felipe/apparmor.d
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat(profile): add some missing dbus own definition.

Browse source
This commit is contained in:
Alexandre Pujol 2024-03-15 15:03:42 +00:00
parent a6d263d304
commit bdeb62d17d
No known key found for this signature in database
GPG key ID: C5469996F0DF68EC
23 changed files with 49 additions and 43 deletions
Download patch file Download diff file Expand all files Collapse all files

2
apparmor.d/profiles-a-f/blueman-mechanism
View file

@ -21,6 +21,8 @@ profile blueman-mechanism @{exec_path} flags=(attach_disconnected) {
network inet6 stream,
network netlink raw,
# dbus: own bus=system name=org.blueman.Mechanism
@{exec_path} mr,
@{lib}/ r,

2
apparmor.d/profiles-a-f/firewalld
View file

@ -39,6 +39,8 @@ profile firewalld @{exec_path} {
member={changeZoneOfInterface,removeInterface}
peer=(name=:*, label=libvirtd),
# dbus: own bus=system name=org.fedoraproject.FirewallD1
@{exec_path} mr,
@{bin}/ r,

3
apparmor.d/profiles-a-f/flatpak-oci-authenticator
View file

@ -9,6 +9,9 @@ include <tunables/global>
@{exec_path} = @{lib}/flatpak-oci-authenticator
profile flatpak-oci-authenticator @{exec_path} {
include <abstractions/base>
include <abstractions/bus-session>
# dbus: own bus=session name=org.flatpak.Authenticator.Oci
@{exec_path} mr,

3
apparmor.d/profiles-a-f/flatpak-portal
View file

@ -9,6 +9,7 @@ include <tunables/global>
@{exec_path} = @{lib}/flatpak-portal
profile flatpak-portal @{exec_path} flags=(attach_disconnected) {
include <abstractions/base>
include <abstractions/bus-session>
include <abstractions/nameservice-strict>
capability sys_ptrace,
@ -19,6 +20,8 @@ profile flatpak-portal @{exec_path} flags=(attach_disconnected) {
signal send,
# dbus: own bus=session name=org.freedesktop.portal.Flatpak
@{exec_path} mr,
@{bin}/flatpak rPx,

3
apparmor.d/profiles-a-f/flatpak-session-helper
View file

@ -9,12 +9,15 @@ include <tunables/global>
@{exec_path} = @{lib}/flatpak-session-helper
profile flatpak-session-helper @{exec_path} flags=(attach_disconnected) {
include <abstractions/base>
include <abstractions/bus-session>
include <abstractions/nameservice-strict>
include <abstractions/p11-kit>
include <abstractions/ssl_certs>
signal (send) set=(int) peer=@{systemd},
# dbus: own bus=session name=org.freedesktop.Flatpak
@{exec_path} mr,
@{bin}/dbus-monitor rPUx,

2
apparmor.d/profiles-a-f/flatpak-system-helper
View file

@ -24,6 +24,8 @@ profile flatpak-system-helper @{exec_path} {
ptrace (read),
# dbus: own bus=system name=org.freedesktop.Flatpak.SystemHelper
@{exec_path} mr,
@{bin}/bwrap rPUx,