability sys_ptrace,
|
||||
|
||||
ptrace peer=@{profile_name},
|
||||
|
||||
signal (send) set=(term, kill) peer=keepassxc-proxy,
|
||||
signal (send) set=(term, kill) peer=firefox-*,
|
||||
|
||||
network inet dgram,
|
||||
network inet6 dgram,
|
||||
network inet stream,
|
||||
network inet6 stream,
|
||||
network netlink raw,
|
||||
|
||||
ptrace peer=@{profile_name},
|
||||
|
||||
signal (send) set=(term, kill) peer=keepassxc-proxy,
|
||||
signal (send) set=(term, kill) peer=firefox-*,
|
||||
|
||||
dbus send bus=session path=/org/freedesktop/DBus
|
||||
interface=org.freedesktop.DBus
|
||||
member={RequestName,ReleaseName}
|
||||
|
|
@ -199,6 +199,7 @@ profile firefox @{exec_path} flags=(attach_disconnected) {
|
|||
|
||||
owner @{firefox_config_dirs}/ rw,
|
||||
owner @{firefox_config_dirs}/{extensions,systemextensionsdev}/ rw,
|
||||
owner @{firefox_config_dirs}/extensions/\{*\}/ r,
|
||||
owner @{firefox_config_dirs}/firefox/ rw,
|
||||
owner @{firefox_config_dirs}/firefox/*/ rw,
|
||||
owner @{firefox_config_dirs}/firefox/*/** rwk,
|
||||
|
|
|
|||
|
|
@ -26,6 +26,8 @@ profile firefox-glxtest @{exec_path} {
|
|||
|
||||
owner /tmp/firefox/.parentlock rw,
|
||||
|
||||
owner @{run}/user/@{uid}/xauth_?????? r,
|
||||
|
||||
@{sys}/bus/pci/devices/ r,
|
||||
@{sys}/devices/pci[0-9]*/**/class r,
|
||||
|
||||
|
|
|
|||
|
|
@ -10,6 +10,7 @@ include <tunables/global>
|
|||
profile firefox-kmozillahelper @{exec_path} {
|
||||
include <abstractions/base>
|
||||
include <abstractions/dri-common>
|
||||
include <abstractions/dri-enumerate>
|
||||
include <abstractions/fonts>
|
||||
include <abstractions/freedesktop.org>
|
||||
include <abstractions/mesa>
|
||||
|
|
@ -36,6 +37,7 @@ profile firefox-kmozillahelper @{exec_path} {
|
|||
owner @{user_config_dirs}/kdedefaults/kdeglobals r,
|
||||
owner @{user_config_dirs}/kdedefaults/kwinrc r,
|
||||
owner @{user_config_dirs}/kdeglobals r,
|
||||
owner @{user_config_dirs}/kmozillahelperrc r,
|
||||
owner @{user_config_dirs}/kwinrc r,
|
||||
|
||||
owner @{run}/user/@{uid}/xauth_* rl,
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue