From e362aa91079c6b1f9591b5a8afb3a99c5daa4c34 Mon Sep 17 00:00:00 2001 From: REmerald <55359236+REmerald@users.noreply.github.com> Date: Sun, 9 Jun 2024 19:44:15 +0300 Subject: [PATCH 01/52] feat(profiles-m-r): vim syntax support Add vim modeline instructing the editor to use the syntax plugin provided by apparmor. --- apparmor.d/profiles-m-r/macchanger | 1 + apparmor.d/profiles-m-r/man | 1 + apparmor.d/profiles-m-r/mandb | 1 + apparmor.d/profiles-m-r/mate-notification-daemon | 1 + apparmor.d/profiles-m-r/mdevctl | 1 + apparmor.d/profiles-m-r/mediainfo | 1 + apparmor.d/profiles-m-r/mediainfo-gui | 1 + apparmor.d/profiles-m-r/megasync | 1 + apparmor.d/profiles-m-r/memtester | 1 + apparmor.d/profiles-m-r/merkaartor | 1 + apparmor.d/profiles-m-r/metadata-cleaner | 1 + apparmor.d/profiles-m-r/mimetype | 1 + apparmor.d/profiles-m-r/minitube | 1 + apparmor.d/profiles-m-r/mission-control | 1 + apparmor.d/profiles-m-r/mke2fs | 1 + apparmor.d/profiles-m-r/mkfs-btrfs | 1 + apparmor.d/profiles-m-r/mkfs-fat | 1 + apparmor.d/profiles-m-r/mkinitramfs | 1 + apparmor.d/profiles-m-r/mkntfs | 1 + apparmor.d/profiles-m-r/mkswap | 1 + apparmor.d/profiles-m-r/mkvmerge | 1 + apparmor.d/profiles-m-r/mkvtoolnix-gui | 1 + apparmor.d/profiles-m-r/mlocate | 1 + apparmor.d/profiles-m-r/modprobed-db | 1 + apparmor.d/profiles-m-r/molly-guard | 1 + apparmor.d/profiles-m-r/monitorix | 1 + apparmor.d/profiles-m-r/mono-sgen | 1 + apparmor.d/profiles-m-r/mount | 1 + apparmor.d/profiles-m-r/mount-cifs | 1 + apparmor.d/profiles-m-r/mount-nfs | 1 + apparmor.d/profiles-m-r/mount-zfs | 1 + apparmor.d/profiles-m-r/mpd | 1 + apparmor.d/profiles-m-r/mpsyt | 1 + apparmor.d/profiles-m-r/mpv | 1 + apparmor.d/profiles-m-r/mtools | 1 + apparmor.d/profiles-m-r/mtr | 1 + apparmor.d/profiles-m-r/mtr-packet | 1 + apparmor.d/profiles-m-r/mullvad-setup | 1 + apparmor.d/profiles-m-r/multipath | 1 + apparmor.d/profiles-m-r/multipathd | 1 + apparmor.d/profiles-m-r/mumble | 1 + apparmor.d/profiles-m-r/mumble-overlay | 1 + apparmor.d/profiles-m-r/murmurd | 1 + apparmor.d/profiles-m-r/mutt | 1 + apparmor.d/profiles-m-r/needrestart | 1 + apparmor.d/profiles-m-r/needrestart-apt-pinvoke | 1 + apparmor.d/profiles-m-r/needrestart-dpkg-status | 1 + apparmor.d/profiles-m-r/needrestart-iucode-scan-versions | 1 + apparmor.d/profiles-m-r/nemo | 1 + apparmor.d/profiles-m-r/netcap | 1 + apparmor.d/profiles-m-r/nethogs | 1 + apparmor.d/profiles-m-r/netstat | 1 + apparmor.d/profiles-m-r/newgidmap | 1 + apparmor.d/profiles-m-r/newgrp | 1 + apparmor.d/profiles-m-r/newuidmap | 1 + apparmor.d/profiles-m-r/nfsdcld | 1 + apparmor.d/profiles-m-r/nft | 1 + apparmor.d/profiles-m-r/nmap | 1 + apparmor.d/profiles-m-r/nologin | 1 + apparmor.d/profiles-m-r/nslookup | 1 + apparmor.d/profiles-m-r/ntfs-3g | 1 + apparmor.d/profiles-m-r/ntfs-3g-probe | 1 + apparmor.d/profiles-m-r/ntfscat | 1 + apparmor.d/profiles-m-r/ntfsclone | 1 + apparmor.d/profiles-m-r/ntfscluster | 1 + apparmor.d/profiles-m-r/ntfscmp | 1 + apparmor.d/profiles-m-r/ntfscp | 1 + apparmor.d/profiles-m-r/ntfsdecrypt | 1 + apparmor.d/profiles-m-r/ntfsfallocate | 1 + apparmor.d/profiles-m-r/ntfsfix | 1 + apparmor.d/profiles-m-r/ntfsinfo | 1 + apparmor.d/profiles-m-r/ntfslabel | 1 + apparmor.d/profiles-m-r/ntfsls | 1 + apparmor.d/profiles-m-r/ntfsmove | 1 + apparmor.d/profiles-m-r/ntfsrecover | 1 + apparmor.d/profiles-m-r/ntfsresize | 1 + apparmor.d/profiles-m-r/ntfssecaudit | 1 + apparmor.d/profiles-m-r/ntfstruncate | 1 + apparmor.d/profiles-m-r/ntfsundelete | 1 + apparmor.d/profiles-m-r/ntfsusermap | 1 + apparmor.d/profiles-m-r/ntfswipe | 1 + apparmor.d/profiles-m-r/nullmailer-send | 1 + apparmor.d/profiles-m-r/numlockx | 1 + apparmor.d/profiles-m-r/nvidia-detector | 1 + apparmor.d/profiles-m-r/nvidia-persistenced | 1 + apparmor.d/profiles-m-r/nvidia-settings | 1 + apparmor.d/profiles-m-r/nvtop | 1 + apparmor.d/profiles-m-r/obamenu | 1 + apparmor.d/profiles-m-r/obconf | 1 + apparmor.d/profiles-m-r/obex-folder-listing | 1 + apparmor.d/profiles-m-r/obexautofs | 1 + apparmor.d/profiles-m-r/obexctl | 1 + apparmor.d/profiles-m-r/obexd | 1 + apparmor.d/profiles-m-r/obexfs | 1 + apparmor.d/profiles-m-r/obexpush-atd | 1 + apparmor.d/profiles-m-r/obexpushd | 1 + apparmor.d/profiles-m-r/obxprop | 1 + apparmor.d/profiles-m-r/on-ac-power | 1 + apparmor.d/profiles-m-r/onefetch | 1 + apparmor.d/profiles-m-r/openbox | 1 + apparmor.d/profiles-m-r/openbox-session | 1 + apparmor.d/profiles-m-r/orage | 1 + apparmor.d/profiles-m-r/os-prober | 1 + apparmor.d/profiles-m-r/packagekitd | 1 + apparmor.d/profiles-m-r/pacmd | 1 + apparmor.d/profiles-m-r/pactl | 1 + apparmor.d/profiles-m-r/pagesize | 1 + apparmor.d/profiles-m-r/pam-auth-update | 1 + apparmor.d/profiles-m-r/pam-tmpdir-helper | 1 + apparmor.d/profiles-m-r/pam/mappings | 1 + apparmor.d/profiles-m-r/parted | 1 + apparmor.d/profiles-m-r/partprobe | 1 + apparmor.d/profiles-m-r/pass | 1 + apparmor.d/profiles-m-r/pass-import | 1 + apparmor.d/profiles-m-r/passimd | 1 + apparmor.d/profiles-m-r/passwd | 1 + apparmor.d/profiles-m-r/pavucontrol | 1 + apparmor.d/profiles-m-r/pcb-gtk | 1 + apparmor.d/profiles-m-r/pcscd | 1 + apparmor.d/profiles-m-r/picom | 1 + apparmor.d/profiles-m-r/pidof | 1 + apparmor.d/profiles-m-r/pinentry | 1 + apparmor.d/profiles-m-r/pinentry-curses | 1 + apparmor.d/profiles-m-r/pinentry-gnome3 | 1 + apparmor.d/profiles-m-r/pinentry-gtk-2 | 1 + apparmor.d/profiles-m-r/pinentry-kwallet | 1 + apparmor.d/profiles-m-r/pinentry-qt | 1 + apparmor.d/profiles-m-r/pkcs11-register | 1 + apparmor.d/profiles-m-r/pkexec | 1 + apparmor.d/profiles-m-r/pkttyagent | 1 + apparmor.d/profiles-m-r/plank | 1 + apparmor.d/profiles-m-r/plocate | 1 + apparmor.d/profiles-m-r/plocate-build | 1 + apparmor.d/profiles-m-r/popularity-contest | 1 + apparmor.d/profiles-m-r/power-profiles-daemon | 1 + apparmor.d/profiles-m-r/protonmail-bridge | 1 + apparmor.d/profiles-m-r/ps | 1 + apparmor.d/profiles-m-r/ps-mem | 1 + apparmor.d/profiles-m-r/pscap | 1 + apparmor.d/profiles-m-r/psi | 1 + apparmor.d/profiles-m-r/psi-plus | 1 + apparmor.d/profiles-m-r/pstree | 1 + apparmor.d/profiles-m-r/pulseeffects | 1 + apparmor.d/profiles-m-r/pwck | 1 + apparmor.d/profiles-m-r/qbittorrent | 1 + apparmor.d/profiles-m-r/qbittorrent-nox | 1 + apparmor.d/profiles-m-r/qemu-ga | 1 + apparmor.d/profiles-m-r/qnapi | 1 + apparmor.d/profiles-m-r/qpdfview | 1 + apparmor.d/profiles-m-r/qt5ct | 1 + apparmor.d/profiles-m-r/qtchooser | 1 + apparmor.d/profiles-m-r/qtox | 1 + apparmor.d/profiles-m-r/quiterss | 1 + apparmor.d/profiles-m-r/rdmsr | 1 + apparmor.d/profiles-m-r/remmina | 1 + apparmor.d/profiles-m-r/repo | 1 + apparmor.d/profiles-m-r/reprepro | 1 + apparmor.d/profiles-m-r/resize2fs | 1 + apparmor.d/profiles-m-r/resolvconf | 1 + apparmor.d/profiles-m-r/rfkill | 1 + apparmor.d/profiles-m-r/rngd | 1 + apparmor.d/profiles-m-r/rpi-imager | 1 + apparmor.d/profiles-m-r/rredtool | 1 + apparmor.d/profiles-m-r/rsyslogd | 1 + apparmor.d/profiles-m-r/rtkit-daemon | 1 + apparmor.d/profiles-m-r/rtkitctl | 1 + apparmor.d/profiles-m-r/run-parts | 1 + apparmor.d/profiles-m-r/runuser | 1 + apparmor.d/profiles-m-r/rustdesk | 1 + apparmor.d/profiles-m-r/rustdesk-utils | 1 + 170 files changed, 170 insertions(+) diff --git a/apparmor.d/profiles-m-r/macchanger b/apparmor.d/profiles-m-r/macchanger index 7f0d334eb..456e7faf2 100644 --- a/apparmor.d/profiles-m-r/macchanger +++ b/apparmor.d/profiles-m-r/macchanger @@ -2,6 +2,7 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/man b/apparmor.d/profiles-m-r/man index c85b5e1d1..721bb28f4 100644 --- a/apparmor.d/profiles-m-r/man +++ b/apparmor.d/profiles-m-r/man @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/mandb b/apparmor.d/profiles-m-r/mandb index 74cef2862..8ed3f6a61 100644 --- a/apparmor.d/profiles-m-r/mandb +++ b/apparmor.d/profiles-m-r/mandb @@ -2,6 +2,7 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/mate-notification-daemon b/apparmor.d/profiles-m-r/mate-notification-daemon index 7d3ea0192..e40102814 100644 --- a/apparmor.d/profiles-m-r/mate-notification-daemon +++ b/apparmor.d/profiles-m-r/mate-notification-daemon @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/mdevctl b/apparmor.d/profiles-m-r/mdevctl index 4f1c54ac1..eefbd4f64 100644 --- a/apparmor.d/profiles-m-r/mdevctl +++ b/apparmor.d/profiles-m-r/mdevctl @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/mediainfo b/apparmor.d/profiles-m-r/mediainfo index bd1d1e41a..aa740e696 100644 --- a/apparmor.d/profiles-m-r/mediainfo +++ b/apparmor.d/profiles-m-r/mediainfo @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/mediainfo-gui b/apparmor.d/profiles-m-r/mediainfo-gui index 4315a8157..79230046e 100644 --- a/apparmor.d/profiles-m-r/mediainfo-gui +++ b/apparmor.d/profiles-m-r/mediainfo-gui @@ -2,6 +2,7 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/megasync b/apparmor.d/profiles-m-r/megasync index bf26a1aa8..3f7712847 100644 --- a/apparmor.d/profiles-m-r/megasync +++ b/apparmor.d/profiles-m-r/megasync @@ -2,6 +2,7 @@ # Copyright (C) 2015-2020 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/memtester b/apparmor.d/profiles-m-r/memtester index e25c98180..1ce609815 100644 --- a/apparmor.d/profiles-m-r/memtester +++ b/apparmor.d/profiles-m-r/memtester @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/merkaartor b/apparmor.d/profiles-m-r/merkaartor index 6cd06a019..b9613ec2d 100644 --- a/apparmor.d/profiles-m-r/merkaartor +++ b/apparmor.d/profiles-m-r/merkaartor @@ -2,6 +2,7 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/metadata-cleaner b/apparmor.d/profiles-m-r/metadata-cleaner index 63bea0ac2..f9d4adb05 100644 --- a/apparmor.d/profiles-m-r/metadata-cleaner +++ b/apparmor.d/profiles-m-r/metadata-cleaner @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/mimetype b/apparmor.d/profiles-m-r/mimetype index e65d07613..a22f19c6a 100644 --- a/apparmor.d/profiles-m-r/mimetype +++ b/apparmor.d/profiles-m-r/mimetype @@ -2,6 +2,7 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/minitube b/apparmor.d/profiles-m-r/minitube index 3eecbb2bb..0e6379cf0 100644 --- a/apparmor.d/profiles-m-r/minitube +++ b/apparmor.d/profiles-m-r/minitube @@ -2,6 +2,7 @@ # Copyright (C) 2015-2020 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/mission-control b/apparmor.d/profiles-m-r/mission-control index b36117459..dc5c1c0db 100644 --- a/apparmor.d/profiles-m-r/mission-control +++ b/apparmor.d/profiles-m-r/mission-control @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/mke2fs b/apparmor.d/profiles-m-r/mke2fs index 4fc5c9d08..92805e83a 100644 --- a/apparmor.d/profiles-m-r/mke2fs +++ b/apparmor.d/profiles-m-r/mke2fs @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/mkfs-btrfs b/apparmor.d/profiles-m-r/mkfs-btrfs index 48ba79bac..9e85623e6 100644 --- a/apparmor.d/profiles-m-r/mkfs-btrfs +++ b/apparmor.d/profiles-m-r/mkfs-btrfs @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/mkfs-fat b/apparmor.d/profiles-m-r/mkfs-fat index 68fc2aaae..bdc5c4a78 100644 --- a/apparmor.d/profiles-m-r/mkfs-fat +++ b/apparmor.d/profiles-m-r/mkfs-fat @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/mkinitramfs b/apparmor.d/profiles-m-r/mkinitramfs index 304b5834f..9ceb83627 100644 --- a/apparmor.d/profiles-m-r/mkinitramfs +++ b/apparmor.d/profiles-m-r/mkinitramfs @@ -3,6 +3,7 @@ # Copyright (C) 2022-2024 Alexandre Pujol # Copyright (C) 2022 Jeroen Rijken # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/mkntfs b/apparmor.d/profiles-m-r/mkntfs index ee6153a83..01bb1dbaf 100644 --- a/apparmor.d/profiles-m-r/mkntfs +++ b/apparmor.d/profiles-m-r/mkntfs @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/mkswap b/apparmor.d/profiles-m-r/mkswap index 81cd835b1..74d2f54ac 100644 --- a/apparmor.d/profiles-m-r/mkswap +++ b/apparmor.d/profiles-m-r/mkswap @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/mkvmerge b/apparmor.d/profiles-m-r/mkvmerge index 7350d7b7f..7973a192f 100644 --- a/apparmor.d/profiles-m-r/mkvmerge +++ b/apparmor.d/profiles-m-r/mkvmerge @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/mkvtoolnix-gui b/apparmor.d/profiles-m-r/mkvtoolnix-gui index 63a978baf..8bdcd7e15 100644 --- a/apparmor.d/profiles-m-r/mkvtoolnix-gui +++ b/apparmor.d/profiles-m-r/mkvtoolnix-gui @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/mlocate b/apparmor.d/profiles-m-r/mlocate index 6d2d33c9e..21c82bedb 100644 --- a/apparmor.d/profiles-m-r/mlocate +++ b/apparmor.d/profiles-m-r/mlocate @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/modprobed-db b/apparmor.d/profiles-m-r/modprobed-db index 9e84ee501..89b7800d8 100644 --- a/apparmor.d/profiles-m-r/modprobed-db +++ b/apparmor.d/profiles-m-r/modprobed-db @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/molly-guard b/apparmor.d/profiles-m-r/molly-guard index c6eb2a2ac..c50aa8469 100644 --- a/apparmor.d/profiles-m-r/molly-guard +++ b/apparmor.d/profiles-m-r/molly-guard @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/monitorix b/apparmor.d/profiles-m-r/monitorix index 88699a37b..827ff6d01 100644 --- a/apparmor.d/profiles-m-r/monitorix +++ b/apparmor.d/profiles-m-r/monitorix @@ -2,6 +2,7 @@ # Copyright (C) 2022 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/mono-sgen b/apparmor.d/profiles-m-r/mono-sgen index 72891c7bf..d676f9911 100644 --- a/apparmor.d/profiles-m-r/mono-sgen +++ b/apparmor.d/profiles-m-r/mono-sgen @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/mount b/apparmor.d/profiles-m-r/mount index 7c48c4d85..19c2b036a 100644 --- a/apparmor.d/profiles-m-r/mount +++ b/apparmor.d/profiles-m-r/mount @@ -3,6 +3,7 @@ # Copyright (C) 2022-2024 Alexandre Pujol # Copyright (C) 2022 Jeroen Rijken # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/mount-cifs b/apparmor.d/profiles-m-r/mount-cifs index 94a523e8f..5b3e2c0a4 100644 --- a/apparmor.d/profiles-m-r/mount-cifs +++ b/apparmor.d/profiles-m-r/mount-cifs @@ -2,6 +2,7 @@ # Copyright (C) 2020-2022 Mikhail Morfikov # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/mount-nfs b/apparmor.d/profiles-m-r/mount-nfs index 9e7a488d4..7a647d730 100644 --- a/apparmor.d/profiles-m-r/mount-nfs +++ b/apparmor.d/profiles-m-r/mount-nfs @@ -2,6 +2,7 @@ # Copyright (C) 2019-2022 Mikhail Morfikov # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/mount-zfs b/apparmor.d/profiles-m-r/mount-zfs index d2efa3054..bb723ad8a 100644 --- a/apparmor.d/profiles-m-r/mount-zfs +++ b/apparmor.d/profiles-m-r/mount-zfs @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/mpd b/apparmor.d/profiles-m-r/mpd index e222681be..5779253fe 100644 --- a/apparmor.d/profiles-m-r/mpd +++ b/apparmor.d/profiles-m-r/mpd @@ -3,6 +3,7 @@ # Copyright (C) 2023-2024 Alexandre Pujol # Copyright (C) 2023 Jose Maldonado # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/mpsyt b/apparmor.d/profiles-m-r/mpsyt index 71f1e4cf9..18c086cf2 100644 --- a/apparmor.d/profiles-m-r/mpsyt +++ b/apparmor.d/profiles-m-r/mpsyt @@ -2,6 +2,7 @@ # Copyright (C) 2017-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/mpv b/apparmor.d/profiles-m-r/mpv index 23aa2b9a1..506ad9f9d 100644 --- a/apparmor.d/profiles-m-r/mpv +++ b/apparmor.d/profiles-m-r/mpv @@ -2,6 +2,7 @@ # Copyright (C) 2017-2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/mtools b/apparmor.d/profiles-m-r/mtools index b19df6cc7..667ec5460 100644 --- a/apparmor.d/profiles-m-r/mtools +++ b/apparmor.d/profiles-m-r/mtools @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/mtr b/apparmor.d/profiles-m-r/mtr index 00d4c0629..cf50a1d8b 100644 --- a/apparmor.d/profiles-m-r/mtr +++ b/apparmor.d/profiles-m-r/mtr @@ -2,6 +2,7 @@ # Copyright (C) 2022 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/mtr-packet b/apparmor.d/profiles-m-r/mtr-packet index 2605b9e25..0e637ebc5 100644 --- a/apparmor.d/profiles-m-r/mtr-packet +++ b/apparmor.d/profiles-m-r/mtr-packet @@ -2,6 +2,7 @@ # Copyright (C) 2022 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/mullvad-setup b/apparmor.d/profiles-m-r/mullvad-setup index befffe09f..3ff624060 100644 --- a/apparmor.d/profiles-m-r/mullvad-setup +++ b/apparmor.d/profiles-m-r/mullvad-setup @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/multipath b/apparmor.d/profiles-m-r/multipath index a571e233d..9d1593383 100644 --- a/apparmor.d/profiles-m-r/multipath +++ b/apparmor.d/profiles-m-r/multipath @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/multipathd b/apparmor.d/profiles-m-r/multipathd index dffcde3cc..d1917f385 100644 --- a/apparmor.d/profiles-m-r/multipathd +++ b/apparmor.d/profiles-m-r/multipathd @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/mumble b/apparmor.d/profiles-m-r/mumble index 6608498b7..61869179e 100644 --- a/apparmor.d/profiles-m-r/mumble +++ b/apparmor.d/profiles-m-r/mumble @@ -2,6 +2,7 @@ # Copyright (C) 2018-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/mumble-overlay b/apparmor.d/profiles-m-r/mumble-overlay index 07f5a0107..b4c82b995 100644 --- a/apparmor.d/profiles-m-r/mumble-overlay +++ b/apparmor.d/profiles-m-r/mumble-overlay @@ -2,6 +2,7 @@ # Copyright (C) 2018-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/murmurd b/apparmor.d/profiles-m-r/murmurd index f9ee44271..eb23ececf 100644 --- a/apparmor.d/profiles-m-r/murmurd +++ b/apparmor.d/profiles-m-r/murmurd @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor include diff --git a/apparmor.d/profiles-m-r/mutt b/apparmor.d/profiles-m-r/mutt index 27060bf3c..9e5725121 100644 --- a/apparmor.d/profiles-m-r/mutt +++ b/apparmor.d/profiles-m-r/mutt @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023 Zane Zakraisek # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/needrestart b/apparmor.d/profiles-m-r/needrestart index d01c714f6..4d28d7e7f 100644 --- a/apparmor.d/profiles-m-r/needrestart +++ b/apparmor.d/profiles-m-r/needrestart @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/needrestart-apt-pinvoke b/apparmor.d/profiles-m-r/needrestart-apt-pinvoke index addce84cb..eb11993e4 100644 --- a/apparmor.d/profiles-m-r/needrestart-apt-pinvoke +++ b/apparmor.d/profiles-m-r/needrestart-apt-pinvoke @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/needrestart-dpkg-status b/apparmor.d/profiles-m-r/needrestart-dpkg-status index 1de2b3200..b8326e8b3 100644 --- a/apparmor.d/profiles-m-r/needrestart-dpkg-status +++ b/apparmor.d/profiles-m-r/needrestart-dpkg-status @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/needrestart-iucode-scan-versions b/apparmor.d/profiles-m-r/needrestart-iucode-scan-versions index 30a7bb801..4d6441a30 100644 --- a/apparmor.d/profiles-m-r/needrestart-iucode-scan-versions +++ b/apparmor.d/profiles-m-r/needrestart-iucode-scan-versions @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/nemo b/apparmor.d/profiles-m-r/nemo index 56c2a960f..56a0a1cff 100644 --- a/apparmor.d/profiles-m-r/nemo +++ b/apparmor.d/profiles-m-r/nemo @@ -2,6 +2,7 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/netcap b/apparmor.d/profiles-m-r/netcap index 91de9da81..ddcb1d368 100644 --- a/apparmor.d/profiles-m-r/netcap +++ b/apparmor.d/profiles-m-r/netcap @@ -2,6 +2,7 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/nethogs b/apparmor.d/profiles-m-r/nethogs index 22fc63a36..51e8b2afa 100644 --- a/apparmor.d/profiles-m-r/nethogs +++ b/apparmor.d/profiles-m-r/nethogs @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/netstat b/apparmor.d/profiles-m-r/netstat index 12060ddb8..e6e0fceb1 100644 --- a/apparmor.d/profiles-m-r/netstat +++ b/apparmor.d/profiles-m-r/netstat @@ -4,6 +4,7 @@ # Copyright (C) 2018-2022 Mikhail Morfikov # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/newgidmap b/apparmor.d/profiles-m-r/newgidmap index 9c6303bef..dc0115e0b 100644 --- a/apparmor.d/profiles-m-r/newgidmap +++ b/apparmor.d/profiles-m-r/newgidmap @@ -2,6 +2,7 @@ # Copyright (C) 2021-2024 Alexandre Pujol # Copyright (C) 2022 Jeroen Rijken # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/newgrp b/apparmor.d/profiles-m-r/newgrp index 836da42f9..5485ae247 100644 --- a/apparmor.d/profiles-m-r/newgrp +++ b/apparmor.d/profiles-m-r/newgrp @@ -2,6 +2,7 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/newuidmap b/apparmor.d/profiles-m-r/newuidmap index b2d0a5e16..8363b82f8 100644 --- a/apparmor.d/profiles-m-r/newuidmap +++ b/apparmor.d/profiles-m-r/newuidmap @@ -2,6 +2,7 @@ # Copyright (C) 2021-2024 Alexandre Pujol # Copyright (C) 2022 Jeroen Rijken # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/nfsdcld b/apparmor.d/profiles-m-r/nfsdcld index 52223b8f1..4f56bb407 100644 --- a/apparmor.d/profiles-m-r/nfsdcld +++ b/apparmor.d/profiles-m-r/nfsdcld @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/nft b/apparmor.d/profiles-m-r/nft index caa99aa4d..e1e36c08e 100644 --- a/apparmor.d/profiles-m-r/nft +++ b/apparmor.d/profiles-m-r/nft @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/nmap b/apparmor.d/profiles-m-r/nmap index 4a40f4180..788207b91 100644 --- a/apparmor.d/profiles-m-r/nmap +++ b/apparmor.d/profiles-m-r/nmap @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/nologin b/apparmor.d/profiles-m-r/nologin index 431ca92b3..104bf31db 100644 --- a/apparmor.d/profiles-m-r/nologin +++ b/apparmor.d/profiles-m-r/nologin @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/nslookup b/apparmor.d/profiles-m-r/nslookup index 1cf1ec1fd..8ec30d881 100644 --- a/apparmor.d/profiles-m-r/nslookup +++ b/apparmor.d/profiles-m-r/nslookup @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/ntfs-3g b/apparmor.d/profiles-m-r/ntfs-3g index bf6fda62f..9ef58b7fe 100644 --- a/apparmor.d/profiles-m-r/ntfs-3g +++ b/apparmor.d/profiles-m-r/ntfs-3g @@ -2,6 +2,7 @@ # Copyright (C) 2018-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/ntfs-3g-probe b/apparmor.d/profiles-m-r/ntfs-3g-probe index 1b3d84d48..387e50a55 100644 --- a/apparmor.d/profiles-m-r/ntfs-3g-probe +++ b/apparmor.d/profiles-m-r/ntfs-3g-probe @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/ntfscat b/apparmor.d/profiles-m-r/ntfscat index cba96e5ef..cbed4f2ee 100644 --- a/apparmor.d/profiles-m-r/ntfscat +++ b/apparmor.d/profiles-m-r/ntfscat @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/ntfsclone b/apparmor.d/profiles-m-r/ntfsclone index 871cd69d6..620077c1e 100644 --- a/apparmor.d/profiles-m-r/ntfsclone +++ b/apparmor.d/profiles-m-r/ntfsclone @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/ntfscluster b/apparmor.d/profiles-m-r/ntfscluster index fb5406347..114ee7009 100644 --- a/apparmor.d/profiles-m-r/ntfscluster +++ b/apparmor.d/profiles-m-r/ntfscluster @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/ntfscmp b/apparmor.d/profiles-m-r/ntfscmp index 2df16e98e..ddb9610ae 100644 --- a/apparmor.d/profiles-m-r/ntfscmp +++ b/apparmor.d/profiles-m-r/ntfscmp @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/ntfscp b/apparmor.d/profiles-m-r/ntfscp index 323848b52..7ad2d73e2 100644 --- a/apparmor.d/profiles-m-r/ntfscp +++ b/apparmor.d/profiles-m-r/ntfscp @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/ntfsdecrypt b/apparmor.d/profiles-m-r/ntfsdecrypt index 4a9e437b8..a717cd021 100644 --- a/apparmor.d/profiles-m-r/ntfsdecrypt +++ b/apparmor.d/profiles-m-r/ntfsdecrypt @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/ntfsfallocate b/apparmor.d/profiles-m-r/ntfsfallocate index 03d346e80..f7faaba76 100644 --- a/apparmor.d/profiles-m-r/ntfsfallocate +++ b/apparmor.d/profiles-m-r/ntfsfallocate @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/ntfsfix b/apparmor.d/profiles-m-r/ntfsfix index 513985be5..b80e8d689 100644 --- a/apparmor.d/profiles-m-r/ntfsfix +++ b/apparmor.d/profiles-m-r/ntfsfix @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/ntfsinfo b/apparmor.d/profiles-m-r/ntfsinfo index 808723b00..968755f11 100644 --- a/apparmor.d/profiles-m-r/ntfsinfo +++ b/apparmor.d/profiles-m-r/ntfsinfo @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/ntfslabel b/apparmor.d/profiles-m-r/ntfslabel index 4c780e65c..b84dd812a 100644 --- a/apparmor.d/profiles-m-r/ntfslabel +++ b/apparmor.d/profiles-m-r/ntfslabel @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/ntfsls b/apparmor.d/profiles-m-r/ntfsls index 7b0f63c53..bb1dda661 100644 --- a/apparmor.d/profiles-m-r/ntfsls +++ b/apparmor.d/profiles-m-r/ntfsls @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/ntfsmove b/apparmor.d/profiles-m-r/ntfsmove index f1263c8b6..57263169b 100644 --- a/apparmor.d/profiles-m-r/ntfsmove +++ b/apparmor.d/profiles-m-r/ntfsmove @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/ntfsrecover b/apparmor.d/profiles-m-r/ntfsrecover index 971eea643..331011d97 100644 --- a/apparmor.d/profiles-m-r/ntfsrecover +++ b/apparmor.d/profiles-m-r/ntfsrecover @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/ntfsresize b/apparmor.d/profiles-m-r/ntfsresize index f6c2608fc..ddaee0504 100644 --- a/apparmor.d/profiles-m-r/ntfsresize +++ b/apparmor.d/profiles-m-r/ntfsresize @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/ntfssecaudit b/apparmor.d/profiles-m-r/ntfssecaudit index a1a0add39..333636143 100644 --- a/apparmor.d/profiles-m-r/ntfssecaudit +++ b/apparmor.d/profiles-m-r/ntfssecaudit @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/ntfstruncate b/apparmor.d/profiles-m-r/ntfstruncate index a5d9aea5c..3df08ba14 100644 --- a/apparmor.d/profiles-m-r/ntfstruncate +++ b/apparmor.d/profiles-m-r/ntfstruncate @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/ntfsundelete b/apparmor.d/profiles-m-r/ntfsundelete index 5b066d3f1..0f9625a83 100644 --- a/apparmor.d/profiles-m-r/ntfsundelete +++ b/apparmor.d/profiles-m-r/ntfsundelete @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/ntfsusermap b/apparmor.d/profiles-m-r/ntfsusermap index 056207ccd..e125ae7ec 100644 --- a/apparmor.d/profiles-m-r/ntfsusermap +++ b/apparmor.d/profiles-m-r/ntfsusermap @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/ntfswipe b/apparmor.d/profiles-m-r/ntfswipe index 1c9a62f3d..4f90518d3 100644 --- a/apparmor.d/profiles-m-r/ntfswipe +++ b/apparmor.d/profiles-m-r/ntfswipe @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/nullmailer-send b/apparmor.d/profiles-m-r/nullmailer-send index efc10f9de..08fd62456 100644 --- a/apparmor.d/profiles-m-r/nullmailer-send +++ b/apparmor.d/profiles-m-r/nullmailer-send @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/numlockx b/apparmor.d/profiles-m-r/numlockx index 672f33417..e435c139b 100644 --- a/apparmor.d/profiles-m-r/numlockx +++ b/apparmor.d/profiles-m-r/numlockx @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/nvidia-detector b/apparmor.d/profiles-m-r/nvidia-detector index a29711965..988a43a10 100644 --- a/apparmor.d/profiles-m-r/nvidia-detector +++ b/apparmor.d/profiles-m-r/nvidia-detector @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/nvidia-persistenced b/apparmor.d/profiles-m-r/nvidia-persistenced index da68f30e2..e91560a51 100644 --- a/apparmor.d/profiles-m-r/nvidia-persistenced +++ b/apparmor.d/profiles-m-r/nvidia-persistenced @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/nvidia-settings b/apparmor.d/profiles-m-r/nvidia-settings index fa4c52f4c..2aaea25f2 100644 --- a/apparmor.d/profiles-m-r/nvidia-settings +++ b/apparmor.d/profiles-m-r/nvidia-settings @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/nvtop b/apparmor.d/profiles-m-r/nvtop index 0448b8db8..07710f048 100644 --- a/apparmor.d/profiles-m-r/nvtop +++ b/apparmor.d/profiles-m-r/nvtop @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/obamenu b/apparmor.d/profiles-m-r/obamenu index a5768aa00..7947beeac 100644 --- a/apparmor.d/profiles-m-r/obamenu +++ b/apparmor.d/profiles-m-r/obamenu @@ -2,6 +2,7 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/obconf b/apparmor.d/profiles-m-r/obconf index f3a4c9d37..52a449dff 100644 --- a/apparmor.d/profiles-m-r/obconf +++ b/apparmor.d/profiles-m-r/obconf @@ -2,6 +2,7 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/obex-folder-listing b/apparmor.d/profiles-m-r/obex-folder-listing index af0fda673..e33ed75c7 100644 --- a/apparmor.d/profiles-m-r/obex-folder-listing +++ b/apparmor.d/profiles-m-r/obex-folder-listing @@ -2,6 +2,7 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/obexautofs b/apparmor.d/profiles-m-r/obexautofs index 091a1df08..ba6dc8fa9 100644 --- a/apparmor.d/profiles-m-r/obexautofs +++ b/apparmor.d/profiles-m-r/obexautofs @@ -2,6 +2,7 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/obexctl b/apparmor.d/profiles-m-r/obexctl index b6e78eff1..1303fe112 100644 --- a/apparmor.d/profiles-m-r/obexctl +++ b/apparmor.d/profiles-m-r/obexctl @@ -2,6 +2,7 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/obexd b/apparmor.d/profiles-m-r/obexd index cb9f00b0d..8a9d23b5f 100644 --- a/apparmor.d/profiles-m-r/obexd +++ b/apparmor.d/profiles-m-r/obexd @@ -2,6 +2,7 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/obexfs b/apparmor.d/profiles-m-r/obexfs index 24c4063e5..f88a451aa 100644 --- a/apparmor.d/profiles-m-r/obexfs +++ b/apparmor.d/profiles-m-r/obexfs @@ -2,6 +2,7 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/obexpush-atd b/apparmor.d/profiles-m-r/obexpush-atd index 3ea806849..d6d1878c4 100644 --- a/apparmor.d/profiles-m-r/obexpush-atd +++ b/apparmor.d/profiles-m-r/obexpush-atd @@ -2,6 +2,7 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/obexpushd b/apparmor.d/profiles-m-r/obexpushd index c6f4b6db7..99ca9aaaa 100644 --- a/apparmor.d/profiles-m-r/obexpushd +++ b/apparmor.d/profiles-m-r/obexpushd @@ -2,6 +2,7 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/obxprop b/apparmor.d/profiles-m-r/obxprop index 4a1688e70..1419c3213 100644 --- a/apparmor.d/profiles-m-r/obxprop +++ b/apparmor.d/profiles-m-r/obxprop @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/on-ac-power b/apparmor.d/profiles-m-r/on-ac-power index d5248795f..8da400ee4 100644 --- a/apparmor.d/profiles-m-r/on-ac-power +++ b/apparmor.d/profiles-m-r/on-ac-power @@ -2,6 +2,7 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/onefetch b/apparmor.d/profiles-m-r/onefetch index 02618d169..e04ee7bbf 100644 --- a/apparmor.d/profiles-m-r/onefetch +++ b/apparmor.d/profiles-m-r/onefetch @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/openbox b/apparmor.d/profiles-m-r/openbox index 4788f38c6..08eab7d99 100644 --- a/apparmor.d/profiles-m-r/openbox +++ b/apparmor.d/profiles-m-r/openbox @@ -2,6 +2,7 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/openbox-session b/apparmor.d/profiles-m-r/openbox-session index 185984063..85ee6699f 100644 --- a/apparmor.d/profiles-m-r/openbox-session +++ b/apparmor.d/profiles-m-r/openbox-session @@ -2,6 +2,7 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/orage b/apparmor.d/profiles-m-r/orage index ee04dda66..f90890d03 100644 --- a/apparmor.d/profiles-m-r/orage +++ b/apparmor.d/profiles-m-r/orage @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/os-prober b/apparmor.d/profiles-m-r/os-prober index 5333bc944..80ce94cc2 100644 --- a/apparmor.d/profiles-m-r/os-prober +++ b/apparmor.d/profiles-m-r/os-prober @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/packagekitd b/apparmor.d/profiles-m-r/packagekitd index 972d45265..55dcdf74e 100644 --- a/apparmor.d/profiles-m-r/packagekitd +++ b/apparmor.d/profiles-m-r/packagekitd @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/pacmd b/apparmor.d/profiles-m-r/pacmd index 9ebb1b1a0..541266aa3 100644 --- a/apparmor.d/profiles-m-r/pacmd +++ b/apparmor.d/profiles-m-r/pacmd @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/pactl b/apparmor.d/profiles-m-r/pactl index 551dc7a9a..c671e58e4 100644 --- a/apparmor.d/profiles-m-r/pactl +++ b/apparmor.d/profiles-m-r/pactl @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/pagesize b/apparmor.d/profiles-m-r/pagesize index 64e575927..d32fa5949 100644 --- a/apparmor.d/profiles-m-r/pagesize +++ b/apparmor.d/profiles-m-r/pagesize @@ -2,6 +2,7 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/pam-auth-update b/apparmor.d/profiles-m-r/pam-auth-update index 48af5a9f3..9a3dcd47e 100644 --- a/apparmor.d/profiles-m-r/pam-auth-update +++ b/apparmor.d/profiles-m-r/pam-auth-update @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/pam-tmpdir-helper b/apparmor.d/profiles-m-r/pam-tmpdir-helper index 1c0836c1f..dd598e039 100644 --- a/apparmor.d/profiles-m-r/pam-tmpdir-helper +++ b/apparmor.d/profiles-m-r/pam-tmpdir-helper @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/pam/mappings b/apparmor.d/profiles-m-r/pam/mappings index 0f9d039fd..fb55deb62 100644 --- a/apparmor.d/profiles-m-r/pam/mappings +++ b/apparmor.d/profiles-m-r/pam/mappings @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # See more at: https://gitlab.com/apparmor/apparmor/wikis/Pam_apparmor_example diff --git a/apparmor.d/profiles-m-r/parted b/apparmor.d/profiles-m-r/parted index bd0238323..75bcb96ba 100644 --- a/apparmor.d/profiles-m-r/parted +++ b/apparmor.d/profiles-m-r/parted @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/partprobe b/apparmor.d/profiles-m-r/partprobe index 27edebbf5..5e3528c56 100644 --- a/apparmor.d/profiles-m-r/partprobe +++ b/apparmor.d/profiles-m-r/partprobe @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/pass b/apparmor.d/profiles-m-r/pass index 1dbcac174..f1536ec93 100644 --- a/apparmor.d/profiles-m-r/pass +++ b/apparmor.d/profiles-m-r/pass @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/pass-import b/apparmor.d/profiles-m-r/pass-import index d2ad4fd91..e85d2791d 100644 --- a/apparmor.d/profiles-m-r/pass-import +++ b/apparmor.d/profiles-m-r/pass-import @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/passimd b/apparmor.d/profiles-m-r/passimd index 2ead4d034..9fa951cdc 100644 --- a/apparmor.d/profiles-m-r/passimd +++ b/apparmor.d/profiles-m-r/passimd @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/passwd b/apparmor.d/profiles-m-r/passwd index 99d20eb10..b36451c4a 100644 --- a/apparmor.d/profiles-m-r/passwd +++ b/apparmor.d/profiles-m-r/passwd @@ -2,6 +2,7 @@ # Copyright (C) 2019-2022 Mikhail Morfikov # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/pavucontrol b/apparmor.d/profiles-m-r/pavucontrol index ad6d92aac..b01303799 100644 --- a/apparmor.d/profiles-m-r/pavucontrol +++ b/apparmor.d/profiles-m-r/pavucontrol @@ -2,6 +2,7 @@ # Copyright (C) 2017-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/pcb-gtk b/apparmor.d/profiles-m-r/pcb-gtk index 9ff0fbcdd..3e334ec2d 100644 --- a/apparmor.d/profiles-m-r/pcb-gtk +++ b/apparmor.d/profiles-m-r/pcb-gtk @@ -2,6 +2,7 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/pcscd b/apparmor.d/profiles-m-r/pcscd index c4b5cb689..3929b5b29 100644 --- a/apparmor.d/profiles-m-r/pcscd +++ b/apparmor.d/profiles-m-r/pcscd @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/picom b/apparmor.d/profiles-m-r/picom index baaa80dea..b93b344af 100644 --- a/apparmor.d/profiles-m-r/picom +++ b/apparmor.d/profiles-m-r/picom @@ -2,6 +2,7 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/pidof b/apparmor.d/profiles-m-r/pidof index ba557f810..69666decc 100644 --- a/apparmor.d/profiles-m-r/pidof +++ b/apparmor.d/profiles-m-r/pidof @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/pinentry b/apparmor.d/profiles-m-r/pinentry index 3606078b7..dd43b948a 100644 --- a/apparmor.d/profiles-m-r/pinentry +++ b/apparmor.d/profiles-m-r/pinentry @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/pinentry-curses b/apparmor.d/profiles-m-r/pinentry-curses index b9d53352f..fb8c28111 100644 --- a/apparmor.d/profiles-m-r/pinentry-curses +++ b/apparmor.d/profiles-m-r/pinentry-curses @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/pinentry-gnome3 b/apparmor.d/profiles-m-r/pinentry-gnome3 index 5da9358bf..642e43a18 100644 --- a/apparmor.d/profiles-m-r/pinentry-gnome3 +++ b/apparmor.d/profiles-m-r/pinentry-gnome3 @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/pinentry-gtk-2 b/apparmor.d/profiles-m-r/pinentry-gtk-2 index c139e2e2b..f0a960571 100644 --- a/apparmor.d/profiles-m-r/pinentry-gtk-2 +++ b/apparmor.d/profiles-m-r/pinentry-gtk-2 @@ -2,6 +2,7 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/pinentry-kwallet b/apparmor.d/profiles-m-r/pinentry-kwallet index 612f68851..1dcc5c70c 100644 --- a/apparmor.d/profiles-m-r/pinentry-kwallet +++ b/apparmor.d/profiles-m-r/pinentry-kwallet @@ -2,6 +2,7 @@ # Copyright (C) 2018-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/pinentry-qt b/apparmor.d/profiles-m-r/pinentry-qt index ae157744e..d169bedbb 100644 --- a/apparmor.d/profiles-m-r/pinentry-qt +++ b/apparmor.d/profiles-m-r/pinentry-qt @@ -2,6 +2,7 @@ # Copyright (C) 2018-2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/pkcs11-register b/apparmor.d/profiles-m-r/pkcs11-register index 3ca20d326..04c2298ba 100644 --- a/apparmor.d/profiles-m-r/pkcs11-register +++ b/apparmor.d/profiles-m-r/pkcs11-register @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/pkexec b/apparmor.d/profiles-m-r/pkexec index 417ca76fd..e5272cd55 100644 --- a/apparmor.d/profiles-m-r/pkexec +++ b/apparmor.d/profiles-m-r/pkexec @@ -2,6 +2,7 @@ # Copyright (C) 2019-2022 Mikhail Morfikov # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/pkttyagent b/apparmor.d/profiles-m-r/pkttyagent index ce290da5f..ac6a3be06 100644 --- a/apparmor.d/profiles-m-r/pkttyagent +++ b/apparmor.d/profiles-m-r/pkttyagent @@ -2,6 +2,7 @@ # Copyright (C) 2021-2024 Alexandre Pujol # Copyright (C) 2022 Jeroen Rijken # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/plank b/apparmor.d/profiles-m-r/plank index f94da07a7..2d677fe19 100644 --- a/apparmor.d/profiles-m-r/plank +++ b/apparmor.d/profiles-m-r/plank @@ -2,6 +2,7 @@ # Copyright (C) 2023 Jeroen Rijken # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/plocate b/apparmor.d/profiles-m-r/plocate index 21a27e43e..574f169d7 100644 --- a/apparmor.d/profiles-m-r/plocate +++ b/apparmor.d/profiles-m-r/plocate @@ -2,6 +2,7 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/plocate-build b/apparmor.d/profiles-m-r/plocate-build index 615baabe5..e5ca94bef 100644 --- a/apparmor.d/profiles-m-r/plocate-build +++ b/apparmor.d/profiles-m-r/plocate-build @@ -2,6 +2,7 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/popularity-contest b/apparmor.d/profiles-m-r/popularity-contest index 702ccbcdf..a243b2241 100644 --- a/apparmor.d/profiles-m-r/popularity-contest +++ b/apparmor.d/profiles-m-r/popularity-contest @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/power-profiles-daemon b/apparmor.d/profiles-m-r/power-profiles-daemon index eb5470217..ee1521c69 100644 --- a/apparmor.d/profiles-m-r/power-profiles-daemon +++ b/apparmor.d/profiles-m-r/power-profiles-daemon @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/protonmail-bridge b/apparmor.d/profiles-m-r/protonmail-bridge index 92a5eb13c..b1a9a5919 100644 --- a/apparmor.d/profiles-m-r/protonmail-bridge +++ b/apparmor.d/profiles-m-r/protonmail-bridge @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # Warning: only the protonmail-bridge CLI and service are supported, NOT the GUI. diff --git a/apparmor.d/profiles-m-r/ps b/apparmor.d/profiles-m-r/ps index dbaf443fc..3fd5efdcc 100644 --- a/apparmor.d/profiles-m-r/ps +++ b/apparmor.d/profiles-m-r/ps @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/ps-mem b/apparmor.d/profiles-m-r/ps-mem index 4d0a5c642..c015f077e 100644 --- a/apparmor.d/profiles-m-r/ps-mem +++ b/apparmor.d/profiles-m-r/ps-mem @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/pscap b/apparmor.d/profiles-m-r/pscap index 61bd4438a..130f6dfdd 100644 --- a/apparmor.d/profiles-m-r/pscap +++ b/apparmor.d/profiles-m-r/pscap @@ -2,6 +2,7 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/psi b/apparmor.d/profiles-m-r/psi index a0765eb7e..51967fb79 100644 --- a/apparmor.d/profiles-m-r/psi +++ b/apparmor.d/profiles-m-r/psi @@ -2,6 +2,7 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/psi-plus b/apparmor.d/profiles-m-r/psi-plus index aaead522e..4117790e9 100644 --- a/apparmor.d/profiles-m-r/psi-plus +++ b/apparmor.d/profiles-m-r/psi-plus @@ -2,6 +2,7 @@ # Copyright (C) 2017-2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/pstree b/apparmor.d/profiles-m-r/pstree index 3ad9e7b0c..86ec8536f 100644 --- a/apparmor.d/profiles-m-r/pstree +++ b/apparmor.d/profiles-m-r/pstree @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/pulseeffects b/apparmor.d/profiles-m-r/pulseeffects index 4166f0678..7c78de274 100644 --- a/apparmor.d/profiles-m-r/pulseeffects +++ b/apparmor.d/profiles-m-r/pulseeffects @@ -2,6 +2,7 @@ # Copyright (C) 2015-2020 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/pwck b/apparmor.d/profiles-m-r/pwck index 051417cf2..bba63f378 100644 --- a/apparmor.d/profiles-m-r/pwck +++ b/apparmor.d/profiles-m-r/pwck @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/qbittorrent b/apparmor.d/profiles-m-r/qbittorrent index e1eb03dd8..308396ec4 100644 --- a/apparmor.d/profiles-m-r/qbittorrent +++ b/apparmor.d/profiles-m-r/qbittorrent @@ -2,6 +2,7 @@ # Copyright (C) 2015-2022 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/qbittorrent-nox b/apparmor.d/profiles-m-r/qbittorrent-nox index cd4015707..b83fd24e3 100644 --- a/apparmor.d/profiles-m-r/qbittorrent-nox +++ b/apparmor.d/profiles-m-r/qbittorrent-nox @@ -2,6 +2,7 @@ # Copyright (C) 2015-2020 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/qemu-ga b/apparmor.d/profiles-m-r/qemu-ga index b873fb6a5..53d8ac0e5 100644 --- a/apparmor.d/profiles-m-r/qemu-ga +++ b/apparmor.d/profiles-m-r/qemu-ga @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/qnapi b/apparmor.d/profiles-m-r/qnapi index 7075a0a49..5e0a76e90 100644 --- a/apparmor.d/profiles-m-r/qnapi +++ b/apparmor.d/profiles-m-r/qnapi @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/qpdfview b/apparmor.d/profiles-m-r/qpdfview index 4ce205c27..ee89f9c6d 100644 --- a/apparmor.d/profiles-m-r/qpdfview +++ b/apparmor.d/profiles-m-r/qpdfview @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/qt5ct b/apparmor.d/profiles-m-r/qt5ct index 58bd6948e..d4723b920 100644 --- a/apparmor.d/profiles-m-r/qt5ct +++ b/apparmor.d/profiles-m-r/qt5ct @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/qtchooser b/apparmor.d/profiles-m-r/qtchooser index 10749b88e..d6e91f17e 100644 --- a/apparmor.d/profiles-m-r/qtchooser +++ b/apparmor.d/profiles-m-r/qtchooser @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/qtox b/apparmor.d/profiles-m-r/qtox index fd9e0748d..2dbaa7d55 100644 --- a/apparmor.d/profiles-m-r/qtox +++ b/apparmor.d/profiles-m-r/qtox @@ -2,6 +2,7 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/quiterss b/apparmor.d/profiles-m-r/quiterss index a0463bb98..7fa111f47 100644 --- a/apparmor.d/profiles-m-r/quiterss +++ b/apparmor.d/profiles-m-r/quiterss @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/rdmsr b/apparmor.d/profiles-m-r/rdmsr index 5500bbfda..1d092f20b 100644 --- a/apparmor.d/profiles-m-r/rdmsr +++ b/apparmor.d/profiles-m-r/rdmsr @@ -2,6 +2,7 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/remmina b/apparmor.d/profiles-m-r/remmina index 833c81818..170df87a3 100644 --- a/apparmor.d/profiles-m-r/remmina +++ b/apparmor.d/profiles-m-r/remmina @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/repo b/apparmor.d/profiles-m-r/repo index 0132cbe9a..51335d5e0 100644 --- a/apparmor.d/profiles-m-r/repo +++ b/apparmor.d/profiles-m-r/repo @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/reprepro b/apparmor.d/profiles-m-r/reprepro index b0d31a4fb..76bb0b228 100644 --- a/apparmor.d/profiles-m-r/reprepro +++ b/apparmor.d/profiles-m-r/reprepro @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/resize2fs b/apparmor.d/profiles-m-r/resize2fs index 7406602e4..fd449af74 100644 --- a/apparmor.d/profiles-m-r/resize2fs +++ b/apparmor.d/profiles-m-r/resize2fs @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/resolvconf b/apparmor.d/profiles-m-r/resolvconf index 8609e4858..f7433f7d4 100644 --- a/apparmor.d/profiles-m-r/resolvconf +++ b/apparmor.d/profiles-m-r/resolvconf @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/rfkill b/apparmor.d/profiles-m-r/rfkill index a0ba2c7b3..96df69bd3 100644 --- a/apparmor.d/profiles-m-r/rfkill +++ b/apparmor.d/profiles-m-r/rfkill @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/rngd b/apparmor.d/profiles-m-r/rngd index b929f1a7a..4eefee054 100644 --- a/apparmor.d/profiles-m-r/rngd +++ b/apparmor.d/profiles-m-r/rngd @@ -2,6 +2,7 @@ # Copyright (C) 2021-2024 Alexandre Pujol # Copyright (C) 2022 Jeroen Rijken # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/rpi-imager b/apparmor.d/profiles-m-r/rpi-imager index 946219e92..fd7ada167 100644 --- a/apparmor.d/profiles-m-r/rpi-imager +++ b/apparmor.d/profiles-m-r/rpi-imager @@ -2,6 +2,7 @@ # Copyright (C) 2017-2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/rredtool b/apparmor.d/profiles-m-r/rredtool index 569f9f25a..8ffe134be 100644 --- a/apparmor.d/profiles-m-r/rredtool +++ b/apparmor.d/profiles-m-r/rredtool @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/rsyslogd b/apparmor.d/profiles-m-r/rsyslogd index 60f6d63e9..c93b67254 100644 --- a/apparmor.d/profiles-m-r/rsyslogd +++ b/apparmor.d/profiles-m-r/rsyslogd @@ -2,6 +2,7 @@ # Copyright (C) 2018-2021 Mikhail Morfikov # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/rtkit-daemon b/apparmor.d/profiles-m-r/rtkit-daemon index 72d6f0e7f..9c58a9548 100644 --- a/apparmor.d/profiles-m-r/rtkit-daemon +++ b/apparmor.d/profiles-m-r/rtkit-daemon @@ -2,6 +2,7 @@ # Copyright (C) 2018-2022 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/rtkitctl b/apparmor.d/profiles-m-r/rtkitctl index adbe7d66b..8a45f0339 100644 --- a/apparmor.d/profiles-m-r/rtkitctl +++ b/apparmor.d/profiles-m-r/rtkitctl @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/run-parts b/apparmor.d/profiles-m-r/run-parts index 726f6f64e..135b56622 100644 --- a/apparmor.d/profiles-m-r/run-parts +++ b/apparmor.d/profiles-m-r/run-parts @@ -3,6 +3,7 @@ # Copyright (C) 2022-2024 Alexandre Pujol # Copyright (C) 2022 Jeroen Rijken # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/runuser b/apparmor.d/profiles-m-r/runuser index 590ed971c..3992c1993 100644 --- a/apparmor.d/profiles-m-r/runuser +++ b/apparmor.d/profiles-m-r/runuser @@ -2,6 +2,7 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/rustdesk b/apparmor.d/profiles-m-r/rustdesk index c711530ef..718b8fe3b 100644 --- a/apparmor.d/profiles-m-r/rustdesk +++ b/apparmor.d/profiles-m-r/rustdesk @@ -1,5 +1,6 @@ # apparmor.d - Full set of apparmor profiles # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-m-r/rustdesk-utils b/apparmor.d/profiles-m-r/rustdesk-utils index 8c5817b15..102536379 100644 --- a/apparmor.d/profiles-m-r/rustdesk-utils +++ b/apparmor.d/profiles-m-r/rustdesk-utils @@ -1,5 +1,6 @@ # apparmor.d - Full set of apparmor profiles # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , From bb6df870bb6203bb881be50518ed9578b0da1e1d Mon Sep 17 00:00:00 2001 From: Alexandre Pujol Date: Mon, 10 Jun 2024 23:43:55 +0100 Subject: [PATCH 02/52] chore: cleanup opensc debian structure. --- apparmor.d/abstractions/app/chromium | 3 +-- apparmor.d/abstractions/app/firefox | 3 +-- apparmor.d/groups/gnome/gsd-smartcard | 3 +-- apparmor.d/groups/gnome/seahorse | 3 +-- apparmor.d/profiles-m-r/pkcs11-register | 3 +-- apparmor.d/profiles-m-r/rngd | 3 +-- 6 files changed, 6 insertions(+), 12 deletions(-) diff --git a/apparmor.d/abstractions/app/chromium b/apparmor.d/abstractions/app/chromium index c4359cc9c..a3af128df 100644 --- a/apparmor.d/abstractions/app/chromium +++ b/apparmor.d/abstractions/app/chromium @@ -110,8 +110,7 @@ /etc/@{name}/{,**} r, /etc/fstab r, - /etc/opensc.conf r, - /etc/opensc/opensc.conf r, # Debian ubication + /etc/{,opensc/}opensc.conf r, /var/lib/dbus/machine-id r, /etc/machine-id r, diff --git a/apparmor.d/abstractions/app/firefox b/apparmor.d/abstractions/app/firefox index ba0c7f3ee..bd8b14620 100644 --- a/apparmor.d/abstractions/app/firefox +++ b/apparmor.d/abstractions/app/firefox @@ -73,8 +73,7 @@ /etc/fstab r, /etc/mailcap r, /etc/mime.types r, - /etc/opensc.conf r, - /etc/opensc/opensc.conf r, + /etc/{,opensc/}opensc.conf r, /etc/sysconfig/proxy r, /etc/xdg/* r, /etc/xul-ext/kwallet5.js r, diff --git a/apparmor.d/groups/gnome/gsd-smartcard b/apparmor.d/groups/gnome/gsd-smartcard index 4003d1753..f5516c22c 100644 --- a/apparmor.d/groups/gnome/gsd-smartcard +++ b/apparmor.d/groups/gnome/gsd-smartcard @@ -30,8 +30,7 @@ profile gsd-smartcard @{exec_path} flags=(attach_disconnected) { /usr/share/gdm/greeter-dconf-defaults r, /usr/share/glib-2.0/schemas/gschemas.compiled r, - /etc/opensc.conf r, - /etc/opensc/opensc.conf r, + /etc/{,opensc/}opensc.conf r, owner @{GDM_HOME}/greeter-dconf-defaults r, owner @{gdm_config_dirs}/dconf/user r, diff --git a/apparmor.d/groups/gnome/seahorse b/apparmor.d/groups/gnome/seahorse index 8987ae31a..1f5a088be 100644 --- a/apparmor.d/groups/gnome/seahorse +++ b/apparmor.d/groups/gnome/seahorse @@ -36,8 +36,7 @@ profile seahorse @{exec_path} { /etc/pki/trust/blocklist/ r, /etc/gcrypt/hwf.deny r, - /etc/opensc.conf r, - /etc/opensc/opensc.conf r, + /etc/{,opensc/}opensc.conf r, owner @{HOME}/@{XDG_SSH_DIR}/{,**} r, diff --git a/apparmor.d/profiles-m-r/pkcs11-register b/apparmor.d/profiles-m-r/pkcs11-register index 3ca20d326..23893edfe 100644 --- a/apparmor.d/profiles-m-r/pkcs11-register +++ b/apparmor.d/profiles-m-r/pkcs11-register @@ -12,8 +12,7 @@ profile pkcs11-register @{exec_path} { @{exec_path} mr, - /etc/opensc.conf r, - /etc/opensc/opensc.conf r, + /etc/{,opensc/}opensc.conf r, owner @{HOME}/.mozilla/firefox/*/pkcs11.txt rw, owner @{HOME}/.mozilla/firefox/profiles.ini r, diff --git a/apparmor.d/profiles-m-r/rngd b/apparmor.d/profiles-m-r/rngd index b929f1a7a..b600f5838 100644 --- a/apparmor.d/profiles-m-r/rngd +++ b/apparmor.d/profiles-m-r/rngd @@ -24,8 +24,7 @@ profile rngd @{exec_path} flags=(attach_disconnected) { /etc/conf.d/rngd r, /etc/machine-id r, - /etc/opensc.conf r, - /etc/opensc/opensc.conf r, + /etc/{,opensc/}opensc.conf r, /var/lib/dbus/machine-id r, @{sys}/devices/virtual/misc/hw_random/rng_available r, From 222685c029ad1b0e056ff54b8bc7a80386d767b4 Mon Sep 17 00:00:00 2001 From: Alexandre Pujol Date: Mon, 10 Jun 2024 23:51:38 +0100 Subject: [PATCH 03/52] feat(profile): use the cups-client more often. --- apparmor.d/abstractions/app/firefox | 3 +-- apparmor.d/abstractions/common/app | 2 +- apparmor.d/groups/gnome/gnome-control-center | 3 +-- apparmor.d/groups/gnome/gsd-print-notifications | 5 +---- apparmor.d/groups/kde/plasmashell | 2 +- 5 files changed, 5 insertions(+), 10 deletions(-) diff --git a/apparmor.d/abstractions/app/firefox b/apparmor.d/abstractions/app/firefox index bd8b14620..578689aa4 100644 --- a/apparmor.d/abstractions/app/firefox +++ b/apparmor.d/abstractions/app/firefox @@ -17,6 +17,7 @@ include include include + include include include include @@ -69,7 +70,6 @@ /usr/share/xul-ext/kwallet5/* r, /etc/@{name}/{,**} r, - /etc/cups/client.conf r, /etc/fstab r, /etc/mailcap r, /etc/mime.types r, @@ -81,7 +81,6 @@ /var/lib/nscd/services r, owner @{HOME}/ r, - owner @{HOME}/.cups/lpoptions r, owner @{config_dirs}/ rw, owner @{config_dirs}/** rwk, diff --git a/apparmor.d/abstractions/common/app b/apparmor.d/abstractions/common/app index ff3b0f7f0..f563d8039 100644 --- a/apparmor.d/abstractions/common/app +++ b/apparmor.d/abstractions/common/app @@ -15,6 +15,7 @@ include include include + include # include include include @@ -63,7 +64,6 @@ owner @{tmp}/** rmwk, owner /dev/shm/** rwlk -> /dev/shm/**, - @{run}/cups/cups.sock rw, # Allow access to cups printing socket. @{run}/havahi-daemon/socket rw, # Allow access to avahi-daemon socket. @{run}/host/{,**} r, @{run}/pcscd/pcscd.comm rw, # Allow access to pcscd socket. diff --git a/apparmor.d/groups/gnome/gnome-control-center b/apparmor.d/groups/gnome/gnome-control-center index fd2462ffa..6abb6f1f2 100644 --- a/apparmor.d/groups/gnome/gnome-control-center +++ b/apparmor.d/groups/gnome/gnome-control-center @@ -16,6 +16,7 @@ profile gnome-control-center @{exec_path} flags=(attach_disconnected) { include include include + include include include include @@ -93,7 +94,6 @@ profile gnome-control-center @{exec_path} flags=(attach_disconnected) { /usr/share/wallpapers/{,**} r, /usr/share/xml/iso-codes/{,**} r, - /etc/cups/client.conf r, /etc/machine-info r, /etc/rygel.conf r, /etc/security/pwquality.conf r, @@ -130,7 +130,6 @@ profile gnome-control-center @{exec_path} flags=(attach_disconnected) { owner @{tmp}/gdkpixbuf-xpm-tmp.@{rand6} rw, - @{run}/cups/cups.sock rw, @{run}/samba/ rw, @{run}/systemd/sessions/ r, @{run}/systemd/sessions/* r, diff --git a/apparmor.d/groups/gnome/gsd-print-notifications b/apparmor.d/groups/gnome/gsd-print-notifications index 6846ecaa5..ad71bec7f 100644 --- a/apparmor.d/groups/gnome/gsd-print-notifications +++ b/apparmor.d/groups/gnome/gsd-print-notifications @@ -13,6 +13,7 @@ profile gsd-print-notifications @{exec_path} flags=(attach_disconnected) { include include include + include include network inet stream, @@ -34,10 +35,6 @@ profile gsd-print-notifications @{exec_path} flags=(attach_disconnected) { @{exec_path} mr, @{lib}/gsd-printer rPx, - /etc/cups/client.conf r, - - @{run}/cups/cups.sock rw, - owner @{PROC}/@{pid}/cgroup r, owner @{PROC}/@{pid}/fd/ r, diff --git a/apparmor.d/groups/kde/plasmashell b/apparmor.d/groups/kde/plasmashell index 3c7b4eed8..7464a9842 100644 --- a/apparmor.d/groups/kde/plasmashell +++ b/apparmor.d/groups/kde/plasmashell @@ -16,6 +16,7 @@ profile plasmashell @{exec_path} flags=(mediate_deleted) { include include include + include include include include @@ -76,7 +77,6 @@ profile plasmashell @{exec_path} flags=(mediate_deleted) { /usr/share/wallpapers/{,**} r, /etc/appstream.conf r, - /etc/cups/client.conf r, /etc/fstab r, /etc/ksysguarddrc r, /etc/machine-id r, From 0d8afd21e3f7d30bfe052649517f194c8e4dd353 Mon Sep 17 00:00:00 2001 From: Alexandre Pujol Date: Mon, 10 Jun 2024 23:52:40 +0100 Subject: [PATCH 04/52] feat(abs): vulkan: allow empty vulkan home dir. --- apparmor.d/abstractions/vulkan-strict | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/apparmor.d/abstractions/vulkan-strict b/apparmor.d/abstractions/vulkan-strict index ee56ef44c..f5926fc20 100644 --- a/apparmor.d/abstractions/vulkan-strict +++ b/apparmor.d/abstractions/vulkan-strict @@ -14,9 +14,12 @@ /etc/vulkan/icd.d/{,*.json} r, /etc/vulkan/implicit_layer.d/{,*.json} r, - owner @{user_share_dirs}/vulkan/implicit_layer.d/{,*.json} r, owner @{user_cache_dirs}/radv_builtin_shaders{32,64} r, # Vulkan radv shaders cache + owner @{user_share_dirs}/vulkan/ rw, + owner @{user_share_dirs}/vulkan/implicit_layer.d/ rw, + owner @{user_share_dirs}/vulkan/implicit_layer.d/*.json r, + @{sys}/class/ r, @{sys}/class/drm/ r, @{sys}/devices/@{pci}/drm/ r, From b4407fb7f8d6441d24dfc9f449cd1d30f46b5b54 Mon Sep 17 00:00:00 2001 From: Alexandre Pujol Date: Mon, 10 Jun 2024 23:53:31 +0100 Subject: [PATCH 05/52] feat(abs): wayland: add ibus shared file. --- apparmor.d/abstractions/wayland.d/complete | 2 ++ 1 file changed, 2 insertions(+) diff --git a/apparmor.d/abstractions/wayland.d/complete b/apparmor.d/abstractions/wayland.d/complete index 4e2e7dd02..1029e0a1f 100644 --- a/apparmor.d/abstractions/wayland.d/complete +++ b/apparmor.d/abstractions/wayland.d/complete @@ -2,6 +2,8 @@ # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only + owner @{user_config_dirs}/ibus/bus/@{hex32}-unix-wayland-@{int} r, + owner @{user_share_dirs}/sddm/wayland-session.log w, owner @{run}/user/@{uid}/wayland-@{int}.lock rwk, From d283ef51965a9f1f16a121c0f1824e3e8ca189d3 Mon Sep 17 00:00:00 2001 From: Alexandre Pujol Date: Mon, 10 Jun 2024 23:58:44 +0100 Subject: [PATCH 06/52] feat(profile): general update. --- apparmor.d/groups/apt/debsign | 1 + apparmor.d/groups/apt/debsums | 14 +++---- apparmor.d/groups/apt/dpkg-divert | 2 +- .../groups/browsers/firefox-minidump-analyzer | 10 ++--- apparmor.d/groups/bus/ibus-memconf | 4 +- .../groups/cron/cron-popularity-contest | 41 +++++++++---------- apparmor.d/groups/gnome/gdm-generate-config | 2 +- apparmor.d/groups/gnome/gnome-shell | 2 + apparmor.d/groups/gnome/gnome-software | 3 ++ apparmor.d/groups/virt/libvirtd | 1 + apparmor.d/profiles-a-f/cups-notifier-dbus | 3 +- apparmor.d/profiles-a-f/flatpak-portal | 3 ++ apparmor.d/profiles-g-l/kodi-xrandr | 2 +- apparmor.d/profiles-g-l/libreoffice | 5 +++ apparmor.d/profiles-m-r/mkinitramfs | 2 +- apparmor.d/profiles-m-r/qpdfview | 4 +- apparmor.d/profiles-s-z/wsdd | 6 +++ 17 files changed, 62 insertions(+), 43 deletions(-) diff --git a/apparmor.d/groups/apt/debsign b/apparmor.d/groups/apt/debsign index c15be86ea..effa93be2 100644 --- a/apparmor.d/groups/apt/debsign +++ b/apparmor.d/groups/apt/debsign @@ -55,6 +55,7 @@ profile debsign @{exec_path} { owner @{tmp}/debsign.*/*.{dsc,changes,buildinfo} r, owner @{tmp}/debsign.*/*.{dsc,changes,buildinfo}.asc rw, + include if exists } include if exists diff --git a/apparmor.d/groups/apt/debsums b/apparmor.d/groups/apt/debsums index 7bc55f09b..5cd5e045d 100644 --- a/apparmor.d/groups/apt/debsums +++ b/apparmor.d/groups/apt/debsums @@ -20,13 +20,6 @@ profile debsums @{exec_path} { @{sh_path} rix, @{bin}/{m,g,}awk rix, - /etc/dpkg/dpkg.cfg.d/{,*} r, - /etc/dpkg/dpkg.cfg r, - - /var/lib/dpkg/info/* r, - - /etc/locale.nopurge r, - # Do not strip env to avoid errors like the following: # ERROR: ld.so: object 'libfakeroot-sysv.so' from LD_PRELOAD cannot be preloaded (cannot open # shared object file): ignored. @@ -35,6 +28,13 @@ profile debsums @{exec_path} { @{bin}/dpkg rPx -> child-dpkg, @{bin}/dpkg-divert rPx -> child-dpkg-divert, + /etc/dpkg/dpkg.cfg.d/{,*} r, + /etc/dpkg/dpkg.cfg r, + + /etc/locale.nopurge r, + + /var/lib/dpkg/info/* r, + # For shell pwd / r, /root/ r, diff --git a/apparmor.d/groups/apt/dpkg-divert b/apparmor.d/groups/apt/dpkg-divert index 74217421c..515e41679 100644 --- a/apparmor.d/groups/apt/dpkg-divert +++ b/apparmor.d/groups/apt/dpkg-divert @@ -16,7 +16,7 @@ profile dpkg-divert @{exec_path} { /var/lib/dpkg/** r, - /usr/share/*/** w, + /usr/share/*/** rw, /var/lib/dpkg/diversions rw, /var/lib/dpkg/diversions-new rw, diff --git a/apparmor.d/groups/browsers/firefox-minidump-analyzer b/apparmor.d/groups/browsers/firefox-minidump-analyzer index 7c436755a..665673a77 100644 --- a/apparmor.d/groups/browsers/firefox-minidump-analyzer +++ b/apparmor.d/groups/browsers/firefox-minidump-analyzer @@ -15,7 +15,7 @@ include @{cache_dirs} = @{user_cache_dirs}/mozilla/ @{exec_path} = @{lib_dirs}/minidump-analyzer -profile firefox-minidump-analyzer @{exec_path} { +profile firefox-minidump-analyzer @{exec_path} flags=(attach_disconnected) { include signal (receive) set=(term, kill) peer=firefox, @@ -27,10 +27,10 @@ profile firefox-minidump-analyzer @{exec_path} { owner "@{config_dirs}/firefox/Crash Reports/" rw, owner "@{config_dirs}/firefox/Crash Reports/pending/" rw, owner "@{config_dirs}/firefox/Crash Reports/pending/@{hex}.{dmp,extra}" rw, - owner @{config_dirs}/*.*/extensions/*.xpi r, - owner @{config_dirs}/*.*/minidumps/ rw, - owner @{config_dirs}/*.*/minidumps/@{uuid}.{dmp,extra} rw, - owner @{config_dirs}/*.*/storage/default/* r, + owner @{config_dirs}/{,firefox/}*.*/extensions/*.xpi r, + owner @{config_dirs}/{,firefox/}*.*/minidumps/ rw, + owner @{config_dirs}/{,firefox/}*.*/minidumps/@{uuid}.{dmp,extra} rw, + owner @{config_dirs}/{,firefox/}*.*/storage/default/* r, owner @{cache_dirs}/firefox/*.*/startupCache/*Cache* r, diff --git a/apparmor.d/groups/bus/ibus-memconf b/apparmor.d/groups/bus/ibus-memconf index dc7895bae..79aae18f7 100644 --- a/apparmor.d/groups/bus/ibus-memconf +++ b/apparmor.d/groups/bus/ibus-memconf @@ -7,7 +7,7 @@ abi , include @{exec_path} = @{lib}/{,ibus/}ibus-memconf -profile ibus-memconf @{exec_path} { +profile ibus-memconf @{exec_path} flags=(attach_disconnected) { include include include @@ -27,5 +27,7 @@ profile ibus-memconf @{exec_path} { owner @{desktop_config_dirs}/ibus/bus/ r, owner @{desktop_config_dirs}/ibus/bus/@{hex32}-unix-{,wayland-}@{int} r, + owner /dev/tty@{int} rw, + include if exists } diff --git a/apparmor.d/groups/cron/cron-popularity-contest b/apparmor.d/groups/cron/cron-popularity-contest index aadae9bfe..59bd622f0 100644 --- a/apparmor.d/groups/cron/cron-popularity-contest +++ b/apparmor.d/groups/cron/cron-popularity-contest @@ -49,6 +49,7 @@ profile cron-popularity-contest @{exec_path} { /var/log/popularity-contest{,.new} rw, /var/log/popularity-contest{,.new}.gpg rw, /var/log/popularity-contest.@{int} rw, + /var/log/popularity-contest.@{int}.gpg rw, # Store last successful http submission timestamp /var/lib/popularity-contest/ rw, @@ -66,15 +67,14 @@ profile cron-popularity-contest @{exec_path} { @{bin}/savelog mr, - @{bin}/date rix, @{bin}/basename rix, - @{bin}/which{,.debianutils} rix, + @{bin}/date rix, @{bin}/dirname rix, - @{bin}/rm rix, - @{bin}/mv rix, - @{bin}/touch rix, @{bin}/gzip rix, - + @{bin}/mv rix, + @{bin}/rm rix, + @{bin}/touch rix, + @{bin}/which{,.debianutils} rix, @{sh_path} rix, /var/log/ r, @@ -82,9 +82,9 @@ profile cron-popularity-contest @{exec_path} { /var/log/popularity-contest.@{int} rw, /var/log/popularity-contest rw, - # file_inherit - owner @{tmp}/#@{int} rw, + owner @{tmp}/#@{int} rw, # file_inherit + include if exists } profile runuser { @@ -96,19 +96,18 @@ profile cron-popularity-contest @{exec_path} { @{bin}/runuser mr, @{sh_path} rix, - - @{bin}/popularity-contest rPx, - - owner @{PROC}/@{pids}/loginuid r, - @{PROC}/1/limits r, + @{bin}/popularity-contest rPx, @{etc_ro}/security/limits.d/ r, /var/log/popularity-contest.new w, - # file_inherit - owner @{tmp}/#@{int} rw, + @{PROC}/1/limits r, + owner @{PROC}/@{pids}/loginuid r, + owner @{tmp}/#@{int} rw, # file_inherit + + include if exists } profile gpg { @@ -126,9 +125,9 @@ profile cron-popularity-contest @{exec_path} { owner @{tmp}/tmp.*/** rwkl -> /tmp/tmp.*/**, - # file_inherit - owner @{tmp}/#@{int} rw, + owner @{tmp}/#@{int} rw, # file_inherit + include if exists } profile popcon-upload { @@ -142,18 +141,18 @@ profile cron-popularity-contest @{exec_path} { network inet6 stream, network netlink raw, - /usr/share/popularity-contest/popcon-upload r, @{bin}/perl r, - @{bin}/gzip rix, + /usr/share/popularity-contest/popcon-upload r, + /var/log/ r, /var/log/popularity-contest.new.gpg r, /var/log/popularity-contest.@{int}.gpg r, - # file_inherit - owner @{tmp}/#@{int} rw, + owner @{tmp}/#@{int} rw, # file_inherit + include if exists } include if exists diff --git a/apparmor.d/groups/gnome/gdm-generate-config b/apparmor.d/groups/gnome/gdm-generate-config index 7d24d304a..7d577c4c4 100644 --- a/apparmor.d/groups/gnome/gdm-generate-config +++ b/apparmor.d/groups/gnome/gdm-generate-config @@ -41,7 +41,7 @@ profile gdm-generate-config @{exec_path} { @{sys}/devices/system/node/node@{int}/meminfo r, @{PROC}/ r, - @{PROC}/@{pid}/cgroup r, + @{PROC}/@{pid}/cgroup r, @{PROC}/@{pid}/cmdline r, @{PROC}/@{pid}/stat r, @{PROC}/uptime r, diff --git a/apparmor.d/groups/gnome/gnome-shell b/apparmor.d/groups/gnome/gnome-shell index 217cc0d52..2f0c112e9 100644 --- a/apparmor.d/groups/gnome/gnome-shell +++ b/apparmor.d/groups/gnome/gnome-shell @@ -407,6 +407,8 @@ profile gnome-shell @{exec_path} flags=(attach_disconnected,mediate_deleted) { /usr/games/* PUx, /usr/share/gnome-shell/extensions/ding@rastersoft.com/{,*/}ding.js rPx, + owner @{run}/user/@{uid}/gnome-shell-disable-extensions w, + deny @{user_share_dirs}/gvfs-metadata/* r, include if exists diff --git a/apparmor.d/groups/gnome/gnome-software b/apparmor.d/groups/gnome/gnome-software index f4e6a1262..e87cbcd7e 100644 --- a/apparmor.d/groups/gnome/gnome-software +++ b/apparmor.d/groups/gnome/gnome-software @@ -99,6 +99,9 @@ profile gnome-software @{exec_path} { owner @{run}/user/@{uid}/.flatpak/**/*.ref rwk, owner @{run}/user/@{uid}/app/{,*/} rw, + owner /dev/shm/flatpak-com.*/ rw, + owner /dev/shm/flatpak-com.*/.flatpak-tmpdir rw, + @{run}/systemd/inhibit/*.ref rw, @{sys}/module/nvidia/version r, diff --git a/apparmor.d/groups/virt/libvirtd b/apparmor.d/groups/virt/libvirtd index 2a75035e1..32428f2b5 100644 --- a/apparmor.d/groups/virt/libvirtd +++ b/apparmor.d/groups/virt/libvirtd @@ -206,6 +206,7 @@ profile libvirtd @{exec_path} flags=(attach_disconnected) { @{sys}/devices/system/cpu/cpu@{int}/cache/{,**} r, @{sys}/devices/system/cpu/cpu@{int}/topology/{,**} r, + @{sys}/devices/system/cpu/isolated r, @{sys}/devices/system/cpu/present r, @{sys}/devices/system/node/ r, @{sys}/devices/system/node/node@{int}/ r, diff --git a/apparmor.d/profiles-a-f/cups-notifier-dbus b/apparmor.d/profiles-a-f/cups-notifier-dbus index 3fb7158e9..dddfea78a 100644 --- a/apparmor.d/profiles-a-f/cups-notifier-dbus +++ b/apparmor.d/profiles-a-f/cups-notifier-dbus @@ -11,14 +11,13 @@ profile cups-notifier-dbus @{exec_path} { include include include + include include signal (receive) set=(term) peer=cupsd, @{exec_path} mr, - /etc/cups/client.conf r, - owner /var/spool/cups/tmp/cups-dbus-notifier-lockfile rw, owner @{tmp}/cups-dbus-notifier-lockfile rwk, diff --git a/apparmor.d/profiles-a-f/flatpak-portal b/apparmor.d/profiles-a-f/flatpak-portal index d82c38653..a41bf3e77 100644 --- a/apparmor.d/profiles-a-f/flatpak-portal +++ b/apparmor.d/profiles-a-f/flatpak-portal @@ -34,6 +34,9 @@ profile flatpak-portal @{exec_path} flags=(attach_disconnected) { / r, /.flatpak-info r, + owner @{HOME}/.var/app/*/**/.ref rw, + owner @{HOME}/.var/app/*/**/logs/* rw, + owner @{user_config_dirs}/user-dirs.dirs r, owner @{user_share_dirs}/mime/mime.cache r, diff --git a/apparmor.d/profiles-g-l/kodi-xrandr b/apparmor.d/profiles-g-l/kodi-xrandr index 469476329..843375246 100644 --- a/apparmor.d/profiles-g-l/kodi-xrandr +++ b/apparmor.d/profiles-g-l/kodi-xrandr @@ -16,7 +16,7 @@ profile kodi-xrandr @{exec_path} { owner @{HOME}/.Xauthority r, # file_inherit - @{sys}/devices/virtual/thermal/thermal_zone0/temp r, + @{sys}/devices/virtual/thermal/thermal_zone@{int}/temp r, @{sys}/devices/system/cpu/cpufreq/policy0/scaling_cur_freq r, owner @{HOME}/.kodi/temp/kodi.log w, diff --git a/apparmor.d/profiles-g-l/libreoffice b/apparmor.d/profiles-g-l/libreoffice index cad2260bb..f2da11dd6 100644 --- a/apparmor.d/profiles-g-l/libreoffice +++ b/apparmor.d/profiles-g-l/libreoffice @@ -52,13 +52,17 @@ profile libreoffice @{exec_path} { @{lib}/libreoffice/share/uno_packages/cache/stamp.sys w, @{lib}/libreoffice/{,**} rm, + /usr/share/hyphen/{,**} r, /usr/share/libexttextcat/{,**} r, /usr/share/liblangtag/{,**} r, + /usr/share/libreoffice/{,**} r, + /usr/share/mythes/{,**} r, /etc/java-openjdk/{,**} r, /etc/libreoffice/{,**} r, /etc/paperspecs r, + owner @{user_cache_dirs}/libreoffice/{,**} rw, owner @{user_config_dirs}/libreoffice/ rw, owner @{user_config_dirs}/libreoffice/** rwk, @@ -75,6 +79,7 @@ profile libreoffice @{exec_path} { @{sys}/kernel/mm/transparent_hugepage/enabled r, @{sys}/kernel/mm/transparent_hugepage/shmem_enabled r, owner @{sys}/fs/cgroup/user.slice/user-@{int}.slice/user@@{int}.service/app.slice/**/memory.max r, + owner @{sys}/fs/cgroup/user.slice/user-@{int}.slice/user@@{int}.service/session.slice/org.gnome.Shell@wayland.service/memory.max r, @{PROC}/cgroups r, owner @{PROC}/@{pid}/cgroup r, diff --git a/apparmor.d/profiles-m-r/mkinitramfs b/apparmor.d/profiles-m-r/mkinitramfs index 304b5834f..081aad4e6 100644 --- a/apparmor.d/profiles-m-r/mkinitramfs +++ b/apparmor.d/profiles-m-r/mkinitramfs @@ -59,7 +59,7 @@ profile mkinitramfs @{exec_path} { @{bin}/kmod rCx -> kmod, @{bin}/ldconfig rCx -> ldconfig, @{bin}/ldd rCx -> ldd, - @{lib}/ld-linux.so.2 rCx -> ldd, + @{lib}/ld-linux.so* rCx -> ldd, @{bin}/dpkg rPx -> child-dpkg, @{bin}/linux-version rPx, diff --git a/apparmor.d/profiles-m-r/qpdfview b/apparmor.d/profiles-m-r/qpdfview index 4ce205c27..bb0ad1aa8 100644 --- a/apparmor.d/profiles-m-r/qpdfview +++ b/apparmor.d/profiles-m-r/qpdfview @@ -61,6 +61,4 @@ profile qpdfview @{exec_path} { owner /dev/tty@{int} rw, include if exists -} - - +} \ No newline at end of file diff --git a/apparmor.d/profiles-s-z/wsdd b/apparmor.d/profiles-s-z/wsdd index 46a3c40b6..d850e9f02 100644 --- a/apparmor.d/profiles-s-z/wsdd +++ b/apparmor.d/profiles-s-z/wsdd @@ -11,6 +11,10 @@ profile wsdd @{exec_path} { include include + network inet dgram, + network inet6 dgram, + network netlink raw, + @{exec_path} mr, @{bin}/env r, @@ -18,6 +22,8 @@ profile wsdd @{exec_path} { /etc/machine-id r, + owner /var/lib/libuuid/clock.txt rw, + owner @{run}/user/@{uid}/gvfsd/wsdd w, include if exists From 8fe2bf4c20a3525c80116d7b6f5a9f4b78f72c00 Mon Sep 17 00:00:00 2001 From: Alexandre Pujol Date: Tue, 11 Jun 2024 00:00:51 +0100 Subject: [PATCH 07/52] feat(profile): add missing enchant abs. --- apparmor.d/groups/gnome/gnome-text-editor | 3 +-- apparmor.d/groups/xfce/mousepad | 6 +----- apparmor.d/profiles-g-l/libreoffice | 1 + 3 files changed, 3 insertions(+), 7 deletions(-) diff --git a/apparmor.d/groups/gnome/gnome-text-editor b/apparmor.d/groups/gnome/gnome-text-editor index 6d40144ce..de035a598 100644 --- a/apparmor.d/groups/gnome/gnome-text-editor +++ b/apparmor.d/groups/gnome/gnome-text-editor @@ -11,13 +11,12 @@ profile gnome-text-editor @{exec_path} { include include include + include include include @{exec_path} mr, - /usr/share/enchant-*/{,**} r, - owner @{user_share_dirs}/org.gnome.TextEditor/{,**} rw, owner @{PROC}/@{pid}/mountinfo r, diff --git a/apparmor.d/groups/xfce/mousepad b/apparmor.d/groups/xfce/mousepad index e61709db1..a83e7fa0c 100644 --- a/apparmor.d/groups/xfce/mousepad +++ b/apparmor.d/groups/xfce/mousepad @@ -10,6 +10,7 @@ include profile mousepad @{exec_path} { include include + include include include include @@ -18,14 +19,9 @@ profile mousepad @{exec_path} { @{open_path} rPx -> child-open-help, - /usr/share/hunspell/{,**} r, - owner @{user_config_dirs}/Mousepad/ rw, owner @{user_config_dirs}/Mousepad/** rwk, - owner @{user_config_dirs}/enchant/ rw, - owner @{user_config_dirs}/enchant/ rwk, - owner @{user_share_dirs}/Mousepad/ rw, owner @{user_share_dirs}/Mousepad/** rwk, diff --git a/apparmor.d/profiles-g-l/libreoffice b/apparmor.d/profiles-g-l/libreoffice index f2da11dd6..f9dc76461 100644 --- a/apparmor.d/profiles-g-l/libreoffice +++ b/apparmor.d/profiles-g-l/libreoffice @@ -13,6 +13,7 @@ profile libreoffice @{exec_path} { include include include + include include include include From 08a1aba39d11e04c4cad657078ded50cfe66c5c6 Mon Sep 17 00:00:00 2001 From: Alexandre Pujol Date: Tue, 11 Jun 2024 00:01:46 +0100 Subject: [PATCH 08/52] feat(abs): bwrap: add special mount rule for debian. --- apparmor.d/abstractions/common/bwrap | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/apparmor.d/abstractions/common/bwrap b/apparmor.d/abstractions/common/bwrap index f2e76bcdf..4b9610472 100644 --- a/apparmor.d/abstractions/common/bwrap +++ b/apparmor.d/abstractions/common/bwrap @@ -2,10 +2,9 @@ # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# Minimal set of rules for bwrap - +# A minimal set of rules for sandboxed programs using bwrap. # A profile using this abstraction still needs to set: -# - the attach_disconnected flag +# - the flag: attach_disconnected # - bwrap execution: '@{bin}/bwrap rix,' # userns, @@ -31,6 +30,9 @@ umount /, umount /oldroot/, + #aa:only debian whonix + mount -> /newroot/{,**}, # Debian does not support the remount rule. + pivot_root oldroot=/newroot/ /newroot/, pivot_root oldroot=/tmp/oldroot/ /tmp/, From 6f5986a05e80dd24efb53340ebe58c07e0bd0ff1 Mon Sep 17 00:00:00 2001 From: Alexandre Pujol Date: Tue, 11 Jun 2024 00:08:17 +0100 Subject: [PATCH 09/52] feat(aa-log): improve rule generation on debian. --- pkg/aa/profile.go | 21 ++++++++++++++------- 1 file changed, 14 insertions(+), 7 deletions(-) diff --git a/pkg/aa/profile.go b/pkg/aa/profile.go index 211813789..365bf1eba 100644 --- a/pkg/aa/profile.go +++ b/pkg/aa/profile.go @@ -190,10 +190,14 @@ var ( return newFileFromLog(log) } }, - "exec": newFileFromLog, - "file_inherit": newFileFromLog, - "file_perm": newFileFromLog, - "open": newFileFromLog, + "exec": newFileFromLog, + "getattr": newFileFromLog, + "mkdir": newFileFromLog, + "mknod": newFileFromLog, + "open": newFileFromLog, + "rename_src": newFileFromLog, + "truncate": newFileFromLog, + "unlink": newFileFromLog, } newLogMountMap = map[string]func(log map[string]string) Rule{ "mount": newMountFromLog, @@ -229,10 +233,13 @@ func (p *Profile) AddRule(log map[string]string) { } if !done { - if strings.Contains(log["operation"], "dbus") { + switch { + case strings.HasPrefix(log["operation"], "file_"): + p.Rules = append(p.Rules, newFileFromLog(log)) + case strings.Contains(log["operation"], "dbus"): p.Rules = append(p.Rules, newDbusFromLog(log)) - } else { - fmt.Printf("unknown log type: %s", log) + default: + fmt.Printf("unknown log type: %s", log["operation"]) } } } From 6d549b7c70415e884586c23a8a5d2448d89e543d Mon Sep 17 00:00:00 2001 From: Alexandre Pujol Date: Tue, 11 Jun 2024 00:21:29 +0100 Subject: [PATCH 10/52] feat(profile): rewrite steam profiles. - Separate profile for sandboxes. - Separate profile for native and proton games. - Updated path dirs - tested on arch & debian. Note: these profiles are still in alpha stage and disabled by default. --- apparmor.d/abstractions/common/steam-game | 115 +++++++ apparmor.d/profiles-s-z/steam | 333 ++++++++++++++------ apparmor.d/profiles-s-z/steam-fossilize | 16 +- apparmor.d/profiles-s-z/steam-game | 225 ------------- apparmor.d/profiles-s-z/steam-game-native | 37 +++ apparmor.d/profiles-s-z/steam-game-proton | 107 +++++++ apparmor.d/profiles-s-z/steam-gameoverlayui | 28 +- apparmor.d/profiles-s-z/steam-launch | 46 +++ apparmor.d/profiles-s-z/steam-launcher | 29 ++ apparmor.d/profiles-s-z/steam-reaper | 40 --- apparmor.d/profiles-s-z/steam-runtime | 81 +++-- apparmor.d/profiles-s-z/steamerrorreporter | 19 +- dists/flags/main.flags | 10 +- dists/ignore/main.ignore | 6 +- 14 files changed, 681 insertions(+), 411 deletions(-) create mode 100644 apparmor.d/abstractions/common/steam-game delete mode 100644 apparmor.d/profiles-s-z/steam-game create mode 100644 apparmor.d/profiles-s-z/steam-game-native create mode 100644 apparmor.d/profiles-s-z/steam-game-proton create mode 100644 apparmor.d/profiles-s-z/steam-launch create mode 100644 apparmor.d/profiles-s-z/steam-launcher delete mode 100644 apparmor.d/profiles-s-z/steam-reaper diff --git a/apparmor.d/abstractions/common/steam-game b/apparmor.d/abstractions/common/steam-game new file mode 100644 index 000000000..719fcbd60 --- /dev/null +++ b/apparmor.d/abstractions/common/steam-game @@ -0,0 +1,115 @@ +# apparmor.d - Full set of apparmor profiles +# Copyright (C) 2024 Alexandre Pujol +# SPDX-License-Identifier: GPL-2.0-only + + include + include + include + include + include + include + include + + @{bin}/uname rix, + @{bin}/xdg-settings rPx, + @{browsers_path} rPx, + + @{bin}/env r, + + @{app_dirs}/ r, + @{lib_dirs}/ r, + @{lib}/ r, + / r, + /home/ r, + /usr/ r, + /usr/local/ r, + /usr/local/lib/ r, + + /etc/machine-id r, + /var/lib/dbus/machine-id r, + + owner @{HOME}/ r, + owner @{HOME}/.steam/steam.pid r, + owner @{HOME}/.steam/steam.pipe r, + + owner @{user_games_dirs}/ r, + owner @{user_games_dirs}/*/ r, + owner @{user_games_dirs}/*/{,**} rwkl, + + owner @{user_config_dirs}/unity3d/{,**} rwk, + + owner @{share_dirs}/ r, + owner @{share_dirs}/* r, + owner @{share_dirs}/config/*.vdf* rw, + owner @{share_dirs}/logs/* rw, + owner @{share_dirs}/steamapps/ r, + owner @{share_dirs}/steamapps/common/ r, + owner @{share_dirs}/steamapps/common/*/** rwlk, + owner @{share_dirs}/steamapps/shadercache/{,**} rwk, + owner @{share_dirs}/shader_cache_temp_dir_*/fozpipelinesv@{int}/{,**} rw, + + @{tmp}/ r, + owner @{tmp}/#@{int} rw, + owner @{tmp}/CASESENSITIVETEST@{hex32} rw, + owner @{tmp}/crashes/ rw, + owner @{tmp}/crashes/** rwk, + owner @{tmp}/miles_image_@{rand6} mrw, + owner @{tmp}/runtime-info.txt.@{rand6} rw, + owner @{tmp}/vdpau-drivers-@{rand6}/{,**} rw, + + owner /dev/shm/mono.@{int} rw, + owner /dev/shm/softbuffer-x11-@{rand6}@{c} rw, + owner /dev/shm/u@{uid}-Shm_@{hex6} rw, + owner /dev/shm/u@{uid}-Shm_@{hex6}@{h} rw, + owner /dev/shm/u@{uid}-Shm_@{hex8} rw, + owner /dev/shm/u@{uid}-ValveIPCSharedObj-Steam rwk, + owner /dev/shm/ValveIPCSHM_@{uid} rw, + + @{run}/udev/data/+input:input@{int} r, # for mouse, keyboard, touchpad + @{run}/udev/data/c13:@{int} r, # for /dev/input/* + + @{sys}/ r, + @{sys}/bus/ r, + @{sys}/class/ r, + @{sys}/class/hidraw/ r, + @{sys}/class/input/ r, + @{sys}/devices/ r, + @{sys}/devices/@{pci}/boot_vga r, + @{sys}/devices/@{pci}/net/*/carrier r, + @{sys}/devices/**/input@{int}/ r, + @{sys}/devices/**/input@{int}/**/{vendor,product} r, + @{sys}/devices/**/input@{int}/capabilities/* r, + @{sys}/devices/**/input/input@{int}/ r, + @{sys}/devices/**/uevent r, + @{sys}/devices/system/ r, + @{sys}/devices/system/clocksource/clocksource@{int}/current_clocksource r, + @{sys}/devices/system/cpu/cpu@{int}/ r, + @{sys}/devices/virtual/dmi/id/* r, + @{sys}/devices/virtual/net/*/carrier r, + @{sys}/kernel/ r, + + @{sys}/fs/cgroup/user.slice/cpu.max r, + @{sys}/fs/cgroup/user.slice/user-@{uid}.slice/cpu.max r, + @{sys}/fs/cgroup/user.slice/user-@{uid}.slice/user@@{uid}.service/cpu.max r, + owner @{sys}/fs/cgroup/user.slice/user-@{uid}.slice/user@@{uid}.service/app.slice/cpu.max r, + + @{PROC}/uptime r, + @{PROC}/version r, + owner @{PROC}/@{pid}/cgroup r, + owner @{PROC}/@{pid}/cmdline r, + owner @{PROC}/@{pid}/fd/ r, + owner @{PROC}/@{pid}/mounts r, + owner @{PROC}/@{pid}/pagemap r, + owner @{PROC}/@{pid}/stat r, + owner @{PROC}/@{pid}/task/ r, + owner @{PROC}/@{pid}/task/@{tid}/comm rw, + owner @{PROC}/@{pid}/task/@{tid}/stat r, + + /dev/ r, + /dev/hidraw@{int} rw, + /dev/input/ r, + /dev/input/event@{int} rw, + /dev/tty rw, + /dev/uinput rw, + + include if exists \ No newline at end of file diff --git a/apparmor.d/profiles-s-z/steam b/apparmor.d/profiles-s-z/steam index 85f5191bb..36b8bd54d 100644 --- a/apparmor.d/profiles-s-z/steam +++ b/apparmor.d/profiles-s-z/steam @@ -6,28 +6,32 @@ # - Ensure no user data is accessed by either steam or steam games # - Limit what steam/games can access to the host # -# Current architecture: +# Overall architecture of the steam profiles: # steam -# ├── steam-fossilize -# ├── steam-reaper -# │ └── steam-game -# ├── steam-gameoverlayui -# └── steamerrorreporter +# ├── steam//check # Requirements check (sandboxed) +# ├── steam//web # steamwebhelper (sandboxed) +# ├── steam-fossilize # Update shader cache +# ├── steam-runtime # Launcher tasks up to the creation of the sandbox +# │ ├── steam-game-native # Native games +# │ └── steam-game-proton # Proton games (sandboxed) +# ├── steam-gameoverlayui # Steam game overlay +# └── steamerrorreporter # Error reporter abi , include -@{share_dirs} = @{user_share_dirs}/Steam +@{arch} = amd64 i386 +@{runtime} = SteamLinuxRuntime_sniper +@{share_dirs} = @{user_share_dirs}/Steam @{HOME}/.steam/debian-installation @{lib_dirs} = @{share_dirs}/ubuntu@{int2}_{32,64} -@{runtime_dirs} = @{share_dirs}/steamapps/common/SteamLinuxRuntime_sniper +@{runtime_dirs} = @{lib_dirs}/steam-runtime{,-sniper} +@{app_dirs} = @{share_dirs}/steamapps/common/ @{exec_path} = @{share_dirs}/steam.sh profile steam @{exec_path} flags=(attach_disconnected,mediate_deleted) { include include - include - include include include include @@ -38,69 +42,71 @@ profile steam @{exec_path} flags=(attach_disconnected,mediate_deleted) { include include + capability sys_ptrace, + network inet dgram, network inet6 dgram, network inet stream, network inet6 stream, network netlink raw, + network unix stream, - ptrace (read), - ptrace (trace) peer=steam, + ptrace read, + ptrace trace peer=steam, - signal (send) peer=steam-game, - signal (read), - - unix (receive) type=stream, + signal send peer=steam-game, + signal send peer=steam-launcher, + signal send peer=steam//journalctl, + signal send peer=steam//web, @{exec_path} mrix, @{sh_path} rix, @{coreutils_path} rix, - @{bin}/cmp rix, - @{bin}/file rix, @{bin}/getopt rix, - @{bin}/gzip rix, + @{bin}/journalctl rPx -> systemctl, @{bin}/ldconfig rix, @{bin}/ldd rix, - @{bin}/localedef rix, @{bin}/lsb_release rPx -> lsb_release, @{bin}/lsof rix, @{bin}/lspci rCx -> lspci, - @{bin}/steam-runtime-urlopen rix, - @{bin}/tar rix, - @{bin}/which rix, + @{bin}/which{,.debianutils} rix, @{bin}/xdg-icon-resource rPx, @{bin}/xdg-user-dir rix, - @{bin}/xz rix, - @{bin}/zenity rix, + @{lib}/@{multiarch}/ld-*.so* rix, @{lib}/ld-linux.so* rix, + @{open_path} rPx -> child-open, - @{lib_dirs}/** mr, - @{lib_dirs}/*/** ix, - @{lib_dirs}/*driverquery rix, - @{lib_dirs}/fossilize_replay rpx, - @{lib_dirs}/gameoverlayui rpx, - @{lib_dirs}/reaper rpx, - @{lib_dirs}/steam* rix, + @{lib_dirs}/** mr, + @{lib_dirs}/*driverquery rix, + @{lib_dirs}/fossilize_replay rpx, + @{lib_dirs}/gameoverlayui rpx, + @{lib_dirs}/reaper rpx, # steam-runtime + @{lib_dirs}/steam* rix, - # Entry point for steam-game - @{runtime_dirs}/*entry-point rpx, - - @{lib}/pressure-vessel/from-host/** rix, - @{run}/host/@{bin}/* rix, - @{run}/host/@{lib}/** rix, + @{app_dirs}/@{runtime}/*entry-point rpx -> steam-runtime, @{share_dirs}/linux{32,64}/steamerrorreporter rpx, - @{share_dirs}/config/cefdata/WidevineCdm/**/linux_*/libwidevinecdm.so rm, - /usr/lib/os-release rk, - /usr/share/fonts/**.{ttf,otf} rk, - /usr/share/terminfo/** r, - /usr/share/zenity/* r, + @{runtime_dirs}/@{arch}/@{bin}/steam-runtime-check-requirements rcx -> check, + @{runtime_dirs}/@{arch}/@{bin}/steam-runtime-identify-library-abi rix, + @{runtime_dirs}/@{arch}/@{bin}/steam-runtime-launcher-service rpx, + @{runtime_dirs}/@{arch}/@{bin}/steam-runtime-system-info rix, + @{runtime_dirs}/@{lib}/steam-runtime-tools-@{int}/@{multiarch}-* rix, + @{runtime_dirs}/*entry-point rix, + @{runtime_dirs}/pressure-vessel/@{bin}/pressure-vessel-* rix, + @{runtime_dirs}/pressure-vessel/@{lib}/steam-runtime-tools-@{int}/@{multiarch}-* rix, + @{runtime_dirs}/pressure-vessel/@{lib}/steam-runtime-tools-@{int}/srt-bwrap rcx -> web, + @{runtime_dirs}/run{,.sh} rix, + @{runtime_dirs}/setup.sh rix, + + @{lib}/os-release rk, + + /usr/share/fonts/** rk, /etc/lsb-release r, - /etc/udev/udev.conf r, /etc/machine-id r, + /etc/timezone r, /var/lib/dbus/machine-id r, @{bin}/ r, @@ -108,16 +114,11 @@ profile steam @{exec_path} flags=(attach_disconnected,mediate_deleted) { / r, /etc/ r, /home/ r, - /run/ r, /usr/ r, /usr/local/ r, /usr/local/lib/ r, /var/ r, - - owner /bindfile@{rand6} rw, - - owner /var/pressure-vessel/** rw, - owner /var/cache/ldconfig/aux-cache* rw, + /var/tmp/ r, owner @{HOME}/ r, owner @{HOME}/.steam/{,**} rw, @@ -142,106 +143,231 @@ profile steam @{exec_path} flags=(attach_disconnected,mediate_deleted) { owner @{user_share_dirs}/icons/hicolor/**/apps/steam*.png rw, owner @{user_share_dirs}/vulkan/implicit_layer.d/steam*.json rwk, - owner /dev/shm/#@{int} rw, - owner /dev/shm/fossilize-*-@{int}-@{int} rw, - owner /dev/shm/u@{uid}-Shm_@{hex} rw, - owner /dev/shm/u@{uid}-ValveIPCSharedObj-Steam rwk, - owner /dev/shm/ValveIPCSHM_@{uid} rw, - @{tmp}/ r, owner @{tmp}/#@{int} rw, owner @{tmp}/dumps/ rw, owner @{tmp}/dumps/** rwk, owner @{tmp}/gdkpixbuf-xpm-tmp.@{rand6} rw, - owner @{tmp}/miles_image_* mrw, - owner @{tmp}/pressure-vessel-*-@{rand6}/ rw, - owner @{tmp}/pressure-vessel-*-@{rand6}/** rwlk -> @{tmp}/pressure-vessel-*-@{rand6}/**, - owner @{tmp}/runtime-info.txt.* rwk, - owner @{tmp}/sh-thd.* rw, - owner @{tmp}/steam_chrome_shmem_uid@{uid}_spid@{int} rw, + owner @{tmp}/glx-icds-@{rand6}/{,**} rw, + owner @{tmp}/runtime-info.txt.@{rand6} rwk, owner @{tmp}/steam@{rand6}/{,**} rw, owner @{tmp}/steam/ rw, owner @{tmp}/steam/** rwk, owner @{tmp}/vdpau-drivers-@{rand6}/{,**} rw, - owner @{run}/pressure-vessel/** r, + /dev/shm/ r, + owner /dev/shm/fossilize-*-@{int}-@{int} rw, + owner /dev/shm/u@{uid}-Shm_@{hex6} rw, + owner /dev/shm/u@{uid}-Shm_@{hex6}@{h} rw, + owner /dev/shm/u@{uid}-Shm_@{hex8} rw, + owner /dev/shm/u@{uid}-ValveIPCSharedObj-Steam rwk, + owner /dev/shm/ValveIPCSHM_@{uid} rw, + owner @{run}/user/@{uid}/ r, - @{run}/host/{,**} r, - - @{run}/udev/data/+input:input@{int} r, # for mouse, keyboard, touchpad @{run}/udev/data/+pci:* r, # Identifies all PCI devices (CPU, GPU, Network, Disks, USB, etc.) @{run}/udev/data/c13:@{int} r, # for /dev/input/* - @{run}/udev/data/c116:@{int} r, # for ALSA - @{run}/udev/data/c@{dynamic}:@{int} r, # For dynamic assignment range 234 to 254, 384 to 511 @{run}/udev/data/n@{int} r, @{sys}/ r, @{sys}/bus/ r, - @{sys}/bus/pci/devices/ r, @{sys}/class/ r, @{sys}/class/hidraw/ r, @{sys}/class/input/ r, @{sys}/class/net/ r, - @{sys}/devices/@{pci}/class r, - @{sys}/devices/@{pci}/i2c-@{int}/{,**/}report_descriptor r, - @{sys}/devices/@{pci}/sound/card@{int}/** r, - @{sys}/devices/@{pci}/usb@{int}/{manufacturer,product,bcdDevice,bInterfaceNumber} r, + @{sys}/devices/ r, + @{sys}/devices/@{pci}/boot_vga r, + @{sys}/devices/@{pci}/sound/card@{int}/input@{int}/properties r, @{sys}/devices/**/input@{int}/ r, @{sys}/devices/**/input@{int}/capabilities/* r, @{sys}/devices/**/input/input@{int}/ r, @{sys}/devices/**/input/input@{int}/properties r, + @{sys}/devices/**/report_descriptor r, @{sys}/devices/**/uevent r, - @{sys}/devices/system/cpu/** r, - @{sys}/devices/system/node/ r, - @{sys}/devices/virtual/**/report_descriptor r, + @{sys}/devices/system/ r, + @{sys}/devices/system/cpu/cpu@{int}/ r, + @{sys}/devices/virtual/dmi/id/bios_vendor r, + @{sys}/devices/virtual/dmi/id/bios_version r, + @{sys}/devices/virtual/dmi/id/product_name r, + @{sys}/devices/virtual/dmi/id/sys_vendor r, @{sys}/devices/virtual/net/*/ r, - @{sys}/devices/virtual/tty/tty@{int}/active r, @{sys}/kernel/ r, @{sys}/power/suspend_stats/success rk, @{PROC}/ r, - @{PROC}/@{pids}/comm rk, - @{PROC}/@{pids}/net/route r, - @{PROC}/@{pids}/stat r, - @{PROC}/locks r, + @{PROC}/@{pid}/comm rk, + @{PROC}/@{pid}/fdinfo/@{int} r, @{PROC}/@{pid}/net/* r, + @{PROC}/@{pid}/stat r, + @{PROC}/@{pid}/stat r, @{PROC}/1/cgroup r, - @{PROC}/sys/fs/inotify/max_user_watches r, + @{PROC}/locks r, @{PROC}/sys/kernel/sched_autogroup_enabled r, - @{PROC}/sys/kernel/unprivileged_userns_clone r, - @{PROC}/sys/kernel/yama/ptrace_scope r, - @{PROC}/sys/net/ipv{4,6}/conf/all/disable_ipv{4,6} r, - @{PROC}/sys/user/max_user_namespaces r, + @{PROC}/sys/net/ipv6/conf/all/disable_ipv6 r, @{PROC}/version r, - owner @{PROC}/@{pid}/mem r, owner @{PROC}/@{pid}/autogroup rw, owner @{PROC}/@{pid}/cmdline rk, owner @{PROC}/@{pid}/environ r, owner @{PROC}/@{pid}/fd/ r, - owner @{PROC}/@{pid}/fdinfo/@{int} r, + owner @{PROC}/@{pid}/mem r, owner @{PROC}/@{pid}/mounts r, - owner @{PROC}/@{pid}/oom_score_adj w, - owner @{PROC}/@{pid}/statm r, owner @{PROC}/@{pid}/task/ r, owner @{PROC}/@{pid}/task/@{tid}/comm rw, - owner @{PROC}/@{pid}/task/@{tid}/status r, - /dev/hidraw@{int} rw, /dev/input/ r, - /dev/input/event@{int} r, - /dev/tty rw, /dev/uinput w, - audit deny /**.steam_exec_test.sh rw, - deny owner @{user_share_dirs}/gvfs-metadata/{,*} r, + deny /opt/** r, - profile lspci { + profile web flags=(attach_disconnected,mediate_deleted,complain) { + include + include + include + include + include + include + include + include + + network inet dgram, + network inet6 dgram, + network inet stream, + network inet6 stream, + network netlink raw, + + ptrace trace peer=steam//web, + + signal receive set=kill peer=steam, + + unix receive type=stream, + + @{bin}/ldconfig rix, + @{bin}/getopt rix, + @{bin}/gzip rix, + @{bin}/true rix, + @{bin}/localedef rix, + @{bin}/readlink rix, + + @{lib_dirs}/** mr, + @{lib_dirs}/steamwebhelper rix, + @{lib_dirs}/steamwebhelper_sniper_wrap.sh rix, + + @{runtime_dirs}/pressure-vessel/@{lib}/steam-runtime-tools-@{int}/srt-bwrap mr, + @{runtime_dirs}/pressure-vessel/@{bin}/steam-runtime-launcher-interface-@{int} rix, + + @{lib}/pressure-vessel/from-host/** rix, + @{run}/host/@{bin}/* rix, + @{run}/host/@{lib}/** rix, + + @{share_dirs}/config/cefdata/WidevineCdm/**/linux_*/libwidevinecdm.so mr, + + @{runtime_dirs}/var/tmp-@{rand6}/usr/.ref w, + + @{run}/host/{,**} r, + + /etc/machine-id r, + + @{lib}/ r, + /usr/local/lib/ r, + /var/tmp/ r, + + owner /bindfile@{rand6} rw, + + owner /var/cache/ldconfig/aux-cache* rw, + owner /var/pressure-vessel/ldso/* rw, + + owner @{HOME}/.pki/ rw, + owner @{HOME}/.pki/nssdb/ rw, + owner @{HOME}/.pki/nssdb/pkcs11.txt rw, + owner @{HOME}/.pki/nssdb/{cert9,key4}.db rwk, + owner @{HOME}/.pki/nssdb/{cert9,key4}.db-journal rw, + + owner @{lib_dirs}/.cef-* wk, + + owner @{share_dirs}/{,**} r, + owner @{share_dirs}/config/** rwk, + owner @{share_dirs}/logs/** rwk, + owner @{share_dirs}/clientui/** k, + owner @{share_dirs}/public/** k, + + @{tmp}/ r, + owner @{tmp}/#@{int} rw, + owner @{tmp}/dumps/ rw, + owner @{tmp}/dumps/** rwk, + owner @{tmp}/.org.chromium.Chromium.@{rand6} rw, + owner @{tmp}/pressure-vessel-*-@{rand6}/ rw, + owner @{tmp}/pressure-vessel-*-@{rand6}/** rwlk -> @{tmp}/pressure-vessel-*-@{rand6}/**, + owner @{tmp}/steam_chrome_shmem_uid@{uid}_spid@{int} rw, + + /dev/shm/ r, + owner /dev/shm/.org.chromium.Chromium.@{rand6} rw, + owner /dev/shm/u@{uid}-Shm_@{hex6} rw, + owner /dev/shm/u@{uid}-Shm_@{hex6}@{h} rw, + owner /dev/shm/u@{uid}-Shm_@{hex8} rw, + owner /dev/shm/u@{uid}-ValveIPCSharedObj-Steam rwk, + owner /dev/shm/ValveIPCSHM_@{uid} rw, + + owner @{run}/pressure-vessel/** r, + + @{run}/udev/data/c13:@{int} r, # for /dev/input/* + + @{sys}/bus/ r, + @{sys}/bus/*/devices/ r, + @{sys}/class/*/ r, + @{sys}/devices/**/report_descriptor r, + @{sys}/devices/**/uevent r, + @{sys}/devices/system/cpu/kernel_max r, + @{sys}/devices/virtual/tty/tty@{int}/active r, + + @{PROC}/ r, + @{PROC}/@{pid}/stat r, + @{PROC}/sys/fs/inotify/max_user_watches r, + @{PROC}/sys/kernel/yama/ptrace_scope r, + owner @{PROC}/@{pid}/cmdline r, + owner @{PROC}/@{pid}/oom_score_adj w, + owner @{PROC}/@{pid}/statm r, + owner @{PROC}/@{pid}/task/ r, + owner @{PROC}/@{pid}/task/@{tid}/status r, + + /dev/hidraw@{int} rw, + /dev/tty rw, + + include if exists + } + + profile check flags=(attach_disconnected,mediate_deleted,complain) { + include + include + include + + unix receive type=stream, + + @{bin}/true rix, + + @{lib_dirs}/** mr, + @{runtime_dirs}/@{arch}/@{bin}/steam-runtime-check-requirements mr, + @{runtime_dirs}/@{lib}/steam-runtime-tools-@{int}/srt-bwrap rix, + + / r, + + owner @{HOME}/.steam/root r, + owner @{HOME}/.steam/steam r, + + owner @{share_dirs}/ r, + + @{PROC}/@{pid}/cgroup r, + + include if exists + } + + profile lspci flags=(attach_disconnected,mediate_deleted,complain) { include include include + unix receive type=stream, + @{bin}/lspci mr, owner @{HOME}/.steam/steam.pipe r, @@ -256,5 +382,18 @@ profile steam @{exec_path} flags=(attach_disconnected,mediate_deleted) { include if exists } + profile systemctl { + include + include + + /{run,var}/log/journal/ r, + /{run,var}/log/journal/@{hex32}/ r, + /{run,var}/log/journal/@{hex32}/system.journal* r, + /{run,var}/log/journal/@{hex32}/system@@{hex}.journal* r, + /{run,var}/log/journal/@{hex32}/user-@{hex}.journal* r, + + include if exists + } + include if exists } diff --git a/apparmor.d/profiles-s-z/steam-fossilize b/apparmor.d/profiles-s-z/steam-fossilize index 323abea8c..b8ec7e182 100644 --- a/apparmor.d/profiles-s-z/steam-fossilize +++ b/apparmor.d/profiles-s-z/steam-fossilize @@ -6,9 +6,12 @@ abi , include -@{share_dirs} = @{user_share_dirs}/Steam -@{lib_dirs} = @{share_dirs}/ubuntu@{int2}_{32,64} -@{runtime_dirs} = @{share_dirs}/steamapps/common/SteamLinuxRuntime_sniper +@{arch} = amd64 i386 +@{runtime} = SteamLinuxRuntime_sniper +@{share_dirs} = @{user_share_dirs}/Steam @{HOME}/.steam/debian-installation +@{lib_dirs} = @{share_dirs}/ubuntu@{int2}_{32,64} @{share_dirs}/linux{32,64} +@{runtime_dirs} = @{lib_dirs}/steam-runtime{,-sniper} +@{app_dirs} = @{share_dirs}/steamapps/common/ @{exec_path} = @{lib_dirs}/fossilize_replay profile steam-fossilize @{exec_path} flags=(attach_disconnected) { @@ -17,17 +20,22 @@ profile steam-fossilize @{exec_path} flags=(attach_disconnected) { include include + signal receive peer=steam, + @{exec_path} mr, - @{lib_dirs}/*.so* mr, + @{lib_dirs}/** mr, owner @{HOME}/.steam/steam.pipe r, + owner @{share_dirs}/logs/container-runtime-info.txt.@{rand6} rw, owner @{share_dirs}/steamapps/shadercache/@{int}/fozpipelinesv@{int}/{,**} rw, owner @{share_dirs}/steamapps/shadercache/@{int}/mesa_shader_cache_sf/{,**} rwk, owner @{share_dirs}/steamapps/shadercache/@{int}/nvidiav@{int}/GLCache/ rw, owner @{share_dirs}/steamapps/shadercache/@{int}/nvidiav@{int}/GLCache/** rwk, + owner @{tmp}/runtime-info.txt.@{rand6} rw, + owner /dev/shm/fossilize-*-@{int}-@{int} rw, @{sys}/devices/system/node/node@{int}/cpumap r, diff --git a/apparmor.d/profiles-s-z/steam-game b/apparmor.d/profiles-s-z/steam-game deleted file mode 100644 index 83d001455..000000000 --- a/apparmor.d/profiles-s-z/steam-game +++ /dev/null @@ -1,225 +0,0 @@ -# apparmor.d - Full set of apparmor profiles -# Copyright (C) 2022-2024 Alexandre Pujol -# SPDX-License-Identifier: GPL-2.0-only - -# Default profile for steam games - -# TODO: -# Split this profile in three: -# - steam-game-native for native linux games -# - steam-runtime for all runtime related task up to the creation of the sandbox -# - steam-game-proton for the sandboxed proton games -# -# Tasks: -# - AppArmor supports for {*^} regex, or find an alternative -# - AppArmor supports change profile from pivot_root -# - Stack steam//&game to bypass no-new-privs issue -# -# The current version of this profile is not very useful as it is very similar -# to the main steam profile. - -abi , - -include - -@{share_dirs} = @{user_share_dirs}/Steam -@{lib_dirs} = @{share_dirs}/ubuntu@{int}_{32,64} -@{runtime_dirs} = @{share_dirs}/steamapps/common/SteamLinuxRuntime_sniper - -@{exec_path} = @{share_dirs}/steamapps/common/*/** -@{exec_path} += @{lib_dirs}/steam-runtime-sniper/*entry-point -profile steam-game @{exec_path} flags=(attach_disconnected) { - include - include - include - include - include - include - include - include - include - include - - capability dac_override, - capability dac_read_search, - - network inet dgram, - network inet6 dgram, - network inet stream, - network inet6 stream, - network netlink raw, - - signal (receive) peer=steam, - - unix (receive) type=stream, - - @{exec_path} mrix, - - @{sh_path} rix, - @{bin}/bwrap rix, - @{bin}/env rix, - @{bin}/getopt rix, - @{bin}/gzip rix, - @{bin}/localedef rix, - @{bin}/python3.@{int} rix, - @{bin}/readlink rix, - @{bin}/steam-runtime-launcher-interface-* rix, - @{bin}/steam-runtime-system-info rix, - @{bin}/timeout rix, - @{bin}/true rix, - @{bin}/uname rix, - @{bin}/xdg-open rPx, - - @{lib}/pressure-vessel/from-host/@{bin}/* rix, - @{lib}/pressure-vessel/from-host/@{lib}/** rix, - @{lib}/steam-runtime-tools*/* mrix, - - @{lib_dirs}/{,**} r, - @{lib_dirs}/**.so* mr, - @{lib_dirs}/reaper rix, - @{lib_dirs}/steam-launch-wrapper rm, - @{lib_dirs}/steam-runtime/@{lib}/** mrix, - - @{runtime_dirs}/pressure-vessel/@{bin}/ r, - @{runtime_dirs}/pressure-vessel/@{bin}/* rix, - @{runtime_dirs}/pressure-vessel/@{lib}/ r, - @{runtime_dirs}/pressure-vessel/@{lib}/** mrix, - @{runtime_dirs}/run rix, - - @{share_dirs}/@{bin}/ r, - @{share_dirs}/@{bin}/* mr, - @{share_dirs}/d3ddriverquery64.dxvk-cache rw, - @{share_dirs}/legacycompat/ r, - @{share_dirs}/legacycompat/** mr, - @{share_dirs}/linux{32,64}/ r, - @{share_dirs}/linux{32,64}/**.so* mr, - @{share_dirs}/standalone_installscript_progress_@{int}.vdf rw, - @{share_dirs}/steamapps/common/*/* mr, - @{share_dirs}/steamapps/common/Proton*/ r, - @{share_dirs}/steamapps/common/Proton*/files/@{bin}/* mrix, - @{share_dirs}/steamapps/common/Proton*/files/@{lib}/** mrix, - @{share_dirs}/steamapps/common/Proton*/proton rix, - @{share_dirs}/steamapps/compatdata/@{int}/pfx/**.dll rm, - - @{user_games_dirs}/*/* mr, - @{user_games_dirs}/*/**.dll mr, - - @{run}/host/usr/bin/ldconfig rix, - @{run}/host/usr/lib{,32,64}/**.so* rm, - @{run}/host/usr/bin/localedef rix, - - /usr/share/terminfo/** r, - - /etc/machine-id r, - /etc/udev/udev.conf r, - /var/lib/dbus/machine-id r, - - / r, - /{usr/,}{local/,} r, - /{usr/,}{local/,}lib{,32,64}/ r, - /bindfile@{rand6} rw, - /home/ r, - /tmp/ r, - - owner /var/pressure-vessel/** rw, - owner /var/cache/ldconfig/aux-cache* rw, - - owner @{HOME}/ r, - owner @{HOME}/.steam/steam.pid r, - owner @{HOME}/.steam/steam.pipe r, - - owner @{user_games_dirs}/{,*/} r, - owner @{user_games_dirs}/*/{,**} rwkl, - - owner @{user_config_dirs}/unity3d/{,**} rwk, - - owner @{share_dirs}/ r, - owner @{share_dirs}/* r, - owner @{share_dirs}/*log* rw, - owner @{share_dirs}/config/config.vdf* rw, - owner @{share_dirs}/logs/{,*} rw, - owner @{share_dirs}/shader_cache_temp*/fozpipelinesv*/{,**} rw, - owner @{share_dirs}/steamapps/ r, - owner @{share_dirs}/steamapps/common/ r, - owner @{share_dirs}/steamapps/common/*/ r, - owner @{share_dirs}/steamapps/common/*/** rwkl, - owner @{share_dirs}/steamapps/common/Proton*/files/share/{,**} r, - owner @{share_dirs}/steamapps/compatdata/{,**} rwk, - owner @{share_dirs}/steamapps/shadercache/{,**} rwk, - owner @{share_dirs}/userdata/**/remotecache.vdf rw, - - @{run}/host/ r, - @{run}/host/container-manager r, - @{run}/host/fonts/{,**} r, - @{run}/host/share/{,**} r, - @{run}/host/usr/{,**} r, - owner @{run}/pressure-vessel/{,**} rw, - owner @{run}/user/@{uid}/ r, - owner @{run}/user/@{uid}/orcexec.* mrw, # gstreamer - - owner /dev/shm/#@{int} rw, - owner /dev/shm/mono.* rw, - owner /dev/shm/u@{uid}-Shm_@{hex} rw, - owner /dev/shm/u@{uid}-ValveIPCSharedObj-Steam rwk, - owner /dev/shm/ValveIPCSHM_@{uid} rw, - owner /dev/shm/wine-*-fsync rw, - - owner @{tmp}/ r, - owner @{tmp}/.wine-@{int}/ rw, - owner @{tmp}/.wine-@{int}/** rwk, - owner @{tmp}/.wine-@{uid}/server-*/* rwk, - owner @{tmp}/#@{int} rw, - owner @{tmp}/CASESENSITIVETEST@{hex32} rw, - owner @{tmp}/miles_image_* mr, - owner @{tmp}/pressure-vessel-*/{,**} rwl, - owner @{tmp}/vdpau-drivers-@{rand6}/{,**} rw, - - @{run}/udev/data/+input:input@{int} r, # for mouse, keyboard, touchpad - - @{run}/udev/data/c13:@{int} r, # for /dev/input/* - @{run}/udev/data/c116:@{int} r, # for ALSA - @{run}/udev/data/c@{dynamic}:@{int} r, # For dynamic assignment range 234 to 254, 384 to 511 - - @{sys}/ r, - @{sys}/bus/ r, - @{sys}/class/ r, - @{sys}/class/hidraw/ r, - @{sys}/class/input/ r, - @{sys}/devices/**/input@{int}/ r, - @{sys}/devices/**/input@{int}/**/{vendor,product} r, - @{sys}/devices/**/input@{int}/capabilities/* r, - @{sys}/devices/**/input/input@{int}/ r, - @{sys}/devices/**/uevent r, - @{sys}/devices/@{pci}/sound/card@{int}/** r, - @{sys}/devices/@{pci}/usb@{int}/{manufacturer,product,bcdDevice,bInterfaceNumber} r, - @{sys}/devices/system/clocksource/clocksource@{int}/current_clocksource r, - @{sys}/devices/system/cpu/** r, - @{sys}/devices/system/node/node[0-9]/cpumap r, - @{sys}/devices/system/node/online r, - @{sys}/devices/virtual/dmi/id/* r, - @{sys}/kernel/ r, - - @{PROC}/@{pids}/net/dev r, - @{PROC}/@{pids}/net/route r, - @{PROC}/sys/net/core/bpf_jit_enable r, - @{PROC}/uptime r, - @{PROC}/version r, - owner @{PROC}/@{pid}/cmdline r, - owner @{PROC}/@{pid}/fd/ r, - owner @{PROC}/@{pid}/mounts r, - owner @{PROC}/@{pid}/pagemap r, - owner @{PROC}/@{pid}/stat r, - owner @{PROC}/@{pid}/task/ r, - owner @{PROC}/@{pid}/task/@{tid}/comm rw, - owner @{PROC}/@{pid}/task/@{tid}/stat r, - - /dev/hidraw@{int} rw, - /dev/input/ r, - /dev/input/* rw, - /dev/tty rw, - /dev/uinput rw, - - deny owner @{user_share_dirs}/gvfs-metadata/{,*} r, - - include if exists -} \ No newline at end of file diff --git a/apparmor.d/profiles-s-z/steam-game-native b/apparmor.d/profiles-s-z/steam-game-native new file mode 100644 index 000000000..da72bf279 --- /dev/null +++ b/apparmor.d/profiles-s-z/steam-game-native @@ -0,0 +1,37 @@ +# apparmor.d - Full set of apparmor profiles +# Copyright (C) 2022-2024 Alexandre Pujol +# SPDX-License-Identifier: GPL-2.0-only + +abi , + +include + +@{arch} = amd64 i386 +@{runtime} = SteamLinuxRuntime_sniper +@{share_dirs} = @{user_share_dirs}/Steam @{HOME}/.steam/debian-installation +@{lib_dirs} = @{share_dirs}/ubuntu@{int2}_{32,64} @{share_dirs}/linux{32,64} +@{runtime_dirs} = @{lib_dirs}/steam-runtime{,-sniper} +@{app_dirs} = @{share_dirs}/steamapps/common/ + +@{exec_path} = @{app_dirs}/*/** +profile steam-game-native @{exec_path} flags=(attach_disconnected) { + include + include + + network inet dgram, + network inet6 dgram, + network inet stream, + network inet6 stream, + network unix stream, + + signal receive peer=steam, + + @{exec_path} rmix, + + @{sh_path} rix, + + @{app_dirs}/** mr, + @{lib_dirs}/** mr, + + include if exists +} \ No newline at end of file diff --git a/apparmor.d/profiles-s-z/steam-game-proton b/apparmor.d/profiles-s-z/steam-game-proton new file mode 100644 index 000000000..7f1e29820 --- /dev/null +++ b/apparmor.d/profiles-s-z/steam-game-proton @@ -0,0 +1,107 @@ +# apparmor.d - Full set of apparmor profiles +# Copyright (C) 2024 Alexandre Pujol +# SPDX-License-Identifier: GPL-2.0-only + +abi , + +include + +@{arch} = amd64 i386 +@{runtime} = SteamLinuxRuntime_sniper +@{share_dirs} = @{user_share_dirs}/Steam @{HOME}/.steam/debian-installation +@{lib_dirs} = @{share_dirs}/ubuntu@{int2}_{32,64} @{share_dirs}/linux{32,64} +@{runtime_dirs} = @{lib_dirs}/steam-runtime{,-sniper} +@{app_dirs} = @{share_dirs}/steamapps/common/ + +@{exec_path} = @{app_dirs}/@{runtime}/pressure-vessel/@{lib}/steam-runtime-tools-@{int}/srt-bwrap +profile steam-game-proton @{exec_path} flags=(attach_disconnected) { + include + include + include + include + + network inet dgram, + network inet6 dgram, + network inet stream, + network inet6 stream, + network unix stream, + + signal receive peer=steam, + + @{exec_path} mr, + @{bin}/bwrap mrix, + + @{bin}/getopt rix, + @{bin}/gzip rix, + @{bin}/ldconfig rix, + @{bin}/localedef rix, + @{bin}/python3.@{int} rix, + @{bin}/readlink rix, + @{bin}/steam-runtime-launcher-interface-@{int} rix, + @{bin}/steam-runtime-system-info rix, + @{bin}/steam-runtime-urlopen rix, + @{bin}/true rix, + @{bin}/chmod rix, + @{open_path} rix, + + @{lib_dirs}/** mr, + @{lib}/pressure-vessel/from-host/@{bin}/* rix, + @{lib}/pressure-vessel/from-host/@{lib}/** rix, + @{lib}/steam-runtime-tools-@{int}/@{multiarch}-* rix, + + @{app_dirs}/** mr, + @{app_dirs}/pressure-vessel/@{bin}/pressure-vessel-* rix, + @{app_dirs}/Proton*/files/@{bin}/* rix, + @{app_dirs}/Proton*/files/@{lib}/** rix, + @{app_dirs}/Proton*/proton rix, + @{app_dirs}/@{runtime}/pressure-vessel/@{bin}/steam-runtime-launcher-interface-@{int} rix, + + @{run}/host/@{bin}/ldconfig rix, + @{run}/host/@{bin}/localedef rix, + @{run}/host/@{lib}/** mr, + + @{share_dirs}/bin/d3ddriverquery64.exe mr, + @{share_dirs}/steamapps/compatdata/@{int}/pfx/** mr, + + @{user_games_dirs}/** mr, + + owner /bindfile@{rand6} rw, + + owner /var/pressure-vessel/** rw, + owner /var/cache/ldconfig/aux-cache* rw, + + owner @{app_dirs}/@{runtime}/var/tmp-@{rand6}/usr/.ref rwk, + owner @{app_dirs}/Proton*/** rwkl, + + owner @{share_dirs}/*.dll r, + owner @{share_dirs}/steamapps/compatdata/{,**} rwk, + owner @{share_dirs}/legacycompat/ r, + owner @{share_dirs}/legacycompat/** mr, + + owner @{user_share_dirs}/applications/wine/ rw, + owner @{user_share_dirs}/applications/wine/**/ rw, + + owner @{tmp}/ r, + owner @{tmp}/.wine-@{uid}/ rw, + owner @{tmp}/.wine-@{uid}/** rwk, + owner @{tmp}/glx-icds-@{rand6}/{,**} w, + owner @{tmp}/pressure-vessel-*-@{rand6}/ rw, + owner @{tmp}/pressure-vessel-*-@{rand6}/** rwlk -> @{tmp}/pressure-vessel-*-@{rand6}/**, + owner @{tmp}/vdpau-drivers-@{rand6}/{,**} w, + + owner /dev/shm/wine-@{hex6}-fsync rw, + owner /dev/shm/wine-@{hex6}@{h}-fsync rw, + + @{run}/host/fonts/{,**} r, + @{run}/host/share/{,**} r, + @{run}/host/usr/{,**} r, + owner @{run}/pressure-vessel/{,**} r, + + @{sys}/devices/system/node/node@{int}/cpumap r, + @{sys}/devices/system/node/online r, + + @{PROC}/@{pids}/net/* r, + @{PROC}/sys/net/core/bpf_jit_enable r, + + include if exists +} \ No newline at end of file diff --git a/apparmor.d/profiles-s-z/steam-gameoverlayui b/apparmor.d/profiles-s-z/steam-gameoverlayui index d41a5e644..d78751bf9 100644 --- a/apparmor.d/profiles-s-z/steam-gameoverlayui +++ b/apparmor.d/profiles-s-z/steam-gameoverlayui @@ -6,9 +6,12 @@ abi , include -@{share_dirs} = @{user_share_dirs}/Steam -@{lib_dirs} = @{share_dirs}/ubuntu@{int2}_{32,64} -@{runtime_dirs} = @{share_dirs}/steamapps/common/SteamLinuxRuntime_sniper +@{arch} = amd64 i386 +@{runtime} = SteamLinuxRuntime_sniper +@{share_dirs} = @{user_share_dirs}/Steam @{HOME}/.steam/debian-installation +@{lib_dirs} = @{share_dirs}/ubuntu@{int2}_{32,64} @{share_dirs}/linux{32,64} +@{runtime_dirs} = @{lib_dirs}/steam-runtime{,-sniper} +@{app_dirs} = @{share_dirs}/steamapps/common/ @{exec_path} = @{lib_dirs}/gameoverlayui profile steam-gameoverlayui @{exec_path} flags=(attach_disconnected) { @@ -19,15 +22,16 @@ profile steam-gameoverlayui @{exec_path} flags=(attach_disconnected) { network inet stream, network inet6 stream, - - unix (receive) type=stream, + network unix stream, @{exec_path} mr, - @{lib_dirs}/*.so* mr, - @{lib_dirs}/steam-runtime/@{lib}/**.so* mr, + @{lib_dirs}/**.so* mr, + @{runtime_dirs}/@{lib}/**.so* mr, - /usr/share/fonts/{,**} rk, # ? + @{lib_dirs}/steamerrorreporter rpx, + + /usr/share/fonts/{,**} rk, / r, /home/ r, @@ -45,15 +49,19 @@ profile steam-gameoverlayui @{exec_path} flags=(attach_disconnected) { owner @{share_dirs}/userdata/@{int}/{,**} rk, owner /dev/shm/u@{uid}-Shm_@{hex} rw, - owner /dev/shm/u@{uid}-ValveIPCSharedObj-* rwk, + owner /dev/shm/u@{uid}-ValveIPCSharedObj-Steam rwk, owner /dev/shm/ValveIPCSHM_@{uid} rw, owner @{tmp}/gameoverlayui.log* rw, + owner @{tmp}/miles_image_@{rand6} mrw, + owner @{tmp}/runtime-info.txt.@{rand6} rw, owner @{tmp}/steam_chrome_overlay_uid@{uid}_spid@{pids} rw, - owner @{tmp}/miles_image_* mrw, @{sys}/ r, @{sys}/kernel/ r, + @{sys}/devices/ r, + @{sys}/devices/system/ r, + @{sys}/devices/system/cpu/cpu@{int}/ r, @{PROC}/version r, diff --git a/apparmor.d/profiles-s-z/steam-launch b/apparmor.d/profiles-s-z/steam-launch new file mode 100644 index 000000000..1b2afd212 --- /dev/null +++ b/apparmor.d/profiles-s-z/steam-launch @@ -0,0 +1,46 @@ +# apparmor.d - Full set of apparmor profiles +# Copyright (C) 2024 Alexandre Pujol +# SPDX-License-Identifier: GPL-2.0-only + +abi , + +include + +@{arch} = amd64 i386 +@{runtime} = SteamLinuxRuntime_sniper +@{share_dirs} = @{user_share_dirs}/Steam @{HOME}/.steam/debian-installation +@{lib_dirs} = @{share_dirs}/ubuntu@{int2}_{32,64} @{share_dirs}/linux{32,64} +@{runtime_dirs} = @{lib_dirs}/steam-runtime{,-sniper} +@{app_dirs} = @{share_dirs}/steamapps/common/ + +@{exec_path} = @{bin}/steam @{bin}/steam-runtime +profile steam-launch @{exec_path} { + include + include + + network unix stream, + + @{exec_path} mr, + + @{sh_path} rix, + @{bin}/cp rix, + @{bin}/dirname rix, + @{bin}/env rix, + @{bin}/id rix, + @{bin}/readlink rix, + + @{lib}/steam/steam rix, + @{lib}/steam/bin_steam.sh rix, + @{share_dirs}/steam.sh rPx, + + /usr/ r, + /usr/local/ r, + + owner @{share_dirs}/bootstrap.tar.xz rw, + + /dev/tty rw, + + deny /opt/** r, + + include if exists +} \ No newline at end of file diff --git a/apparmor.d/profiles-s-z/steam-launcher b/apparmor.d/profiles-s-z/steam-launcher new file mode 100644 index 000000000..9b4f09b91 --- /dev/null +++ b/apparmor.d/profiles-s-z/steam-launcher @@ -0,0 +1,29 @@ +# apparmor.d - Full set of apparmor profiles +# Copyright (C) 2024 Alexandre Pujol +# SPDX-License-Identifier: GPL-2.0-only + +abi , + +include + +@{arch} = amd64 i386 +@{runtime} = SteamLinuxRuntime_sniper +@{share_dirs} = @{user_share_dirs}/Steam @{HOME}/.steam/debian-installation +@{lib_dirs} = @{share_dirs}/ubuntu@{int2}_{32,64} @{share_dirs}/linux{32,64} +@{runtime_dirs} = @{lib_dirs}/steam-runtime{,-sniper} +@{app_dirs} = @{share_dirs}/steamapps/common/ + +@{exec_path} = @{runtime_dirs}/@{arch}/@{bin}/steam-runtime-launcher-service +profile steam-launcher @{exec_path} flags=(attach_disconnected) { + include + + network unix stream, + + signal receive peer=steam, + + @{exec_path} mr, + + @{lib_dirs}/** mr, + + include if exists +} \ No newline at end of file diff --git a/apparmor.d/profiles-s-z/steam-reaper b/apparmor.d/profiles-s-z/steam-reaper deleted file mode 100644 index f635b1315..000000000 --- a/apparmor.d/profiles-s-z/steam-reaper +++ /dev/null @@ -1,40 +0,0 @@ -# apparmor.d - Full set of apparmor profiles -# Copyright (C) 2022-2024 Alexandre Pujol -# SPDX-License-Identifier: GPL-2.0-only - -abi , - -include - -@{share_dirs} = @{user_share_dirs}/Steam -@{lib_dirs} = @{share_dirs}/ubuntu@{int2}_{32,64} -@{runtime_dirs} = @{share_dirs}/steamapps/common/SteamLinuxRuntime_sniper - -@{exec_path} = @{lib_dirs}/reaper -profile steam-reaper @{exec_path} flags=(attach_disconnected) { - include - include - - unix (receive) type=stream, - - @{exec_path} mr, - - @{lib_dirs}/*.so* mr, - @{lib_dirs}/steam-runtime/@{lib}/**.so* mr, - @{lib_dirs}/steam-launch-wrapper rpx -> steam-game, - - @{share_dirs}/steamapps/common/*/* rpx -> steam-game, - - owner @{HOME}/.steam/steam.pipe r, - - owner @{share_dirs}/userdata/**/remotecache.vdf rw, - - owner /dev/shm/u@{uid}-Shm_@{hex} rw, - owner /dev/shm/u@{uid}-ValveIPCSharedObj-Steam rwk, - - @{sys}/devices/system/cpu/cpu@{int}/** r, - - deny owner @{user_share_dirs}/gvfs-metadata/{,*} r, - - include if exists -} \ No newline at end of file diff --git a/apparmor.d/profiles-s-z/steam-runtime b/apparmor.d/profiles-s-z/steam-runtime index 6d04630d4..6893dbe2d 100644 --- a/apparmor.d/profiles-s-z/steam-runtime +++ b/apparmor.d/profiles-s-z/steam-runtime @@ -6,38 +6,77 @@ abi , include -@{share_dirs} = @{user_share_dirs}/Steam -@{lib_dirs} = @{share_dirs}/ubuntu@{int2}_{32,64} -@{runtime_dirs} = @{share_dirs}/steamapps/common/SteamLinuxRuntime_sniper +@{arch} = amd64 i386 +@{runtime} = SteamLinuxRuntime_sniper +@{share_dirs} = @{user_share_dirs}/Steam @{HOME}/.steam/debian-installation +@{lib_dirs} = @{share_dirs}/ubuntu@{int2}_{32,64} @{share_dirs}/linux{32,64} +@{runtime_dirs} = @{lib_dirs}/steam-runtime{,-sniper} +@{app_dirs} = @{share_dirs}/steamapps/common/ -@{exec_path} = @{bin}/steam @{bin}/steam-runtime -profile steam-runtime @{exec_path} { +@{exec_path} = @{lib_dirs}/reaper +profile steam-runtime @{exec_path} flags=(attach_disconnected) { include - include + include + include + include + include + include - unix (receive) type=stream, + network unix stream, @{exec_path} mr, - @{sh_path} rix, - @{bin}/cp rix, - @{bin}/dirname rix, - @{bin}/env rix, - @{bin}/id rix, - @{bin}/readlink rix, + @{sh_path} r, + @{bin}/getopt rix, + @{bin}/readlink rix, - @{lib}/steam/steam rix, - @{lib}/steam/bin_steam.sh rix, - @{share_dirs}/steam.sh rPx, + @{lib_dirs}/** mr, + @{lib_dirs}/steam-launch-wrapper rix, - /usr/ r, - /usr/local/ r, + # Native linux games (steam-game-native) + @{app_dirs}/[^S]*/** rpx -> steam-game-native, - owner @{share_dirs}/bootstrap.tar.xz rw, + # Proton games, sandboxed (steam-game-proton) + @{app_dirs}/@{runtime}/*entry-point rmix, + @{app_dirs}/@{runtime}/pressure-vessel/@{bin}/pressure-vessel-* rix, + @{app_dirs}/@{runtime}/pressure-vessel/@{lib}/** mr, + @{app_dirs}/@{runtime}/pressure-vessel/@{lib}/steam-runtime-tools-@{int}/@{multiarch}-capsule-capture-libs rix, + @{app_dirs}/@{runtime}/pressure-vessel/@{lib}/steam-runtime-tools-@{int}/@{multiarch}-detect-platform rix, + @{app_dirs}/@{runtime}/pressure-vessel/@{lib}/steam-runtime-tools-@{int}/@{multiarch}-inspect-library rix, + @{app_dirs}/@{runtime}/pressure-vessel/@{lib}/steam-runtime-tools-@{int}/srt-bwrap rpx -> steam-game-proton, + @{app_dirs}/@{runtime}/run rix, + @{bin}/bwrap rpx -> steam-game-proton, + + / r, + @{lib}/ r, + @{lib_dirs}/ r, + + owner @{HOME}/.steam/steam.pipe r, + + owner @{app_dirs}/*/ r, + owner @{app_dirs}/@{runtime}/** r, + owner @{app_dirs}/@{runtime}/pressure-vessel/** rwk, + owner @{app_dirs}/@{runtime}/sniper_platform_*/** rwk, + owner @{app_dirs}/@{runtime}/var/** rwk, + owner link @{app_dirs}/@{runtime}/var/** -> @{app_dirs}/@{runtime}/pressure-vessel/**, + owner link @{app_dirs}/@{runtime}/var/** -> @{app_dirs}/@{runtime}/sniper_platform_*/**, + + owner @{tmp}/ r, + owner @{tmp}/#@{int} rw, + owner @{tmp}/vdpau-drivers-@{rand6}/{,**} rw, + + owner @{run}/user/@{uid}/ r, + + owner /dev/shm/u@{uid}-Shm_@{hex6} rw, + owner /dev/shm/u@{uid}-Shm_@{hex6}@{h} rw, + owner /dev/shm/u@{uid}-Shm_@{hex8} rw, + owner /dev/shm/u@{uid}-ValveIPCSharedObj-Steam rwk, + + owner @{PROC}/@{pid}/cmdline r, + owner @{PROC}/@{pid}/comm r, + owner @{PROC}/@{pid}/fd/ r, /dev/tty rw, - deny /opt/** r, - include if exists } \ No newline at end of file diff --git a/apparmor.d/profiles-s-z/steamerrorreporter b/apparmor.d/profiles-s-z/steamerrorreporter index c9e1bf630..0f765c301 100644 --- a/apparmor.d/profiles-s-z/steamerrorreporter +++ b/apparmor.d/profiles-s-z/steamerrorreporter @@ -6,12 +6,15 @@ abi , include -@{share_dirs} = @{user_share_dirs}/Steam -@{lib_dirs} = @{share_dirs}/ubuntu@{int2}_{32,64} -@{runtime_dirs} = @{share_dirs}/steamapps/common/SteamLinuxRuntime_sniper +@{arch} = amd64 i386 +@{runtime} = SteamLinuxRuntime_sniper +@{share_dirs} = @{user_share_dirs}/Steam @{HOME}/.steam/debian-installation +@{lib_dirs} = @{share_dirs}/ubuntu@{int2}_{32,64} @{share_dirs}/linux{32,64} +@{runtime_dirs} = @{lib_dirs}/steam-runtime{,-sniper} +@{app_dirs} = @{share_dirs}/steamapps/common/ -@{exec_path} = @{share_dirs}/linux{32,64}/steamerrorreporter -profile steamerrorreporter @{exec_path} { +@{exec_path} = @{lib_dirs}/steamerrorreporter +profile steamerrorreporter @{exec_path} flags=(attach_disconnected) { include include @@ -19,14 +22,14 @@ profile steamerrorreporter @{exec_path} { network inet stream, network inet6 dgram, network inet6 stream, + network unix stream, @{exec_path} mr, owner @{HOME}/.steam/steam.pipe r, - owner @{lib_dirs}/ r, - owner @{lib_dirs}/steam-runtime/pinned_libs_{32,64}/ r, - + owner @{lib_dirs}/{,**} r, + owner @{runtime_dirs}/pinned_libs_{32,64}/ r, owner @{share_dirs}/ r, owner @{tmp}/dumps/ r, diff --git a/dists/flags/main.flags b/dists/flags/main.flags index 4770b79eb..814123c81 100644 --- a/dists/flags/main.flags +++ b/dists/flags/main.flags @@ -298,11 +298,13 @@ startplasma complain startx attach_disconnected,complain steam attach_disconnected,mediate_deleted,complain steam-fossilize attach_disconnected,complain -steam-game attach_disconnected,complain +steam-game-native attach_disconnected,complain +steam-game-proton attach_disconnected,complain steam-gameoverlayui attach_disconnected,complain -steam-reaper attach_disconnected,complain -steam-runtime complain -steamerrorreporter complain +steam-launch complain +steam-launcher attach_disconnected,complain +steam-runtime attach_disconnected,complain +steamerrorreporter attach_disconnected,complain sulogin complain switcherooctl complain swtpm complain diff --git a/dists/ignore/main.ignore b/dists/ignore/main.ignore index 795fbf1c7..0e89a76c5 100644 --- a/dists/ignore/main.ignore +++ b/dists/ignore/main.ignore @@ -17,8 +17,10 @@ man plasma-discover steam steam-fossilize -steam-game +steam-game-native +steam-game-proton steam-gameoverlayui -steam-reaper +steam-launch +steam-launcher steam-runtime steamerrorreporter From ca9a8d47f83d497d31bdd561ec4b336653986e82 Mon Sep 17 00:00:00 2001 From: Alexandre Pujol Date: Tue, 11 Jun 2024 23:16:19 +0100 Subject: [PATCH 11/52] feat(profile): add protonmail-bridge --- apparmor.d/profiles-m-r/protonmail-bridge | 82 ++++++------------ .../profiles-m-r/protonmail-bridge-core | 85 +++++++++++++++++++ 2 files changed, 109 insertions(+), 58 deletions(-) create mode 100644 apparmor.d/profiles-m-r/protonmail-bridge-core diff --git a/apparmor.d/profiles-m-r/protonmail-bridge b/apparmor.d/profiles-m-r/protonmail-bridge index 92a5eb13c..f6e8c8e4c 100644 --- a/apparmor.d/profiles-m-r/protonmail-bridge +++ b/apparmor.d/profiles-m-r/protonmail-bridge @@ -2,80 +2,46 @@ # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# Warning: only the protonmail-bridge CLI and service are supported, NOT the GUI. - abi , include -@{exec_path} = @{bin}/protonmail-bridge -profile protonmail-bridge @{exec_path} { - include - include +@{config_dirs} = @{user_config_dirs}/protonmail/bridge-v3 +@{cache_dirs} = @{user_cache_dirs}/protonmail/bridge-v3 "@{user_cache_dirs}/Proton AG/Proton Mail Bridge" +@{share_dirs} = @{user_share_dirs}/protonmail/bridge-v3 - network inet dgram, - network inet6 dgram, +@{exec_path} = @{lib}/protonmail/bridge/bridge-gui +profile protonmail-bridge @{exec_path} { + include + include + include + include + include + include + + # network inet dgram, + # network inet6 dgram, network inet stream, network inet6 stream, - network netlink raw, + # network netlink raw, @{exec_path} mr, - @{bin}/pass rCx -> pass, + @{lib}/protonmail/bridge/bridge rPx, + @{open_path} rPx -> child-open-strict, - /etc/lsb-release r, /etc/machine-id r, - owner /var/tmp/etilqs_@{hex} rw, + owner @{config_dirs}/ rw, + owner @{config_dirs}/** rwlk -> @{config_dirs}/**, - owner @{user_password_store_dirs}/docker-credential-helpers/{,**} r, - owner @{user_password_store_dirs}/protonmail-credentials/{,**} r, + owner @{cache_dirs}/ rw, + owner @{cache_dirs}/** rwlk -> @{cache_dirs}/**, - owner @{user_cache_dirs}/protonmail/{,**} rwk, - owner @{user_config_dirs}/protonmail/{,**} rwk, - owner @{user_share_dirs}/protonmail/{,**} rwk, + owner @{share_dirs}/ rw, + owner @{share_dirs}/** rwlk -> @{share_dirs}/**, - @{PROC}/sys/net/core/somaxconn r, - @{PROC}/@{pid}/cgroup r, - - # Force the use of the Gnome Keyring or Kwallet secret-service. - # Comment these lines and add the commented lines in your local/protonmail-bridge - # to allow the use of pass as secret-service. - # of pass as secret store - # deny @{bin}/pass rmx, - # deny owner @{user_password_store_dirs}/** r, - - profile pass { - include - include - - @{bin}/pass mr, - - @{sh_path} rix, - @{bin}/base64 rix, - @{bin}/dirname rix, - @{bin}/env rix, - @{bin}/getopt rix, - @{bin}/git rPx -> pass//git, - @{bin}/gpg{,2} rPx -> pass//gpg, - @{bin}/mkdir rix, - @{bin}/rm rix, - @{bin}/rmdir rix, - @{bin}/sed rix, - @{bin}/tail rix, - @{bin}/tree rix, - @{bin}/tty rix, - @{bin}/which rix, - - owner @{user_password_store_dirs}/ r, - owner @{user_password_store_dirs}/.gpg-id r, - owner @{user_password_store_dirs}/protonmail-credentials/{,**} rw, - deny owner @{user_password_store_dirs}/**/ r, - - /dev/tty rw, - - include if exists - } + owner @{PROC}/@{pid}/cmdline r, include if exists } \ No newline at end of file diff --git a/apparmor.d/profiles-m-r/protonmail-bridge-core b/apparmor.d/profiles-m-r/protonmail-bridge-core new file mode 100644 index 000000000..ef7ec136c --- /dev/null +++ b/apparmor.d/profiles-m-r/protonmail-bridge-core @@ -0,0 +1,85 @@ +# apparmor.d - Full set of apparmor profiles +# Copyright (C) 2023-2024 Alexandre Pujol +# SPDX-License-Identifier: GPL-2.0-only + +# To force the use of the Gnome Keyring or Kwallet secret-service, add the +# following lines in your local/protonmail-bridge-core file: +# deny @{bin}/pass x, +# deny owner @{user_password_store_dirs}/** r, + +abi , + +include + +@{exec_path} = @{lib}/protonmail/bridge/bridge +profile protonmail-bridge-core @{exec_path} { + include + include + + network inet dgram, + network inet6 dgram, + network inet stream, + network inet6 stream, + network netlink raw, + + @{exec_path} mr, + + @{bin}/pass rCx -> pass, + + /etc/lsb-release r, + /etc/machine-id r, + + owner @{user_password_store_dirs}/docker-credential-helpers/{,**} r, + owner @{user_password_store_dirs}/protonmail-credentials/{,**} r, + + owner @{user_cache_dirs}/protonmail/{,**} rwk, + owner @{user_config_dirs}/protonmail/{,**} rwk, + owner @{user_share_dirs}/protonmail/{,**} rwk, + + owner "@{user_config_dirs}/autostart/Proton Mail Bridge.desktop" rw, + + owner @{tmp}/bridge@{int} rw, + owner @{tmp}/user/@{uid}/etilqs_@{hex} rw, + owner /var/tmp/etilqs_@{hex} rw, + + @{PROC}/ r, + @{PROC}/sys/net/core/somaxconn r, + @{PROC}/@{pid}/cgroup r, + + deny @{bin}/pass x, + deny owner @{user_password_store_dirs}/** r, + + profile pass { + include + include + + @{bin}/pass mr, + + @{sh_path} rix, + @{bin}/base64 rix, + @{bin}/dirname rix, + @{bin}/env rix, + @{bin}/getopt rix, + @{bin}/git rpx -> pass//git, + @{bin}/gpg{,2} rpx -> pass//gpg, + @{bin}/mkdir rix, + @{bin}/rm rix, + @{bin}/rmdir rix, + @{bin}/sed rix, + @{bin}/tail rix, + @{bin}/tree rix, + @{bin}/tty rix, + @{bin}/which rix, + + owner @{user_password_store_dirs}/ r, + owner @{user_password_store_dirs}/.gpg-id r, + owner @{user_password_store_dirs}/protonmail-credentials/{,**} rw, + deny owner @{user_password_store_dirs}/**/ r, + + /dev/tty rw, + + include if exists + } + + include if exists +} \ No newline at end of file From ff88400b22fe0ab0b2bc975716ff17e48e98c0e9 Mon Sep 17 00:00:00 2001 From: Alexandre Pujol Date: Tue, 11 Jun 2024 23:18:07 +0100 Subject: [PATCH 12/52] feat(abs): minor cleanup. --- apparmor.d/abstractions/app/chromium | 8 ++++---- apparmor.d/abstractions/common/app | 2 +- apparmor.d/abstractions/common/chromium | 8 ++++---- apparmor.d/abstractions/common/steam-game | 1 + 4 files changed, 10 insertions(+), 9 deletions(-) diff --git a/apparmor.d/abstractions/app/chromium b/apparmor.d/abstractions/app/chromium index a3af128df..fec42ba98 100644 --- a/apparmor.d/abstractions/app/chromium +++ b/apparmor.d/abstractions/app/chromium @@ -150,10 +150,10 @@ owner @{tmp}/.@{domain}.* rw, owner @{tmp}/.@{domain}*/{,**} rw, owner @{tmp}/@{name}-crashlog-@{int}-@{int}.txt rw, - owner @{tmp}/scoped_dir*/{,**} rw, - owner @{tmp}/tmp.* rw, - owner @{tmp}/tmp.*/ rw, - owner @{tmp}/tmp.*/** rwk, + audit owner @{tmp}/scoped_dir@{rand6}/{,**} rw, + owner @{tmp}/tmp.@{rand6} rw, + owner @{tmp}/tmp.@{rand6}/ rw, + owner @{tmp}/tmp.@{rand6}/** rwk, owner @{run}/user/@{uid}/app/org.keepassxc.KeePassXC/org.keepassxc.KeePassXC.BrowserServer rw, owner @{run}/user/@{uid}/org.keepassxc.KeePassXC.BrowserServer rw, diff --git a/apparmor.d/abstractions/common/app b/apparmor.d/abstractions/common/app index f563d8039..84cd974a0 100644 --- a/apparmor.d/abstractions/common/app +++ b/apparmor.d/abstractions/common/app @@ -16,10 +16,10 @@ include include include - # include include include include + include include include include diff --git a/apparmor.d/abstractions/common/chromium b/apparmor.d/abstractions/common/chromium index 1fc1d1555..842e1f33c 100644 --- a/apparmor.d/abstractions/common/chromium +++ b/apparmor.d/abstractions/common/chromium @@ -20,19 +20,19 @@ owner @{HOME}/.pki/nssdb/{cert9,key4}.db rwk, owner @{HOME}/.pki/nssdb/{cert9,key4}.db-journal rw, - owner @{user_share_dirs}/.org.chromium.Chromium.* rw, + owner @{user_share_dirs}/.org.chromium.Chromium.@{rand6} rw, /tmp/ r, /var/tmp/ r, - owner @{tmp}/.org.chromium.Chromium.* rw, - owner @{tmp}/.org.chromium.Chromium.*/{,**} rw, + owner @{tmp}/.org.chromium.Chromium.@{rand6} rw, + owner @{tmp}/.org.chromium.Chromium.@{rand6}/{,**} rw, owner @{tmp}/scoped_dir*/ rw, owner @{tmp}/scoped_dir*/SingletonCookie w, owner @{tmp}/scoped_dir*/SingletonSocket w, owner @{tmp}/scoped_dir*/SS w, /dev/shm/ r, - owner /dev/shm/.org.chromium.Chromium.* rw, + owner /dev/shm/.org.chromium.Chromium.@{rand6} rw, # If kernel.unprivileged_userns_clone = 1 owner @{PROC}/@{pid}/setgroups w, diff --git a/apparmor.d/abstractions/common/steam-game b/apparmor.d/abstractions/common/steam-game index 719fcbd60..5a2cbd6db 100644 --- a/apparmor.d/abstractions/common/steam-game +++ b/apparmor.d/abstractions/common/steam-game @@ -59,6 +59,7 @@ owner /dev/shm/mono.@{int} rw, owner /dev/shm/softbuffer-x11-@{rand6}@{c} rw, + owner /dev/shm/u@{uid}-Shm_@{hex4}@{h} rw, owner /dev/shm/u@{uid}-Shm_@{hex6} rw, owner /dev/shm/u@{uid}-Shm_@{hex6}@{h} rw, owner /dev/shm/u@{uid}-Shm_@{hex8} rw, From f0cff2989d1e3363e7e704e69197c621110ed789 Mon Sep 17 00:00:00 2001 From: fira959 Date: Wed, 12 Jun 2024 12:13:34 +0200 Subject: [PATCH 13/52] Update signal-desktop --- apparmor.d/groups/apps/signal-desktop | 1 + 1 file changed, 1 insertion(+) diff --git a/apparmor.d/groups/apps/signal-desktop b/apparmor.d/groups/apps/signal-desktop index d3165a54d..6048857e9 100644 --- a/apparmor.d/groups/apps/signal-desktop +++ b/apparmor.d/groups/apps/signal-desktop @@ -43,6 +43,7 @@ profile signal-desktop @{exec_path} { @{sys}/fs/cgroup/user.slice/user-@{uid}.slice/session-@{int}.scope/memory.high r, @{sys}/fs/cgroup/user.slice/user-@{uid}.slice/session-@{int}.scope/memory.max r, + @{PROC}/@{pid}/fd/ r, @{PROC}/vmstat r, include if exists From 2eab87da2f82da42a6969682a3abb18f05eb9449 Mon Sep 17 00:00:00 2001 From: fira959 Date: Wed, 12 Jun 2024 12:15:34 +0200 Subject: [PATCH 14/52] Update signal-desktop-chrome-sandbox --- apparmor.d/groups/apps/signal-desktop-chrome-sandbox | 2 ++ 1 file changed, 2 insertions(+) diff --git a/apparmor.d/groups/apps/signal-desktop-chrome-sandbox b/apparmor.d/groups/apps/signal-desktop-chrome-sandbox index 4f6bf976a..3de0c2f3f 100644 --- a/apparmor.d/groups/apps/signal-desktop-chrome-sandbox +++ b/apparmor.d/groups/apps/signal-desktop-chrome-sandbox @@ -22,6 +22,8 @@ profile signal-desktop-chrome-sandbox @{exec_path} { @{lib_dirs}/signal-desktop{,-beta} rPx, @{PROC}/@{pid}/ r, + @{PROC}/@{pid}/oom_adj w, + @{PROC}/@{pid}/oom_score_adj w, include if exists } From 56464d24bffe6b8f0d54a41c5ed6cb40e632bf10 Mon Sep 17 00:00:00 2001 From: Alexandre Pujol Date: Wed, 12 Jun 2024 22:18:02 +0100 Subject: [PATCH 15/52] fix: xdg-desktop-portal breaks screensharing fix: #376 --- apparmor.d/abstractions/audio-client | 3 +++ apparmor.d/groups/freedesktop/xdg-desktop-portal | 4 +--- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/apparmor.d/abstractions/audio-client b/apparmor.d/abstractions/audio-client index f12e7fcc4..c5734f6f8 100644 --- a/apparmor.d/abstractions/audio-client +++ b/apparmor.d/abstractions/audio-client @@ -41,6 +41,9 @@ owner @{user_config_dirs}/pulse/client.conf.d/{,*.conf} r, owner @{user_config_dirs}/pulse/cookie rwk, + owner @{user_config_dirs}/pipewire/ rw, + owner @{user_config_dirs}/pipewire/client.conf r, + owner @{user_share_dirs}/openal/hrtf/{,**} r, owner @{user_share_dirs}/sounds/__custom/index.theme r, diff --git a/apparmor.d/groups/freedesktop/xdg-desktop-portal b/apparmor.d/groups/freedesktop/xdg-desktop-portal index b8ee7c4ac..2fef3f62c 100644 --- a/apparmor.d/groups/freedesktop/xdg-desktop-portal +++ b/apparmor.d/groups/freedesktop/xdg-desktop-portal @@ -10,6 +10,7 @@ include profile xdg-desktop-portal @{exec_path} flags=(attach_disconnected) { include include + include include include include @@ -70,10 +71,8 @@ profile xdg-desktop-portal @{exec_path} flags=(attach_disconnected) { /.flatpak-info r, /usr/share/dconf/profile/gdm r, - /usr/share/pipewire/client.conf r, /usr/share/xdg-desktop-portal/** r, - /etc/pipewire/client.conf.d/ r, /etc/sysconfig/proxy r, /var/lib/gdm{,3}/greeter-dconf-defaults r, @@ -83,7 +82,6 @@ profile xdg-desktop-portal @{exec_path} flags=(attach_disconnected) { owner @{tmp}/icon* rw, owner @{run}/user/@{uid}/.flatpak/{,*/*} r, - owner @{run}/user/@{uid}/pipewire-@{int} rw, @{PROC}/ r, @{PROC}/*/ r, From a5a434f02a32f15a20640a98eca9a38d0bcfac2f Mon Sep 17 00:00:00 2001 From: Alexandre Pujol Date: Wed, 12 Jun 2024 22:22:26 +0100 Subject: [PATCH 16/52] fix: ensure xdg portal can read any user files. fix #375 --- apparmor.d/groups/freedesktop/xdg-document-portal | 2 +- apparmor.d/groups/freedesktop/xdg-permission-store | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/apparmor.d/groups/freedesktop/xdg-document-portal b/apparmor.d/groups/freedesktop/xdg-document-portal index 54104e51d..7884a3fd7 100644 --- a/apparmor.d/groups/freedesktop/xdg-document-portal +++ b/apparmor.d/groups/freedesktop/xdg-document-portal @@ -42,7 +42,7 @@ profile xdg-document-portal @{exec_path} flags=(attach_disconnected) { / r, owner /.flatpak-info r, - owner @{HOME}/*/{,**} r, + owner @{HOME}/** r, owner @{user_share_dirs}/flatpak/db/documents r, owner @{user_share_dirs}/Trash/files/** r, diff --git a/apparmor.d/groups/freedesktop/xdg-permission-store b/apparmor.d/groups/freedesktop/xdg-permission-store index 43faaaf9a..9a53b96cf 100644 --- a/apparmor.d/groups/freedesktop/xdg-permission-store +++ b/apparmor.d/groups/freedesktop/xdg-permission-store @@ -42,6 +42,7 @@ profile xdg-permission-store @{exec_path} flags=(attach_disconnected) { owner @{user_share_dirs}/flatpak/db/.goutputstream-@{rand6} rw, owner @{user_share_dirs}/flatpak/db/background rw, owner @{user_share_dirs}/flatpak/db/devices r, + owner @{user_share_dirs}/flatpak/db/documents rw, owner @{user_share_dirs}/flatpak/db/notifications rw, /dev/tty@{int} rw, From 327c1dec332aaf2f6a9ef59e2243fdf517a0956a Mon Sep 17 00:00:00 2001 From: Alexandre Pujol Date: Wed, 12 Jun 2024 22:24:59 +0100 Subject: [PATCH 17/52] feat(profile): add cliphist integration on wl-copy fix: #357 --- apparmor.d/profiles-s-z/wl-copy | 1 + 1 file changed, 1 insertion(+) diff --git a/apparmor.d/profiles-s-z/wl-copy b/apparmor.d/profiles-s-z/wl-copy index b961da104..bf395d80a 100644 --- a/apparmor.d/profiles-s-z/wl-copy +++ b/apparmor.d/profiles-s-z/wl-copy @@ -15,6 +15,7 @@ profile wl-copy @{exec_path} { @{bin}/cat rix, @{bin}/rm rix, + @{bin}/cliphist rPUx, @{bin}/xdg-mime rPx, owner @{tmp}/wl-copy-buffer-*/{,**} rw, From cc9e7fdde156bb11ea33bbd3b2063cd617d68ba6 Mon Sep 17 00:00:00 2001 From: valoq Date: Fri, 7 Jun 2024 10:57:21 +0200 Subject: [PATCH 18/52] add preview tools --- apparmor.d/profiles-a-f/elinks | 21 +++++++++++++++++++++ apparmor.d/profiles-a-f/ffmpegthumbnailer | 17 +++++++++++++++++ apparmor.d/profiles-g-l/img2txt | 17 +++++++++++++++++ apparmor.d/profiles-m-r/odt2txt | 17 +++++++++++++++++ apparmor.d/profiles-m-r/pdftotext | 19 +++++++++++++++++++ apparmor.d/profiles-s-z/w3m | 19 +++++++++++++++++++ 6 files changed, 110 insertions(+) create mode 100644 apparmor.d/profiles-a-f/elinks create mode 100644 apparmor.d/profiles-a-f/ffmpegthumbnailer create mode 100644 apparmor.d/profiles-g-l/img2txt create mode 100644 apparmor.d/profiles-m-r/odt2txt create mode 100644 apparmor.d/profiles-m-r/pdftotext create mode 100644 apparmor.d/profiles-s-z/w3m diff --git a/apparmor.d/profiles-a-f/elinks b/apparmor.d/profiles-a-f/elinks new file mode 100644 index 000000000..7154acb50 --- /dev/null +++ b/apparmor.d/profiles-a-f/elinks @@ -0,0 +1,21 @@ +# apparmor.d - Full set of apparmor profiles +# Copyright (C) 2024 valoq +# SPDX-License-Identifier: GPL-2.0-only + +abi , + +include + +@{exec_path} = @{bin}/elinks +profile elinks @{exec_path} { + include + include + include + include + + @{exec_path} mr, + + owner @{user_config_dirs}/elinks/{,**} rw, + + include if exists +} diff --git a/apparmor.d/profiles-a-f/ffmpegthumbnailer b/apparmor.d/profiles-a-f/ffmpegthumbnailer new file mode 100644 index 000000000..f1b3b181c --- /dev/null +++ b/apparmor.d/profiles-a-f/ffmpegthumbnailer @@ -0,0 +1,17 @@ +# apparmor.d - Full set of apparmor profiles +# Copyright (C) 2024 valoq +# SPDX-License-Identifier: GPL-2.0-only + +abi , + +include + +@{exec_path} = @{bin}/ffmpegthumbnailer +profile ffmpegthumbnailer @{exec_path} { + include + include + + @{exec_path} mr, + + include if exists +} diff --git a/apparmor.d/profiles-g-l/img2txt b/apparmor.d/profiles-g-l/img2txt new file mode 100644 index 000000000..d409f0a51 --- /dev/null +++ b/apparmor.d/profiles-g-l/img2txt @@ -0,0 +1,17 @@ +# apparmor.d - Full set of apparmor profiles +# Copyright (C) 2024 valoq +# SPDX-License-Identifier: GPL-2.0-only + +abi , + +include + +@{exec_path} = @{bin}/img2txt +profile img2txt @{exec_path} { + include + include + + @{exec_path} mr, + + include if exists +} diff --git a/apparmor.d/profiles-m-r/odt2txt b/apparmor.d/profiles-m-r/odt2txt new file mode 100644 index 000000000..13a29167e --- /dev/null +++ b/apparmor.d/profiles-m-r/odt2txt @@ -0,0 +1,17 @@ +# apparmor.d - Full set of apparmor profiles +# Copyright (C) 2024 valoq +# SPDX-License-Identifier: GPL-2.0-only + +abi , + +include + +@{exec_path} = @{bin}/odt2txt +profile odt2txt @{exec_path} { + include + include + + @{exec_path} mr, + + include if exists +} diff --git a/apparmor.d/profiles-m-r/pdftotext b/apparmor.d/profiles-m-r/pdftotext new file mode 100644 index 000000000..e0230d629 --- /dev/null +++ b/apparmor.d/profiles-m-r/pdftotext @@ -0,0 +1,19 @@ +# apparmor.d - Full set of apparmor profiles +# Copyright (C) 2024 valoq +# SPDX-License-Identifier: GPL-2.0-only + +abi , + +include + +@{exec_path} = @{bin}/pdftotext +profile pdftotext @{exec_path} { + include + include + + @{exec_path} mr, + + /usr/share/poppler/{,**} r, + + include if exists +} diff --git a/apparmor.d/profiles-s-z/w3m b/apparmor.d/profiles-s-z/w3m new file mode 100644 index 000000000..60f661496 --- /dev/null +++ b/apparmor.d/profiles-s-z/w3m @@ -0,0 +1,19 @@ +# apparmor.d - Full set of apparmor profiles +# Copyright (C) 2024 valoq +# SPDX-License-Identifier: GPL-2.0-only + +abi , + +include + +@{exec_path} = @{bin}/w3m +profile w3m @{exec_path} { + include + include + + @{exec_path} mr, + + /usr/share/terminfo/{,**} r, + + include if exists +} From 7b69b696fb8bb772defd570a1341172c2db12052 Mon Sep 17 00:00:00 2001 From: valoq Date: Fri, 7 Jun 2024 11:02:32 +0200 Subject: [PATCH 19/52] use strict abstraction --- apparmor.d/profiles-a-f/elinks | 2 +- apparmor.d/profiles-a-f/ffmpegthumbnailer | 2 +- apparmor.d/profiles-g-l/img2txt | 2 +- apparmor.d/profiles-m-r/odt2txt | 2 +- apparmor.d/profiles-m-r/pdftotext | 2 +- apparmor.d/profiles-s-z/w3m | 2 +- 6 files changed, 6 insertions(+), 6 deletions(-) diff --git a/apparmor.d/profiles-a-f/elinks b/apparmor.d/profiles-a-f/elinks index 7154acb50..ee9c4bd13 100644 --- a/apparmor.d/profiles-a-f/elinks +++ b/apparmor.d/profiles-a-f/elinks @@ -11,7 +11,7 @@ profile elinks @{exec_path} { include include include - include + include @{exec_path} mr, diff --git a/apparmor.d/profiles-a-f/ffmpegthumbnailer b/apparmor.d/profiles-a-f/ffmpegthumbnailer index f1b3b181c..34d37e759 100644 --- a/apparmor.d/profiles-a-f/ffmpegthumbnailer +++ b/apparmor.d/profiles-a-f/ffmpegthumbnailer @@ -9,7 +9,7 @@ include @{exec_path} = @{bin}/ffmpegthumbnailer profile ffmpegthumbnailer @{exec_path} { include - include + include @{exec_path} mr, diff --git a/apparmor.d/profiles-g-l/img2txt b/apparmor.d/profiles-g-l/img2txt index d409f0a51..1b3518777 100644 --- a/apparmor.d/profiles-g-l/img2txt +++ b/apparmor.d/profiles-g-l/img2txt @@ -9,7 +9,7 @@ include @{exec_path} = @{bin}/img2txt profile img2txt @{exec_path} { include - include + include @{exec_path} mr, diff --git a/apparmor.d/profiles-m-r/odt2txt b/apparmor.d/profiles-m-r/odt2txt index 13a29167e..9be8b8642 100644 --- a/apparmor.d/profiles-m-r/odt2txt +++ b/apparmor.d/profiles-m-r/odt2txt @@ -9,7 +9,7 @@ include @{exec_path} = @{bin}/odt2txt profile odt2txt @{exec_path} { include - include + include @{exec_path} mr, diff --git a/apparmor.d/profiles-m-r/pdftotext b/apparmor.d/profiles-m-r/pdftotext index e0230d629..9980cff64 100644 --- a/apparmor.d/profiles-m-r/pdftotext +++ b/apparmor.d/profiles-m-r/pdftotext @@ -9,7 +9,7 @@ include @{exec_path} = @{bin}/pdftotext profile pdftotext @{exec_path} { include - include + include @{exec_path} mr, diff --git a/apparmor.d/profiles-s-z/w3m b/apparmor.d/profiles-s-z/w3m index 60f661496..557f68c96 100644 --- a/apparmor.d/profiles-s-z/w3m +++ b/apparmor.d/profiles-s-z/w3m @@ -9,7 +9,7 @@ include @{exec_path} = @{bin}/w3m profile w3m @{exec_path} { include - include + include @{exec_path} mr, From 94a654e318b007135925a6661a6a52ce253dc06b Mon Sep 17 00:00:00 2001 From: valoq Date: Sat, 8 Jun 2024 12:50:56 +0200 Subject: [PATCH 20/52] fix lynx profile --- apparmor.d/profiles-g-l/lynx | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/apparmor.d/profiles-g-l/lynx b/apparmor.d/profiles-g-l/lynx index a9b3691d2..2c205f73c 100644 --- a/apparmor.d/profiles-g-l/lynx +++ b/apparmor.d/profiles-g-l/lynx @@ -13,6 +13,8 @@ profile lynx @{exec_path} { include include include + include + include network inet dgram, network inet6 dgram, @@ -20,20 +22,19 @@ profile lynx @{exec_path} { network inet6 stream, @{exec_path} mr, - - /etc/lynx/{,*} r, - + @{sh_path} rix, + + /usr/share/terminfo/{,**} r, /usr/share/doc/lynx-common/** r, - /etc/mime.types r, - - @{sh_path} rix, + /etc/lynx.cfg r, + /etc/lynx.lss r, + /etc/lynx/{,**} r, /etc/mailcap r, + /etc/mime.types r, owner @{tmp}/lynxXXXX*/ rw, owner @{tmp}/lynxXXXX*/*TMP.html{,.gz} rw, - owner @{HOME}/ r, - include if exists } From d7e09d88fd64998e86540e0fffb93bc94617e559 Mon Sep 17 00:00:00 2001 From: valoq Date: Sat, 8 Jun 2024 12:58:01 +0200 Subject: [PATCH 21/52] complete browsers --- apparmor.d/profiles-a-f/elinks | 6 ++++++ apparmor.d/profiles-s-z/w3m | 8 ++++++++ 2 files changed, 14 insertions(+) diff --git a/apparmor.d/profiles-a-f/elinks b/apparmor.d/profiles-a-f/elinks index ee9c4bd13..d926271f5 100644 --- a/apparmor.d/profiles-a-f/elinks +++ b/apparmor.d/profiles-a-f/elinks @@ -11,8 +11,14 @@ profile elinks @{exec_path} { include include include + include include + network inet dgram, + network inet6 dgram, + network inet stream, + network inet6 stream, + @{exec_path} mr, owner @{user_config_dirs}/elinks/{,**} rw, diff --git a/apparmor.d/profiles-s-z/w3m b/apparmor.d/profiles-s-z/w3m index 557f68c96..772d07f8e 100644 --- a/apparmor.d/profiles-s-z/w3m +++ b/apparmor.d/profiles-s-z/w3m @@ -9,8 +9,16 @@ include @{exec_path} = @{bin}/w3m profile w3m @{exec_path} { include + include + include + include include + network inet dgram, + network inet6 dgram, + network inet stream, + network inet6 stream, + @{exec_path} mr, /usr/share/terminfo/{,**} r, From 26e7da6641df8f4cdbb50d0a16aef1dee8631107 Mon Sep 17 00:00:00 2001 From: valoq Date: Thu, 13 Jun 2024 11:01:19 +0200 Subject: [PATCH 22/52] add config dirs --- apparmor.d/profiles-s-z/w3m | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/apparmor.d/profiles-s-z/w3m b/apparmor.d/profiles-s-z/w3m index 772d07f8e..4cc6b57e0 100644 --- a/apparmor.d/profiles-s-z/w3m +++ b/apparmor.d/profiles-s-z/w3m @@ -23,5 +23,11 @@ profile w3m @{exec_path} { /usr/share/terminfo/{,**} r, + /etc/w3m/{,**} r, + owner @{HOME}/.w3m/{,**} r, + owner @{user_config_dirs}/w3m/{,**} r, + + owner /tmp/@{rand6}/{,**} rw, + include if exists } From eefb67351f518987206b00ab49ce756a2fceb40b Mon Sep 17 00:00:00 2001 From: Stoppedpuma <58333920+Stoppedpuma@users.noreply.github.com> Date: Fri, 14 Jun 2024 06:40:09 +0200 Subject: [PATCH 23/52] Add missing `user_games_dirs` and reorganise alphabetically Also adds (s) after "Default Value" to make it more clear that you can add multiple values. --- docs/variables.md | 81 ++++++++++++++++++++++++----------------------- 1 file changed, 41 insertions(+), 40 deletions(-) diff --git a/docs/variables.md b/docs/variables.md index 6ea5285c8..0ca199f62 100644 --- a/docs/variables.md +++ b/docs/variables.md @@ -6,61 +6,64 @@ title: Variables References ### User directories -| Description | Name | Default Value | +| Description | Name | Default Value(s) | |-------------|:----:|---------------| +| Books | `@{XDG_BOOKS_DIR}` | `Books` | | Desktop | `@{XDG_DESKTOP_DIR}` | `Desktop` | -| Download | `@{XDG_DOWNLOAD_DIR}` | `Downloads` | -| Templates | `@{XDG_TEMPLATES_DIR}` | `Templates` | -| Public | `@{XDG_PUBLICSHARE_DIR}` | `Public` | +| Disk images | `@{XDG_IMG_DIR}` | `images` | | Documents | `@{XDG_DOCUMENTS_DIR}` | `Documents` | +| Download | `@{XDG_DOWNLOAD_DIR}` | `Downloads` | | Music | `@{XDG_MUSIC_DIR}` | `Music` | | Pictures | `@{XDG_PICTURES_DIR}` | `Pictures` | -| Videos | `@{XDG_VIDEOS_DIR}` | `Videos` | -| Books | `@{XDG_BOOKS_DIR}` | `Books` | | Projects | `@{XDG_PROJECTS_DIR}` | `Projects` | +| Public | `@{XDG_PUBLICSHARE_DIR}` | `Public` | | Screenshots | `@{XDG_SCREENSHOTS_DIR}` | `@{XDG_PICTURES_DIR}/Screenshots` | | Sync | `@{XDG_SYNC_DIR}` | `Sync` | +| Templates | `@{XDG_TEMPLATES_DIR}` | `Templates` | | Torrents | `@{XDG_TORRENTS_DIR}` | `Torrents` | +| Videos | `@{XDG_VIDEOS_DIR}` | `Videos` | | Vm | `@{XDG_VM_DIR}` | `.vm` | Wallpapers | `@{XDG_WALLPAPERS_DIR}` | `@{XDG_PICTURES_DIR}/Wallpapers` | -| Disk images | `@{XDG_IMG_DIR}` | `images` | ### Dotfiles -| Description | Name | Default Value | +| Description | Name | Default Value(s) | |-------------|:----:|---------------| -| SSH | `@{XDG_SSH_DIR}` | `.ssh` | -| GPG | `@{XDG_GPG_DIR}` | `.gnupg` | -| Passwords | `@{XDG_PASSWORD_STORE_DIR}` | `.password-store` | +| Bin | `@{XDG_BIN_DIR}` | `.local/bin` | | Cache | ` @{XDG_CACHE_DIR}` | `.cache` | | Config | `@{XDG_CONFIG_DIR}` | `.config` | | Data | `@{XDG_DATA_DIR}` | `.local/share` | -| State | `@{XDG_STATE_DIR}` | `.local/state` | -| Bin | `@{XDG_BIN_DIR}` | `.local/bin` | +| GPG | `@{XDG_GPG_DIR}` | `.gnupg` | | Lib | `@{XDG_LIB_DIR}` | `.local/lib` | +| Passwords | `@{XDG_PASSWORD_STORE_DIR}` | `.password-store` | +| SSH | `@{XDG_SSH_DIR}` | `.ssh` | +| State | `@{XDG_STATE_DIR}` | `.local/state` | ### Full configuration path -| Description | Name | Default Value | +| Description | Name | Default Value(s) | |-------------|:----:|---------------| +| Bin | `@{user_bin_dirs}` | `@{HOME}/@{XDG_BIN_DIR}` | +| Build | `@{user_build_dirs}` | `/tmp/` | | Cache | `@{user_cache_dirs}` | `@{HOME}/@{XDG_CACHE_DIR}` | | Config | `@{user_config_dirs}` | `@{HOME}/@{XDG_CONFIG_DIR}` | +| Lib | `@{user_lib_dirs}` | `@{HOME}/@{XDG_LIB_DIR}` | +| Packages | `@{user_pkg_dirs}` | `/tmp/pkg/` | | Share | `@{user_share_dirs}` | ` @{HOME}/@{XDG_DATA_DIR}` | | State | `@{user_state_dirs}` | ` @{HOME}/@{XDG_STATE_DIR}` | -| Bin | `@{user_bin_dirs}` | `@{HOME}/@{XDG_BIN_DIR}` | -| Lib | `@{user_lib_dirs}` | `@{HOME}/@{XDG_LIB_DIR}` | -| Build | `@{user_build_dirs}` | `/tmp/` | | Tmp | `@{user_tmp_dirs}` | `@{run}/user/@{uid} /tmp/` | -| Packages | `@{user_pkg_dirs}` | `/tmp/pkg/` | ### Full user path -| Description | Name | Default Value | +| Description | Name | Default Value(s) | |-------------|:----:|---------------| | Books | `@{user_books_dirs}` | `@{HOME}/@{XDG_BOOKS_DIR} @{MOUNTS}/@{XDG_BOOKS_DIR}` | +| Disk images | `@{user_img_dirs}` | `@{HOME}/@{XDG_IMG_DIR} @{MOUNTS}/@{XDG_IMG_DIR}` | | Documents | `@{user_documents_dirs}` | `@{HOME}/@{XDG_DOCUMENTS_DIR} @{MOUNTS}/@{XDG_DOCUMENTS_DIR}` | | Download | `@{user_download_dirs}` | `@{HOME}/@{XDG_DOWNLOAD_DIR} @{MOUNTS}/@{XDG_DOWNLOAD_DIR}` | +| Games | `@{user_games_dirs}` | `@{HOME}/@{XDG_GAMES_DIR} @{MOUNTS}/@{XDG_GAMES_DIR}` | | Music | `@{user_music_dirs}` | `@{HOME}/@{XDG_MUSIC_DIR} @{MOUNTS}/@{XDG_MUSIC_DIR}` | +| Password | `@{user_password_store_dirs}` | `@{HOME}/@{XDG_PASSWORD_STORE_DIR} @{MOUNTS}/@{XDG_PASSWORD_STORE_DIR}` | | Pictures | `@{user_pictures_dirs}` | `@{HOME}/@{XDG_PICTURES_DIR} @{MOUNTS}/@{XDG_PICTURES_DIR}` | | Projects | `@{user_projects_dirs}` | `@{HOME}/@{XDG_PROJECTS_DIR} @{MOUNTS}/@{XDG_PROJECTS_DIR}` | | Public | `@{user_publicshare_dirs}` | `@{HOME}/@{XDG_PUBLICSHARE_DIR} @{MOUNTS}/@{XDG_PUBLICSHARE_DIR}` | @@ -69,8 +72,6 @@ title: Variables References | Torrents | `@{user_torrents_dirs}` | `@{HOME}/@{XDG_TORRENTS_DIR} @{MOUNTS}/@{XDG_TORRENTS_DIR}` | | Videos | `@{user_videos_dirs}` | `@{HOME}/@{XDG_VIDEOS_DIR} @{MOUNTS}/@{XDG_VIDEOS_DIR}` | | Vm | `@{user_vm_dirs}` | `@{HOME}/@{XDG_VM_DIR} @{MOUNTS}/@{XDG_VM_DIR}` -| Password | `@{user_password_store_dirs}` | `@{HOME}/@{XDG_PASSWORD_STORE_DIR} @{MOUNTS}/@{XDG_PASSWORD_STORE_DIR}` | -| Disk images | `@{user_img_dirs}` | `@{HOME}/@{XDG_IMG_DIR} @{MOUNTS}/@{XDG_IMG_DIR}` | ## System variables @@ -81,46 +82,46 @@ title: Variables References **Helper variables** -| Description | Name | Default Value | +| Description | Name | Default Value(s) | |-------------|:----:|---------------| -| Integer (up to 10 digits) | `@{int}` | `[0-9]{[0-9],}{[0-9],}{[0-9],}{[0-9],}{[0-9],}{[0-9],}{[0-9],}{[0-9],}{[0-9],}` | | Any 6, 8 or 10 characters | `@{rand6}`, `@{rand8}`, `@{rand10}` | | -| Hexadecimal | `@{h}*@{h}` | | -| Universally unique identifier | `@{uuid}` | | | Current Process id | `@{pid}` | `[0-9]*` | -| Processes ids | `@{pids}` | `[0-9]*` | -| User id | `@{uid}` | `[0-9]*` | -| Thread id | `@{tid}` | `[0-9]*` | -| Single hexadecimal character | `@{h}` | `[0-9a-fA-F]` | -| Single alphanumeric character | `@{c}` | `[0-9a-zA-Z]` | +| Hexadecimal | `@{h}*@{h}` | | +| Integer (up to 10 digits) | `@{int}` | `[0-9]{[0-9],}{[0-9],}{[0-9],}{[0-9],}{[0-9],}{[0-9],}{[0-9],}{[0-9],}{[0-9],}` | | PCI Devices | `@{pci}` | `@{pci_bus}/**/` | | PCI Bus | `@{pci_bus}` | `pci@{h}@{h}@{h}@{h}:@{h}@{h}` | | PCI Id | `@{pci_id}` | `@{h}@{h}@{h}@{h}:@{h}@{h}:@{h}@{h}.@{h}` | +| Processes ids | `@{pids}` | `[0-9]*` | +| Single hexadecimal character | `@{h}` | `[0-9a-fA-F]` | +| Single alphanumeric character | `@{c}` | `[0-9a-zA-Z]` | +| Thread id | `@{tid}` | `[0-9]*` | +| Universally unique identifier | `@{uuid}` | | +| User id | `@{uid}` | `[0-9]*` | **System Paths** -| Description | Name | Default Value | +| Description | Name | Default Value(s) | |-------------|:----:|---------------| -| Root Home | `@{HOMEDIRS}` | `/home/` | -| Home directories | `@{HOME}` | `@{HOMEDIRS}/*/ /root/` | -| Root Mountpoints | `@{MOUNTDIRS}` | `/media/ @{run}/media/ /mnt/` | -| Mountpoints directories | `@{MOUNTS}` | `@{MOUNTDIRS}/*/` | | Bin | `@{bin}` | `/{usr/,}{s,}bin` | +| Flatpack export | `@{flatpak_exports_root}` | `{flatpak/exports,flatpak/{app,runtime}/*/*/*/*/export}` | +| Home directories | `@{HOME}` | `@{HOMEDIRS}/*/ /root/` | | Lib | `@{lib}` | `/{usr/,}lib{,exec,32,64}` | -| multi-arch library | `@{multiarch}` | `*-linux-gnu*` | | Proc | `@{PROC}` | `/proc/` | +| Mountpoints directories | `@{MOUNTS}` | `@{MOUNTDIRS}/*/` | +| multi-arch library | `@{multiarch}` | `*-linux-gnu*` | +| Root Home | `@{HOMEDIRS}` | `/home/` | +| Root Mountpoints | `@{MOUNTDIRS}` | `/media/ @{run}/media/ /mnt/` | | Run | `@{run}` | `/run/ /var/run/` | | Sys | `@{sys}` | `/sys/` | -| Flatpack export | `@{flatpak_exports_root}` | `{flatpak/exports,flatpak/{app,runtime}/*/*/*/*/export}` | | System wide share | `@{system_share_dirs}` | `/{usr,usr/local,var/lib/@{flatpak_exports_root}}/share` | **Program paths** -| Description | Name | Default Value | +| Description | Name | Default Value(s) | |-------------|:----:|---------------| +| All browser paths | `@{*_path}` | See [tunables/multiarch.d/paths](https://github.com/roddhjav/apparmor.d/blob/c2d88c9bffc626fcf7d9b15b42b50706afb29562/apparmor.d/tunables/multiarch.d/paths#L11) | All the shells | `@{shells}` | `sh zsh bash dash fish rbash ksh tcsh csh` | -| Shells path | `@{shells_path}` | `@{bin}/@{shells}` | | Coreutils programs that should not have dedicated profile | `@{coreutils}` | See [tunables/multiarch.d/paths](https://github.com/roddhjav/apparmor.d/blob/c2d88c9bffc626fcf7d9b15b42b50706afb29562/apparmor.d/tunables/multiarch.d/paths#L46) | | Coreutils paths | `@{coreutils_path}` | `@{bin}/@{coreutils}` | | Launcher paths | `@{open_path}` | `@{bin}/exo-open @{bin}/xdg-open @{lib}/@{multiarch}/glib-[0-9]*/gio-launch-desktop @{lib}/gio-launch-desktop` -| All browser paths | `@{*_path}` | See [tunables/multiarch.d/paths](https://github.com/roddhjav/apparmor.d/blob/c2d88c9bffc626fcf7d9b15b42b50706afb29562/apparmor.d/tunables/multiarch.d/paths#L11) +| Shells path | `@{shells_path}` | `@{bin}/@{shells}` | From afbe5a95d06ab1495c9ac153e8c26a4f3db9d548 Mon Sep 17 00:00:00 2001 From: Stoppedpuma <58333920+Stoppedpuma@users.noreply.github.com> Date: Fri, 14 Jun 2024 06:53:22 +0200 Subject: [PATCH 24/52] Add XDG_GAMES_DIR --- docs/variables.md | 1 + 1 file changed, 1 insertion(+) diff --git a/docs/variables.md b/docs/variables.md index 0ca199f62..efbcb8e18 100644 --- a/docs/variables.md +++ b/docs/variables.md @@ -13,6 +13,7 @@ title: Variables References | Disk images | `@{XDG_IMG_DIR}` | `images` | | Documents | `@{XDG_DOCUMENTS_DIR}` | `Documents` | | Download | `@{XDG_DOWNLOAD_DIR}` | `Downloads` | +| Games | `@{XDG_GAMES_DIR}` | `.games` | | Music | `@{XDG_MUSIC_DIR}` | `Music` | | Pictures | `@{XDG_PICTURES_DIR}` | `Pictures` | | Projects | `@{XDG_PROJECTS_DIR}` | `Projects` | From aea114b1ec1c01f460f4b316a5fa00bf9e14a519 Mon Sep 17 00:00:00 2001 From: Stoppedpuma <58333920+Stoppedpuma@users.noreply.github.com> Date: Fri, 14 Jun 2024 19:54:35 +0200 Subject: [PATCH 25/52] Reorganise based on type As discussed in DMs --- docs/variables.md | 88 +++++++++++++++++++++++------------------------ 1 file changed, 44 insertions(+), 44 deletions(-) diff --git a/docs/variables.md b/docs/variables.md index efbcb8e18..6045faf03 100644 --- a/docs/variables.md +++ b/docs/variables.md @@ -8,71 +8,71 @@ title: Variables References | Description | Name | Default Value(s) | |-------------|:----:|---------------| -| Books | `@{XDG_BOOKS_DIR}` | `Books` | | Desktop | `@{XDG_DESKTOP_DIR}` | `Desktop` | -| Disk images | `@{XDG_IMG_DIR}` | `images` | | Documents | `@{XDG_DOCUMENTS_DIR}` | `Documents` | -| Download | `@{XDG_DOWNLOAD_DIR}` | `Downloads` | -| Games | `@{XDG_GAMES_DIR}` | `.games` | +| Downloads | `@{XDG_DOWNLOAD_DIR}` | `Downloads` | | Music | `@{XDG_MUSIC_DIR}` | `Music` | | Pictures | `@{XDG_PICTURES_DIR}` | `Pictures` | -| Projects | `@{XDG_PROJECTS_DIR}` | `Projects` | -| Public | `@{XDG_PUBLICSHARE_DIR}` | `Public` | -| Screenshots | `@{XDG_SCREENSHOTS_DIR}` | `@{XDG_PICTURES_DIR}/Screenshots` | -| Sync | `@{XDG_SYNC_DIR}` | `Sync` | -| Templates | `@{XDG_TEMPLATES_DIR}` | `Templates` | -| Torrents | `@{XDG_TORRENTS_DIR}` | `Torrents` | | Videos | `@{XDG_VIDEOS_DIR}` | `Videos` | -| Vm | `@{XDG_VM_DIR}` | `.vm` +| Screenshots | `@{XDG_SCREENSHOTS_DIR}` | `@{XDG_PICTURES_DIR}/Screenshots` | | Wallpapers | `@{XDG_WALLPAPERS_DIR}` | `@{XDG_PICTURES_DIR}/Wallpapers` | +| Books | `@{XDG_BOOKS_DIR}` | `Books` | +| Games | `@{XDG_GAMES_DIR}` | `.games` | +| Templates | `@{XDG_TEMPLATES_DIR}` | `Templates` | +| Public | `@{XDG_PUBLICSHARE_DIR}` | `Public` | +| Projects | `@{XDG_PROJECTS_DIR}` | `Projects` | +| Sync | `@{XDG_SYNC_DIR}` | `Sync` | +| Torrents | `@{XDG_TORRENTS_DIR}` | `Torrents` | +| Vm | `@{XDG_VM_DIR}` | `.vm` +| Disk images | `@{XDG_IMG_DIR}` | `images` | ### Dotfiles | Description | Name | Default Value(s) | |-------------|:----:|---------------| -| Bin | `@{XDG_BIN_DIR}` | `.local/bin` | | Cache | ` @{XDG_CACHE_DIR}` | `.cache` | | Config | `@{XDG_CONFIG_DIR}` | `.config` | | Data | `@{XDG_DATA_DIR}` | `.local/share` | -| GPG | `@{XDG_GPG_DIR}` | `.gnupg` | -| Lib | `@{XDG_LIB_DIR}` | `.local/lib` | -| Passwords | `@{XDG_PASSWORD_STORE_DIR}` | `.password-store` | -| SSH | `@{XDG_SSH_DIR}` | `.ssh` | | State | `@{XDG_STATE_DIR}` | `.local/state` | +| Bin | `@{XDG_BIN_DIR}` | `.local/bin` | +| Lib | `@{XDG_LIB_DIR}` | `.local/lib` | +| GPG | `@{XDG_GPG_DIR}` | `.gnupg` | +| SSH | `@{XDG_SSH_DIR}` | `.ssh` | +| Passwords | `@{XDG_PASSWORD_STORE_DIR}` | `.password-store` | ### Full configuration path | Description | Name | Default Value(s) | |-------------|:----:|---------------| -| Bin | `@{user_bin_dirs}` | `@{HOME}/@{XDG_BIN_DIR}` | -| Build | `@{user_build_dirs}` | `/tmp/` | | Cache | `@{user_cache_dirs}` | `@{HOME}/@{XDG_CACHE_DIR}` | | Config | `@{user_config_dirs}` | `@{HOME}/@{XDG_CONFIG_DIR}` | +| Bin | `@{user_bin_dirs}` | `@{HOME}/@{XDG_BIN_DIR}` | | Lib | `@{user_lib_dirs}` | `@{HOME}/@{XDG_LIB_DIR}` | -| Packages | `@{user_pkg_dirs}` | `/tmp/pkg/` | | Share | `@{user_share_dirs}` | ` @{HOME}/@{XDG_DATA_DIR}` | | State | `@{user_state_dirs}` | ` @{HOME}/@{XDG_STATE_DIR}` | +| Build | `@{user_build_dirs}` | `/tmp/` | +| Packages | `@{user_pkg_dirs}` | `/tmp/pkg/` | | Tmp | `@{user_tmp_dirs}` | `@{run}/user/@{uid} /tmp/` | ### Full user path | Description | Name | Default Value(s) | |-------------|:----:|---------------| -| Books | `@{user_books_dirs}` | `@{HOME}/@{XDG_BOOKS_DIR} @{MOUNTS}/@{XDG_BOOKS_DIR}` | -| Disk images | `@{user_img_dirs}` | `@{HOME}/@{XDG_IMG_DIR} @{MOUNTS}/@{XDG_IMG_DIR}` | | Documents | `@{user_documents_dirs}` | `@{HOME}/@{XDG_DOCUMENTS_DIR} @{MOUNTS}/@{XDG_DOCUMENTS_DIR}` | -| Download | `@{user_download_dirs}` | `@{HOME}/@{XDG_DOWNLOAD_DIR} @{MOUNTS}/@{XDG_DOWNLOAD_DIR}` | -| Games | `@{user_games_dirs}` | `@{HOME}/@{XDG_GAMES_DIR} @{MOUNTS}/@{XDG_GAMES_DIR}` | +| Downloads | `@{user_download_dirs}` | `@{HOME}/@{XDG_DOWNLOAD_DIR} @{MOUNTS}/@{XDG_DOWNLOAD_DIR}` | | Music | `@{user_music_dirs}` | `@{HOME}/@{XDG_MUSIC_DIR} @{MOUNTS}/@{XDG_MUSIC_DIR}` | -| Password | `@{user_password_store_dirs}` | `@{HOME}/@{XDG_PASSWORD_STORE_DIR} @{MOUNTS}/@{XDG_PASSWORD_STORE_DIR}` | | Pictures | `@{user_pictures_dirs}` | `@{HOME}/@{XDG_PICTURES_DIR} @{MOUNTS}/@{XDG_PICTURES_DIR}` | +| Videos | `@{user_videos_dirs}` | `@{HOME}/@{XDG_VIDEOS_DIR} @{MOUNTS}/@{XDG_VIDEOS_DIR}` | +| Books | `@{user_books_dirs}` | `@{HOME}/@{XDG_BOOKS_DIR} @{MOUNTS}/@{XDG_BOOKS_DIR}` | +| Games | `@{user_games_dirs}` | `@{HOME}/@{XDG_GAMES_DIR} @{MOUNTS}/@{XDG_GAMES_DIR}` | +| Passwords | `@{user_password_store_dirs}` | `@{HOME}/@{XDG_PASSWORD_STORE_DIR} @{MOUNTS}/@{XDG_PASSWORD_STORE_DIR}` | | Projects | `@{user_projects_dirs}` | `@{HOME}/@{XDG_PROJECTS_DIR} @{MOUNTS}/@{XDG_PROJECTS_DIR}` | | Public | `@{user_publicshare_dirs}` | `@{HOME}/@{XDG_PUBLICSHARE_DIR} @{MOUNTS}/@{XDG_PUBLICSHARE_DIR}` | -| Sync | `@{user_sync_dirs}` | `@{HOME}/@{XDG_SYNC_DIR} @{MOUNTS}/*/@{XDG_SYNC_DIR}` | | Templates | `@{user_templates_dirs}` | `@{HOME}/@{XDG_TEMPLATES_DIR} @{MOUNTS}/@{XDG_TEMPLATES_DIR}` | | Torrents | `@{user_torrents_dirs}` | `@{HOME}/@{XDG_TORRENTS_DIR} @{MOUNTS}/@{XDG_TORRENTS_DIR}` | -| Videos | `@{user_videos_dirs}` | `@{HOME}/@{XDG_VIDEOS_DIR} @{MOUNTS}/@{XDG_VIDEOS_DIR}` | +| Sync | `@{user_sync_dirs}` | `@{HOME}/@{XDG_SYNC_DIR} @{MOUNTS}/*/@{XDG_SYNC_DIR}` | | Vm | `@{user_vm_dirs}` | `@{HOME}/@{XDG_VM_DIR} @{MOUNTS}/@{XDG_VM_DIR}` +| Disk images | `@{user_img_dirs}` | `@{HOME}/@{XDG_IMG_DIR} @{MOUNTS}/@{XDG_IMG_DIR}` | ## System variables @@ -85,44 +85,44 @@ title: Variables References | Description | Name | Default Value(s) | |-------------|:----:|---------------| -| Any 6, 8 or 10 characters | `@{rand6}`, `@{rand8}`, `@{rand10}` | | -| Current Process id | `@{pid}` | `[0-9]*` | -| Hexadecimal | `@{h}*@{h}` | | | Integer (up to 10 digits) | `@{int}` | `[0-9]{[0-9],}{[0-9],}{[0-9],}{[0-9],}{[0-9],}{[0-9],}{[0-9],}{[0-9],}{[0-9],}` | +| Any 6, 8 or 10 characters | `@{rand6}`, `@{rand8}`, `@{rand10}` | | +| Hexadecimal | `@{h}*@{h}` | | +| Universally unique identifier | `@{uuid}` | | +| Current Process id | `@{pid}` | `[0-9]*` | +| Processes ids | `@{pids}` | `[0-9]*` | +| User id | `@{uid}` | `[0-9]*` | +| Thread id | `@{tid}` | `[0-9]*` | +| Single hexadecimal character | `@{h}` | `[0-9a-fA-F]` | +| Single alphanumeric character | `@{c}` | `[0-9a-zA-Z]` | | PCI Devices | `@{pci}` | `@{pci_bus}/**/` | | PCI Bus | `@{pci_bus}` | `pci@{h}@{h}@{h}@{h}:@{h}@{h}` | | PCI Id | `@{pci_id}` | `@{h}@{h}@{h}@{h}:@{h}@{h}:@{h}@{h}.@{h}` | -| Processes ids | `@{pids}` | `[0-9]*` | -| Single hexadecimal character | `@{h}` | `[0-9a-fA-F]` | -| Single alphanumeric character | `@{c}` | `[0-9a-zA-Z]` | -| Thread id | `@{tid}` | `[0-9]*` | -| Universally unique identifier | `@{uuid}` | | -| User id | `@{uid}` | `[0-9]*` | **System Paths** | Description | Name | Default Value(s) | |-------------|:----:|---------------| -| Bin | `@{bin}` | `/{usr/,}{s,}bin` | -| Flatpack export | `@{flatpak_exports_root}` | `{flatpak/exports,flatpak/{app,runtime}/*/*/*/*/export}` | -| Home directories | `@{HOME}` | `@{HOMEDIRS}/*/ /root/` | -| Lib | `@{lib}` | `/{usr/,}lib{,exec,32,64}` | -| Proc | `@{PROC}` | `/proc/` | -| Mountpoints directories | `@{MOUNTS}` | `@{MOUNTDIRS}/*/` | -| multi-arch library | `@{multiarch}` | `*-linux-gnu*` | | Root Home | `@{HOMEDIRS}` | `/home/` | +| Home directories | `@{HOME}` | `@{HOMEDIRS}/*/ /root/` | | Root Mountpoints | `@{MOUNTDIRS}` | `/media/ @{run}/media/ /mnt/` | +| Mountpoints directories | `@{MOUNTS}` | `@{MOUNTDIRS}/*/` | +| Bin | `@{bin}` | `/{usr/,}{s,}bin` | +| Lib | `@{lib}` | `/{usr/,}lib{,exec,32,64}` | +| multi-arch library | `@{multiarch}` | `*-linux-gnu*` | +| Proc | `@{PROC}` | `/proc/` | | Run | `@{run}` | `/run/ /var/run/` | | Sys | `@{sys}` | `/sys/` | | System wide share | `@{system_share_dirs}` | `/{usr,usr/local,var/lib/@{flatpak_exports_root}}/share` | +| Flatpak export | `@{flatpak_exports_root}` | `{flatpak/exports,flatpak/{app,runtime}/*/*/*/*/export}` | **Program paths** | Description | Name | Default Value(s) | |-------------|:----:|---------------| -| All browser paths | `@{*_path}` | See [tunables/multiarch.d/paths](https://github.com/roddhjav/apparmor.d/blob/c2d88c9bffc626fcf7d9b15b42b50706afb29562/apparmor.d/tunables/multiarch.d/paths#L11) | All the shells | `@{shells}` | `sh zsh bash dash fish rbash ksh tcsh csh` | +| Shells path | `@{shells_path}` | `@{bin}/@{shells}` | | Coreutils programs that should not have dedicated profile | `@{coreutils}` | See [tunables/multiarch.d/paths](https://github.com/roddhjav/apparmor.d/blob/c2d88c9bffc626fcf7d9b15b42b50706afb29562/apparmor.d/tunables/multiarch.d/paths#L46) | | Coreutils paths | `@{coreutils_path}` | `@{bin}/@{coreutils}` | | Launcher paths | `@{open_path}` | `@{bin}/exo-open @{bin}/xdg-open @{lib}/@{multiarch}/glib-[0-9]*/gio-launch-desktop @{lib}/gio-launch-desktop` -| Shells path | `@{shells_path}` | `@{bin}/@{shells}` | +| All browser paths | `@{*_path}` | See [tunables/multiarch.d/paths](https://github.com/roddhjav/apparmor.d/blob/c2d88c9bffc626fcf7d9b15b42b50706afb29562/apparmor.d/tunables/multiarch.d/paths#L11) From 117e63d88fc2b782111c8b98885a26869bc1be93 Mon Sep 17 00:00:00 2001 From: Alexandre Pujol Date: Fri, 14 Jun 2024 20:50:17 +0100 Subject: [PATCH 26/52] fix: ensure filter directive get cleaned on build. --- apparmor.d/abstractions/authentication.d/complete | 1 + pkg/prebuild/directive/core.go | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/apparmor.d/abstractions/authentication.d/complete b/apparmor.d/abstractions/authentication.d/complete index 57ffc77f2..a6a4e3757 100644 --- a/apparmor.d/abstractions/authentication.d/complete +++ b/apparmor.d/abstractions/authentication.d/complete @@ -11,3 +11,4 @@ @{lib}/security-misc/pam_faillock_not_if_x rPx, @{lib}/security-misc/pam-abort-on-locked-password rPx, @{lib}/security-misc/pam-info rPx, + diff --git a/pkg/prebuild/directive/core.go b/pkg/prebuild/directive/core.go index 53176b01d..d14dd4861 100644 --- a/pkg/prebuild/directive/core.go +++ b/pkg/prebuild/directive/core.go @@ -65,7 +65,7 @@ func NewOption(file *paths.Path, match []string) *Option { // Useful to remove directive text applied on some condition only func (o *Option) Clean(profile string) string { reg := regexp.MustCompile(`\s*` + Keyword + o.Name + ` .*$`) - return reg.ReplaceAllString(profile, "") + return strings.Replace(profile, o.Raw, reg.ReplaceAllString(o.Raw, ""), 1) } func RegisterDirective(d Directive) { From 33c78ea4cfeec3b63bfe2cc3b4472769263926d4 Mon Sep 17 00:00:00 2001 From: Alexandre Pujol Date: Fri, 14 Jun 2024 21:02:34 +0100 Subject: [PATCH 27/52] build(opensure): ensure docker build has apparmor-profiles. --- dists/docker.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dists/docker.sh b/dists/docker.sh index 19a8737ae..500918c5f 100644 --- a/dists/docker.sh +++ b/dists/docker.sh @@ -100,7 +100,7 @@ build_in_docker_rpm() { docker pull "$BASEIMAGE/$dist" docker run -tid --name "$img" --volume "$VOLUME:$BUILDIR" \ "$BASEIMAGE/$dist" - docker exec "$img" sudo zypper install -y distribution-release golang-packaging rsync + docker exec "$img" sudo zypper install -y distribution-release golang-packaging rsync apparmor-profiles fi docker exec --workdir="$BUILDIR/$PKGNAME" "$img" bash dists/build.sh rpm From d8dcdb0d3c2e6e46b16c09dc0584025ec44fdd31 Mon Sep 17 00:00:00 2001 From: Stoppedpuma <58333920+Stoppedpuma@users.noreply.github.com> Date: Fri, 14 Jun 2024 20:40:45 +0200 Subject: [PATCH 28/52] Add missing variables to docs --- docs/variables.md | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/docs/variables.md b/docs/variables.md index 6045faf03..a70358263 100644 --- a/docs/variables.md +++ b/docs/variables.md @@ -21,9 +21,13 @@ title: Variables References | Templates | `@{XDG_TEMPLATES_DIR}` | `Templates` | | Public | `@{XDG_PUBLICSHARE_DIR}` | `Public` | | Projects | `@{XDG_PROJECTS_DIR}` | `Projects` | +| Private | `@{XDG_PRIVATE_DIR}` | `.{p,P}rivate {p,P}rivate` | +| Work | `@{XDG_WORK_DIR}` | `Work` | +| Mail | `@{XDG_MAIL_DIR}` | `Mail .{m,M}ail` | | Sync | `@{XDG_SYNC_DIR}` | `Sync` | | Torrents | `@{XDG_TORRENTS_DIR}` | `Torrents` | | Vm | `@{XDG_VM_DIR}` | `.vm` +| Vm Shares | `@{XDG_VM_SHARES_DIR}` | `VM_Shares` | Disk images | `@{XDG_IMG_DIR}` | `images` | ### Dotfiles @@ -38,7 +42,9 @@ title: Variables References | Lib | `@{XDG_LIB_DIR}` | `.local/lib` | | GPG | `@{XDG_GPG_DIR}` | `.gnupg` | | SSH | `@{XDG_SSH_DIR}` | `.ssh` | +| Private | `@{XDG_PRIVATE_DIR}` | `.{p,P}rivate {p,P}rivate` | | Passwords | `@{XDG_PASSWORD_STORE_DIR}` | `.password-store` | +| Mail | `@{XDG_MAIL_DIR}` | `Mail .{m,M}ail` | ### Full configuration path @@ -65,14 +71,18 @@ title: Variables References | Videos | `@{user_videos_dirs}` | `@{HOME}/@{XDG_VIDEOS_DIR} @{MOUNTS}/@{XDG_VIDEOS_DIR}` | | Books | `@{user_books_dirs}` | `@{HOME}/@{XDG_BOOKS_DIR} @{MOUNTS}/@{XDG_BOOKS_DIR}` | | Games | `@{user_games_dirs}` | `@{HOME}/@{XDG_GAMES_DIR} @{MOUNTS}/@{XDG_GAMES_DIR}` | +| Private | `@{user_private_dirs}` | `@{HOME}/@{XDG_PRIVATE_DIR} @{MOUNTS}/@{XDG_PRIVATE_DIR}` | | Passwords | `@{user_password_store_dirs}` | `@{HOME}/@{XDG_PASSWORD_STORE_DIR} @{MOUNTS}/@{XDG_PASSWORD_STORE_DIR}` | +| Work | `@{user_work_dirs}` | `@{HOME}/@{XDG_WORK_DIR} @{MOUNTS}/@{XDG_WORK_DIR}` | +| Mail | `@{user_mail_dirs}` | `@{HOME}/@{XDG_MAIL_DIR} @{MOUNTS}/@{XDG_MAIL_DIR}` | | Projects | `@{user_projects_dirs}` | `@{HOME}/@{XDG_PROJECTS_DIR} @{MOUNTS}/@{XDG_PROJECTS_DIR}` | | Public | `@{user_publicshare_dirs}` | `@{HOME}/@{XDG_PUBLICSHARE_DIR} @{MOUNTS}/@{XDG_PUBLICSHARE_DIR}` | | Templates | `@{user_templates_dirs}` | `@{HOME}/@{XDG_TEMPLATES_DIR} @{MOUNTS}/@{XDG_TEMPLATES_DIR}` | | Torrents | `@{user_torrents_dirs}` | `@{HOME}/@{XDG_TORRENTS_DIR} @{MOUNTS}/@{XDG_TORRENTS_DIR}` | | Sync | `@{user_sync_dirs}` | `@{HOME}/@{XDG_SYNC_DIR} @{MOUNTS}/*/@{XDG_SYNC_DIR}` | | Vm | `@{user_vm_dirs}` | `@{HOME}/@{XDG_VM_DIR} @{MOUNTS}/@{XDG_VM_DIR}` -| Disk images | `@{user_img_dirs}` | `@{HOME}/@{XDG_IMG_DIR} @{MOUNTS}/@{XDG_IMG_DIR}` | +| Vm Shares | `@{user_vm_shares}` | `@{HOME}/@{XDG_VM_DIR} @{MOUNTS}/@{XDG_VM_DIR}` +| Disk images | `@{user_img_dirs}` | `@{HOME}/@{XDG_VM_SHARES_DIR} @{MOUNTS}/@{XDG_VM_SHARES_DIR}` | ## System variables From 7b6ef48d7945d310fca95e7eab20d22767b306fb Mon Sep 17 00:00:00 2001 From: Stoppedpuma <58333920+Stoppedpuma@users.noreply.github.com> Date: Fri, 14 Jun 2024 20:41:02 +0200 Subject: [PATCH 29/52] Reorganise xdg-user-dirs.d tunables --- apparmor.d/tunables/xdg-user-dirs.d/apparmor.d | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apparmor.d/tunables/xdg-user-dirs.d/apparmor.d b/apparmor.d/tunables/xdg-user-dirs.d/apparmor.d index 7476a1678..2c1fedea0 100644 --- a/apparmor.d/tunables/xdg-user-dirs.d/apparmor.d +++ b/apparmor.d/tunables/xdg-user-dirs.d/apparmor.d @@ -18,9 +18,9 @@ @{user_download_dirs}=@{HOME}/@{XDG_DOWNLOAD_DIR} @{MOUNTS}/@{XDG_DOWNLOAD_DIR} @{user_music_dirs}=@{HOME}/@{XDG_MUSIC_DIR} @{MOUNTS}/@{XDG_MUSIC_DIR} @{user_pictures_dirs}=@{HOME}/@{XDG_PICTURES_DIR} @{MOUNTS}/@{XDG_PICTURES_DIR} +@{user_videos_dirs}=@{HOME}/@{XDG_VIDEOS_DIR} @{MOUNTS}/@{XDG_VIDEOS_DIR} @{user_publicshare_dirs}=@{HOME}/@{XDG_PUBLICSHARE_DIR} @{MOUNTS}/@{XDG_PUBLICSHARE_DIR} @{user_templates_dirs}=@{HOME}/@{XDG_TEMPLATES_DIR} @{MOUNTS}/@{XDG_TEMPLATES_DIR} -@{user_videos_dirs}=@{HOME}/@{XDG_VIDEOS_DIR} @{MOUNTS}/@{XDG_VIDEOS_DIR} @{user_vm_shares}=@{HOME}/@{XDG_VM_SHARES_DIR} @{MOUNTS}/@{XDG_VM_SHARES_DIR} include if exists From 307f2d6ad009e59725e97b80aa4eb5b0afa55542 Mon Sep 17 00:00:00 2001 From: Stoppedpuma <58333920+Stoppedpuma@users.noreply.github.com> Date: Fri, 14 Jun 2024 20:41:22 +0200 Subject: [PATCH 30/52] Reorganise home.d tunables --- apparmor.d/tunables/home.d/apparmor.d | 28 +++++++++++++-------------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/apparmor.d/tunables/home.d/apparmor.d b/apparmor.d/tunables/home.d/apparmor.d index 5b8204163..f79e3ab15 100644 --- a/apparmor.d/tunables/home.d/apparmor.d +++ b/apparmor.d/tunables/home.d/apparmor.d @@ -12,22 +12,22 @@ # First part, second part in /etc/apparmor.d/tunables/xdg-user-dirs.d/apparmor.d # Extra user personal directories -@{XDG_BOOKS_DIR}="Books" -@{XDG_PROJECTS_DIR}="Projects" -@{XDG_WORK_DIR}="Work" -@{XDG_SYNC_DIR}="Sync" -@{XDG_TORRENTS_DIR}="Torrents" -@{XDG_GAMES_DIR}=".games" -@{XDG_VM_DIR}=".vm" -@{XDG_VM_SHARES_DIR}="VM_Shares" @{XDG_IMG_DIR}="images" -@{XDG_MAIL_DIR}="Mail" ".{m,M}ail" @{XDG_SCREENSHOTS_DIR}="Pictures/Screenshots" @{XDG_WALLPAPERS_DIR}="Pictures/Wallpapers" +@{XDG_BOOKS_DIR}="Books" +@{XDG_GAMES_DIR}=".games" +@{XDG_PROJECTS_DIR}="Projects" +@{XDG_WORK_DIR}="Work" +@{XDG_MAIL_DIR}="Mail" ".{m,M}ail" +@{XDG_SYNC_DIR}="Sync" +@{XDG_TORRENTS_DIR}="Torrents" +@{XDG_VM_DIR}=".vm" +@{XDG_VM_SHARES_DIR}="VM_Shares" # User personal keyrings -@{XDG_SSH_DIR}=".ssh" @{XDG_GPG_DIR}=".gnupg" +@{XDG_SSH_DIR}=".ssh" @{XDG_PASSWORD_STORE_DIR}=".password-store" # User personal private directories @@ -44,9 +44,9 @@ # Full path of the user configuration directories @{user_cache_dirs}=@{HOME}/@{XDG_CACHE_DIR} @{user_config_dirs}=@{HOME}/@{XDG_CONFIG_DIR} -@{user_state_dirs}=@{HOME}/@{XDG_STATE_DIR} @{user_bin_dirs}=@{HOME}/@{XDG_BIN_DIR} @{user_lib_dirs}=@{HOME}/@{XDG_LIB_DIR} +@{user_state_dirs}=@{HOME}/@{XDG_STATE_DIR} # User build directories and output @{user_build_dirs}="/tmp/build/" @@ -57,11 +57,11 @@ # Other user directories @{user_books_dirs}=@{HOME}/@{XDG_BOOKS_DIR} @{MOUNTS}/@{XDG_BOOKS_DIR} @{user_games_dirs}=@{HOME}/@{XDG_GAMES_DIR} @{MOUNTS}/@{XDG_GAMES_DIR} +@{user_private_dirs}=@{HOME}/@{XDG_PRIVATE_DIR} @{MOUNTS}/@{XDG_PRIVATE_DIR} +@{user_password_store_dirs}=@{HOME}/@{XDG_PASSWORD_STORE_DIR} @{MOUNTS}/@{XDG_PASSWORD_STORE_DIR} +@{user_work_dirs}=@{HOME}/@{XDG_WORK_DIR} @{MOUNTS}/@{XDG_WORK_DIR} @{user_mail_dirs}=@{HOME}/@{XDG_MAIL_DIR} @{MOUNTS}/@{XDG_MAIL_DIR} @{user_projects_dirs}=@{HOME}/@{XDG_PROJECTS_DIR} @{MOUNTS}/@{XDG_PROJECTS_DIR} @{user_sync_dirs}=@{HOME}/@{XDG_SYNC_DIR} @{MOUNTS}/*/@{XDG_SYNC_DIR} @{user_torrents_dirs}=@{HOME}/@{XDG_TORRENTS_DIR} @{MOUNTS}/@{XDG_TORRENTS_DIR} @{user_vm_dirs}=@{HOME}/@{XDG_VM_DIR} @{MOUNTS}/@{XDG_VM_DIR} -@{user_work_dirs}=@{HOME}/@{XDG_WORK_DIR} @{MOUNTS}/@{XDG_WORK_DIR} -@{user_password_store_dirs}=@{HOME}/@{XDG_PASSWORD_STORE_DIR} @{MOUNTS}/@{XDG_PASSWORD_STORE_DIR} -@{user_private_dirs}=@{HOME}/@{XDG_PRIVATE_DIR} @{MOUNTS}/@{XDG_PRIVATE_DIR} From 02ea3b9ee6037e8f13bdde368da1f8b4d30a3d8e Mon Sep 17 00:00:00 2001 From: Stoppedpuma <58333920+Stoppedpuma@users.noreply.github.com> Date: Fri, 14 Jun 2024 20:48:34 +0200 Subject: [PATCH 31/52] Move disk images --- apparmor.d/tunables/home.d/apparmor.d | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apparmor.d/tunables/home.d/apparmor.d b/apparmor.d/tunables/home.d/apparmor.d index f79e3ab15..52b30897e 100644 --- a/apparmor.d/tunables/home.d/apparmor.d +++ b/apparmor.d/tunables/home.d/apparmor.d @@ -12,7 +12,6 @@ # First part, second part in /etc/apparmor.d/tunables/xdg-user-dirs.d/apparmor.d # Extra user personal directories -@{XDG_IMG_DIR}="images" @{XDG_SCREENSHOTS_DIR}="Pictures/Screenshots" @{XDG_WALLPAPERS_DIR}="Pictures/Wallpapers" @{XDG_BOOKS_DIR}="Books" @@ -24,6 +23,7 @@ @{XDG_TORRENTS_DIR}="Torrents" @{XDG_VM_DIR}=".vm" @{XDG_VM_SHARES_DIR}="VM_Shares" +@{XDG_IMG_DIR}="images" # User personal keyrings @{XDG_GPG_DIR}=".gnupg" From 6c64ef95c62dba017eb6ceeda5e4d5c12079f3b7 Mon Sep 17 00:00:00 2001 From: Alexandre Pujol Date: Fri, 14 Jun 2024 21:08:33 +0100 Subject: [PATCH 32/52] fix: ensure xdg-desktop-portal have access to download files. fix #386 --- apparmor.d/groups/freedesktop/xdg-desktop-portal | 1 + apparmor.d/groups/freedesktop/xdg-desktop-portal-gnome | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/apparmor.d/groups/freedesktop/xdg-desktop-portal b/apparmor.d/groups/freedesktop/xdg-desktop-portal index 2fef3f62c..f7801cb62 100644 --- a/apparmor.d/groups/freedesktop/xdg-desktop-portal +++ b/apparmor.d/groups/freedesktop/xdg-desktop-portal @@ -20,6 +20,7 @@ profile xdg-desktop-portal @{exec_path} flags=(attach_disconnected) { include include include + include capability sys_ptrace, diff --git a/apparmor.d/groups/freedesktop/xdg-desktop-portal-gnome b/apparmor.d/groups/freedesktop/xdg-desktop-portal-gnome index 9ca2e9b59..91eb77602 100644 --- a/apparmor.d/groups/freedesktop/xdg-desktop-portal-gnome +++ b/apparmor.d/groups/freedesktop/xdg-desktop-portal-gnome @@ -22,7 +22,7 @@ profile xdg-desktop-portal-gnome @{exec_path} flags=(attach_disconnected) { include include include - include + include network unix stream, From 6c1cdf4d582bebc6f3de365f1b528d832b3e27e6 Mon Sep 17 00:00:00 2001 From: Alexandre Pujol Date: Fri, 14 Jun 2024 21:10:02 +0100 Subject: [PATCH 33/52] fix: ensure btop can send signal fix #385 --- apparmor.d/abstractions/base.d/complete | 1 + 1 file changed, 1 insertion(+) diff --git a/apparmor.d/abstractions/base.d/complete b/apparmor.d/abstractions/base.d/complete index cc4b1a1e7..e758d050b 100644 --- a/apparmor.d/abstractions/base.d/complete +++ b/apparmor.d/abstractions/base.d/complete @@ -4,6 +4,7 @@ # SPDX-License-Identifier: GPL-2.0-only # Allow to receive some signals from new well-known profiles + signal (receive) peer=btop, signal (receive) peer=htop, signal (receive) peer=sudo, signal (receive) peer=top, From 40a30dc310ce31b92f9c393cc52b02192218e3b6 Mon Sep 17 00:00:00 2001 From: REmerald <55359236+REmerald@users.noreply.github.com> Date: Sat, 15 Jun 2024 17:20:22 +0300 Subject: [PATCH 34/52] fix(profiles-m-r): move vim modeline Move vim syntax comment to the end of the file, separated by newline, as requested in #380. --- apparmor.d/profiles-m-r/macchanger | 3 ++- apparmor.d/profiles-m-r/man | 3 ++- apparmor.d/profiles-m-r/mandb | 3 ++- apparmor.d/profiles-m-r/mate-notification-daemon | 5 +++-- apparmor.d/profiles-m-r/mdevctl | 5 +++-- apparmor.d/profiles-m-r/mediainfo | 3 ++- apparmor.d/profiles-m-r/mediainfo-gui | 3 ++- apparmor.d/profiles-m-r/megasync | 3 ++- apparmor.d/profiles-m-r/memtester | 3 ++- apparmor.d/profiles-m-r/merkaartor | 3 ++- apparmor.d/profiles-m-r/metadata-cleaner | 5 +++-- apparmor.d/profiles-m-r/mimetype | 3 ++- apparmor.d/profiles-m-r/minitube | 3 ++- apparmor.d/profiles-m-r/mission-control | 3 ++- apparmor.d/profiles-m-r/mke2fs | 3 ++- apparmor.d/profiles-m-r/mkfs-btrfs | 3 ++- apparmor.d/profiles-m-r/mkfs-fat | 3 ++- apparmor.d/profiles-m-r/mkinitramfs | 3 ++- apparmor.d/profiles-m-r/mkntfs | 3 ++- apparmor.d/profiles-m-r/mkswap | 3 ++- apparmor.d/profiles-m-r/mkvmerge | 3 ++- apparmor.d/profiles-m-r/mkvtoolnix-gui | 3 ++- apparmor.d/profiles-m-r/mlocate | 3 ++- apparmor.d/profiles-m-r/modprobed-db | 5 +++-- apparmor.d/profiles-m-r/molly-guard | 5 +++-- apparmor.d/profiles-m-r/monitorix | 3 ++- apparmor.d/profiles-m-r/mono-sgen | 3 ++- apparmor.d/profiles-m-r/mount | 3 ++- apparmor.d/profiles-m-r/mount-cifs | 3 ++- apparmor.d/profiles-m-r/mount-nfs | 3 ++- apparmor.d/profiles-m-r/mount-zfs | 3 ++- apparmor.d/profiles-m-r/mpd | 3 ++- apparmor.d/profiles-m-r/mpsyt | 3 ++- apparmor.d/profiles-m-r/mpv | 3 ++- apparmor.d/profiles-m-r/mtools | 3 ++- apparmor.d/profiles-m-r/mtr | 3 ++- apparmor.d/profiles-m-r/mtr-packet | 3 ++- apparmor.d/profiles-m-r/mullvad-setup | 5 +++-- apparmor.d/profiles-m-r/multipath | 5 +++-- apparmor.d/profiles-m-r/multipathd | 5 +++-- apparmor.d/profiles-m-r/mumble | 3 ++- apparmor.d/profiles-m-r/mumble-overlay | 3 ++- apparmor.d/profiles-m-r/murmurd | 3 ++- apparmor.d/profiles-m-r/mutt | 3 ++- apparmor.d/profiles-m-r/needrestart | 3 ++- apparmor.d/profiles-m-r/needrestart-apt-pinvoke | 5 +++-- apparmor.d/profiles-m-r/needrestart-dpkg-status | 5 +++-- apparmor.d/profiles-m-r/needrestart-iucode-scan-versions | 3 ++- apparmor.d/profiles-m-r/nemo | 3 ++- apparmor.d/profiles-m-r/netcap | 3 ++- apparmor.d/profiles-m-r/nethogs | 3 ++- apparmor.d/profiles-m-r/netstat | 3 ++- apparmor.d/profiles-m-r/newgidmap | 5 +++-- apparmor.d/profiles-m-r/newgrp | 3 ++- apparmor.d/profiles-m-r/newuidmap | 5 +++-- apparmor.d/profiles-m-r/nfsdcld | 5 +++-- apparmor.d/profiles-m-r/nft | 3 ++- apparmor.d/profiles-m-r/nmap | 3 ++- apparmor.d/profiles-m-r/nologin | 5 +++-- apparmor.d/profiles-m-r/nslookup | 3 ++- apparmor.d/profiles-m-r/ntfs-3g | 3 ++- apparmor.d/profiles-m-r/ntfs-3g-probe | 3 ++- apparmor.d/profiles-m-r/ntfscat | 3 ++- apparmor.d/profiles-m-r/ntfsclone | 3 ++- apparmor.d/profiles-m-r/ntfscluster | 3 ++- apparmor.d/profiles-m-r/ntfscmp | 3 ++- apparmor.d/profiles-m-r/ntfscp | 3 ++- apparmor.d/profiles-m-r/ntfsdecrypt | 3 ++- apparmor.d/profiles-m-r/ntfsfallocate | 3 ++- apparmor.d/profiles-m-r/ntfsfix | 3 ++- apparmor.d/profiles-m-r/ntfsinfo | 3 ++- apparmor.d/profiles-m-r/ntfslabel | 3 ++- apparmor.d/profiles-m-r/ntfsls | 3 ++- apparmor.d/profiles-m-r/ntfsmove | 3 ++- apparmor.d/profiles-m-r/ntfsrecover | 3 ++- apparmor.d/profiles-m-r/ntfsresize | 3 ++- apparmor.d/profiles-m-r/ntfssecaudit | 3 ++- apparmor.d/profiles-m-r/ntfstruncate | 3 ++- apparmor.d/profiles-m-r/ntfsundelete | 3 ++- apparmor.d/profiles-m-r/ntfsusermap | 3 ++- apparmor.d/profiles-m-r/ntfswipe | 3 ++- apparmor.d/profiles-m-r/nullmailer-send | 5 +++-- apparmor.d/profiles-m-r/numlockx | 3 ++- apparmor.d/profiles-m-r/nvidia-detector | 3 ++- apparmor.d/profiles-m-r/nvidia-persistenced | 3 ++- apparmor.d/profiles-m-r/nvidia-settings | 5 +++-- apparmor.d/profiles-m-r/nvtop | 5 +++-- apparmor.d/profiles-m-r/obamenu | 3 ++- apparmor.d/profiles-m-r/obconf | 3 ++- apparmor.d/profiles-m-r/obex-folder-listing | 3 ++- apparmor.d/profiles-m-r/obexautofs | 3 ++- apparmor.d/profiles-m-r/obexctl | 3 ++- apparmor.d/profiles-m-r/obexd | 3 ++- apparmor.d/profiles-m-r/obexfs | 3 ++- apparmor.d/profiles-m-r/obexpush-atd | 3 ++- apparmor.d/profiles-m-r/obexpushd | 3 ++- apparmor.d/profiles-m-r/obxprop | 3 ++- apparmor.d/profiles-m-r/on-ac-power | 3 ++- apparmor.d/profiles-m-r/onefetch | 5 +++-- apparmor.d/profiles-m-r/openbox | 3 ++- apparmor.d/profiles-m-r/openbox-session | 3 ++- apparmor.d/profiles-m-r/orage | 3 ++- apparmor.d/profiles-m-r/os-prober | 3 ++- apparmor.d/profiles-m-r/packagekitd | 3 ++- apparmor.d/profiles-m-r/pacmd | 3 ++- apparmor.d/profiles-m-r/pactl | 3 ++- apparmor.d/profiles-m-r/pagesize | 3 ++- apparmor.d/profiles-m-r/pam-auth-update | 3 ++- apparmor.d/profiles-m-r/pam-tmpdir-helper | 5 +++-- apparmor.d/profiles-m-r/pam/mappings | 3 ++- apparmor.d/profiles-m-r/parted | 3 ++- apparmor.d/profiles-m-r/partprobe | 3 ++- apparmor.d/profiles-m-r/pass | 3 ++- apparmor.d/profiles-m-r/pass-import | 3 ++- apparmor.d/profiles-m-r/passimd | 5 +++-- apparmor.d/profiles-m-r/passwd | 3 ++- apparmor.d/profiles-m-r/pavucontrol | 3 ++- apparmor.d/profiles-m-r/pcb-gtk | 3 ++- apparmor.d/profiles-m-r/pcscd | 3 ++- apparmor.d/profiles-m-r/picom | 3 ++- apparmor.d/profiles-m-r/pidof | 5 +++-- apparmor.d/profiles-m-r/pinentry | 5 +++-- apparmor.d/profiles-m-r/pinentry-curses | 5 +++-- apparmor.d/profiles-m-r/pinentry-gnome3 | 5 +++-- apparmor.d/profiles-m-r/pinentry-gtk-2 | 3 ++- apparmor.d/profiles-m-r/pinentry-kwallet | 3 ++- apparmor.d/profiles-m-r/pinentry-qt | 3 ++- apparmor.d/profiles-m-r/pkcs11-register | 3 ++- apparmor.d/profiles-m-r/pkexec | 3 ++- apparmor.d/profiles-m-r/pkttyagent | 3 ++- apparmor.d/profiles-m-r/plank | 3 ++- apparmor.d/profiles-m-r/plocate | 3 ++- apparmor.d/profiles-m-r/plocate-build | 3 ++- apparmor.d/profiles-m-r/popularity-contest | 3 ++- apparmor.d/profiles-m-r/power-profiles-daemon | 5 +++-- apparmor.d/profiles-m-r/protonmail-bridge | 5 +++-- apparmor.d/profiles-m-r/ps | 3 ++- apparmor.d/profiles-m-r/ps-mem | 3 ++- apparmor.d/profiles-m-r/pscap | 3 ++- apparmor.d/profiles-m-r/psi | 3 ++- apparmor.d/profiles-m-r/psi-plus | 3 ++- apparmor.d/profiles-m-r/pstree | 3 ++- apparmor.d/profiles-m-r/pulseeffects | 3 ++- apparmor.d/profiles-m-r/pwck | 3 ++- apparmor.d/profiles-m-r/qbittorrent | 3 ++- apparmor.d/profiles-m-r/qbittorrent-nox | 3 ++- apparmor.d/profiles-m-r/qemu-ga | 5 +++-- apparmor.d/profiles-m-r/qnapi | 3 ++- apparmor.d/profiles-m-r/qpdfview | 3 ++- apparmor.d/profiles-m-r/qt5ct | 3 ++- apparmor.d/profiles-m-r/qtchooser | 3 ++- apparmor.d/profiles-m-r/qtox | 3 ++- apparmor.d/profiles-m-r/quiterss | 3 ++- apparmor.d/profiles-m-r/rdmsr | 3 ++- apparmor.d/profiles-m-r/remmina | 3 ++- apparmor.d/profiles-m-r/repo | 3 ++- apparmor.d/profiles-m-r/reprepro | 3 ++- apparmor.d/profiles-m-r/resize2fs | 3 ++- apparmor.d/profiles-m-r/resolvconf | 3 ++- apparmor.d/profiles-m-r/rfkill | 3 ++- apparmor.d/profiles-m-r/rngd | 3 ++- apparmor.d/profiles-m-r/rpi-imager | 3 ++- apparmor.d/profiles-m-r/rredtool | 3 ++- apparmor.d/profiles-m-r/rsyslogd | 3 ++- apparmor.d/profiles-m-r/rtkit-daemon | 3 ++- apparmor.d/profiles-m-r/rtkitctl | 3 ++- apparmor.d/profiles-m-r/run-parts | 3 ++- apparmor.d/profiles-m-r/runuser | 3 ++- apparmor.d/profiles-m-r/rustdesk | 3 ++- apparmor.d/profiles-m-r/rustdesk-utils | 3 ++- 170 files changed, 367 insertions(+), 197 deletions(-) diff --git a/apparmor.d/profiles-m-r/macchanger b/apparmor.d/profiles-m-r/macchanger index 456e7faf2..8f4efc921 100644 --- a/apparmor.d/profiles-m-r/macchanger +++ b/apparmor.d/profiles-m-r/macchanger @@ -2,7 +2,6 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -27,3 +26,5 @@ profile macchanger @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/man b/apparmor.d/profiles-m-r/man index 721bb28f4..aa0195853 100644 --- a/apparmor.d/profiles-m-r/man +++ b/apparmor.d/profiles-m-r/man @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -114,3 +113,5 @@ profile man_filter { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/mandb b/apparmor.d/profiles-m-r/mandb index 8ed3f6a61..beeba50e8 100644 --- a/apparmor.d/profiles-m-r/mandb +++ b/apparmor.d/profiles-m-r/mandb @@ -2,7 +2,6 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -37,3 +36,5 @@ profile mandb @{exec_path} flags=(complain) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/mate-notification-daemon b/apparmor.d/profiles-m-r/mate-notification-daemon index e40102814..871434151 100644 --- a/apparmor.d/profiles-m-r/mate-notification-daemon +++ b/apparmor.d/profiles-m-r/mate-notification-daemon @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -16,4 +15,6 @@ profile mate-notification-daemon @{exec_path} { @{exec_path} mr, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/mdevctl b/apparmor.d/profiles-m-r/mdevctl index eefbd4f64..a2631c768 100644 --- a/apparmor.d/profiles-m-r/mdevctl +++ b/apparmor.d/profiles-m-r/mdevctl @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -22,4 +21,6 @@ profile mdevctl @{exec_path} { @{PROC}/@{pids}/maps r, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/mediainfo b/apparmor.d/profiles-m-r/mediainfo index aa740e696..bb7c2d59b 100644 --- a/apparmor.d/profiles-m-r/mediainfo +++ b/apparmor.d/profiles-m-r/mediainfo @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -17,3 +16,5 @@ profile mediainfo @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/mediainfo-gui b/apparmor.d/profiles-m-r/mediainfo-gui index 79230046e..4648d4ddf 100644 --- a/apparmor.d/profiles-m-r/mediainfo-gui +++ b/apparmor.d/profiles-m-r/mediainfo-gui @@ -2,7 +2,6 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -46,3 +45,5 @@ profile mediainfo-gui @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/megasync b/apparmor.d/profiles-m-r/megasync index 3f7712847..236041778 100644 --- a/apparmor.d/profiles-m-r/megasync +++ b/apparmor.d/profiles-m-r/megasync @@ -2,7 +2,6 @@ # Copyright (C) 2015-2020 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -61,3 +60,5 @@ profile megasync @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/memtester b/apparmor.d/profiles-m-r/memtester index 1ce609815..506892f0e 100644 --- a/apparmor.d/profiles-m-r/memtester +++ b/apparmor.d/profiles-m-r/memtester @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -16,3 +15,5 @@ profile memtester @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/merkaartor b/apparmor.d/profiles-m-r/merkaartor index b9613ec2d..739d18e2f 100644 --- a/apparmor.d/profiles-m-r/merkaartor +++ b/apparmor.d/profiles-m-r/merkaartor @@ -2,7 +2,6 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -58,3 +57,5 @@ profile merkaartor @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/metadata-cleaner b/apparmor.d/profiles-m-r/metadata-cleaner index f9d4adb05..142ccb78a 100644 --- a/apparmor.d/profiles-m-r/metadata-cleaner +++ b/apparmor.d/profiles-m-r/metadata-cleaner @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -61,4 +60,6 @@ profile metadata-cleaner @{exec_path} flags=(attach_disconnected) { } include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/mimetype b/apparmor.d/profiles-m-r/mimetype index a22f19c6a..da56703c3 100644 --- a/apparmor.d/profiles-m-r/mimetype +++ b/apparmor.d/profiles-m-r/mimetype @@ -2,7 +2,6 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -31,3 +30,5 @@ profile mimetype @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/minitube b/apparmor.d/profiles-m-r/minitube index 0e6379cf0..4d4d26655 100644 --- a/apparmor.d/profiles-m-r/minitube +++ b/apparmor.d/profiles-m-r/minitube @@ -2,7 +2,6 @@ # Copyright (C) 2015-2020 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -97,3 +96,5 @@ profile minitube @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/mission-control b/apparmor.d/profiles-m-r/mission-control index dc5c1c0db..267fb9d1a 100644 --- a/apparmor.d/profiles-m-r/mission-control +++ b/apparmor.d/profiles-m-r/mission-control @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -29,3 +28,5 @@ profile mission-control @{exec_path} flags=(attach_disconnected) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/mke2fs b/apparmor.d/profiles-m-r/mke2fs index 92805e83a..038de3c73 100644 --- a/apparmor.d/profiles-m-r/mke2fs +++ b/apparmor.d/profiles-m-r/mke2fs @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -40,3 +39,5 @@ profile mke2fs @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/mkfs-btrfs b/apparmor.d/profiles-m-r/mkfs-btrfs index 9e85623e6..237fc8006 100644 --- a/apparmor.d/profiles-m-r/mkfs-btrfs +++ b/apparmor.d/profiles-m-r/mkfs-btrfs @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -29,3 +28,5 @@ profile mkfs-btrfs @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/mkfs-fat b/apparmor.d/profiles-m-r/mkfs-fat index bdc5c4a78..d7f7a1cc9 100644 --- a/apparmor.d/profiles-m-r/mkfs-fat +++ b/apparmor.d/profiles-m-r/mkfs-fat @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -23,3 +22,5 @@ profile mkfs-fat @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/mkinitramfs b/apparmor.d/profiles-m-r/mkinitramfs index 9ceb83627..7f31b0762 100644 --- a/apparmor.d/profiles-m-r/mkinitramfs +++ b/apparmor.d/profiles-m-r/mkinitramfs @@ -3,7 +3,6 @@ # Copyright (C) 2022-2024 Alexandre Pujol # Copyright (C) 2022 Jeroen Rijken # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -182,3 +181,5 @@ profile mkinitramfs @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/mkntfs b/apparmor.d/profiles-m-r/mkntfs index 01bb1dbaf..ccfa5f4ed 100644 --- a/apparmor.d/profiles-m-r/mkntfs +++ b/apparmor.d/profiles-m-r/mkntfs @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -21,3 +20,5 @@ profile mkntfs @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/mkswap b/apparmor.d/profiles-m-r/mkswap index 74d2f54ac..4c732c2c6 100644 --- a/apparmor.d/profiles-m-r/mkswap +++ b/apparmor.d/profiles-m-r/mkswap @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -25,3 +24,5 @@ profile mkswap @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/mkvmerge b/apparmor.d/profiles-m-r/mkvmerge index 7973a192f..22251b87e 100644 --- a/apparmor.d/profiles-m-r/mkvmerge +++ b/apparmor.d/profiles-m-r/mkvmerge @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -28,3 +27,5 @@ profile mkvmerge @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/mkvtoolnix-gui b/apparmor.d/profiles-m-r/mkvtoolnix-gui index 8bdcd7e15..595a24666 100644 --- a/apparmor.d/profiles-m-r/mkvtoolnix-gui +++ b/apparmor.d/profiles-m-r/mkvtoolnix-gui @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -67,3 +66,5 @@ profile mkvtoolnix-gui @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/mlocate b/apparmor.d/profiles-m-r/mlocate index 21c82bedb..08fdee129 100644 --- a/apparmor.d/profiles-m-r/mlocate +++ b/apparmor.d/profiles-m-r/mlocate @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -22,3 +21,5 @@ profile mlocate @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/modprobed-db b/apparmor.d/profiles-m-r/modprobed-db index 89b7800d8..29125f192 100644 --- a/apparmor.d/profiles-m-r/modprobed-db +++ b/apparmor.d/profiles-m-r/modprobed-db @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -43,4 +42,6 @@ profile modprobed-db @{exec_path} { /dev/tty rw, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/molly-guard b/apparmor.d/profiles-m-r/molly-guard index c50aa8469..d75a5092b 100644 --- a/apparmor.d/profiles-m-r/molly-guard +++ b/apparmor.d/profiles-m-r/molly-guard @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -42,4 +41,6 @@ profile molly-guard @{exec_path} { } include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/monitorix b/apparmor.d/profiles-m-r/monitorix index 827ff6d01..cb220a7b6 100644 --- a/apparmor.d/profiles-m-r/monitorix +++ b/apparmor.d/profiles-m-r/monitorix @@ -2,7 +2,6 @@ # Copyright (C) 2022 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -106,3 +105,5 @@ profile monitorix @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/mono-sgen b/apparmor.d/profiles-m-r/mono-sgen index d676f9911..e010a83d7 100644 --- a/apparmor.d/profiles-m-r/mono-sgen +++ b/apparmor.d/profiles-m-r/mono-sgen @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -45,3 +44,5 @@ profile mono-sgen @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/mount b/apparmor.d/profiles-m-r/mount index 19c2b036a..f122b8f27 100644 --- a/apparmor.d/profiles-m-r/mount +++ b/apparmor.d/profiles-m-r/mount @@ -3,7 +3,6 @@ # Copyright (C) 2022-2024 Alexandre Pujol # Copyright (C) 2022 Jeroen Rijken # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -70,3 +69,5 @@ profile mount @{exec_path} flags=(attach_disconnected) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/mount-cifs b/apparmor.d/profiles-m-r/mount-cifs index 5b3e2c0a4..bbadcc7e0 100644 --- a/apparmor.d/profiles-m-r/mount-cifs +++ b/apparmor.d/profiles-m-r/mount-cifs @@ -2,7 +2,6 @@ # Copyright (C) 2020-2022 Mikhail Morfikov # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -47,3 +46,5 @@ profile mount-cifs @{exec_path} flags=(complain) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/mount-nfs b/apparmor.d/profiles-m-r/mount-nfs index 7a647d730..698f350ce 100644 --- a/apparmor.d/profiles-m-r/mount-nfs +++ b/apparmor.d/profiles-m-r/mount-nfs @@ -2,7 +2,6 @@ # Copyright (C) 2019-2022 Mikhail Morfikov # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -71,3 +70,5 @@ profile mount-nfs @{exec_path} flags=(complain) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/mount-zfs b/apparmor.d/profiles-m-r/mount-zfs index bb723ad8a..bc47f0a30 100644 --- a/apparmor.d/profiles-m-r/mount-zfs +++ b/apparmor.d/profiles-m-r/mount-zfs @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -45,3 +44,5 @@ profile mount-zfs @{exec_path} flags=(complain) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/mpd b/apparmor.d/profiles-m-r/mpd index 5779253fe..14a6c4acf 100644 --- a/apparmor.d/profiles-m-r/mpd +++ b/apparmor.d/profiles-m-r/mpd @@ -3,7 +3,6 @@ # Copyright (C) 2023-2024 Alexandre Pujol # Copyright (C) 2023 Jose Maldonado # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -48,3 +47,5 @@ profile mpd @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/mpsyt b/apparmor.d/profiles-m-r/mpsyt index 18c086cf2..46f239fce 100644 --- a/apparmor.d/profiles-m-r/mpsyt +++ b/apparmor.d/profiles-m-r/mpsyt @@ -2,7 +2,6 @@ # Copyright (C) 2017-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -59,3 +58,5 @@ profile mpsyt @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/mpv b/apparmor.d/profiles-m-r/mpv index 506ad9f9d..1629176dd 100644 --- a/apparmor.d/profiles-m-r/mpv +++ b/apparmor.d/profiles-m-r/mpv @@ -2,7 +2,6 @@ # Copyright (C) 2017-2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -108,3 +107,5 @@ profile mpv @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/mtools b/apparmor.d/profiles-m-r/mtools index 667ec5460..75c95fffd 100644 --- a/apparmor.d/profiles-m-r/mtools +++ b/apparmor.d/profiles-m-r/mtools @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -32,3 +31,5 @@ profile mtools @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/mtr b/apparmor.d/profiles-m-r/mtr index cf50a1d8b..5b341d8f5 100644 --- a/apparmor.d/profiles-m-r/mtr +++ b/apparmor.d/profiles-m-r/mtr @@ -2,7 +2,6 @@ # Copyright (C) 2022 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -29,3 +28,5 @@ profile mtr @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/mtr-packet b/apparmor.d/profiles-m-r/mtr-packet index 0e637ebc5..4bf15b7d5 100644 --- a/apparmor.d/profiles-m-r/mtr-packet +++ b/apparmor.d/profiles-m-r/mtr-packet @@ -2,7 +2,6 @@ # Copyright (C) 2022 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -27,3 +26,5 @@ profile mtr-packet @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/mullvad-setup b/apparmor.d/profiles-m-r/mullvad-setup index 3ff624060..db29113ce 100644 --- a/apparmor.d/profiles-m-r/mullvad-setup +++ b/apparmor.d/profiles-m-r/mullvad-setup @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -20,4 +19,6 @@ profile mullvad-setup @{exec_path} { deny network inet6 stream, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/multipath b/apparmor.d/profiles-m-r/multipath index 9d1593383..918e5a0c2 100644 --- a/apparmor.d/profiles-m-r/multipath +++ b/apparmor.d/profiles-m-r/multipath @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -33,4 +32,6 @@ profile multipath @{exec_path} flags=(attach_disconnected) { @{PROC}/sys/fs/nr_open r, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/multipathd b/apparmor.d/profiles-m-r/multipathd index d1917f385..510fb3417 100644 --- a/apparmor.d/profiles-m-r/multipathd +++ b/apparmor.d/profiles-m-r/multipathd @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -43,4 +42,6 @@ profile multipathd @{exec_path} { /dev/mapper/control rw, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/mumble b/apparmor.d/profiles-m-r/mumble index 61869179e..879d2b9bf 100644 --- a/apparmor.d/profiles-m-r/mumble +++ b/apparmor.d/profiles-m-r/mumble @@ -2,7 +2,6 @@ # Copyright (C) 2018-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -65,3 +64,5 @@ profile mumble @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/mumble-overlay b/apparmor.d/profiles-m-r/mumble-overlay index b4c82b995..61b287329 100644 --- a/apparmor.d/profiles-m-r/mumble-overlay +++ b/apparmor.d/profiles-m-r/mumble-overlay @@ -2,7 +2,6 @@ # Copyright (C) 2018-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -25,3 +24,5 @@ profile mumble-overlay @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/murmurd b/apparmor.d/profiles-m-r/murmurd index eb23ececf..aca74e562 100644 --- a/apparmor.d/profiles-m-r/murmurd +++ b/apparmor.d/profiles-m-r/murmurd @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor include @@ -44,3 +43,5 @@ profile murmurd @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/mutt b/apparmor.d/profiles-m-r/mutt index 9e5725121..1ed63e68e 100644 --- a/apparmor.d/profiles-m-r/mutt +++ b/apparmor.d/profiles-m-r/mutt @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023 Zane Zakraisek # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -158,3 +157,5 @@ profile mutt @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/needrestart b/apparmor.d/profiles-m-r/needrestart index 4d28d7e7f..e3222d2ff 100644 --- a/apparmor.d/profiles-m-r/needrestart +++ b/apparmor.d/profiles-m-r/needrestart @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -84,3 +83,5 @@ profile needrestart @{exec_path} flags=(attach_disconnected) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/needrestart-apt-pinvoke b/apparmor.d/profiles-m-r/needrestart-apt-pinvoke index eb11993e4..805f69678 100644 --- a/apparmor.d/profiles-m-r/needrestart-apt-pinvoke +++ b/apparmor.d/profiles-m-r/needrestart-apt-pinvoke @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -24,4 +23,6 @@ profile needrestart-apt-pinvoke @{exec_path} { @{run}/needrestart/{,**} rw, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/needrestart-dpkg-status b/apparmor.d/profiles-m-r/needrestart-dpkg-status index b8326e8b3..fff97e67c 100644 --- a/apparmor.d/profiles-m-r/needrestart-dpkg-status +++ b/apparmor.d/profiles-m-r/needrestart-dpkg-status @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -23,4 +22,6 @@ profile needrestart-dpkg-status @{exec_path} { @{run}/needrestart/{,**} rw, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/needrestart-iucode-scan-versions b/apparmor.d/profiles-m-r/needrestart-iucode-scan-versions index 4d6441a30..37dd180c3 100644 --- a/apparmor.d/profiles-m-r/needrestart-iucode-scan-versions +++ b/apparmor.d/profiles-m-r/needrestart-iucode-scan-versions @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -36,3 +35,5 @@ profile needrestart-iucode-scan-versions @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/nemo b/apparmor.d/profiles-m-r/nemo index 56a0a1cff..f28d053cd 100644 --- a/apparmor.d/profiles-m-r/nemo +++ b/apparmor.d/profiles-m-r/nemo @@ -2,7 +2,6 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -27,3 +26,5 @@ profile nemo @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/netcap b/apparmor.d/profiles-m-r/netcap index ddcb1d368..d1e5a2852 100644 --- a/apparmor.d/profiles-m-r/netcap +++ b/apparmor.d/profiles-m-r/netcap @@ -2,7 +2,6 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -33,3 +32,5 @@ profile netcap @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/nethogs b/apparmor.d/profiles-m-r/nethogs index 51e8b2afa..e39e64621 100644 --- a/apparmor.d/profiles-m-r/nethogs +++ b/apparmor.d/profiles-m-r/nethogs @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -32,3 +31,5 @@ profile nethogs @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/netstat b/apparmor.d/profiles-m-r/netstat index e6e0fceb1..039109ea2 100644 --- a/apparmor.d/profiles-m-r/netstat +++ b/apparmor.d/profiles-m-r/netstat @@ -4,7 +4,6 @@ # Copyright (C) 2018-2022 Mikhail Morfikov # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -48,3 +47,5 @@ profile netstat @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/newgidmap b/apparmor.d/profiles-m-r/newgidmap index dc0115e0b..9398350e1 100644 --- a/apparmor.d/profiles-m-r/newgidmap +++ b/apparmor.d/profiles-m-r/newgidmap @@ -2,7 +2,6 @@ # Copyright (C) 2021-2024 Alexandre Pujol # Copyright (C) 2022 Jeroen Rijken # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -27,4 +26,6 @@ profile newgidmap @{exec_path} { @{PROC}/@{pids}/gid_map w, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/newgrp b/apparmor.d/profiles-m-r/newgrp index 5485ae247..1878b9b5e 100644 --- a/apparmor.d/profiles-m-r/newgrp +++ b/apparmor.d/profiles-m-r/newgrp @@ -2,7 +2,6 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -32,3 +31,5 @@ profile newgrp @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/newuidmap b/apparmor.d/profiles-m-r/newuidmap index 8363b82f8..eeba22557 100644 --- a/apparmor.d/profiles-m-r/newuidmap +++ b/apparmor.d/profiles-m-r/newuidmap @@ -2,7 +2,6 @@ # Copyright (C) 2021-2024 Alexandre Pujol # Copyright (C) 2022 Jeroen Rijken # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -27,4 +26,6 @@ profile newuidmap @{exec_path} { @{PROC}/@{pids}/uid_map w, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/nfsdcld b/apparmor.d/profiles-m-r/nfsdcld index 4f56bb407..a02e226c6 100644 --- a/apparmor.d/profiles-m-r/nfsdcld +++ b/apparmor.d/profiles-m-r/nfsdcld @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -23,4 +22,6 @@ profile nfsdcld @{exec_path} { /var/lib/nfs/rpc_pipefs/nfsd/* rw, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/nft b/apparmor.d/profiles-m-r/nft index e1e36c08e..50ee826cf 100644 --- a/apparmor.d/profiles-m-r/nft +++ b/apparmor.d/profiles-m-r/nft @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -31,3 +30,5 @@ profile nft @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/nmap b/apparmor.d/profiles-m-r/nmap index 788207b91..0eb1eceba 100644 --- a/apparmor.d/profiles-m-r/nmap +++ b/apparmor.d/profiles-m-r/nmap @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -48,3 +47,5 @@ profile nmap @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/nologin b/apparmor.d/profiles-m-r/nologin index 104bf31db..fad964b64 100644 --- a/apparmor.d/profiles-m-r/nologin +++ b/apparmor.d/profiles-m-r/nologin @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -18,4 +17,6 @@ profile nologin @{exec_path} { owner @{PROC}/@{pid}/loginuid r, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/nslookup b/apparmor.d/profiles-m-r/nslookup index 8ec30d881..9ee225d9d 100644 --- a/apparmor.d/profiles-m-r/nslookup +++ b/apparmor.d/profiles-m-r/nslookup @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -24,3 +23,5 @@ profile nslookup @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/ntfs-3g b/apparmor.d/profiles-m-r/ntfs-3g index 9ef58b7fe..e5ae871b6 100644 --- a/apparmor.d/profiles-m-r/ntfs-3g +++ b/apparmor.d/profiles-m-r/ntfs-3g @@ -2,7 +2,6 @@ # Copyright (C) 2018-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -56,3 +55,5 @@ profile ntfs-3g @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/ntfs-3g-probe b/apparmor.d/profiles-m-r/ntfs-3g-probe index 387e50a55..ef870e0f0 100644 --- a/apparmor.d/profiles-m-r/ntfs-3g-probe +++ b/apparmor.d/profiles-m-r/ntfs-3g-probe @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -19,3 +18,5 @@ profile ntfs-3g-probe @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/ntfscat b/apparmor.d/profiles-m-r/ntfscat index cbed4f2ee..069a597e9 100644 --- a/apparmor.d/profiles-m-r/ntfscat +++ b/apparmor.d/profiles-m-r/ntfscat @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -21,3 +20,5 @@ profile ntfscat @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/ntfsclone b/apparmor.d/profiles-m-r/ntfsclone index 620077c1e..06fe65684 100644 --- a/apparmor.d/profiles-m-r/ntfsclone +++ b/apparmor.d/profiles-m-r/ntfsclone @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -27,3 +26,5 @@ profile ntfsclone @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/ntfscluster b/apparmor.d/profiles-m-r/ntfscluster index 114ee7009..62aff85c8 100644 --- a/apparmor.d/profiles-m-r/ntfscluster +++ b/apparmor.d/profiles-m-r/ntfscluster @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -21,3 +20,5 @@ profile ntfscluster @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/ntfscmp b/apparmor.d/profiles-m-r/ntfscmp index ddb9610ae..c5ecddc5f 100644 --- a/apparmor.d/profiles-m-r/ntfscmp +++ b/apparmor.d/profiles-m-r/ntfscmp @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -21,3 +20,5 @@ profile ntfscmp @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/ntfscp b/apparmor.d/profiles-m-r/ntfscp index 7ad2d73e2..3beeb2b7a 100644 --- a/apparmor.d/profiles-m-r/ntfscp +++ b/apparmor.d/profiles-m-r/ntfscp @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -28,3 +27,5 @@ profile ntfscp @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/ntfsdecrypt b/apparmor.d/profiles-m-r/ntfsdecrypt index a717cd021..e7ffe3188 100644 --- a/apparmor.d/profiles-m-r/ntfsdecrypt +++ b/apparmor.d/profiles-m-r/ntfsdecrypt @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -23,3 +22,5 @@ profile ntfsdecrypt @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/ntfsfallocate b/apparmor.d/profiles-m-r/ntfsfallocate index f7faaba76..670092820 100644 --- a/apparmor.d/profiles-m-r/ntfsfallocate +++ b/apparmor.d/profiles-m-r/ntfsfallocate @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -21,3 +20,5 @@ profile ntfsfallocate @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/ntfsfix b/apparmor.d/profiles-m-r/ntfsfix index b80e8d689..179b3b7a9 100644 --- a/apparmor.d/profiles-m-r/ntfsfix +++ b/apparmor.d/profiles-m-r/ntfsfix @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -21,3 +20,5 @@ profile ntfsfix @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/ntfsinfo b/apparmor.d/profiles-m-r/ntfsinfo index 968755f11..3156e7004 100644 --- a/apparmor.d/profiles-m-r/ntfsinfo +++ b/apparmor.d/profiles-m-r/ntfsinfo @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -21,3 +20,5 @@ profile ntfsinfo @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/ntfslabel b/apparmor.d/profiles-m-r/ntfslabel index b84dd812a..6eee15ef8 100644 --- a/apparmor.d/profiles-m-r/ntfslabel +++ b/apparmor.d/profiles-m-r/ntfslabel @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -21,3 +20,5 @@ profile ntfslabel @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/ntfsls b/apparmor.d/profiles-m-r/ntfsls index bb1dda661..56c2c28de 100644 --- a/apparmor.d/profiles-m-r/ntfsls +++ b/apparmor.d/profiles-m-r/ntfsls @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -21,3 +20,5 @@ profile ntfsls @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/ntfsmove b/apparmor.d/profiles-m-r/ntfsmove index 57263169b..876113c98 100644 --- a/apparmor.d/profiles-m-r/ntfsmove +++ b/apparmor.d/profiles-m-r/ntfsmove @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -21,3 +20,5 @@ profile ntfsmove @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/ntfsrecover b/apparmor.d/profiles-m-r/ntfsrecover index 331011d97..43de112c1 100644 --- a/apparmor.d/profiles-m-r/ntfsrecover +++ b/apparmor.d/profiles-m-r/ntfsrecover @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -21,3 +20,5 @@ profile ntfsrecover @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/ntfsresize b/apparmor.d/profiles-m-r/ntfsresize index ddaee0504..e0e8f58d2 100644 --- a/apparmor.d/profiles-m-r/ntfsresize +++ b/apparmor.d/profiles-m-r/ntfsresize @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -21,3 +20,5 @@ profile ntfsresize @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/ntfssecaudit b/apparmor.d/profiles-m-r/ntfssecaudit index 333636143..ee38f60a0 100644 --- a/apparmor.d/profiles-m-r/ntfssecaudit +++ b/apparmor.d/profiles-m-r/ntfssecaudit @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -22,3 +21,5 @@ profile ntfssecaudit @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/ntfstruncate b/apparmor.d/profiles-m-r/ntfstruncate index 3df08ba14..c9dec413a 100644 --- a/apparmor.d/profiles-m-r/ntfstruncate +++ b/apparmor.d/profiles-m-r/ntfstruncate @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -21,3 +20,5 @@ profile ntfstruncate @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/ntfsundelete b/apparmor.d/profiles-m-r/ntfsundelete index 0f9625a83..a01876961 100644 --- a/apparmor.d/profiles-m-r/ntfsundelete +++ b/apparmor.d/profiles-m-r/ntfsundelete @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -25,3 +24,5 @@ profile ntfsundelete @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/ntfsusermap b/apparmor.d/profiles-m-r/ntfsusermap index e125ae7ec..acc6e8bbc 100644 --- a/apparmor.d/profiles-m-r/ntfsusermap +++ b/apparmor.d/profiles-m-r/ntfsusermap @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -26,3 +25,5 @@ profile ntfsusermap @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/ntfswipe b/apparmor.d/profiles-m-r/ntfswipe index 4f90518d3..1471e1d27 100644 --- a/apparmor.d/profiles-m-r/ntfswipe +++ b/apparmor.d/profiles-m-r/ntfswipe @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -21,3 +20,5 @@ profile ntfswipe @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/nullmailer-send b/apparmor.d/profiles-m-r/nullmailer-send index 08fd62456..e27e15429 100644 --- a/apparmor.d/profiles-m-r/nullmailer-send +++ b/apparmor.d/profiles-m-r/nullmailer-send @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -23,4 +22,6 @@ profile nullmailer-send @{exec_path} { /var/spool/nullmailer/{,**} rw, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/numlockx b/apparmor.d/profiles-m-r/numlockx index e435c139b..25903ed8b 100644 --- a/apparmor.d/profiles-m-r/numlockx +++ b/apparmor.d/profiles-m-r/numlockx @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -22,3 +21,5 @@ profile numlockx @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/nvidia-detector b/apparmor.d/profiles-m-r/nvidia-detector index 988a43a10..b0465ef85 100644 --- a/apparmor.d/profiles-m-r/nvidia-detector +++ b/apparmor.d/profiles-m-r/nvidia-detector @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -15,3 +14,5 @@ profile nvidia-detector @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/nvidia-persistenced b/apparmor.d/profiles-m-r/nvidia-persistenced index e91560a51..33dac3dba 100644 --- a/apparmor.d/profiles-m-r/nvidia-persistenced +++ b/apparmor.d/profiles-m-r/nvidia-persistenced @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -26,3 +25,5 @@ profile nvidia-persistenced @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/nvidia-settings b/apparmor.d/profiles-m-r/nvidia-settings index 2aaea25f2..d4bda6123 100644 --- a/apparmor.d/profiles-m-r/nvidia-settings +++ b/apparmor.d/profiles-m-r/nvidia-settings @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -19,4 +18,6 @@ profile nvidia-settings @{exec_path} { /usr/share/pixmaps/{,**} r, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/nvtop b/apparmor.d/profiles-m-r/nvtop index 07710f048..54c9c5959 100644 --- a/apparmor.d/profiles-m-r/nvtop +++ b/apparmor.d/profiles-m-r/nvtop @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -49,4 +48,6 @@ profile nvtop @{exec_path} flags=(attach_disconnected) { /dev/nvidia-caps/nvidia-cap@{int} rw, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/obamenu b/apparmor.d/profiles-m-r/obamenu index 7947beeac..070ac10af 100644 --- a/apparmor.d/profiles-m-r/obamenu +++ b/apparmor.d/profiles-m-r/obamenu @@ -2,7 +2,6 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -27,3 +26,5 @@ profile obamenu @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/obconf b/apparmor.d/profiles-m-r/obconf index 52a449dff..37e94369e 100644 --- a/apparmor.d/profiles-m-r/obconf +++ b/apparmor.d/profiles-m-r/obconf @@ -2,7 +2,6 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -39,3 +38,5 @@ profile obconf @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/obex-folder-listing b/apparmor.d/profiles-m-r/obex-folder-listing index e33ed75c7..7aa4070c5 100644 --- a/apparmor.d/profiles-m-r/obex-folder-listing +++ b/apparmor.d/profiles-m-r/obex-folder-listing @@ -2,7 +2,6 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -23,3 +22,5 @@ profile obex-folder-listing @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/obexautofs b/apparmor.d/profiles-m-r/obexautofs index ba6dc8fa9..972829890 100644 --- a/apparmor.d/profiles-m-r/obexautofs +++ b/apparmor.d/profiles-m-r/obexautofs @@ -2,7 +2,6 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -57,3 +56,5 @@ profile obexautofs @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/obexctl b/apparmor.d/profiles-m-r/obexctl index 1303fe112..d87243b75 100644 --- a/apparmor.d/profiles-m-r/obexctl +++ b/apparmor.d/profiles-m-r/obexctl @@ -2,7 +2,6 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -21,3 +20,5 @@ profile obexctl @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/obexd b/apparmor.d/profiles-m-r/obexd index 8a9d23b5f..9043489eb 100644 --- a/apparmor.d/profiles-m-r/obexd +++ b/apparmor.d/profiles-m-r/obexd @@ -2,7 +2,6 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -34,3 +33,5 @@ profile obexd @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/obexfs b/apparmor.d/profiles-m-r/obexfs index f88a451aa..4a746ecf1 100644 --- a/apparmor.d/profiles-m-r/obexfs +++ b/apparmor.d/profiles-m-r/obexfs @@ -2,7 +2,6 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -53,3 +52,5 @@ profile obexfs @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/obexpush-atd b/apparmor.d/profiles-m-r/obexpush-atd index d6d1878c4..17b0a2d37 100644 --- a/apparmor.d/profiles-m-r/obexpush-atd +++ b/apparmor.d/profiles-m-r/obexpush-atd @@ -2,7 +2,6 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -16,3 +15,5 @@ profile obexpush-atd @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/obexpushd b/apparmor.d/profiles-m-r/obexpushd index 99ca9aaaa..33a922f41 100644 --- a/apparmor.d/profiles-m-r/obexpushd +++ b/apparmor.d/profiles-m-r/obexpushd @@ -2,7 +2,6 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -27,3 +26,5 @@ profile obexpushd @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/obxprop b/apparmor.d/profiles-m-r/obxprop index 1419c3213..724f83de7 100644 --- a/apparmor.d/profiles-m-r/obxprop +++ b/apparmor.d/profiles-m-r/obxprop @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -21,3 +20,5 @@ profile obxprop @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/on-ac-power b/apparmor.d/profiles-m-r/on-ac-power index 8da400ee4..d9b5a412e 100644 --- a/apparmor.d/profiles-m-r/on-ac-power +++ b/apparmor.d/profiles-m-r/on-ac-power @@ -2,7 +2,6 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -30,3 +29,5 @@ profile on-ac-power @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/onefetch b/apparmor.d/profiles-m-r/onefetch index e04ee7bbf..84a68634c 100644 --- a/apparmor.d/profiles-m-r/onefetch +++ b/apparmor.d/profiles-m-r/onefetch @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -24,4 +23,6 @@ profile onefetch @{exec_path} { owner @{PROC}/@{pid}/stat r, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/openbox b/apparmor.d/profiles-m-r/openbox index 08eab7d99..ac0831f05 100644 --- a/apparmor.d/profiles-m-r/openbox +++ b/apparmor.d/profiles-m-r/openbox @@ -2,7 +2,6 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -88,3 +87,5 @@ profile openbox @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/openbox-session b/apparmor.d/profiles-m-r/openbox-session index 85ee6699f..61666f756 100644 --- a/apparmor.d/profiles-m-r/openbox-session +++ b/apparmor.d/profiles-m-r/openbox-session @@ -2,7 +2,6 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -27,3 +26,5 @@ profile openbox-session @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/orage b/apparmor.d/profiles-m-r/orage index f90890d03..571532b4f 100644 --- a/apparmor.d/profiles-m-r/orage +++ b/apparmor.d/profiles-m-r/orage @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -70,3 +69,5 @@ profile orage @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/os-prober b/apparmor.d/profiles-m-r/os-prober index 80ce94cc2..819c4c9bd 100644 --- a/apparmor.d/profiles-m-r/os-prober +++ b/apparmor.d/profiles-m-r/os-prober @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -76,3 +75,5 @@ profile os-prober @{exec_path} flags=(attach_disconnected) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/packagekitd b/apparmor.d/profiles-m-r/packagekitd index 55dcdf74e..b61426196 100644 --- a/apparmor.d/profiles-m-r/packagekitd +++ b/apparmor.d/profiles-m-r/packagekitd @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -154,3 +153,5 @@ profile packagekitd @{exec_path} flags=(attach_disconnected) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/pacmd b/apparmor.d/profiles-m-r/pacmd index 541266aa3..752c3edd7 100644 --- a/apparmor.d/profiles-m-r/pacmd +++ b/apparmor.d/profiles-m-r/pacmd @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -31,3 +30,5 @@ profile pacmd @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/pactl b/apparmor.d/profiles-m-r/pactl index c671e58e4..2f8092a02 100644 --- a/apparmor.d/profiles-m-r/pactl +++ b/apparmor.d/profiles-m-r/pactl @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -32,3 +31,5 @@ profile pactl @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/pagesize b/apparmor.d/profiles-m-r/pagesize index d32fa5949..f6615a71e 100644 --- a/apparmor.d/profiles-m-r/pagesize +++ b/apparmor.d/profiles-m-r/pagesize @@ -2,7 +2,6 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -19,3 +18,5 @@ profile pagesize @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/pam-auth-update b/apparmor.d/profiles-m-r/pam-auth-update index 9a3dcd47e..3d805f24c 100644 --- a/apparmor.d/profiles-m-r/pam-auth-update +++ b/apparmor.d/profiles-m-r/pam-auth-update @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -65,3 +64,5 @@ profile pam-auth-update @{exec_path} flags=(complain) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/pam-tmpdir-helper b/apparmor.d/profiles-m-r/pam-tmpdir-helper index dd598e039..983ca7d42 100644 --- a/apparmor.d/profiles-m-r/pam-tmpdir-helper +++ b/apparmor.d/profiles-m-r/pam-tmpdir-helper @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -23,4 +22,6 @@ profile pam-tmpdir-helper @{exec_path} { /dev/tty@{int} rw, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/pam/mappings b/apparmor.d/profiles-m-r/pam/mappings index fb55deb62..cbcb539ed 100644 --- a/apparmor.d/profiles-m-r/pam/mappings +++ b/apparmor.d/profiles-m-r/pam/mappings @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # See more at: https://gitlab.com/apparmor/apparmor/wikis/Pam_apparmor_example @@ -69,3 +68,5 @@ include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/parted b/apparmor.d/profiles-m-r/parted index 75bcb96ba..c403e7018 100644 --- a/apparmor.d/profiles-m-r/parted +++ b/apparmor.d/profiles-m-r/parted @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -73,3 +72,5 @@ profile parted @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/partprobe b/apparmor.d/profiles-m-r/partprobe index 5e3528c56..d1fade820 100644 --- a/apparmor.d/profiles-m-r/partprobe +++ b/apparmor.d/profiles-m-r/partprobe @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -68,3 +67,5 @@ profile partprobe @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/pass b/apparmor.d/profiles-m-r/pass index f1536ec93..724bd8f38 100644 --- a/apparmor.d/profiles-m-r/pass +++ b/apparmor.d/profiles-m-r/pass @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -158,3 +157,5 @@ profile pass @{exec_path} { include if exists include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/pass-import b/apparmor.d/profiles-m-r/pass-import index e85d2791d..ec77d7ca7 100644 --- a/apparmor.d/profiles-m-r/pass-import +++ b/apparmor.d/profiles-m-r/pass-import @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -40,3 +39,5 @@ profile pass-import @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/passimd b/apparmor.d/profiles-m-r/passimd index 9fa951cdc..8afbac8e5 100644 --- a/apparmor.d/profiles-m-r/passimd +++ b/apparmor.d/profiles-m-r/passimd @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -35,4 +34,6 @@ profile passimd @{exec_path} flags=(attach_disconnected) { @{PROC}/@{pid}/cmdline r, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/passwd b/apparmor.d/profiles-m-r/passwd index b36451c4a..f37f5651d 100644 --- a/apparmor.d/profiles-m-r/passwd +++ b/apparmor.d/profiles-m-r/passwd @@ -2,7 +2,6 @@ # Copyright (C) 2019-2022 Mikhail Morfikov # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -43,3 +42,5 @@ profile passwd @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/pavucontrol b/apparmor.d/profiles-m-r/pavucontrol index b01303799..de3782b09 100644 --- a/apparmor.d/profiles-m-r/pavucontrol +++ b/apparmor.d/profiles-m-r/pavucontrol @@ -2,7 +2,6 @@ # Copyright (C) 2017-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -33,3 +32,5 @@ profile pavucontrol @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/pcb-gtk b/apparmor.d/profiles-m-r/pcb-gtk index 3e334ec2d..99ad50a64 100644 --- a/apparmor.d/profiles-m-r/pcb-gtk +++ b/apparmor.d/profiles-m-r/pcb-gtk @@ -2,7 +2,6 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -44,3 +43,5 @@ profile pcb-gtk @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/pcscd b/apparmor.d/profiles-m-r/pcscd index 3929b5b29..085061b15 100644 --- a/apparmor.d/profiles-m-r/pcscd +++ b/apparmor.d/profiles-m-r/pcscd @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -36,3 +35,5 @@ profile pcscd @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/picom b/apparmor.d/profiles-m-r/picom index b93b344af..124d5c9c3 100644 --- a/apparmor.d/profiles-m-r/picom +++ b/apparmor.d/profiles-m-r/picom @@ -2,7 +2,6 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -38,3 +37,5 @@ profile picom @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/pidof b/apparmor.d/profiles-m-r/pidof index 69666decc..e2ea46e57 100644 --- a/apparmor.d/profiles-m-r/pidof +++ b/apparmor.d/profiles-m-r/pidof @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -31,4 +30,6 @@ profile pidof @{exec_path} { owner /dev/tty@{int} rw, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/pinentry b/apparmor.d/profiles-m-r/pinentry index dd43b948a..c30bc5def 100644 --- a/apparmor.d/profiles-m-r/pinentry +++ b/apparmor.d/profiles-m-r/pinentry @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -20,4 +19,6 @@ profile pinentry @{exec_path} { /etc/pinentry/preexec r, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/pinentry-curses b/apparmor.d/profiles-m-r/pinentry-curses index fb8c28111..1fd585f47 100644 --- a/apparmor.d/profiles-m-r/pinentry-curses +++ b/apparmor.d/profiles-m-r/pinentry-curses @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -19,4 +18,6 @@ profile pinentry-curses @{exec_path} { /usr/share/terminfo/** r, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/pinentry-gnome3 b/apparmor.d/profiles-m-r/pinentry-gnome3 index 642e43a18..d6fc0abb0 100644 --- a/apparmor.d/profiles-m-r/pinentry-gnome3 +++ b/apparmor.d/profiles-m-r/pinentry-gnome3 @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -19,4 +18,6 @@ profile pinentry-gnome3 @{exec_path} { owner @{PROC}/@{pid}/cmdline r, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/pinentry-gtk-2 b/apparmor.d/profiles-m-r/pinentry-gtk-2 index f0a960571..efad3a6f1 100644 --- a/apparmor.d/profiles-m-r/pinentry-gtk-2 +++ b/apparmor.d/profiles-m-r/pinentry-gtk-2 @@ -2,7 +2,6 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -24,3 +23,5 @@ profile pinentry-gtk-2 @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/pinentry-kwallet b/apparmor.d/profiles-m-r/pinentry-kwallet index 1dcc5c70c..235c256a7 100644 --- a/apparmor.d/profiles-m-r/pinentry-kwallet +++ b/apparmor.d/profiles-m-r/pinentry-kwallet @@ -2,7 +2,6 @@ # Copyright (C) 2018-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -52,3 +51,5 @@ profile pinentry-kwallet @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/pinentry-qt b/apparmor.d/profiles-m-r/pinentry-qt index d169bedbb..947350b8a 100644 --- a/apparmor.d/profiles-m-r/pinentry-qt +++ b/apparmor.d/profiles-m-r/pinentry-qt @@ -2,7 +2,6 @@ # Copyright (C) 2018-2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -49,3 +48,5 @@ profile pinentry-qt @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/pkcs11-register b/apparmor.d/profiles-m-r/pkcs11-register index 04c2298ba..9d15a33b2 100644 --- a/apparmor.d/profiles-m-r/pkcs11-register +++ b/apparmor.d/profiles-m-r/pkcs11-register @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -24,3 +23,5 @@ profile pkcs11-register @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/pkexec b/apparmor.d/profiles-m-r/pkexec index e5272cd55..334531ec3 100644 --- a/apparmor.d/profiles-m-r/pkexec +++ b/apparmor.d/profiles-m-r/pkexec @@ -2,7 +2,6 @@ # Copyright (C) 2019-2022 Mikhail Morfikov # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -64,3 +63,5 @@ deny @{user_share_dirs}/gvfs-metadata/* r, include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/pkttyagent b/apparmor.d/profiles-m-r/pkttyagent index ac6a3be06..68c85487b 100644 --- a/apparmor.d/profiles-m-r/pkttyagent +++ b/apparmor.d/profiles-m-r/pkttyagent @@ -2,7 +2,6 @@ # Copyright (C) 2021-2024 Alexandre Pujol # Copyright (C) 2022 Jeroen Rijken # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -34,3 +33,5 @@ profile pkttyagent @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/plank b/apparmor.d/profiles-m-r/plank index 2d677fe19..77bad6788 100644 --- a/apparmor.d/profiles-m-r/plank +++ b/apparmor.d/profiles-m-r/plank @@ -2,7 +2,6 @@ # Copyright (C) 2023 Jeroen Rijken # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -25,3 +24,5 @@ profile plank @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/plocate b/apparmor.d/profiles-m-r/plocate index 574f169d7..e66d0c14c 100644 --- a/apparmor.d/profiles-m-r/plocate +++ b/apparmor.d/profiles-m-r/plocate @@ -2,7 +2,6 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -23,3 +22,5 @@ profile plocate @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/plocate-build b/apparmor.d/profiles-m-r/plocate-build index e5ca94bef..5e81be8a3 100644 --- a/apparmor.d/profiles-m-r/plocate-build +++ b/apparmor.d/profiles-m-r/plocate-build @@ -2,7 +2,6 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -21,3 +20,5 @@ profile plocate-build @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/popularity-contest b/apparmor.d/profiles-m-r/popularity-contest index a243b2241..a4b93d5b5 100644 --- a/apparmor.d/profiles-m-r/popularity-contest +++ b/apparmor.d/profiles-m-r/popularity-contest @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -52,3 +51,5 @@ profile popularity-contest @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/power-profiles-daemon b/apparmor.d/profiles-m-r/power-profiles-daemon index ee1521c69..067968258 100644 --- a/apparmor.d/profiles-m-r/power-profiles-daemon +++ b/apparmor.d/profiles-m-r/power-profiles-daemon @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -48,4 +47,6 @@ profile power-profiles-daemon @{exec_path} flags=(attach_disconnected) { @{sys}/firmware/acpi/pm_profile* rw, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/protonmail-bridge b/apparmor.d/profiles-m-r/protonmail-bridge index b1a9a5919..22aa80d24 100644 --- a/apparmor.d/profiles-m-r/protonmail-bridge +++ b/apparmor.d/profiles-m-r/protonmail-bridge @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # Warning: only the protonmail-bridge CLI and service are supported, NOT the GUI. @@ -79,4 +78,6 @@ profile protonmail-bridge @{exec_path} { } include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/ps b/apparmor.d/profiles-m-r/ps index 3fd5efdcc..bdcd6cee2 100644 --- a/apparmor.d/profiles-m-r/ps +++ b/apparmor.d/profiles-m-r/ps @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -54,3 +53,5 @@ profile ps @{exec_path} flags=(attach_disconnected) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/ps-mem b/apparmor.d/profiles-m-r/ps-mem index c015f077e..f34992ccb 100644 --- a/apparmor.d/profiles-m-r/ps-mem +++ b/apparmor.d/profiles-m-r/ps-mem @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -32,3 +31,5 @@ profile ps-mem @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/pscap b/apparmor.d/profiles-m-r/pscap index 130f6dfdd..8a88b26a4 100644 --- a/apparmor.d/profiles-m-r/pscap +++ b/apparmor.d/profiles-m-r/pscap @@ -2,7 +2,6 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -25,3 +24,5 @@ profile pscap @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/psi b/apparmor.d/profiles-m-r/psi index 51967fb79..90a2e380e 100644 --- a/apparmor.d/profiles-m-r/psi +++ b/apparmor.d/profiles-m-r/psi @@ -2,7 +2,6 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -91,3 +90,5 @@ profile psi @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/psi-plus b/apparmor.d/profiles-m-r/psi-plus index 4117790e9..50a008061 100644 --- a/apparmor.d/profiles-m-r/psi-plus +++ b/apparmor.d/profiles-m-r/psi-plus @@ -2,7 +2,6 @@ # Copyright (C) 2017-2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -91,3 +90,5 @@ profile psi-plus @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/pstree b/apparmor.d/profiles-m-r/pstree index 86ec8536f..a2630d212 100644 --- a/apparmor.d/profiles-m-r/pstree +++ b/apparmor.d/profiles-m-r/pstree @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -29,3 +28,5 @@ profile pstree @{exec_path} flags=(attach_disconnected) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/pulseeffects b/apparmor.d/profiles-m-r/pulseeffects index 7c78de274..0ef899263 100644 --- a/apparmor.d/profiles-m-r/pulseeffects +++ b/apparmor.d/profiles-m-r/pulseeffects @@ -2,7 +2,6 @@ # Copyright (C) 2015-2020 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -39,3 +38,5 @@ profile pulseeffects @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/pwck b/apparmor.d/profiles-m-r/pwck index bba63f378..af459593a 100644 --- a/apparmor.d/profiles-m-r/pwck +++ b/apparmor.d/profiles-m-r/pwck @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -30,3 +29,5 @@ profile pwck @{exec_path} flags=(attach_disconnected) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/qbittorrent b/apparmor.d/profiles-m-r/qbittorrent index 308396ec4..f9502cf75 100644 --- a/apparmor.d/profiles-m-r/qbittorrent +++ b/apparmor.d/profiles-m-r/qbittorrent @@ -2,7 +2,6 @@ # Copyright (C) 2015-2022 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -151,3 +150,5 @@ profile qbittorrent @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/qbittorrent-nox b/apparmor.d/profiles-m-r/qbittorrent-nox index b83fd24e3..87bc84d51 100644 --- a/apparmor.d/profiles-m-r/qbittorrent-nox +++ b/apparmor.d/profiles-m-r/qbittorrent-nox @@ -2,7 +2,6 @@ # Copyright (C) 2015-2020 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -57,3 +56,5 @@ profile qbittorrent-nox @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/qemu-ga b/apparmor.d/profiles-m-r/qemu-ga index 53d8ac0e5..958706374 100644 --- a/apparmor.d/profiles-m-r/qemu-ga +++ b/apparmor.d/profiles-m-r/qemu-ga @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -44,4 +43,6 @@ profile qemu-ga @{exec_path} { /dev/vport@{int}p@{int} rw, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/qnapi b/apparmor.d/profiles-m-r/qnapi index 5e0a76e90..911519459 100644 --- a/apparmor.d/profiles-m-r/qnapi +++ b/apparmor.d/profiles-m-r/qnapi @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -74,3 +73,5 @@ profile qnapi @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/qpdfview b/apparmor.d/profiles-m-r/qpdfview index ee89f9c6d..99a20ac92 100644 --- a/apparmor.d/profiles-m-r/qpdfview +++ b/apparmor.d/profiles-m-r/qpdfview @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -65,3 +64,5 @@ profile qpdfview @{exec_path} { } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/qt5ct b/apparmor.d/profiles-m-r/qt5ct index d4723b920..43964d950 100644 --- a/apparmor.d/profiles-m-r/qt5ct +++ b/apparmor.d/profiles-m-r/qt5ct @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -40,3 +39,5 @@ profile qt5ct @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/qtchooser b/apparmor.d/profiles-m-r/qtchooser index d6e91f17e..2202d8c5f 100644 --- a/apparmor.d/profiles-m-r/qtchooser +++ b/apparmor.d/profiles-m-r/qtchooser @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -24,3 +23,5 @@ profile qtchooser @{exec_path} flags=(complain) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/qtox b/apparmor.d/profiles-m-r/qtox index 2dbaa7d55..e97bcc2ec 100644 --- a/apparmor.d/profiles-m-r/qtox +++ b/apparmor.d/profiles-m-r/qtox @@ -2,7 +2,6 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -59,3 +58,5 @@ profile qtox @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/quiterss b/apparmor.d/profiles-m-r/quiterss index 7fa111f47..f1b6a0f24 100644 --- a/apparmor.d/profiles-m-r/quiterss +++ b/apparmor.d/profiles-m-r/quiterss @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -98,3 +97,5 @@ profile quiterss @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/rdmsr b/apparmor.d/profiles-m-r/rdmsr index 1d092f20b..c3a4a8a22 100644 --- a/apparmor.d/profiles-m-r/rdmsr +++ b/apparmor.d/profiles-m-r/rdmsr @@ -2,7 +2,6 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -21,3 +20,5 @@ profile rdmsr @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/remmina b/apparmor.d/profiles-m-r/remmina index 170df87a3..dcee35f62 100644 --- a/apparmor.d/profiles-m-r/remmina +++ b/apparmor.d/profiles-m-r/remmina @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -61,3 +60,5 @@ profile remmina @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/repo b/apparmor.d/profiles-m-r/repo index 51335d5e0..6f3ba2417 100644 --- a/apparmor.d/profiles-m-r/repo +++ b/apparmor.d/profiles-m-r/repo @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -75,3 +74,5 @@ profile repo @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/reprepro b/apparmor.d/profiles-m-r/reprepro index 76bb0b228..4ef5e6b42 100644 --- a/apparmor.d/profiles-m-r/reprepro +++ b/apparmor.d/profiles-m-r/reprepro @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -71,3 +70,5 @@ profile reprepro @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/resize2fs b/apparmor.d/profiles-m-r/resize2fs index fd449af74..114846812 100644 --- a/apparmor.d/profiles-m-r/resize2fs +++ b/apparmor.d/profiles-m-r/resize2fs @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -29,3 +28,5 @@ profile resize2fs @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/resolvconf b/apparmor.d/profiles-m-r/resolvconf index f7433f7d4..6dfe82b6e 100644 --- a/apparmor.d/profiles-m-r/resolvconf +++ b/apparmor.d/profiles-m-r/resolvconf @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -38,3 +37,5 @@ profile resolvconf @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/rfkill b/apparmor.d/profiles-m-r/rfkill index 96df69bd3..f64dd20ba 100644 --- a/apparmor.d/profiles-m-r/rfkill +++ b/apparmor.d/profiles-m-r/rfkill @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -21,3 +20,5 @@ profile rfkill @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/rngd b/apparmor.d/profiles-m-r/rngd index 4eefee054..764e11ee7 100644 --- a/apparmor.d/profiles-m-r/rngd +++ b/apparmor.d/profiles-m-r/rngd @@ -2,7 +2,6 @@ # Copyright (C) 2021-2024 Alexandre Pujol # Copyright (C) 2022 Jeroen Rijken # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -39,3 +38,5 @@ profile rngd @{exec_path} flags=(attach_disconnected) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/rpi-imager b/apparmor.d/profiles-m-r/rpi-imager index fd7ada167..641217f56 100644 --- a/apparmor.d/profiles-m-r/rpi-imager +++ b/apparmor.d/profiles-m-r/rpi-imager @@ -2,7 +2,6 @@ # Copyright (C) 2017-2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -67,3 +66,5 @@ profile rpi-imager @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/rredtool b/apparmor.d/profiles-m-r/rredtool index 8ffe134be..d8024b279 100644 --- a/apparmor.d/profiles-m-r/rredtool +++ b/apparmor.d/profiles-m-r/rredtool @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -16,3 +15,5 @@ profile rredtool @{exec_path} flags=(complain) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/rsyslogd b/apparmor.d/profiles-m-r/rsyslogd index c93b67254..423e7e41a 100644 --- a/apparmor.d/profiles-m-r/rsyslogd +++ b/apparmor.d/profiles-m-r/rsyslogd @@ -2,7 +2,6 @@ # Copyright (C) 2018-2021 Mikhail Morfikov # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -50,3 +49,5 @@ profile rsyslogd @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/rtkit-daemon b/apparmor.d/profiles-m-r/rtkit-daemon index 9c58a9548..21e715579 100644 --- a/apparmor.d/profiles-m-r/rtkit-daemon +++ b/apparmor.d/profiles-m-r/rtkit-daemon @@ -2,7 +2,6 @@ # Copyright (C) 2018-2022 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -38,3 +37,5 @@ profile rtkit-daemon @{exec_path} flags=(attach_disconnected) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/rtkitctl b/apparmor.d/profiles-m-r/rtkitctl index 8a45f0339..d855c0a35 100644 --- a/apparmor.d/profiles-m-r/rtkitctl +++ b/apparmor.d/profiles-m-r/rtkitctl @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -16,3 +15,5 @@ profile rtkitctl @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/run-parts b/apparmor.d/profiles-m-r/run-parts index 135b56622..8fe649ff5 100644 --- a/apparmor.d/profiles-m-r/run-parts +++ b/apparmor.d/profiles-m-r/run-parts @@ -3,7 +3,6 @@ # Copyright (C) 2022-2024 Alexandre Pujol # Copyright (C) 2022 Jeroen Rijken # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -241,3 +240,5 @@ profile run-parts @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/runuser b/apparmor.d/profiles-m-r/runuser index 3992c1993..97100f32a 100644 --- a/apparmor.d/profiles-m-r/runuser +++ b/apparmor.d/profiles-m-r/runuser @@ -2,7 +2,6 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -50,3 +49,5 @@ profile runuser @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/rustdesk b/apparmor.d/profiles-m-r/rustdesk index 718b8fe3b..956aaeaa4 100644 --- a/apparmor.d/profiles-m-r/rustdesk +++ b/apparmor.d/profiles-m-r/rustdesk @@ -1,6 +1,5 @@ # apparmor.d - Full set of apparmor profiles # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -135,3 +134,5 @@ profile rustdesk_shell { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-m-r/rustdesk-utils b/apparmor.d/profiles-m-r/rustdesk-utils index 102536379..0707f9c8f 100644 --- a/apparmor.d/profiles-m-r/rustdesk-utils +++ b/apparmor.d/profiles-m-r/rustdesk-utils @@ -1,6 +1,5 @@ # apparmor.d - Full set of apparmor profiles # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -19,3 +18,5 @@ profile rustdesk-utils @{exec_path} { include if exists } + +# vim:syntax=apparmor From 1517ff0296c04c6a86afacb44406c3d83bb94cea Mon Sep 17 00:00:00 2001 From: REmerald <55359236+REmerald@users.noreply.github.com> Date: Sun, 9 Jun 2024 16:13:59 +0300 Subject: [PATCH 35/52] feat(tunables): vim syntax support Add vim syntax highlighting support introduced in the apparmor package --- apparmor.d/tunables/home.d/apparmor.d | 1 + apparmor.d/tunables/home.d/whonix | 1 + apparmor.d/tunables/multiarch.d/paths | 1 + apparmor.d/tunables/multiarch.d/profiles | 1 + apparmor.d/tunables/multiarch.d/programs | 1 + apparmor.d/tunables/multiarch.d/system | 1 + apparmor.d/tunables/multiarch.d/system-users | 1 + apparmor.d/tunables/xdg-user-dirs.d/apparmor.d | 1 + 8 files changed, 8 insertions(+) diff --git a/apparmor.d/tunables/home.d/apparmor.d b/apparmor.d/tunables/home.d/apparmor.d index 52b30897e..fb68ff20d 100644 --- a/apparmor.d/tunables/home.d/apparmor.d +++ b/apparmor.d/tunables/home.d/apparmor.d @@ -2,6 +2,7 @@ # Extended user XDG directories definition # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # To allow extended personalisation by the user without breaking everything. # All apparmor profiles should always use the variables defined here. diff --git a/apparmor.d/tunables/home.d/whonix b/apparmor.d/tunables/home.d/whonix index f462036f9..2b902472f 100644 --- a/apparmor.d/tunables/home.d/whonix +++ b/apparmor.d/tunables/home.d/whonix @@ -2,6 +2,7 @@ # Copyright (C) 2012-2023 ENCRYPTED SUPPORT LP # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # Whonix aliases copied here as they conflict with apparmor.d # Note: only installed on Whonix diff --git a/apparmor.d/tunables/multiarch.d/paths b/apparmor.d/tunables/multiarch.d/paths index 45dfea041..02e21be77 100644 --- a/apparmor.d/tunables/multiarch.d/paths +++ b/apparmor.d/tunables/multiarch.d/paths @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # Define some paths for some commonly used programs diff --git a/apparmor.d/tunables/multiarch.d/profiles b/apparmor.d/tunables/multiarch.d/profiles index 5a8348110..72d8b715d 100644 --- a/apparmor.d/tunables/multiarch.d/profiles +++ b/apparmor.d/tunables/multiarch.d/profiles @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # Define some variables for some commonly used profile. They may be used in # other profiles peer label. diff --git a/apparmor.d/tunables/multiarch.d/programs b/apparmor.d/tunables/multiarch.d/programs index 33feb30e6..2d5513e2a 100644 --- a/apparmor.d/tunables/multiarch.d/programs +++ b/apparmor.d/tunables/multiarch.d/programs @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # Define some some commonly used programs. This is not an exhaustive list. # It is meant to label programs to easily provide access in profiles. diff --git a/apparmor.d/tunables/multiarch.d/system b/apparmor.d/tunables/multiarch.d/system index 300a46b84..10b35c52c 100644 --- a/apparmor.d/tunables/multiarch.d/system +++ b/apparmor.d/tunables/multiarch.d/system @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # To allow extended personalisation without breaking everything. # All apparmor profiles should always use the variables defined here. diff --git a/apparmor.d/tunables/multiarch.d/system-users b/apparmor.d/tunables/multiarch.d/system-users index f39013def..2f90d6c6a 100644 --- a/apparmor.d/tunables/multiarch.d/system-users +++ b/apparmor.d/tunables/multiarch.d/system-users @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # Define some extra paths for some commonly used system user diff --git a/apparmor.d/tunables/xdg-user-dirs.d/apparmor.d b/apparmor.d/tunables/xdg-user-dirs.d/apparmor.d index 2c1fedea0..1f0514bd5 100644 --- a/apparmor.d/tunables/xdg-user-dirs.d/apparmor.d +++ b/apparmor.d/tunables/xdg-user-dirs.d/apparmor.d @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # To allow extended personalisation by the user without breaking everything. # All apparmor profiles should always use the variables defined here. From 6b5475c7f257627a7aebff96e3600c93c55f0129 Mon Sep 17 00:00:00 2001 From: REmerald <55359236+REmerald@users.noreply.github.com> Date: Sun, 9 Jun 2024 16:17:55 +0300 Subject: [PATCH 36/52] feat(abstractions): vim syntax highlighting Add vim syntax support. See man apparmor.vim(5) --- apparmor.d/abstractions/X-strict | 1 + apparmor.d/abstractions/X.d/complete | 1 + apparmor.d/abstractions/app-launcher-root | 1 + apparmor.d/abstractions/app-launcher-user | 1 + apparmor.d/abstractions/app-open | 1 + apparmor.d/abstractions/app/chromium | 1 + apparmor.d/abstractions/app/editor | 1 + apparmor.d/abstractions/app/firefox | 1 + apparmor.d/abstractions/app/open | 1 + apparmor.d/abstractions/app/pgrep | 1 + apparmor.d/abstractions/app/sudo | 1 + apparmor.d/abstractions/app/systemctl | 1 + apparmor.d/abstractions/audio-client | 1 + apparmor.d/abstractions/audio-server | 1 + apparmor.d/abstractions/audio.d/complete | 1 + apparmor.d/abstractions/authentication.d/complete | 1 + apparmor.d/abstractions/base.d/complete | 1 + apparmor.d/abstractions/bash-strict | 1 + apparmor.d/abstractions/bash.d/complete | 1 + apparmor.d/abstractions/bus-accessibility | 1 + apparmor.d/abstractions/bus-session | 1 + apparmor.d/abstractions/bus-system | 1 + apparmor.d/abstractions/bus/com.canonical.Unity.LauncherEntry | 1 + apparmor.d/abstractions/bus/com.canonical.dbusmenu | 1 + apparmor.d/abstractions/bus/fi.w1.wpa_supplicant1 | 1 + apparmor.d/abstractions/bus/net.hadess.PowerProfiles | 1 + apparmor.d/abstractions/bus/net.hadess.SwitcherooControl | 1 + apparmor.d/abstractions/bus/net.reactivated.Fprint | 1 + apparmor.d/abstractions/bus/org.a11y | 1 + apparmor.d/abstractions/bus/org.bluez | 1 + apparmor.d/abstractions/bus/org.freedesktop.Accounts | 1 + apparmor.d/abstractions/bus/org.freedesktop.Avahi | 1 + apparmor.d/abstractions/bus/org.freedesktop.ColorManager | 1 + apparmor.d/abstractions/bus/org.freedesktop.FileManager1 | 1 + apparmor.d/abstractions/bus/org.freedesktop.GeoClue2 | 1 + apparmor.d/abstractions/bus/org.freedesktop.ModemManager1 | 1 + apparmor.d/abstractions/bus/org.freedesktop.NetworkManager | 1 + apparmor.d/abstractions/bus/org.freedesktop.Notifications | 1 + apparmor.d/abstractions/bus/org.freedesktop.PackageKit | 1 + apparmor.d/abstractions/bus/org.freedesktop.PolicyKit1 | 1 + apparmor.d/abstractions/bus/org.freedesktop.RealtimeKit1 | 1 + apparmor.d/abstractions/bus/org.freedesktop.ScreenSaver | 1 + apparmor.d/abstractions/bus/org.freedesktop.Tracker3.Miner.Files | 1 + apparmor.d/abstractions/bus/org.freedesktop.UDisks2 | 1 + apparmor.d/abstractions/bus/org.freedesktop.UPower | 1 + apparmor.d/abstractions/bus/org.freedesktop.background.Monitor | 1 + apparmor.d/abstractions/bus/org.freedesktop.hostname1 | 1 + .../abstractions/bus/org.freedesktop.impl.portal.PermissionStore | 1 + apparmor.d/abstractions/bus/org.freedesktop.locale1 | 1 + apparmor.d/abstractions/bus/org.freedesktop.login1 | 1 + apparmor.d/abstractions/bus/org.freedesktop.login1.Session | 1 + apparmor.d/abstractions/bus/org.freedesktop.network1 | 1 + apparmor.d/abstractions/bus/org.freedesktop.portal.Desktop | 1 + apparmor.d/abstractions/bus/org.freedesktop.resolve1 | 1 + apparmor.d/abstractions/bus/org.freedesktop.secrets | 1 + apparmor.d/abstractions/bus/org.freedesktop.systemd1 | 1 + apparmor.d/abstractions/bus/org.freedesktop.systemd1-session | 1 + apparmor.d/abstractions/bus/org.freedesktop.timedate1 | 1 + apparmor.d/abstractions/bus/org.gnome.ArchiveManager1 | 1 + apparmor.d/abstractions/bus/org.gnome.DisplayManager | 1 + apparmor.d/abstractions/bus/org.gnome.Mutter.DisplayConfig | 1 + apparmor.d/abstractions/bus/org.gnome.Mutter.IdleMonitor | 1 + apparmor.d/abstractions/bus/org.gnome.Nautilus.FileOperations2 | 1 + apparmor.d/abstractions/bus/org.gnome.ScreenSaver | 1 + apparmor.d/abstractions/bus/org.gnome.SessionManager | 1 + apparmor.d/abstractions/bus/org.gnome.Shell.Introspect | 1 + apparmor.d/abstractions/bus/org.gtk.Private.RemoteVolumeMonitor | 1 + apparmor.d/abstractions/bus/org.gtk.vfs.Daemon | 1 + apparmor.d/abstractions/bus/org.gtk.vfs.Metadata | 1 + apparmor.d/abstractions/bus/org.gtk.vfs.MountTracker | 1 + apparmor.d/abstractions/bus/org.kde.StatusNotifierItem | 1 + apparmor.d/abstractions/bus/org.kde.StatusNotifierWatcher | 1 + apparmor.d/abstractions/bus/org.kde.kwalletd | 1 + apparmor.d/abstractions/common/app | 1 + apparmor.d/abstractions/common/apt | 1 + apparmor.d/abstractions/common/bwrap | 1 + apparmor.d/abstractions/common/chromium | 1 + apparmor.d/abstractions/common/electron | 1 + apparmor.d/abstractions/common/gnome | 1 + apparmor.d/abstractions/common/systemd | 1 + apparmor.d/abstractions/crypto.d/complete | 1 + apparmor.d/abstractions/dconf-write | 1 + apparmor.d/abstractions/deny-sensitive-home | 1 + apparmor.d/abstractions/desktop | 1 + apparmor.d/abstractions/devices-usb | 1 + apparmor.d/abstractions/disks-read | 1 + apparmor.d/abstractions/disks-write | 1 + apparmor.d/abstractions/dri | 1 + apparmor.d/abstractions/fish | 1 + apparmor.d/abstractions/fontconfig-cache-read | 1 + apparmor.d/abstractions/fontconfig-cache-write | 1 + apparmor.d/abstractions/freedesktop.org.d/complete | 1 + apparmor.d/abstractions/gnome-strict | 1 + apparmor.d/abstractions/gnome.d/complete | 1 + apparmor.d/abstractions/graphics | 1 + apparmor.d/abstractions/graphics-full | 1 + apparmor.d/abstractions/gstreamer | 1 + apparmor.d/abstractions/gtk.d/complete | 1 + apparmor.d/abstractions/ibus.d/complete | 1 + apparmor.d/abstractions/kde-open5.d/complete | 1 + apparmor.d/abstractions/kde-strict | 1 + apparmor.d/abstractions/mesa.d/complete | 1 + apparmor.d/abstractions/nameservice-strict | 1 + apparmor.d/abstractions/nvidia-strict | 1 + apparmor.d/abstractions/nvidia.d/complete | 1 + apparmor.d/abstractions/opencl-intel.d/complete | 1 + apparmor.d/abstractions/python.d/complete | 1 + apparmor.d/abstractions/qt5-shader-cache | 1 + apparmor.d/abstractions/qt5.d/complete | 1 + apparmor.d/abstractions/shells | 1 + apparmor.d/abstractions/thumbnails-cache-read | 1 + apparmor.d/abstractions/thumbnails-cache-write | 1 + apparmor.d/abstractions/trash-strict | 1 + apparmor.d/abstractions/trash.d/complete | 1 + apparmor.d/abstractions/uim | 1 + apparmor.d/abstractions/user-download-strict | 1 + apparmor.d/abstractions/user-read | 1 + apparmor.d/abstractions/user-read-strict | 1 + apparmor.d/abstractions/user-write-strict | 1 + apparmor.d/abstractions/user-write.d/complete | 1 + apparmor.d/abstractions/video.d/complete | 1 + apparmor.d/abstractions/vulkan-strict | 1 + apparmor.d/abstractions/vulkan.d/complete | 1 + apparmor.d/abstractions/wayland.d/complete | 1 + apparmor.d/abstractions/xfce | 1 + apparmor.d/abstractions/zsh | 1 + 126 files changed, 126 insertions(+) diff --git a/apparmor.d/abstractions/X-strict b/apparmor.d/abstractions/X-strict index 5ae7743fd..a2922b40a 100644 --- a/apparmor.d/abstractions/X-strict +++ b/apparmor.d/abstractions/X-strict @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # The unix socket to use to connect to the display unix (connect, receive, send) type=stream peer=(addr="@/tmp/.X11-unix/X[0-9]*"), diff --git a/apparmor.d/abstractions/X.d/complete b/apparmor.d/abstractions/X.d/complete index 0b654a761..533a132b9 100644 --- a/apparmor.d/abstractions/X.d/complete +++ b/apparmor.d/abstractions/X.d/complete @@ -2,6 +2,7 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # Available Xsessions /usr/share/xsessions/{,*.desktop} r, diff --git a/apparmor.d/abstractions/app-launcher-root b/apparmor.d/abstractions/app-launcher-root index 69bcf9007..0f5bf70eb 100644 --- a/apparmor.d/abstractions/app-launcher-root +++ b/apparmor.d/abstractions/app-launcher-root @@ -2,6 +2,7 @@ # Copyright (C) 2020-2022 Mikhail Morfikov # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor @{bin}/* PUx, /usr/local/{s,}bin/* PUx, diff --git a/apparmor.d/abstractions/app-launcher-user b/apparmor.d/abstractions/app-launcher-user index 4a6c795d6..062cd0967 100644 --- a/apparmor.d/abstractions/app-launcher-user +++ b/apparmor.d/abstractions/app-launcher-user @@ -2,6 +2,7 @@ # Copyright (C) 2020-2022 Mikhail Morfikov # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor @{bin}/* PUx, /opt/*/** PUx, diff --git a/apparmor.d/abstractions/app-open b/apparmor.d/abstractions/app-open index df0eac9a6..827722575 100644 --- a/apparmor.d/abstractions/app-open +++ b/apparmor.d/abstractions/app-open @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # Instead of allowing the run of all software in @{bin}/, @{lib} the purpose of # this abstraction is to list all GUI program that can open resources. diff --git a/apparmor.d/abstractions/app/chromium b/apparmor.d/abstractions/app/chromium index fec42ba98..c69e893ea 100644 --- a/apparmor.d/abstractions/app/chromium +++ b/apparmor.d/abstractions/app/chromium @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # Full set of rules for all chromium based browsers. It works as a *function* # and requires some variables to be provided as *arguments* and set in the diff --git a/apparmor.d/abstractions/app/editor b/apparmor.d/abstractions/app/editor index 9b9933b1a..1ec287505 100644 --- a/apparmor.d/abstractions/app/editor +++ b/apparmor.d/abstractions/app/editor @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Zane Zakraisek # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor include diff --git a/apparmor.d/abstractions/app/firefox b/apparmor.d/abstractions/app/firefox index 578689aa4..4bb1311b7 100644 --- a/apparmor.d/abstractions/app/firefox +++ b/apparmor.d/abstractions/app/firefox @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # Full set of rules for all firefox based browsers. It works as a *function* # and requires some variables to be provided as *arguments* and set in the diff --git a/apparmor.d/abstractions/app/open b/apparmor.d/abstractions/app/open index 0cbb75171..b68c979d0 100644 --- a/apparmor.d/abstractions/app/open +++ b/apparmor.d/abstractions/app/open @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # Full set of rules for child-open-* profiles. diff --git a/apparmor.d/abstractions/app/pgrep b/apparmor.d/abstractions/app/pgrep index a225ce11b..9d722ee42 100644 --- a/apparmor.d/abstractions/app/pgrep +++ b/apparmor.d/abstractions/app/pgrep @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # Minimal set of rules for pgrep. diff --git a/apparmor.d/abstractions/app/sudo b/apparmor.d/abstractions/app/sudo index f792fc085..6529f5bcb 100644 --- a/apparmor.d/abstractions/app/sudo +++ b/apparmor.d/abstractions/app/sudo @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # Minimal set of rules for sudo. Interactive sudo need more rules. diff --git a/apparmor.d/abstractions/app/systemctl b/apparmor.d/abstractions/app/systemctl index aa1e8eff4..e486670c0 100644 --- a/apparmor.d/abstractions/app/systemctl +++ b/apparmor.d/abstractions/app/systemctl @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor include include diff --git a/apparmor.d/abstractions/audio-client b/apparmor.d/abstractions/audio-client index c5734f6f8..1733cdbe0 100644 --- a/apparmor.d/abstractions/audio-client +++ b/apparmor.d/abstractions/audio-client @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # Most programs do not need access to audio devices, audio-client only includes # configuration files to be used by client applications. diff --git a/apparmor.d/abstractions/audio-server b/apparmor.d/abstractions/audio-server index 22aa6837c..cfb6804e3 100644 --- a/apparmor.d/abstractions/audio-server +++ b/apparmor.d/abstractions/audio-server @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # Provide access to audio devices. It should only be used by audio servers that # need direct access to them. diff --git a/apparmor.d/abstractions/audio.d/complete b/apparmor.d/abstractions/audio.d/complete index 51838adcc..e115e1045 100644 --- a/apparmor.d/abstractions/audio.d/complete +++ b/apparmor.d/abstractions/audio.d/complete @@ -2,6 +2,7 @@ # Copyright (C) 2020-2022 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # PulseAudio module-ladspa-sink (plugin sc4m_1916) @{lib}/ladspa/ r, diff --git a/apparmor.d/abstractions/authentication.d/complete b/apparmor.d/abstractions/authentication.d/complete index a6a4e3757..831ad3df8 100644 --- a/apparmor.d/abstractions/authentication.d/complete +++ b/apparmor.d/abstractions/authentication.d/complete @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor @{bin}/pam-tmpdir-helper rPx, diff --git a/apparmor.d/abstractions/base.d/complete b/apparmor.d/abstractions/base.d/complete index e758d050b..e0e9f7227 100644 --- a/apparmor.d/abstractions/base.d/complete +++ b/apparmor.d/abstractions/base.d/complete @@ -2,6 +2,7 @@ # Copyright (C) 2020-2022 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # Allow to receive some signals from new well-known profiles signal (receive) peer=btop, diff --git a/apparmor.d/abstractions/bash-strict b/apparmor.d/abstractions/bash-strict index 86e9fc50b..e79dd7091 100644 --- a/apparmor.d/abstractions/bash-strict +++ b/apparmor.d/abstractions/bash-strict @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # This abstraction is only required when an interactive shell is started. # Classic shell scripts do not need it. diff --git a/apparmor.d/abstractions/bash.d/complete b/apparmor.d/abstractions/bash.d/complete index b8016f6d3..014535a31 100644 --- a/apparmor.d/abstractions/bash.d/complete +++ b/apparmor.d/abstractions/bash.d/complete @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor /usr/share/bash-completion/{,**} r, diff --git a/apparmor.d/abstractions/bus-accessibility b/apparmor.d/abstractions/bus-accessibility index d69c9501a..e38e6c223 100644 --- a/apparmor.d/abstractions/bus-accessibility +++ b/apparmor.d/abstractions/bus-accessibility @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=accessibility path=/org/freedesktop/DBus interface=org.freedesktop.DBus diff --git a/apparmor.d/abstractions/bus-session b/apparmor.d/abstractions/bus-session index f8d6ba37f..ed64ad22e 100644 --- a/apparmor.d/abstractions/bus-session +++ b/apparmor.d/abstractions/bus-session @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor unix (bind, listen) type=stream addr="@/tmp/dbus-*", unix (connect, send, receive, accept) type=stream addr="@/tmp/dbus-*", diff --git a/apparmor.d/abstractions/bus-system b/apparmor.d/abstractions/bus-system index 6d2a16beb..9dbc80371 100644 --- a/apparmor.d/abstractions/bus-system +++ b/apparmor.d/abstractions/bus-system @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=system path=/org/freedesktop/DBus interface=org.freedesktop.DBus diff --git a/apparmor.d/abstractions/bus/com.canonical.Unity.LauncherEntry b/apparmor.d/abstractions/bus/com.canonical.Unity.LauncherEntry index a763bc5c1..0f6953254 100644 --- a/apparmor.d/abstractions/bus/com.canonical.Unity.LauncherEntry +++ b/apparmor.d/abstractions/bus/com.canonical.Unity.LauncherEntry @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # Access required for connecting to/communicating with the Unity Launcher diff --git a/apparmor.d/abstractions/bus/com.canonical.dbusmenu b/apparmor.d/abstractions/bus/com.canonical.dbusmenu index e3ad37725..e28a878a0 100644 --- a/apparmor.d/abstractions/bus/com.canonical.dbusmenu +++ b/apparmor.d/abstractions/bus/com.canonical.dbusmenu @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor include if exists diff --git a/apparmor.d/abstractions/bus/fi.w1.wpa_supplicant1 b/apparmor.d/abstractions/bus/fi.w1.wpa_supplicant1 index 50cbab8a0..c6c5b5c5b 100644 --- a/apparmor.d/abstractions/bus/fi.w1.wpa_supplicant1 +++ b/apparmor.d/abstractions/bus/fi.w1.wpa_supplicant1 @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=system path=/fi/w1/wpa_supplicant1 interface=org.freedesktop.DBus.Properties diff --git a/apparmor.d/abstractions/bus/net.hadess.PowerProfiles b/apparmor.d/abstractions/bus/net.hadess.PowerProfiles index 38922c8b0..1e046af3a 100644 --- a/apparmor.d/abstractions/bus/net.hadess.PowerProfiles +++ b/apparmor.d/abstractions/bus/net.hadess.PowerProfiles @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=system path=/net/hadess/PowerProfiles interface=org.freedesktop.DBus.Properties diff --git a/apparmor.d/abstractions/bus/net.hadess.SwitcherooControl b/apparmor.d/abstractions/bus/net.hadess.SwitcherooControl index ad2e358a2..185117e4d 100644 --- a/apparmor.d/abstractions/bus/net.hadess.SwitcherooControl +++ b/apparmor.d/abstractions/bus/net.hadess.SwitcherooControl @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=system path=/net/hadess/SwitcherooControl interface=org.freedesktop.DBus.Properties diff --git a/apparmor.d/abstractions/bus/net.reactivated.Fprint b/apparmor.d/abstractions/bus/net.reactivated.Fprint index 17374de8b..2b0c63376 100644 --- a/apparmor.d/abstractions/bus/net.reactivated.Fprint +++ b/apparmor.d/abstractions/bus/net.reactivated.Fprint @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=system path=/net/reactivated/Fprint/Manager interface=net.reactivated.Fprint.Manager diff --git a/apparmor.d/abstractions/bus/org.a11y b/apparmor.d/abstractions/bus/org.a11y index 616029386..306c2291d 100644 --- a/apparmor.d/abstractions/bus/org.a11y +++ b/apparmor.d/abstractions/bus/org.a11y @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # Accessibility bus diff --git a/apparmor.d/abstractions/bus/org.bluez b/apparmor.d/abstractions/bus/org.bluez index 2417fb4e2..3a53931e6 100644 --- a/apparmor.d/abstractions/bus/org.bluez +++ b/apparmor.d/abstractions/bus/org.bluez @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus receive bus=system path=/ interface=org.freedesktop.DBus.ObjectManager diff --git a/apparmor.d/abstractions/bus/org.freedesktop.Accounts b/apparmor.d/abstractions/bus/org.freedesktop.Accounts index c6ffc74bc..b53276bbd 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.Accounts +++ b/apparmor.d/abstractions/bus/org.freedesktop.Accounts @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=system path=/org/freedesktop/Accounts interface=org.freedesktop.Accounts diff --git a/apparmor.d/abstractions/bus/org.freedesktop.Avahi b/apparmor.d/abstractions/bus/org.freedesktop.Avahi index fc7be18e4..82827f6bb 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.Avahi +++ b/apparmor.d/abstractions/bus/org.freedesktop.Avahi @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=system path=/ interface=org.freedesktop.DBus.Peer diff --git a/apparmor.d/abstractions/bus/org.freedesktop.ColorManager b/apparmor.d/abstractions/bus/org.freedesktop.ColorManager index c8563e40a..e4ec4c47c 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.ColorManager +++ b/apparmor.d/abstractions/bus/org.freedesktop.ColorManager @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=system path=/org/freedesktop/ColorManager interface=org.freedesktop.ColorManager diff --git a/apparmor.d/abstractions/bus/org.freedesktop.FileManager1 b/apparmor.d/abstractions/bus/org.freedesktop.FileManager1 index 326c65849..a25a1600c 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.FileManager1 +++ b/apparmor.d/abstractions/bus/org.freedesktop.FileManager1 @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=session path=/org/freedesktop/FileManager1 interface=org.freedesktop.DBus.Properties diff --git a/apparmor.d/abstractions/bus/org.freedesktop.GeoClue2 b/apparmor.d/abstractions/bus/org.freedesktop.GeoClue2 index 7ebcca741..714ee8c22 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.GeoClue2 +++ b/apparmor.d/abstractions/bus/org.freedesktop.GeoClue2 @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=system path=/org/freedesktop/GeoClue2/Manager interface=org.freedesktop.DBus.Properties diff --git a/apparmor.d/abstractions/bus/org.freedesktop.ModemManager1 b/apparmor.d/abstractions/bus/org.freedesktop.ModemManager1 index 75ee94bf8..655d50d97 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.ModemManager1 +++ b/apparmor.d/abstractions/bus/org.freedesktop.ModemManager1 @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=system path=/org/freedesktop/ModemManager1 interface=org.freedesktop.DBus.ObjectManager diff --git a/apparmor.d/abstractions/bus/org.freedesktop.NetworkManager b/apparmor.d/abstractions/bus/org.freedesktop.NetworkManager index d37f276b6..6bed5af41 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.NetworkManager +++ b/apparmor.d/abstractions/bus/org.freedesktop.NetworkManager @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=system path=/org/freedesktop interface=org.freedesktop.DBus.ObjectManager diff --git a/apparmor.d/abstractions/bus/org.freedesktop.Notifications b/apparmor.d/abstractions/bus/org.freedesktop.Notifications index c6d8fc6a6..c898fa710 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.Notifications +++ b/apparmor.d/abstractions/bus/org.freedesktop.Notifications @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=session path=/org/freedesktop/Notifications interface=org.freedesktop.DBus.Properties diff --git a/apparmor.d/abstractions/bus/org.freedesktop.PackageKit b/apparmor.d/abstractions/bus/org.freedesktop.PackageKit index 6775a6e6f..304546862 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.PackageKit +++ b/apparmor.d/abstractions/bus/org.freedesktop.PackageKit @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=system path=/org/freedesktop/PackageKit interface=org.freedesktop.DBus.Properties diff --git a/apparmor.d/abstractions/bus/org.freedesktop.PolicyKit1 b/apparmor.d/abstractions/bus/org.freedesktop.PolicyKit1 index 6f05ae688..2b1dce959 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.PolicyKit1 +++ b/apparmor.d/abstractions/bus/org.freedesktop.PolicyKit1 @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus receive bus=system path=/org/freedesktop/PolicyKit1/Authority interface=org.freedesktop.PolicyKit1.Authority diff --git a/apparmor.d/abstractions/bus/org.freedesktop.RealtimeKit1 b/apparmor.d/abstractions/bus/org.freedesktop.RealtimeKit1 index 9a0fdf9f2..aa344f841 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.RealtimeKit1 +++ b/apparmor.d/abstractions/bus/org.freedesktop.RealtimeKit1 @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=system path=/org/freedesktop/RealtimeKit1 interface=org.freedesktop.DBus.Properties diff --git a/apparmor.d/abstractions/bus/org.freedesktop.ScreenSaver b/apparmor.d/abstractions/bus/org.freedesktop.ScreenSaver index f3029c0b7..eee573b3f 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.ScreenSaver +++ b/apparmor.d/abstractions/bus/org.freedesktop.ScreenSaver @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=session path=/ScreenSaver interface=org.freedesktop.ScreenSaver diff --git a/apparmor.d/abstractions/bus/org.freedesktop.Tracker3.Miner.Files b/apparmor.d/abstractions/bus/org.freedesktop.Tracker3.Miner.Files index 82124c494..36cac015e 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.Tracker3.Miner.Files +++ b/apparmor.d/abstractions/bus/org.freedesktop.Tracker3.Miner.Files @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=session path=/org/freedesktop/Tracker3/Endpoint interface=org.freedesktop.DBus.Peer diff --git a/apparmor.d/abstractions/bus/org.freedesktop.UDisks2 b/apparmor.d/abstractions/bus/org.freedesktop.UDisks2 index 956356c55..a1558529b 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.UDisks2 +++ b/apparmor.d/abstractions/bus/org.freedesktop.UDisks2 @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=system path=/org/freedesktop/UDisks2 interface=org.freedesktop.DBus.ObjectManager diff --git a/apparmor.d/abstractions/bus/org.freedesktop.UPower b/apparmor.d/abstractions/bus/org.freedesktop.UPower index 3d0963ae8..2cdf18362 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.UPower +++ b/apparmor.d/abstractions/bus/org.freedesktop.UPower @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=system path=/org/freedesktop/UPower interface=org.freedesktop.UPower diff --git a/apparmor.d/abstractions/bus/org.freedesktop.background.Monitor b/apparmor.d/abstractions/bus/org.freedesktop.background.Monitor index 374c0693b..9b094aac4 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.background.Monitor +++ b/apparmor.d/abstractions/bus/org.freedesktop.background.Monitor @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=session path=/org/freedesktop/background/monitor interface=org.freedesktop.DBus.Properties diff --git a/apparmor.d/abstractions/bus/org.freedesktop.hostname1 b/apparmor.d/abstractions/bus/org.freedesktop.hostname1 index 8544b5036..360440016 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.hostname1 +++ b/apparmor.d/abstractions/bus/org.freedesktop.hostname1 @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=system path=/org/freedesktop/hostname1 interface=org.freedesktop.DBus.Properties diff --git a/apparmor.d/abstractions/bus/org.freedesktop.impl.portal.PermissionStore b/apparmor.d/abstractions/bus/org.freedesktop.impl.portal.PermissionStore index 5176d3f33..f294e038d 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.impl.portal.PermissionStore +++ b/apparmor.d/abstractions/bus/org.freedesktop.impl.portal.PermissionStore @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=session path=/org/freedesktop/impl/portal/PermissionStore interface=org.freedesktop.DBus.Properties diff --git a/apparmor.d/abstractions/bus/org.freedesktop.locale1 b/apparmor.d/abstractions/bus/org.freedesktop.locale1 index 6d8c9649e..cc86d16a5 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.locale1 +++ b/apparmor.d/abstractions/bus/org.freedesktop.locale1 @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=system path=/org/freedesktop/locale1 interface=org.freedesktop.DBus.Properties diff --git a/apparmor.d/abstractions/bus/org.freedesktop.login1 b/apparmor.d/abstractions/bus/org.freedesktop.login1 index 67d24772a..3ecc5e5bd 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.login1 +++ b/apparmor.d/abstractions/bus/org.freedesktop.login1 @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=system path=/org/freedesktop/login1 interface=org.freedesktop.DBus.Properties diff --git a/apparmor.d/abstractions/bus/org.freedesktop.login1.Session b/apparmor.d/abstractions/bus/org.freedesktop.login1.Session index 6541fb803..0c5559e20 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.login1.Session +++ b/apparmor.d/abstractions/bus/org.freedesktop.login1.Session @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=system path=/org/freedesktop/login1 interface=org.freedesktop.login1.Manager diff --git a/apparmor.d/abstractions/bus/org.freedesktop.network1 b/apparmor.d/abstractions/bus/org.freedesktop.network1 index 7abc771f2..67c2c4012 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.network1 +++ b/apparmor.d/abstractions/bus/org.freedesktop.network1 @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=system path=/org/freedesktop/network1 interface=org.freedesktop.DBus.Properties diff --git a/apparmor.d/abstractions/bus/org.freedesktop.portal.Desktop b/apparmor.d/abstractions/bus/org.freedesktop.portal.Desktop index 5ce45ef8f..949527dbf 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.portal.Desktop +++ b/apparmor.d/abstractions/bus/org.freedesktop.portal.Desktop @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=session path=/org/freedesktop/portal/desktop interface=org.freedesktop.DBus.Properties diff --git a/apparmor.d/abstractions/bus/org.freedesktop.resolve1 b/apparmor.d/abstractions/bus/org.freedesktop.resolve1 index 7c1260c7d..38f102a06 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.resolve1 +++ b/apparmor.d/abstractions/bus/org.freedesktop.resolve1 @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=system path=/org/freedesktop/resolve1 interface=org.freedesktop.resolve1.Manager diff --git a/apparmor.d/abstractions/bus/org.freedesktop.secrets b/apparmor.d/abstractions/bus/org.freedesktop.secrets index 5f53407c3..4eb008995 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.secrets +++ b/apparmor.d/abstractions/bus/org.freedesktop.secrets @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=session path=/org/freedesktop/secrets{,/**} interface=org.freedesktop.DBus.Properties diff --git a/apparmor.d/abstractions/bus/org.freedesktop.systemd1 b/apparmor.d/abstractions/bus/org.freedesktop.systemd1 index 46d5fdc82..134af5525 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.systemd1 +++ b/apparmor.d/abstractions/bus/org.freedesktop.systemd1 @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=system path=/org/freedesktop/systemd1 interface=org.freedesktop.DBus.Properties diff --git a/apparmor.d/abstractions/bus/org.freedesktop.systemd1-session b/apparmor.d/abstractions/bus/org.freedesktop.systemd1-session index 2f6bb9922..12a6c94a0 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.systemd1-session +++ b/apparmor.d/abstractions/bus/org.freedesktop.systemd1-session @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=session path=/org/freedesktop/systemd1 interface=org.freedesktop.DBus.Properties diff --git a/apparmor.d/abstractions/bus/org.freedesktop.timedate1 b/apparmor.d/abstractions/bus/org.freedesktop.timedate1 index d6748c8da..283313780 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.timedate1 +++ b/apparmor.d/abstractions/bus/org.freedesktop.timedate1 @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=system path=/org/freedesktop/timedate1 interface=org.freedesktop.DBus.Properties diff --git a/apparmor.d/abstractions/bus/org.gnome.ArchiveManager1 b/apparmor.d/abstractions/bus/org.gnome.ArchiveManager1 index 087a8f08c..69c06a28f 100644 --- a/apparmor.d/abstractions/bus/org.gnome.ArchiveManager1 +++ b/apparmor.d/abstractions/bus/org.gnome.ArchiveManager1 @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=session path=/org/gnome/ArchiveManager1 interface=org.freedesktop.DBus.Properties diff --git a/apparmor.d/abstractions/bus/org.gnome.DisplayManager b/apparmor.d/abstractions/bus/org.gnome.DisplayManager index 3eeb35b69..3048d23ba 100644 --- a/apparmor.d/abstractions/bus/org.gnome.DisplayManager +++ b/apparmor.d/abstractions/bus/org.gnome.DisplayManager @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=system path=/org/gnome/DisplayManager/Manager interface=org.gnome.DisplayManager.Manager diff --git a/apparmor.d/abstractions/bus/org.gnome.Mutter.DisplayConfig b/apparmor.d/abstractions/bus/org.gnome.Mutter.DisplayConfig index 04d550761..63107f697 100644 --- a/apparmor.d/abstractions/bus/org.gnome.Mutter.DisplayConfig +++ b/apparmor.d/abstractions/bus/org.gnome.Mutter.DisplayConfig @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=session path=/org/gnome/Mutter/DisplayConfig interface=org.gnome.Mutter.DisplayConfig diff --git a/apparmor.d/abstractions/bus/org.gnome.Mutter.IdleMonitor b/apparmor.d/abstractions/bus/org.gnome.Mutter.IdleMonitor index 648e707c4..2ecc4ad9b 100644 --- a/apparmor.d/abstractions/bus/org.gnome.Mutter.IdleMonitor +++ b/apparmor.d/abstractions/bus/org.gnome.Mutter.IdleMonitor @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=session path=/org/gnome/Mutter/IdleMonitor interface=org.freedesktop.DBus.ObjectManager diff --git a/apparmor.d/abstractions/bus/org.gnome.Nautilus.FileOperations2 b/apparmor.d/abstractions/bus/org.gnome.Nautilus.FileOperations2 index 1a3dc2e0f..50966aa21 100644 --- a/apparmor.d/abstractions/bus/org.gnome.Nautilus.FileOperations2 +++ b/apparmor.d/abstractions/bus/org.gnome.Nautilus.FileOperations2 @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=session path=/org/gnome/Nautilus/FileOperations2 interface=org.freedesktop.DBus.Properties diff --git a/apparmor.d/abstractions/bus/org.gnome.ScreenSaver b/apparmor.d/abstractions/bus/org.gnome.ScreenSaver index 24c4e37ec..692dc5bd9 100644 --- a/apparmor.d/abstractions/bus/org.gnome.ScreenSaver +++ b/apparmor.d/abstractions/bus/org.gnome.ScreenSaver @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=session path=/org/gnome/ScreenSaver interface=org.freedesktop.DBus.Properties diff --git a/apparmor.d/abstractions/bus/org.gnome.SessionManager b/apparmor.d/abstractions/bus/org.gnome.SessionManager index 07576ff52..c4a2227b2 100644 --- a/apparmor.d/abstractions/bus/org.gnome.SessionManager +++ b/apparmor.d/abstractions/bus/org.gnome.SessionManager @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # FIXME: Too large, restrict it. diff --git a/apparmor.d/abstractions/bus/org.gnome.Shell.Introspect b/apparmor.d/abstractions/bus/org.gnome.Shell.Introspect index 4356c487b..d65ff07e0 100644 --- a/apparmor.d/abstractions/bus/org.gnome.Shell.Introspect +++ b/apparmor.d/abstractions/bus/org.gnome.Shell.Introspect @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=session path=/org/gnome/Shell/Introspect interface=org.freedesktop.DBus.Properties diff --git a/apparmor.d/abstractions/bus/org.gtk.Private.RemoteVolumeMonitor b/apparmor.d/abstractions/bus/org.gtk.Private.RemoteVolumeMonitor index 1c3349dc7..b57c53d83 100644 --- a/apparmor.d/abstractions/bus/org.gtk.Private.RemoteVolumeMonitor +++ b/apparmor.d/abstractions/bus/org.gtk.Private.RemoteVolumeMonitor @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=session path=/org/gtk/Private/RemoteVolumeMonitor interface=org.gtk.Private.RemoteVolumeMonitor diff --git a/apparmor.d/abstractions/bus/org.gtk.vfs.Daemon b/apparmor.d/abstractions/bus/org.gtk.vfs.Daemon index 5bbfd7594..634b759f8 100644 --- a/apparmor.d/abstractions/bus/org.gtk.vfs.Daemon +++ b/apparmor.d/abstractions/bus/org.gtk.vfs.Daemon @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=session path=/org/gtk/vfs/Daemon interface=org.gtk.vfs.Daemon diff --git a/apparmor.d/abstractions/bus/org.gtk.vfs.Metadata b/apparmor.d/abstractions/bus/org.gtk.vfs.Metadata index a547bc5d4..cccfae178 100644 --- a/apparmor.d/abstractions/bus/org.gtk.vfs.Metadata +++ b/apparmor.d/abstractions/bus/org.gtk.vfs.Metadata @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=session path=/org/gtk/vfs/metadata interface=org.freedesktop.DBus.Properties diff --git a/apparmor.d/abstractions/bus/org.gtk.vfs.MountTracker b/apparmor.d/abstractions/bus/org.gtk.vfs.MountTracker index 262982bb1..1538e6ea1 100644 --- a/apparmor.d/abstractions/bus/org.gtk.vfs.MountTracker +++ b/apparmor.d/abstractions/bus/org.gtk.vfs.MountTracker @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=session path=/org/gtk/vfs/mounttracker interface=org.gtk.vfs.MountTracker diff --git a/apparmor.d/abstractions/bus/org.kde.StatusNotifierItem b/apparmor.d/abstractions/bus/org.kde.StatusNotifierItem index 553195bbc..9bf19f219 100644 --- a/apparmor.d/abstractions/bus/org.kde.StatusNotifierItem +++ b/apparmor.d/abstractions/bus/org.kde.StatusNotifierItem @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor include if exists diff --git a/apparmor.d/abstractions/bus/org.kde.StatusNotifierWatcher b/apparmor.d/abstractions/bus/org.kde.StatusNotifierWatcher index 28ccc4a4b..7fe310d4c 100644 --- a/apparmor.d/abstractions/bus/org.kde.StatusNotifierWatcher +++ b/apparmor.d/abstractions/bus/org.kde.StatusNotifierWatcher @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=session path=/StatusNotifierWatcher interface=org.freedesktop.DBus.Properties diff --git a/apparmor.d/abstractions/bus/org.kde.kwalletd b/apparmor.d/abstractions/bus/org.kde.kwalletd index db103ba85..2a27c0367 100644 --- a/apparmor.d/abstractions/bus/org.kde.kwalletd +++ b/apparmor.d/abstractions/bus/org.kde.kwalletd @@ -1,5 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor include if exists diff --git a/apparmor.d/abstractions/common/app b/apparmor.d/abstractions/common/app index 84cd974a0..ea2444117 100644 --- a/apparmor.d/abstractions/common/app +++ b/apparmor.d/abstractions/common/app @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # LOGPROF-SUGGEST: no # Common rules for applications sandboxed using bwrap. diff --git a/apparmor.d/abstractions/common/apt b/apparmor.d/abstractions/common/apt index baa14757d..490943625 100644 --- a/apparmor.d/abstractions/common/apt +++ b/apparmor.d/abstractions/common/apt @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor /usr/share/dpkg/cputable r, /usr/share/dpkg/tupletable r, diff --git a/apparmor.d/abstractions/common/bwrap b/apparmor.d/abstractions/common/bwrap index 4b9610472..d9bca7b09 100644 --- a/apparmor.d/abstractions/common/bwrap +++ b/apparmor.d/abstractions/common/bwrap @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # A minimal set of rules for sandboxed programs using bwrap. # A profile using this abstraction still needs to set: diff --git a/apparmor.d/abstractions/common/chromium b/apparmor.d/abstractions/common/chromium index 842e1f33c..b46fe9051 100644 --- a/apparmor.d/abstractions/common/chromium +++ b/apparmor.d/abstractions/common/chromium @@ -2,6 +2,7 @@ # Copyright (C) 2022 Mikhail Morfikov # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # This abstraction is for chromium based application. Chromium based browsers # need to use abstractions/chromium instead. diff --git a/apparmor.d/abstractions/common/electron b/apparmor.d/abstractions/common/electron index 22aa0d784..9061d14e7 100644 --- a/apparmor.d/abstractions/common/electron +++ b/apparmor.d/abstractions/common/electron @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # Minimal set of rules for all electron based UI application. It works as a # *function* and requires some variables to be provided as *arguments* and set diff --git a/apparmor.d/abstractions/common/gnome b/apparmor.d/abstractions/common/gnome index 275853d51..03a449cd4 100644 --- a/apparmor.d/abstractions/common/gnome +++ b/apparmor.d/abstractions/common/gnome @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # Minimal set of rules for all gnome based UI application. diff --git a/apparmor.d/abstractions/common/systemd b/apparmor.d/abstractions/common/systemd index b98291bf5..bc7c22e71 100644 --- a/apparmor.d/abstractions/common/systemd +++ b/apparmor.d/abstractions/common/systemd @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor ptrace (read) peer=@{p_systemd}, diff --git a/apparmor.d/abstractions/crypto.d/complete b/apparmor.d/abstractions/crypto.d/complete index ccf3d799a..68486ad1c 100644 --- a/apparmor.d/abstractions/crypto.d/complete +++ b/apparmor.d/abstractions/crypto.d/complete @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor include diff --git a/apparmor.d/abstractions/dconf-write b/apparmor.d/abstractions/dconf-write index 58aad166e..6b75c34d3 100644 --- a/apparmor.d/abstractions/dconf-write +++ b/apparmor.d/abstractions/dconf-write @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # Permissions for querying dconf settings with write access; use the dconf # abstraction first, and dconf-write only for specific application's profile. diff --git a/apparmor.d/abstractions/deny-sensitive-home b/apparmor.d/abstractions/deny-sensitive-home index ccae3cf45..fef546b67 100644 --- a/apparmor.d/abstractions/deny-sensitive-home +++ b/apparmor.d/abstractions/deny-sensitive-home @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # DO NOT USE IT WITHOUT EXPLICIT AUTHORISATION FROM THE PROJECT MAINTAINER diff --git a/apparmor.d/abstractions/desktop b/apparmor.d/abstractions/desktop index bc273a006..e30be1cec 100644 --- a/apparmor.d/abstractions/desktop +++ b/apparmor.d/abstractions/desktop @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # Unified minimal abstraction for all UI application regardless of the desktop environment. diff --git a/apparmor.d/abstractions/devices-usb b/apparmor.d/abstractions/devices-usb index 9d9db462e..48c5b783f 100644 --- a/apparmor.d/abstractions/devices-usb +++ b/apparmor.d/abstractions/devices-usb @@ -2,6 +2,7 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor /dev/ r, /dev/bus/usb/ r, diff --git a/apparmor.d/abstractions/disks-read b/apparmor.d/abstractions/disks-read index 2b89a1308..90453aac5 100644 --- a/apparmor.d/abstractions/disks-read +++ b/apparmor.d/abstractions/disks-read @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # The /sys/ entries probably should be tightened diff --git a/apparmor.d/abstractions/disks-write b/apparmor.d/abstractions/disks-write index b6937698c..725beba73 100644 --- a/apparmor.d/abstractions/disks-write +++ b/apparmor.d/abstractions/disks-write @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # The /sys/ entries probably should be tightened diff --git a/apparmor.d/abstractions/dri b/apparmor.d/abstractions/dri index b6c6dc23b..8c1341dc7 100644 --- a/apparmor.d/abstractions/dri +++ b/apparmor.d/abstractions/dri @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # The Direct Rendering Infrastructure (DRI) is the framework comprising the modern # Linux graphics stack which allows unprivileged user-space programs to issue diff --git a/apparmor.d/abstractions/fish b/apparmor.d/abstractions/fish index c5ed229c0..af02b010b 100644 --- a/apparmor.d/abstractions/fish +++ b/apparmor.d/abstractions/fish @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # This abstraction is only required when an interactive shell is started. # Classic shell scripts do not need it. diff --git a/apparmor.d/abstractions/fontconfig-cache-read b/apparmor.d/abstractions/fontconfig-cache-read index 2873ebe45..252b56590 100644 --- a/apparmor.d/abstractions/fontconfig-cache-read +++ b/apparmor.d/abstractions/fontconfig-cache-read @@ -2,6 +2,7 @@ # Copyright (C) 2018-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # The fontconfig cache can be generated via the following command: # $ fc-cache -f -v diff --git a/apparmor.d/abstractions/fontconfig-cache-write b/apparmor.d/abstractions/fontconfig-cache-write index c9bb799cd..73ebe1503 100644 --- a/apparmor.d/abstractions/fontconfig-cache-write +++ b/apparmor.d/abstractions/fontconfig-cache-write @@ -2,6 +2,7 @@ # Copyright (C) 2018-2021 Mikhail Morfikov # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor owner @{user_cache_dirs}/fontconfig/ rw, owner @{user_cache_dirs}/fontconfig/CACHEDIR.TAG{,.NEW,.LCK,.TMP-*} rw, diff --git a/apparmor.d/abstractions/freedesktop.org.d/complete b/apparmor.d/abstractions/freedesktop.org.d/complete index 7313fbca1..91fadcf5f 100644 --- a/apparmor.d/abstractions/freedesktop.org.d/complete +++ b/apparmor.d/abstractions/freedesktop.org.d/complete @@ -2,6 +2,7 @@ # Copyright (C) 2020-2022 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor @{system_share_dirs}/*ubuntu/applications/{,**} r, @{system_share_dirs}/gnome/applications/{,**} r, diff --git a/apparmor.d/abstractions/gnome-strict b/apparmor.d/abstractions/gnome-strict index ba566cd69..71f266b00 100644 --- a/apparmor.d/abstractions/gnome-strict +++ b/apparmor.d/abstractions/gnome-strict @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor include include diff --git a/apparmor.d/abstractions/gnome.d/complete b/apparmor.d/abstractions/gnome.d/complete index 3d204be7d..0dc468632 100644 --- a/apparmor.d/abstractions/gnome.d/complete +++ b/apparmor.d/abstractions/gnome.d/complete @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor include diff --git a/apparmor.d/abstractions/graphics b/apparmor.d/abstractions/graphics index 85589272f..a222c1db9 100644 --- a/apparmor.d/abstractions/graphics +++ b/apparmor.d/abstractions/graphics @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor include include diff --git a/apparmor.d/abstractions/graphics-full b/apparmor.d/abstractions/graphics-full index e9480d217..62334b864 100644 --- a/apparmor.d/abstractions/graphics-full +++ b/apparmor.d/abstractions/graphics-full @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor include diff --git a/apparmor.d/abstractions/gstreamer b/apparmor.d/abstractions/gstreamer index 87bf1c1b3..58aa8eca4 100644 --- a/apparmor.d/abstractions/gstreamer +++ b/apparmor.d/abstractions/gstreamer @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor @{lib}/@{multiarch}/libproxy/*/modules/*.so mr, @{lib}/@{multiarch}/libvisual-[0-9].[0-9]/*/*.so mr, diff --git a/apparmor.d/abstractions/gtk.d/complete b/apparmor.d/abstractions/gtk.d/complete index 942713159..1efef2f9c 100644 --- a/apparmor.d/abstractions/gtk.d/complete +++ b/apparmor.d/abstractions/gtk.d/complete @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=session interface=org.gtk.Actions diff --git a/apparmor.d/abstractions/ibus.d/complete b/apparmor.d/abstractions/ibus.d/complete index c09e3ad6f..c5a56891a 100644 --- a/apparmor.d/abstractions/ibus.d/complete +++ b/apparmor.d/abstractions/ibus.d/complete @@ -2,6 +2,7 @@ # Copyright (C) 2020-2022 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # abstract path in ibus < 1.5.22 uses /tmp unix (connect, receive, send) diff --git a/apparmor.d/abstractions/kde-open5.d/complete b/apparmor.d/abstractions/kde-open5.d/complete index c3206ba85..dd4266623 100644 --- a/apparmor.d/abstractions/kde-open5.d/complete +++ b/apparmor.d/abstractions/kde-open5.d/complete @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor @{bin}/kde-open rix, diff --git a/apparmor.d/abstractions/kde-strict b/apparmor.d/abstractions/kde-strict index e05ad466a..e89ad2acd 100644 --- a/apparmor.d/abstractions/kde-strict +++ b/apparmor.d/abstractions/kde-strict @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor include include diff --git a/apparmor.d/abstractions/mesa.d/complete b/apparmor.d/abstractions/mesa.d/complete index 1a77e3e7c..e0e1aab2e 100644 --- a/apparmor.d/abstractions/mesa.d/complete +++ b/apparmor.d/abstractions/mesa.d/complete @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # Extra Mesa rules for desktop environments owner @{desktop_cache_dirs}/ w, diff --git a/apparmor.d/abstractions/nameservice-strict b/apparmor.d/abstractions/nameservice-strict index ad10304c4..6a43b8db0 100644 --- a/apparmor.d/abstractions/nameservice-strict +++ b/apparmor.d/abstractions/nameservice-strict @@ -2,6 +2,7 @@ # Copyright (C) 2019-2022 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # Many programs wish to perform nameservice-like operations, such as looking up # users by name or id, groups by name or id, hosts by name or IP, etc. diff --git a/apparmor.d/abstractions/nvidia-strict b/apparmor.d/abstractions/nvidia-strict index e5102cb24..b112e99eb 100644 --- a/apparmor.d/abstractions/nvidia-strict +++ b/apparmor.d/abstractions/nvidia-strict @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor @{bin}/nvidia-modprobe Px -> child-modprobe-nvidia, diff --git a/apparmor.d/abstractions/nvidia.d/complete b/apparmor.d/abstractions/nvidia.d/complete index 08d3b91bc..1c79790cc 100644 --- a/apparmor.d/abstractions/nvidia.d/complete +++ b/apparmor.d/abstractions/nvidia.d/complete @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor unix (send, receive) type=dgram peer=(addr="@var/run/nvidia-xdriver-*"), diff --git a/apparmor.d/abstractions/opencl-intel.d/complete b/apparmor.d/abstractions/opencl-intel.d/complete index c250a369a..f3fc8cc7e 100644 --- a/apparmor.d/abstractions/opencl-intel.d/complete +++ b/apparmor.d/abstractions/opencl-intel.d/complete @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor /opt/intel/oneapi/{compiler,lib,mkl}/**/ r, /opt/intel/oneapi/{compiler,lib,mkl}/**.so* mr, diff --git a/apparmor.d/abstractions/python.d/complete b/apparmor.d/abstractions/python.d/complete index 9638a61a5..405e6a808 100644 --- a/apparmor.d/abstractions/python.d/complete +++ b/apparmor.d/abstractions/python.d/complete @@ -2,6 +2,7 @@ # Copyright (C) 2020-2022 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor @{bin}/ r, @{bin}/python{2.[4-7],3,3.[0-9],3.1[0-9]} r, diff --git a/apparmor.d/abstractions/qt5-shader-cache b/apparmor.d/abstractions/qt5-shader-cache index 05c4091f0..a6224251c 100644 --- a/apparmor.d/abstractions/qt5-shader-cache +++ b/apparmor.d/abstractions/qt5-shader-cache @@ -2,6 +2,7 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor owner @{user_cache_dirs}/ w, owner @{user_cache_dirs}/qtshadercache/ rw, diff --git a/apparmor.d/abstractions/qt5.d/complete b/apparmor.d/abstractions/qt5.d/complete index fadb39931..d02f57303 100644 --- a/apparmor.d/abstractions/qt5.d/complete +++ b/apparmor.d/abstractions/qt5.d/complete @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor /usr/share/qt{,5,6}/qtlogging.ini r, /usr/share/qt{,5,6}/resources/*.pak r, diff --git a/apparmor.d/abstractions/shells b/apparmor.d/abstractions/shells index 5583f599d..adf995036 100644 --- a/apparmor.d/abstractions/shells +++ b/apparmor.d/abstractions/shells @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # This abstraction is only required when an interactive shell is started. # Classic shell scripts do not need it. diff --git a/apparmor.d/abstractions/thumbnails-cache-read b/apparmor.d/abstractions/thumbnails-cache-read index 3c947d2ae..f191fc9e8 100644 --- a/apparmor.d/abstractions/thumbnails-cache-read +++ b/apparmor.d/abstractions/thumbnails-cache-read @@ -2,6 +2,7 @@ # Copyright (C) 2018-2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor owner @{user_cache_dirs}/thumbnails/ r, owner @{user_cache_dirs}/thumbnails/{fail,*large,normal}/ r, diff --git a/apparmor.d/abstractions/thumbnails-cache-write b/apparmor.d/abstractions/thumbnails-cache-write index 5bcca4d4b..100dc6296 100644 --- a/apparmor.d/abstractions/thumbnails-cache-write +++ b/apparmor.d/abstractions/thumbnails-cache-write @@ -2,6 +2,7 @@ # Copyright (C) 2018-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor owner @{user_cache_dirs}/thumbnails/ rw, owner @{user_cache_dirs}/thumbnails/{fail,*large,normal}/ rw, diff --git a/apparmor.d/abstractions/trash-strict b/apparmor.d/abstractions/trash-strict index 212385774..e3c3b3bf8 100644 --- a/apparmor.d/abstractions/trash-strict +++ b/apparmor.d/abstractions/trash-strict @@ -2,6 +2,7 @@ # Copyright (C) 2018-2022 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # Already upstreamed. Different because recent change does not play well # with upstream's version. diff --git a/apparmor.d/abstractions/trash.d/complete b/apparmor.d/abstractions/trash.d/complete index 29d5d021a..cbc79c530 100644 --- a/apparmor.d/abstractions/trash.d/complete +++ b/apparmor.d/abstractions/trash.d/complete @@ -2,6 +2,7 @@ # Copyright (C) 2018-2022 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor owner @{user_config_dirs}/trashrc rw, owner @{user_config_dirs}/trashrc.lock rwk, diff --git a/apparmor.d/abstractions/uim b/apparmor.d/abstractions/uim index 24b430b10..7d9d64e0e 100644 --- a/apparmor.d/abstractions/uim +++ b/apparmor.d/abstractions/uim @@ -2,6 +2,7 @@ # Copyright (C) 2024 Alexandre Pujol # Copyright (C) 2024 Jeroen Rijken # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor /usr/share/uim/* r, diff --git a/apparmor.d/abstractions/user-download-strict b/apparmor.d/abstractions/user-download-strict index ee23bce39..89cc65156 100644 --- a/apparmor.d/abstractions/user-download-strict +++ b/apparmor.d/abstractions/user-download-strict @@ -2,6 +2,7 @@ # Copyright (C) 2018-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor owner @{HOME}/@{XDG_DESKTOP_DIR}/ w, owner @{HOME}/@{XDG_DOWNLOAD_DIR}/ w, diff --git a/apparmor.d/abstractions/user-read b/apparmor.d/abstractions/user-read index b79e78eae..7c54c8af7 100644 --- a/apparmor.d/abstractions/user-read +++ b/apparmor.d/abstractions/user-read @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # Warning: This abstraction gives unrestricted read access on all non hidden user directories. diff --git a/apparmor.d/abstractions/user-read-strict b/apparmor.d/abstractions/user-read-strict index 3ff81e66a..b3274bfe6 100644 --- a/apparmor.d/abstractions/user-read-strict +++ b/apparmor.d/abstractions/user-read-strict @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # This abstraction gives read access on all defined user directories. It should # only be used if access to **ALL** folders is required. diff --git a/apparmor.d/abstractions/user-write-strict b/apparmor.d/abstractions/user-write-strict index 51fe3e08d..c18bfd47b 100644 --- a/apparmor.d/abstractions/user-write-strict +++ b/apparmor.d/abstractions/user-write-strict @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # This abstraction gives write only access on all defined user directories. It should # only be used if access to **ALL** folders is required. diff --git a/apparmor.d/abstractions/user-write.d/complete b/apparmor.d/abstractions/user-write.d/complete index 8f73b06e6..dc39c5efe 100644 --- a/apparmor.d/abstractions/user-write.d/complete +++ b/apparmor.d/abstractions/user-write.d/complete @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # Warning: This abstraction gives unrestricted write access on all non hidden user directories. diff --git a/apparmor.d/abstractions/video.d/complete b/apparmor.d/abstractions/video.d/complete index e36b3128b..46628d3e4 100644 --- a/apparmor.d/abstractions/video.d/complete +++ b/apparmor.d/abstractions/video.d/complete @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor @{run}/udev/data/c81:@{int} r, # For video4linux diff --git a/apparmor.d/abstractions/vulkan-strict b/apparmor.d/abstractions/vulkan-strict index f5926fc20..1cdf3bc8d 100644 --- a/apparmor.d/abstractions/vulkan-strict +++ b/apparmor.d/abstractions/vulkan-strict @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor /usr/share/egl/egl_external_platform.d/{,*.json} r, /usr/share/glvnd/egl_vendor.d/{,*.json} r, diff --git a/apparmor.d/abstractions/vulkan.d/complete b/apparmor.d/abstractions/vulkan.d/complete index 9df2edd4b..41b308d98 100644 --- a/apparmor.d/abstractions/vulkan.d/complete +++ b/apparmor.d/abstractions/vulkan.d/complete @@ -1,5 +1,6 @@ # apparmor.d - Full set of apparmor profiles # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor /etc/glvnd/egl_vendor.d/{,*.json} r, /usr/share/glvnd/egl_vendor.d/{,*.json} r, diff --git a/apparmor.d/abstractions/wayland.d/complete b/apparmor.d/abstractions/wayland.d/complete index 1029e0a1f..b228c4fd0 100644 --- a/apparmor.d/abstractions/wayland.d/complete +++ b/apparmor.d/abstractions/wayland.d/complete @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor owner @{user_config_dirs}/ibus/bus/@{hex32}-unix-wayland-@{int} r, diff --git a/apparmor.d/abstractions/xfce b/apparmor.d/abstractions/xfce index eff45b142..810079c9c 100644 --- a/apparmor.d/abstractions/xfce +++ b/apparmor.d/abstractions/xfce @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor include include diff --git a/apparmor.d/abstractions/zsh b/apparmor.d/abstractions/zsh index 4addfdac9..a914fed89 100644 --- a/apparmor.d/abstractions/zsh +++ b/apparmor.d/abstractions/zsh @@ -2,6 +2,7 @@ # Copyright (C) 2018-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # This abstraction is only required when an interactive shell is started. # Classic shell scripts do not need it. From eb480672f32873d71f03394c7904381a24eb5949 Mon Sep 17 00:00:00 2001 From: REmerald <55359236+REmerald@users.noreply.github.com> Date: Sat, 15 Jun 2024 16:52:31 +0300 Subject: [PATCH 37/52] fix(abstractions, tunables): move vim modeline Move vim syntax comment to the end of the file, separated by newline, as requested in #380. --- apparmor.d/abstractions/X-strict | 3 ++- apparmor.d/abstractions/X.d/complete | 3 ++- apparmor.d/abstractions/app-launcher-root | 5 +++-- apparmor.d/abstractions/app-launcher-user | 5 +++-- apparmor.d/abstractions/app-open | 3 ++- apparmor.d/abstractions/app/chromium | 3 ++- apparmor.d/abstractions/app/editor | 3 ++- apparmor.d/abstractions/app/firefox | 3 ++- apparmor.d/abstractions/app/open | 3 ++- apparmor.d/abstractions/app/pgrep | 3 ++- apparmor.d/abstractions/app/sudo | 3 ++- apparmor.d/abstractions/app/systemctl | 3 ++- apparmor.d/abstractions/audio-client | 3 ++- apparmor.d/abstractions/audio-server | 3 ++- apparmor.d/abstractions/audio.d/complete | 3 ++- apparmor.d/abstractions/authentication.d/complete | 2 +- apparmor.d/abstractions/base.d/complete | 3 ++- apparmor.d/abstractions/bash-strict | 3 ++- apparmor.d/abstractions/bash.d/complete | 3 ++- apparmor.d/abstractions/bus-accessibility | 3 ++- apparmor.d/abstractions/bus-session | 3 ++- apparmor.d/abstractions/bus-system | 3 ++- .../abstractions/bus/com.canonical.Unity.LauncherEntry | 3 ++- apparmor.d/abstractions/bus/com.canonical.dbusmenu | 3 ++- apparmor.d/abstractions/bus/fi.w1.wpa_supplicant1 | 3 ++- apparmor.d/abstractions/bus/net.hadess.PowerProfiles | 3 ++- apparmor.d/abstractions/bus/net.hadess.SwitcherooControl | 3 ++- apparmor.d/abstractions/bus/net.reactivated.Fprint | 3 ++- apparmor.d/abstractions/bus/org.a11y | 3 ++- apparmor.d/abstractions/bus/org.bluez | 3 ++- apparmor.d/abstractions/bus/org.freedesktop.Accounts | 3 ++- apparmor.d/abstractions/bus/org.freedesktop.Avahi | 3 ++- apparmor.d/abstractions/bus/org.freedesktop.ColorManager | 3 ++- apparmor.d/abstractions/bus/org.freedesktop.FileManager1 | 3 ++- apparmor.d/abstractions/bus/org.freedesktop.GeoClue2 | 3 ++- apparmor.d/abstractions/bus/org.freedesktop.ModemManager1 | 3 ++- apparmor.d/abstractions/bus/org.freedesktop.NetworkManager | 3 ++- apparmor.d/abstractions/bus/org.freedesktop.Notifications | 3 ++- apparmor.d/abstractions/bus/org.freedesktop.PackageKit | 3 ++- apparmor.d/abstractions/bus/org.freedesktop.PolicyKit1 | 3 ++- apparmor.d/abstractions/bus/org.freedesktop.RealtimeKit1 | 3 ++- apparmor.d/abstractions/bus/org.freedesktop.ScreenSaver | 3 ++- .../abstractions/bus/org.freedesktop.Tracker3.Miner.Files | 3 ++- apparmor.d/abstractions/bus/org.freedesktop.UDisks2 | 3 ++- apparmor.d/abstractions/bus/org.freedesktop.UPower | 3 ++- .../abstractions/bus/org.freedesktop.background.Monitor | 3 ++- apparmor.d/abstractions/bus/org.freedesktop.hostname1 | 3 ++- .../bus/org.freedesktop.impl.portal.PermissionStore | 3 ++- apparmor.d/abstractions/bus/org.freedesktop.locale1 | 3 ++- apparmor.d/abstractions/bus/org.freedesktop.login1 | 3 ++- apparmor.d/abstractions/bus/org.freedesktop.login1.Session | 3 ++- apparmor.d/abstractions/bus/org.freedesktop.network1 | 3 ++- apparmor.d/abstractions/bus/org.freedesktop.portal.Desktop | 3 ++- apparmor.d/abstractions/bus/org.freedesktop.resolve1 | 3 ++- apparmor.d/abstractions/bus/org.freedesktop.secrets | 3 ++- apparmor.d/abstractions/bus/org.freedesktop.systemd1 | 3 ++- apparmor.d/abstractions/bus/org.freedesktop.systemd1-session | 3 ++- apparmor.d/abstractions/bus/org.freedesktop.timedate1 | 3 ++- apparmor.d/abstractions/bus/org.gnome.ArchiveManager1 | 3 ++- apparmor.d/abstractions/bus/org.gnome.DisplayManager | 3 ++- apparmor.d/abstractions/bus/org.gnome.Mutter.DisplayConfig | 3 ++- apparmor.d/abstractions/bus/org.gnome.Mutter.IdleMonitor | 3 ++- .../abstractions/bus/org.gnome.Nautilus.FileOperations2 | 3 ++- apparmor.d/abstractions/bus/org.gnome.ScreenSaver | 3 ++- apparmor.d/abstractions/bus/org.gnome.SessionManager | 3 ++- apparmor.d/abstractions/bus/org.gnome.Shell.Introspect | 3 ++- .../abstractions/bus/org.gtk.Private.RemoteVolumeMonitor | 3 ++- apparmor.d/abstractions/bus/org.gtk.vfs.Daemon | 3 ++- apparmor.d/abstractions/bus/org.gtk.vfs.Metadata | 3 ++- apparmor.d/abstractions/bus/org.gtk.vfs.MountTracker | 3 ++- apparmor.d/abstractions/bus/org.kde.StatusNotifierItem | 3 ++- apparmor.d/abstractions/bus/org.kde.StatusNotifierWatcher | 3 ++- apparmor.d/abstractions/bus/org.kde.kwalletd | 3 ++- apparmor.d/abstractions/common/app | 5 +++-- apparmor.d/abstractions/common/apt | 5 +++-- apparmor.d/abstractions/common/bwrap | 3 ++- apparmor.d/abstractions/common/chromium | 5 +++-- apparmor.d/abstractions/common/electron | 5 +++-- apparmor.d/abstractions/common/gnome | 5 +++-- apparmor.d/abstractions/common/systemd | 5 +++-- apparmor.d/abstractions/crypto.d/complete | 3 ++- apparmor.d/abstractions/dconf-write | 3 ++- apparmor.d/abstractions/deny-sensitive-home | 3 ++- apparmor.d/abstractions/desktop | 3 ++- apparmor.d/abstractions/devices-usb | 5 +++-- apparmor.d/abstractions/disks-read | 3 ++- apparmor.d/abstractions/disks-write | 3 ++- apparmor.d/abstractions/dri | 3 ++- apparmor.d/abstractions/fish | 3 ++- apparmor.d/abstractions/fontconfig-cache-read | 3 ++- apparmor.d/abstractions/fontconfig-cache-write | 3 ++- apparmor.d/abstractions/freedesktop.org.d/complete | 3 ++- apparmor.d/abstractions/gnome-strict | 3 ++- apparmor.d/abstractions/gnome.d/complete | 3 ++- apparmor.d/abstractions/graphics | 3 ++- apparmor.d/abstractions/graphics-full | 3 ++- apparmor.d/abstractions/gstreamer | 3 ++- apparmor.d/abstractions/gtk.d/complete | 3 ++- apparmor.d/abstractions/ibus.d/complete | 3 ++- apparmor.d/abstractions/kde-open5.d/complete | 3 ++- apparmor.d/abstractions/kde-strict | 3 ++- apparmor.d/abstractions/mesa.d/complete | 3 ++- apparmor.d/abstractions/nameservice-strict | 3 ++- apparmor.d/abstractions/nvidia-strict | 3 ++- apparmor.d/abstractions/nvidia.d/complete | 3 ++- apparmor.d/abstractions/opencl-intel.d/complete | 3 ++- apparmor.d/abstractions/python.d/complete | 3 ++- apparmor.d/abstractions/qt5-shader-cache | 3 ++- apparmor.d/abstractions/qt5.d/complete | 3 ++- apparmor.d/abstractions/shells | 3 ++- apparmor.d/abstractions/thumbnails-cache-read | 3 ++- apparmor.d/abstractions/thumbnails-cache-write | 3 ++- apparmor.d/abstractions/trash-strict | 3 ++- apparmor.d/abstractions/trash.d/complete | 3 ++- apparmor.d/abstractions/uim | 5 +++-- apparmor.d/abstractions/user-download-strict | 3 ++- apparmor.d/abstractions/user-read | 5 +++-- apparmor.d/abstractions/user-read-strict | 5 +++-- apparmor.d/abstractions/user-write-strict | 5 +++-- apparmor.d/abstractions/user-write.d/complete | 3 ++- apparmor.d/abstractions/video.d/complete | 3 ++- apparmor.d/abstractions/vulkan-strict | 3 ++- apparmor.d/abstractions/vulkan.d/complete | 3 ++- apparmor.d/abstractions/wayland.d/complete | 3 ++- apparmor.d/abstractions/xfce | 3 ++- apparmor.d/abstractions/zsh | 5 +++-- apparmor.d/tunables/home.d/apparmor.d | 3 ++- apparmor.d/tunables/home.d/whonix | 3 ++- apparmor.d/tunables/multiarch.d/paths | 3 ++- apparmor.d/tunables/multiarch.d/profiles | 3 ++- apparmor.d/tunables/multiarch.d/programs | 3 ++- apparmor.d/tunables/multiarch.d/system | 3 ++- apparmor.d/tunables/multiarch.d/system-users | 3 ++- apparmor.d/tunables/xdg-user-dirs.d/apparmor.d | 3 ++- 134 files changed, 281 insertions(+), 148 deletions(-) diff --git a/apparmor.d/abstractions/X-strict b/apparmor.d/abstractions/X-strict index a2922b40a..0998bbb44 100644 --- a/apparmor.d/abstractions/X-strict +++ b/apparmor.d/abstractions/X-strict @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # The unix socket to use to connect to the display unix (connect, receive, send) type=stream peer=(addr="@/tmp/.X11-unix/X[0-9]*"), @@ -30,3 +29,5 @@ owner @{run}/user/@{uid}/xauth_@{rand6} rl -> @{run}/user/@{uid}/#@{int}, include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/X.d/complete b/apparmor.d/abstractions/X.d/complete index 533a132b9..8a6636664 100644 --- a/apparmor.d/abstractions/X.d/complete +++ b/apparmor.d/abstractions/X.d/complete @@ -2,7 +2,8 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # Available Xsessions /usr/share/xsessions/{,*.desktop} r, + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/app-launcher-root b/apparmor.d/abstractions/app-launcher-root index 0f5bf70eb..c31d328fb 100644 --- a/apparmor.d/abstractions/app-launcher-root +++ b/apparmor.d/abstractions/app-launcher-root @@ -2,7 +2,6 @@ # Copyright (C) 2020-2022 Mikhail Morfikov # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor @{bin}/* PUx, /usr/local/{s,}bin/* PUx, @@ -12,4 +11,6 @@ /usr/ r, /usr/local/{s,}bin/ r, - include if exists \ No newline at end of file + include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/app-launcher-user b/apparmor.d/abstractions/app-launcher-user index 062cd0967..5e7c50824 100644 --- a/apparmor.d/abstractions/app-launcher-user +++ b/apparmor.d/abstractions/app-launcher-user @@ -2,7 +2,6 @@ # Copyright (C) 2020-2022 Mikhail Morfikov # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor @{bin}/* PUx, /opt/*/** PUx, @@ -22,4 +21,6 @@ /usr/ r, /usr/local/bin/ r, - include if exists \ No newline at end of file + include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/app-open b/apparmor.d/abstractions/app-open index 827722575..513924de6 100644 --- a/apparmor.d/abstractions/app-open +++ b/apparmor.d/abstractions/app-open @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # Instead of allowing the run of all software in @{bin}/, @{lib} the purpose of # this abstraction is to list all GUI program that can open resources. @@ -52,3 +51,5 @@ include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/app/chromium b/apparmor.d/abstractions/app/chromium index c69e893ea..41bbab892 100644 --- a/apparmor.d/abstractions/app/chromium +++ b/apparmor.d/abstractions/app/chromium @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # Full set of rules for all chromium based browsers. It works as a *function* # and requires some variables to be provided as *arguments* and set in the @@ -210,3 +209,5 @@ deny @{user_share_dirs}/gvfs-metadata/* r, include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/app/editor b/apparmor.d/abstractions/app/editor index 1ec287505..f0972f3e7 100644 --- a/apparmor.d/abstractions/app/editor +++ b/apparmor.d/abstractions/app/editor @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Zane Zakraisek # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor include @@ -27,3 +26,5 @@ owner @{user_config_dirs}/vim/{,**} r, include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/app/firefox b/apparmor.d/abstractions/app/firefox index 4bb1311b7..bf86f419c 100644 --- a/apparmor.d/abstractions/app/firefox +++ b/apparmor.d/abstractions/app/firefox @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # Full set of rules for all firefox based browsers. It works as a *function* # and requires some variables to be provided as *arguments* and set in the @@ -159,3 +158,5 @@ deny @{run}/user/@{uid}/gnome-shell-disable-extensions w, include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/app/open b/apparmor.d/abstractions/app/open index b68c979d0..f93a1c444 100644 --- a/apparmor.d/abstractions/app/open +++ b/apparmor.d/abstractions/app/open @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # Full set of rules for child-open-* profiles. @@ -14,3 +13,5 @@ /dev/tty rw, include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/app/pgrep b/apparmor.d/abstractions/app/pgrep index 9d722ee42..4bab75387 100644 --- a/apparmor.d/abstractions/app/pgrep +++ b/apparmor.d/abstractions/app/pgrep @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # Minimal set of rules for pgrep. @@ -24,3 +23,5 @@ @{PROC}/uptime r, include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/app/sudo b/apparmor.d/abstractions/app/sudo index 6529f5bcb..6fba1adfd 100644 --- a/apparmor.d/abstractions/app/sudo +++ b/apparmor.d/abstractions/app/sudo @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # Minimal set of rules for sudo. Interactive sudo need more rules. @@ -69,3 +68,5 @@ deny @{user_share_dirs}/gvfs-metadata/* r, include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/app/systemctl b/apparmor.d/abstractions/app/systemctl index e486670c0..62b4aafdf 100644 --- a/apparmor.d/abstractions/app/systemctl +++ b/apparmor.d/abstractions/app/systemctl @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor include include @@ -27,3 +26,5 @@ owner @{PROC}/@{pid}/stat r, include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/audio-client b/apparmor.d/abstractions/audio-client index 1733cdbe0..ca4a8e16c 100644 --- a/apparmor.d/abstractions/audio-client +++ b/apparmor.d/abstractions/audio-client @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # Most programs do not need access to audio devices, audio-client only includes # configuration files to be used by client applications. @@ -59,3 +58,5 @@ owner /dev/shm/pulse-shm-@{int} rw, include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/audio-server b/apparmor.d/abstractions/audio-server index cfb6804e3..619ba1111 100644 --- a/apparmor.d/abstractions/audio-server +++ b/apparmor.d/abstractions/audio-server @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # Provide access to audio devices. It should only be used by audio servers that # need direct access to them. @@ -44,3 +43,5 @@ /dev/sound/* rw, include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/audio.d/complete b/apparmor.d/abstractions/audio.d/complete index e115e1045..01d94e067 100644 --- a/apparmor.d/abstractions/audio.d/complete +++ b/apparmor.d/abstractions/audio.d/complete @@ -2,7 +2,6 @@ # Copyright (C) 2020-2022 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # PulseAudio module-ladspa-sink (plugin sc4m_1916) @{lib}/ladspa/ r, @@ -12,3 +11,5 @@ @{sys}/class/ r, @{sys}/class/sound/ r, + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/authentication.d/complete b/apparmor.d/abstractions/authentication.d/complete index 831ad3df8..63819cc1b 100644 --- a/apparmor.d/abstractions/authentication.d/complete +++ b/apparmor.d/abstractions/authentication.d/complete @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor @{bin}/pam-tmpdir-helper rPx, @@ -13,3 +12,4 @@ @{lib}/security-misc/pam-abort-on-locked-password rPx, @{lib}/security-misc/pam-info rPx, +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/base.d/complete b/apparmor.d/abstractions/base.d/complete index e0e9f7227..e9761b843 100644 --- a/apparmor.d/abstractions/base.d/complete +++ b/apparmor.d/abstractions/base.d/complete @@ -2,7 +2,6 @@ # Copyright (C) 2020-2022 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # Allow to receive some signals from new well-known profiles signal (receive) peer=btop, @@ -30,3 +29,5 @@ @{PROC}/sys/kernel/core_pattern r, deny /apparmor/.null rw, + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/bash-strict b/apparmor.d/abstractions/bash-strict index e79dd7091..eb4f65230 100644 --- a/apparmor.d/abstractions/bash-strict +++ b/apparmor.d/abstractions/bash-strict @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # This abstraction is only required when an interactive shell is started. # Classic shell scripts do not need it. @@ -34,3 +33,5 @@ owner @{PROC}/@{pid}/mounts r, include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/bash.d/complete b/apparmor.d/abstractions/bash.d/complete index 014535a31..6d16109de 100644 --- a/apparmor.d/abstractions/bash.d/complete +++ b/apparmor.d/abstractions/bash.d/complete @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor /usr/share/bash-completion/{,**} r, @@ -10,3 +9,5 @@ owner @{HOME}/.alias r, owner @{HOME}/.i18n r, + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/bus-accessibility b/apparmor.d/abstractions/bus-accessibility index e38e6c223..f032f842b 100644 --- a/apparmor.d/abstractions/bus-accessibility +++ b/apparmor.d/abstractions/bus-accessibility @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=accessibility path=/org/freedesktop/DBus interface=org.freedesktop.DBus @@ -18,3 +17,5 @@ owner @{run}/user/@{uid}/at-spi/bus_@{int} rw, include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/bus-session b/apparmor.d/abstractions/bus-session index ed64ad22e..d5ca957e8 100644 --- a/apparmor.d/abstractions/bus-session +++ b/apparmor.d/abstractions/bus-session @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor unix (bind, listen) type=stream addr="@/tmp/dbus-*", unix (connect, send, receive, accept) type=stream addr="@/tmp/dbus-*", @@ -26,3 +25,5 @@ owner @{run}/user/@{uid}/bus rw, include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/bus-system b/apparmor.d/abstractions/bus-system index 9dbc80371..0148d0711 100644 --- a/apparmor.d/abstractions/bus-system +++ b/apparmor.d/abstractions/bus-system @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=system path=/org/freedesktop/DBus interface=org.freedesktop.DBus @@ -16,3 +15,5 @@ @{run}/dbus/system_bus_socket rw, include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/bus/com.canonical.Unity.LauncherEntry b/apparmor.d/abstractions/bus/com.canonical.Unity.LauncherEntry index 0f6953254..3eceb53ab 100644 --- a/apparmor.d/abstractions/bus/com.canonical.Unity.LauncherEntry +++ b/apparmor.d/abstractions/bus/com.canonical.Unity.LauncherEntry @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # Access required for connecting to/communicating with the Unity Launcher @@ -21,3 +20,5 @@ peer=(name=:*, label=gnome-shell), include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/bus/com.canonical.dbusmenu b/apparmor.d/abstractions/bus/com.canonical.dbusmenu index e28a878a0..290a86de8 100644 --- a/apparmor.d/abstractions/bus/com.canonical.dbusmenu +++ b/apparmor.d/abstractions/bus/com.canonical.dbusmenu @@ -1,7 +1,8 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/bus/fi.w1.wpa_supplicant1 b/apparmor.d/abstractions/bus/fi.w1.wpa_supplicant1 index c6c5b5c5b..a8e3d52a5 100644 --- a/apparmor.d/abstractions/bus/fi.w1.wpa_supplicant1 +++ b/apparmor.d/abstractions/bus/fi.w1.wpa_supplicant1 @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=system path=/fi/w1/wpa_supplicant1 interface=org.freedesktop.DBus.Properties @@ -49,3 +48,5 @@ peer=(name=:*, label=wpa-supplicant), include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/bus/net.hadess.PowerProfiles b/apparmor.d/abstractions/bus/net.hadess.PowerProfiles index 1e046af3a..b4032e033 100644 --- a/apparmor.d/abstractions/bus/net.hadess.PowerProfiles +++ b/apparmor.d/abstractions/bus/net.hadess.PowerProfiles @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=system path=/net/hadess/PowerProfiles interface=org.freedesktop.DBus.Properties @@ -9,3 +8,5 @@ peer=(name=:*, label=power-profiles-daemon), include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/bus/net.hadess.SwitcherooControl b/apparmor.d/abstractions/bus/net.hadess.SwitcherooControl index 185117e4d..55e4f414d 100644 --- a/apparmor.d/abstractions/bus/net.hadess.SwitcherooControl +++ b/apparmor.d/abstractions/bus/net.hadess.SwitcherooControl @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=system path=/net/hadess/SwitcherooControl interface=org.freedesktop.DBus.Properties @@ -9,3 +8,5 @@ peer=(name=:*, label=switcheroo-control), include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/bus/net.reactivated.Fprint b/apparmor.d/abstractions/bus/net.reactivated.Fprint index 2b0c63376..7e7b21565 100644 --- a/apparmor.d/abstractions/bus/net.reactivated.Fprint +++ b/apparmor.d/abstractions/bus/net.reactivated.Fprint @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=system path=/net/reactivated/Fprint/Manager interface=net.reactivated.Fprint.Manager @@ -19,3 +18,5 @@ peer=(name=net.reactivated.Fprint, label=fprintd), include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/bus/org.a11y b/apparmor.d/abstractions/bus/org.a11y index 306c2291d..5103361c9 100644 --- a/apparmor.d/abstractions/bus/org.a11y +++ b/apparmor.d/abstractions/bus/org.a11y @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # Accessibility bus @@ -43,3 +42,5 @@ peer=(name=org.a11y.Bus), include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/bus/org.bluez b/apparmor.d/abstractions/bus/org.bluez index 3a53931e6..7c86817f5 100644 --- a/apparmor.d/abstractions/bus/org.bluez +++ b/apparmor.d/abstractions/bus/org.bluez @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus receive bus=system path=/ interface=org.freedesktop.DBus.ObjectManager @@ -44,3 +43,5 @@ peer=(name=org.bluez, label=bluetoothd), include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/bus/org.freedesktop.Accounts b/apparmor.d/abstractions/bus/org.freedesktop.Accounts index b53276bbd..10a9e8fc0 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.Accounts +++ b/apparmor.d/abstractions/bus/org.freedesktop.Accounts @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=system path=/org/freedesktop/Accounts interface=org.freedesktop.Accounts @@ -29,3 +28,5 @@ peer=(name=:*, label=accounts-daemon), include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/bus/org.freedesktop.Avahi b/apparmor.d/abstractions/bus/org.freedesktop.Avahi index 82827f6bb..8b24700db 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.Avahi +++ b/apparmor.d/abstractions/bus/org.freedesktop.Avahi @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=system path=/ interface=org.freedesktop.DBus.Peer @@ -24,3 +23,5 @@ peer=(name=:*, label=avahi-daemon), include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/bus/org.freedesktop.ColorManager b/apparmor.d/abstractions/bus/org.freedesktop.ColorManager index e4ec4c47c..3950b77aa 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.ColorManager +++ b/apparmor.d/abstractions/bus/org.freedesktop.ColorManager @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=system path=/org/freedesktop/ColorManager interface=org.freedesktop.ColorManager @@ -24,3 +23,5 @@ peer=(name=:*, label=colord), include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/bus/org.freedesktop.FileManager1 b/apparmor.d/abstractions/bus/org.freedesktop.FileManager1 index a25a1600c..b4e985b9e 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.FileManager1 +++ b/apparmor.d/abstractions/bus/org.freedesktop.FileManager1 @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=session path=/org/freedesktop/FileManager1 interface=org.freedesktop.DBus.Properties @@ -14,3 +13,5 @@ peer=(name=:*, label=nautilus), include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/bus/org.freedesktop.GeoClue2 b/apparmor.d/abstractions/bus/org.freedesktop.GeoClue2 index 714ee8c22..836e99d94 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.GeoClue2 +++ b/apparmor.d/abstractions/bus/org.freedesktop.GeoClue2 @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=system path=/org/freedesktop/GeoClue2/Manager interface=org.freedesktop.DBus.Properties @@ -34,3 +33,5 @@ peer=(name=:*, label=geoclue), include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/bus/org.freedesktop.ModemManager1 b/apparmor.d/abstractions/bus/org.freedesktop.ModemManager1 index 655d50d97..217b588a4 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.ModemManager1 +++ b/apparmor.d/abstractions/bus/org.freedesktop.ModemManager1 @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=system path=/org/freedesktop/ModemManager1 interface=org.freedesktop.DBus.ObjectManager @@ -19,3 +18,5 @@ peer=(name=:*, label=ModemManager), include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/bus/org.freedesktop.NetworkManager b/apparmor.d/abstractions/bus/org.freedesktop.NetworkManager index 6bed5af41..0fa92d3cc 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.NetworkManager +++ b/apparmor.d/abstractions/bus/org.freedesktop.NetworkManager @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=system path=/org/freedesktop interface=org.freedesktop.DBus.ObjectManager @@ -74,3 +73,5 @@ peer=(name="{:*,org.freedesktop.NetworkManager}", label=NetworkManager), include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/bus/org.freedesktop.Notifications b/apparmor.d/abstractions/bus/org.freedesktop.Notifications index c898fa710..90ee1aefc 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.Notifications +++ b/apparmor.d/abstractions/bus/org.freedesktop.Notifications @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=session path=/org/freedesktop/Notifications interface=org.freedesktop.DBus.Properties @@ -24,3 +23,5 @@ peer=(name=org.freedesktop.DBus, label=gjs-console), include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/bus/org.freedesktop.PackageKit b/apparmor.d/abstractions/bus/org.freedesktop.PackageKit index 304546862..7cdd9a3ce 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.PackageKit +++ b/apparmor.d/abstractions/bus/org.freedesktop.PackageKit @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=system path=/org/freedesktop/PackageKit interface=org.freedesktop.DBus.Properties @@ -23,3 +22,5 @@ peer=(name=org.freedesktop.PackageKit, label=packagekitd), include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/bus/org.freedesktop.PolicyKit1 b/apparmor.d/abstractions/bus/org.freedesktop.PolicyKit1 index 2b1dce959..3201e48ce 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.PolicyKit1 +++ b/apparmor.d/abstractions/bus/org.freedesktop.PolicyKit1 @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus receive bus=system path=/org/freedesktop/PolicyKit1/Authority interface=org.freedesktop.PolicyKit1.Authority @@ -33,3 +32,5 @@ peer=(name=:*, label=polkitd), include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/bus/org.freedesktop.RealtimeKit1 b/apparmor.d/abstractions/bus/org.freedesktop.RealtimeKit1 index aa344f841..474c4c625 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.RealtimeKit1 +++ b/apparmor.d/abstractions/bus/org.freedesktop.RealtimeKit1 @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=system path=/org/freedesktop/RealtimeKit1 interface=org.freedesktop.DBus.Properties @@ -29,3 +28,5 @@ peer=(name=org.freedesktop.RealtimeKit1, label=rtkit-daemon), include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/bus/org.freedesktop.ScreenSaver b/apparmor.d/abstractions/bus/org.freedesktop.ScreenSaver index eee573b3f..842057a1d 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.ScreenSaver +++ b/apparmor.d/abstractions/bus/org.freedesktop.ScreenSaver @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=session path=/ScreenSaver interface=org.freedesktop.ScreenSaver @@ -9,3 +8,5 @@ peer=(name=org.freedesktop.ScreenSaver), include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/bus/org.freedesktop.Tracker3.Miner.Files b/apparmor.d/abstractions/bus/org.freedesktop.Tracker3.Miner.Files index 36cac015e..567740a35 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.Tracker3.Miner.Files +++ b/apparmor.d/abstractions/bus/org.freedesktop.Tracker3.Miner.Files @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=session path=/org/freedesktop/Tracker3/Endpoint interface=org.freedesktop.DBus.Peer @@ -14,3 +13,5 @@ peer=(name=org.freedesktop.Tracker3.Miner.Files, label=tracker-miner), include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/bus/org.freedesktop.UDisks2 b/apparmor.d/abstractions/bus/org.freedesktop.UDisks2 index a1558529b..79b882e51 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.UDisks2 +++ b/apparmor.d/abstractions/bus/org.freedesktop.UDisks2 @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=system path=/org/freedesktop/UDisks2 interface=org.freedesktop.DBus.ObjectManager @@ -54,3 +53,5 @@ peer=(name="{:*,org.freedesktop.UDisks2}", label=udisksd), include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/bus/org.freedesktop.UPower b/apparmor.d/abstractions/bus/org.freedesktop.UPower index 2cdf18362..d8341d33c 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.UPower +++ b/apparmor.d/abstractions/bus/org.freedesktop.UPower @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=system path=/org/freedesktop/UPower interface=org.freedesktop.UPower @@ -43,3 +42,5 @@ peer=(name="{:*,org.freedesktop.UPower}", label=upowerd), include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/bus/org.freedesktop.background.Monitor b/apparmor.d/abstractions/bus/org.freedesktop.background.Monitor index 9b094aac4..5f951381b 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.background.Monitor +++ b/apparmor.d/abstractions/bus/org.freedesktop.background.Monitor @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=session path=/org/freedesktop/background/monitor interface=org.freedesktop.DBus.Properties @@ -14,3 +13,5 @@ peer=(name=:*, label=xdg-desktop-portal), include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/bus/org.freedesktop.hostname1 b/apparmor.d/abstractions/bus/org.freedesktop.hostname1 index 360440016..54196d16b 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.hostname1 +++ b/apparmor.d/abstractions/bus/org.freedesktop.hostname1 @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=system path=/org/freedesktop/hostname1 interface=org.freedesktop.DBus.Properties @@ -14,3 +13,5 @@ peer=(name=org.freedesktop.hostname1), include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/bus/org.freedesktop.impl.portal.PermissionStore b/apparmor.d/abstractions/bus/org.freedesktop.impl.portal.PermissionStore index f294e038d..6b965a2f5 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.impl.portal.PermissionStore +++ b/apparmor.d/abstractions/bus/org.freedesktop.impl.portal.PermissionStore @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=session path=/org/freedesktop/impl/portal/PermissionStore interface=org.freedesktop.DBus.Properties @@ -14,3 +13,5 @@ peer=(name=:*, label=xdg-permission-store), include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/bus/org.freedesktop.locale1 b/apparmor.d/abstractions/bus/org.freedesktop.locale1 index cc86d16a5..a2865c7c9 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.locale1 +++ b/apparmor.d/abstractions/bus/org.freedesktop.locale1 @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=system path=/org/freedesktop/locale1 interface=org.freedesktop.DBus.Properties @@ -13,3 +12,5 @@ peer=(name=org.freedesktop.locale1), include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/bus/org.freedesktop.login1 b/apparmor.d/abstractions/bus/org.freedesktop.login1 index 3ecc5e5bd..fdceceea4 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.login1 +++ b/apparmor.d/abstractions/bus/org.freedesktop.login1 @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=system path=/org/freedesktop/login1 interface=org.freedesktop.DBus.Properties @@ -34,3 +33,5 @@ peer=(name=org.freedesktop.login1, label=systemd-logind), include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/bus/org.freedesktop.login1.Session b/apparmor.d/abstractions/bus/org.freedesktop.login1.Session index 0c5559e20..24d5c1452 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.login1.Session +++ b/apparmor.d/abstractions/bus/org.freedesktop.login1.Session @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=system path=/org/freedesktop/login1 interface=org.freedesktop.login1.Manager @@ -39,3 +38,5 @@ peer=(name="{:*,org.freedesktop.login1}", label=systemd-logind), include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/bus/org.freedesktop.network1 b/apparmor.d/abstractions/bus/org.freedesktop.network1 index 67c2c4012..268a21dea 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.network1 +++ b/apparmor.d/abstractions/bus/org.freedesktop.network1 @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=system path=/org/freedesktop/network1 interface=org.freedesktop.DBus.Properties @@ -9,3 +8,5 @@ peer=(name=org.freedesktop.network1, label=systemd-networkd), include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/bus/org.freedesktop.portal.Desktop b/apparmor.d/abstractions/bus/org.freedesktop.portal.Desktop index 949527dbf..a2a1a94a0 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.portal.Desktop +++ b/apparmor.d/abstractions/bus/org.freedesktop.portal.Desktop @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=session path=/org/freedesktop/portal/desktop interface=org.freedesktop.DBus.Properties @@ -29,3 +28,5 @@ peer=(name=:*, label=xdg-desktop-portal), include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/bus/org.freedesktop.resolve1 b/apparmor.d/abstractions/bus/org.freedesktop.resolve1 index 38f102a06..3057282c9 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.resolve1 +++ b/apparmor.d/abstractions/bus/org.freedesktop.resolve1 @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=system path=/org/freedesktop/resolve1 interface=org.freedesktop.resolve1.Manager @@ -9,3 +8,5 @@ peer=(name="{:*,org.freedesktop.resolve1}", label=systemd-resolved), include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/bus/org.freedesktop.secrets b/apparmor.d/abstractions/bus/org.freedesktop.secrets index 4eb008995..01ecf0786 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.secrets +++ b/apparmor.d/abstractions/bus/org.freedesktop.secrets @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=session path=/org/freedesktop/secrets{,/**} interface=org.freedesktop.DBus.Properties @@ -29,3 +28,5 @@ peer=(name=:*, label=gnome-keyring-daemon), include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/bus/org.freedesktop.systemd1 b/apparmor.d/abstractions/bus/org.freedesktop.systemd1 index 134af5525..49e4b014d 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.systemd1 +++ b/apparmor.d/abstractions/bus/org.freedesktop.systemd1 @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=system path=/org/freedesktop/systemd1 interface=org.freedesktop.DBus.Properties @@ -19,3 +18,5 @@ peer=(name=org.freedesktop.systemd1), include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/bus/org.freedesktop.systemd1-session b/apparmor.d/abstractions/bus/org.freedesktop.systemd1-session index 12a6c94a0..c0e852662 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.systemd1-session +++ b/apparmor.d/abstractions/bus/org.freedesktop.systemd1-session @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=session path=/org/freedesktop/systemd1 interface=org.freedesktop.DBus.Properties @@ -19,3 +18,5 @@ peer=(name="{:*,org.freedesktop.systemd1}", label="@{p_systemd_user}"), include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/bus/org.freedesktop.timedate1 b/apparmor.d/abstractions/bus/org.freedesktop.timedate1 index 283313780..883c5c165 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.timedate1 +++ b/apparmor.d/abstractions/bus/org.freedesktop.timedate1 @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=system path=/org/freedesktop/timedate1 interface=org.freedesktop.DBus.Properties @@ -20,3 +19,5 @@ peer=(name=:*, label=systemd-timedated), include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/bus/org.gnome.ArchiveManager1 b/apparmor.d/abstractions/bus/org.gnome.ArchiveManager1 index 69c06a28f..9953ee8bf 100644 --- a/apparmor.d/abstractions/bus/org.gnome.ArchiveManager1 +++ b/apparmor.d/abstractions/bus/org.gnome.ArchiveManager1 @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=session path=/org/gnome/ArchiveManager1 interface=org.freedesktop.DBus.Properties @@ -14,3 +13,5 @@ peer=(name=:*, label=file-roller), include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/bus/org.gnome.DisplayManager b/apparmor.d/abstractions/bus/org.gnome.DisplayManager index 3048d23ba..05945a253 100644 --- a/apparmor.d/abstractions/bus/org.gnome.DisplayManager +++ b/apparmor.d/abstractions/bus/org.gnome.DisplayManager @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=system path=/org/gnome/DisplayManager/Manager interface=org.gnome.DisplayManager.Manager @@ -9,3 +8,5 @@ peer=(name=:*, label=gdm), include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/bus/org.gnome.Mutter.DisplayConfig b/apparmor.d/abstractions/bus/org.gnome.Mutter.DisplayConfig index 63107f697..d701792a6 100644 --- a/apparmor.d/abstractions/bus/org.gnome.Mutter.DisplayConfig +++ b/apparmor.d/abstractions/bus/org.gnome.Mutter.DisplayConfig @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=session path=/org/gnome/Mutter/DisplayConfig interface=org.gnome.Mutter.DisplayConfig @@ -29,3 +28,5 @@ peer=(name=:*, label=gnome-shell), include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/bus/org.gnome.Mutter.IdleMonitor b/apparmor.d/abstractions/bus/org.gnome.Mutter.IdleMonitor index 2ecc4ad9b..7ada64f05 100644 --- a/apparmor.d/abstractions/bus/org.gnome.Mutter.IdleMonitor +++ b/apparmor.d/abstractions/bus/org.gnome.Mutter.IdleMonitor @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=session path=/org/gnome/Mutter/IdleMonitor interface=org.freedesktop.DBus.ObjectManager @@ -19,3 +18,5 @@ peer=(name=:*, label=gnome-shell), include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/bus/org.gnome.Nautilus.FileOperations2 b/apparmor.d/abstractions/bus/org.gnome.Nautilus.FileOperations2 index 50966aa21..e547ab2c5 100644 --- a/apparmor.d/abstractions/bus/org.gnome.Nautilus.FileOperations2 +++ b/apparmor.d/abstractions/bus/org.gnome.Nautilus.FileOperations2 @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=session path=/org/gnome/Nautilus/FileOperations2 interface=org.freedesktop.DBus.Properties @@ -19,3 +18,5 @@ peer=(name=:*, label=nautilus), include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/bus/org.gnome.ScreenSaver b/apparmor.d/abstractions/bus/org.gnome.ScreenSaver index 692dc5bd9..3e228ad1f 100644 --- a/apparmor.d/abstractions/bus/org.gnome.ScreenSaver +++ b/apparmor.d/abstractions/bus/org.gnome.ScreenSaver @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=session path=/org/gnome/ScreenSaver interface=org.freedesktop.DBus.Properties @@ -19,3 +18,5 @@ peer=(name=:*, label=gjs-console), include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/bus/org.gnome.SessionManager b/apparmor.d/abstractions/bus/org.gnome.SessionManager index c4a2227b2..4197fb4cf 100644 --- a/apparmor.d/abstractions/bus/org.gnome.SessionManager +++ b/apparmor.d/abstractions/bus/org.gnome.SessionManager @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # FIXME: Too large, restrict it. @@ -61,3 +60,5 @@ peer=(name=org.gnome.SessionManager, label=gnome-session-binary), include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/bus/org.gnome.Shell.Introspect b/apparmor.d/abstractions/bus/org.gnome.Shell.Introspect index d65ff07e0..72e4525bc 100644 --- a/apparmor.d/abstractions/bus/org.gnome.Shell.Introspect +++ b/apparmor.d/abstractions/bus/org.gnome.Shell.Introspect @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=session path=/org/gnome/Shell/Introspect interface=org.freedesktop.DBus.Properties @@ -29,3 +28,5 @@ peer=(name=:*, label=gnome-shell), include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/bus/org.gtk.Private.RemoteVolumeMonitor b/apparmor.d/abstractions/bus/org.gtk.Private.RemoteVolumeMonitor index b57c53d83..73d958513 100644 --- a/apparmor.d/abstractions/bus/org.gtk.Private.RemoteVolumeMonitor +++ b/apparmor.d/abstractions/bus/org.gtk.Private.RemoteVolumeMonitor @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=session path=/org/gtk/Private/RemoteVolumeMonitor interface=org.gtk.Private.RemoteVolumeMonitor @@ -19,3 +18,5 @@ peer=(name=:*, label=gvfs-*-volume-monitor), include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/bus/org.gtk.vfs.Daemon b/apparmor.d/abstractions/bus/org.gtk.vfs.Daemon index 634b759f8..35cd640d6 100644 --- a/apparmor.d/abstractions/bus/org.gtk.vfs.Daemon +++ b/apparmor.d/abstractions/bus/org.gtk.vfs.Daemon @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=session path=/org/gtk/vfs/Daemon interface=org.gtk.vfs.Daemon @@ -9,3 +8,5 @@ peer=(name=:*, label=gvfsd), include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/bus/org.gtk.vfs.Metadata b/apparmor.d/abstractions/bus/org.gtk.vfs.Metadata index cccfae178..33d3c1c36 100644 --- a/apparmor.d/abstractions/bus/org.gtk.vfs.Metadata +++ b/apparmor.d/abstractions/bus/org.gtk.vfs.Metadata @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=session path=/org/gtk/vfs/metadata interface=org.freedesktop.DBus.Properties @@ -14,3 +13,5 @@ peer=(name=:*, label=gvfsd-metadata), include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/bus/org.gtk.vfs.MountTracker b/apparmor.d/abstractions/bus/org.gtk.vfs.MountTracker index 1538e6ea1..4d59f0afc 100644 --- a/apparmor.d/abstractions/bus/org.gtk.vfs.MountTracker +++ b/apparmor.d/abstractions/bus/org.gtk.vfs.MountTracker @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=session path=/org/gtk/vfs/mounttracker interface=org.gtk.vfs.MountTracker @@ -19,3 +18,5 @@ peer=(name=:*, label=gvfsd), include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/bus/org.kde.StatusNotifierItem b/apparmor.d/abstractions/bus/org.kde.StatusNotifierItem index 9bf19f219..4fca40e84 100644 --- a/apparmor.d/abstractions/bus/org.kde.StatusNotifierItem +++ b/apparmor.d/abstractions/bus/org.kde.StatusNotifierItem @@ -1,7 +1,8 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/bus/org.kde.StatusNotifierWatcher b/apparmor.d/abstractions/bus/org.kde.StatusNotifierWatcher index 7fe310d4c..67ac1fb6d 100644 --- a/apparmor.d/abstractions/bus/org.kde.StatusNotifierWatcher +++ b/apparmor.d/abstractions/bus/org.kde.StatusNotifierWatcher @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=session path=/StatusNotifierWatcher interface=org.freedesktop.DBus.Properties @@ -19,3 +18,5 @@ peer=(name=org.kde.StatusNotifierWatcher, label=gnome-shell), include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/bus/org.kde.kwalletd b/apparmor.d/abstractions/bus/org.kde.kwalletd index 2a27c0367..c0d2ecba2 100644 --- a/apparmor.d/abstractions/bus/org.kde.kwalletd +++ b/apparmor.d/abstractions/bus/org.kde.kwalletd @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/common/app b/apparmor.d/abstractions/common/app index ea2444117..e44d8509c 100644 --- a/apparmor.d/abstractions/common/app +++ b/apparmor.d/abstractions/common/app @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # LOGPROF-SUGGEST: no # Common rules for applications sandboxed using bwrap. @@ -130,4 +129,6 @@ /dev/pts/ptmx rw, /dev/tty rw, - include if exists \ No newline at end of file + include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/common/apt b/apparmor.d/abstractions/common/apt index 490943625..77c5a0b7e 100644 --- a/apparmor.d/abstractions/common/apt +++ b/apparmor.d/abstractions/common/apt @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor /usr/share/dpkg/cputable r, /usr/share/dpkg/tupletable r, @@ -29,4 +28,6 @@ owner @{tmp}/#@{int} rw, owner @{tmp}/clearsigned.message.* rw, - include if exists \ No newline at end of file + include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/common/bwrap b/apparmor.d/abstractions/common/bwrap index d9bca7b09..a73626bb1 100644 --- a/apparmor.d/abstractions/common/bwrap +++ b/apparmor.d/abstractions/common/bwrap @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # A minimal set of rules for sandboxed programs using bwrap. # A profile using this abstraction still needs to set: @@ -54,3 +53,5 @@ owner @{PROC}/@{pid}/uid_map rw, include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/common/chromium b/apparmor.d/abstractions/common/chromium index b46fe9051..2e98c515a 100644 --- a/apparmor.d/abstractions/common/chromium +++ b/apparmor.d/abstractions/common/chromium @@ -2,7 +2,6 @@ # Copyright (C) 2022 Mikhail Morfikov # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # This abstraction is for chromium based application. Chromium based browsers # need to use abstractions/chromium instead. @@ -40,4 +39,6 @@ owner @{PROC}/@{pid}/gid_map w, owner @{PROC}/@{pid}/uid_map w, - include if exists \ No newline at end of file + include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/common/electron b/apparmor.d/abstractions/common/electron index 9061d14e7..732129c26 100644 --- a/apparmor.d/abstractions/common/electron +++ b/apparmor.d/abstractions/common/electron @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # Minimal set of rules for all electron based UI application. It works as a # *function* and requires some variables to be provided as *arguments* and set @@ -87,4 +86,6 @@ owner @{PROC}/@{pid}/task/@{tid}/status r, owner @{PROC}/@{pid}/uid_map w, # If kernel.unprivileged_userns_clone = 1 - include if exists \ No newline at end of file + include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/common/gnome b/apparmor.d/abstractions/common/gnome index 03a449cd4..c93f9bc05 100644 --- a/apparmor.d/abstractions/common/gnome +++ b/apparmor.d/abstractions/common/gnome @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # Minimal set of rules for all gnome based UI application. @@ -25,4 +24,6 @@ owner @{PROC}/@{pid}/cmdline r, - include if exists \ No newline at end of file + include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/common/systemd b/apparmor.d/abstractions/common/systemd index bc7c22e71..0ed3a824b 100644 --- a/apparmor.d/abstractions/common/systemd +++ b/apparmor.d/abstractions/common/systemd @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor ptrace (read) peer=@{p_systemd}, @@ -19,4 +18,6 @@ /dev/kmsg w, - include if exists \ No newline at end of file + include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/crypto.d/complete b/apparmor.d/abstractions/crypto.d/complete index 68486ad1c..a163af66d 100644 --- a/apparmor.d/abstractions/crypto.d/complete +++ b/apparmor.d/abstractions/crypto.d/complete @@ -1,9 +1,10 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor include @{etc_ro}/gnutls/config r, @{etc_ro}/gnutls/pkcs11.conf r, + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/dconf-write b/apparmor.d/abstractions/dconf-write index 6b75c34d3..f25e1c3e6 100644 --- a/apparmor.d/abstractions/dconf-write +++ b/apparmor.d/abstractions/dconf-write @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # Permissions for querying dconf settings with write access; use the dconf # abstraction first, and dconf-write only for specific application's profile. @@ -26,3 +25,5 @@ owner @{run}/user/@{uid}/dconf/user rw, include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/deny-sensitive-home b/apparmor.d/abstractions/deny-sensitive-home index fef546b67..d8e1fdfb8 100644 --- a/apparmor.d/abstractions/deny-sensitive-home +++ b/apparmor.d/abstractions/deny-sensitive-home @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # DO NOT USE IT WITHOUT EXPLICIT AUTHORISATION FROM THE PROJECT MAINTAINER @@ -50,3 +49,5 @@ deny @{HOME}/.{,cache/}fontconfig/** mrwl, include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/desktop b/apparmor.d/abstractions/desktop index e30be1cec..befea8bcb 100644 --- a/apparmor.d/abstractions/desktop +++ b/apparmor.d/abstractions/desktop @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # Unified minimal abstraction for all UI application regardless of the desktop environment. @@ -64,3 +63,5 @@ owner @{user_share_dirs}/ rw, include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/devices-usb b/apparmor.d/abstractions/devices-usb index 48c5b783f..5a2a8b742 100644 --- a/apparmor.d/abstractions/devices-usb +++ b/apparmor.d/abstractions/devices-usb @@ -2,7 +2,6 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor /dev/ r, /dev/bus/usb/ r, @@ -23,4 +22,6 @@ @{run}/udev/data/c16[6,7]:@{int} r, # USB modems @{run}/udev/data/c18[0,8,9]:@{int} r, # USB devices & USB serial converters - include if exists \ No newline at end of file + include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/disks-read b/apparmor.d/abstractions/disks-read index 90453aac5..10beb258d 100644 --- a/apparmor.d/abstractions/disks-read +++ b/apparmor.d/abstractions/disks-read @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # The /sys/ entries probably should be tightened @@ -96,3 +95,5 @@ @{run}/udev/data/+usb:* r, # for disk over usb hub include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/disks-write b/apparmor.d/abstractions/disks-write index 725beba73..361b60d82 100644 --- a/apparmor.d/abstractions/disks-write +++ b/apparmor.d/abstractions/disks-write @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # The /sys/ entries probably should be tightened @@ -96,3 +95,5 @@ @{run}/udev/data/+usb:* r, # for disk over usb hub include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/dri b/apparmor.d/abstractions/dri index 8c1341dc7..a1eb1cd41 100644 --- a/apparmor.d/abstractions/dri +++ b/apparmor.d/abstractions/dri @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # The Direct Rendering Infrastructure (DRI) is the framework comprising the modern # Linux graphics stack which allows unprivileged user-space programs to issue @@ -33,3 +32,5 @@ /dev/dri/renderD129 rw, include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/fish b/apparmor.d/abstractions/fish index af02b010b..fe3cab891 100644 --- a/apparmor.d/abstractions/fish +++ b/apparmor.d/abstractions/fish @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # This abstraction is only required when an interactive shell is started. # Classic shell scripts do not need it. @@ -13,3 +12,5 @@ owner @{user_config_dirs}/fish/{,**} r, include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/fontconfig-cache-read b/apparmor.d/abstractions/fontconfig-cache-read index 252b56590..216075648 100644 --- a/apparmor.d/abstractions/fontconfig-cache-read +++ b/apparmor.d/abstractions/fontconfig-cache-read @@ -2,7 +2,6 @@ # Copyright (C) 2018-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # The fontconfig cache can be generated via the following command: # $ fc-cache -f -v @@ -47,3 +46,5 @@ deny "@{user_share_dirs}/fonts/**/.uuid{,.NEW,.LCK,.TMP-*}" w, include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/fontconfig-cache-write b/apparmor.d/abstractions/fontconfig-cache-write index 73ebe1503..19fa7c53a 100644 --- a/apparmor.d/abstractions/fontconfig-cache-write +++ b/apparmor.d/abstractions/fontconfig-cache-write @@ -2,7 +2,6 @@ # Copyright (C) 2018-2021 Mikhail Morfikov # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor owner @{user_cache_dirs}/fontconfig/ rw, owner @{user_cache_dirs}/fontconfig/CACHEDIR.TAG{,.NEW,.LCK,.TMP-*} rw, @@ -40,3 +39,5 @@ link @{user_share_dirs}/fonts/**/.uuid.LCK -> @{user_share_dirs}/fonts/**/.uuid.TMP-*, include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/freedesktop.org.d/complete b/apparmor.d/abstractions/freedesktop.org.d/complete index 91fadcf5f..3e669f4dc 100644 --- a/apparmor.d/abstractions/freedesktop.org.d/complete +++ b/apparmor.d/abstractions/freedesktop.org.d/complete @@ -2,7 +2,6 @@ # Copyright (C) 2020-2022 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor @{system_share_dirs}/*ubuntu/applications/{,**} r, @{system_share_dirs}/gnome/applications/{,**} r, @@ -23,3 +22,5 @@ /var/lib/snapd/desktop/icons/{,**} r, owner @{HOME}/.icons/{,**} r, + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/gnome-strict b/apparmor.d/abstractions/gnome-strict index 71f266b00..891e5a573 100644 --- a/apparmor.d/abstractions/gnome-strict +++ b/apparmor.d/abstractions/gnome-strict @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor include include @@ -29,3 +28,5 @@ owner @{user_share_dirs}/ rw, include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/gnome.d/complete b/apparmor.d/abstractions/gnome.d/complete index 0dc468632..90f705ac7 100644 --- a/apparmor.d/abstractions/gnome.d/complete +++ b/apparmor.d/abstractions/gnome.d/complete @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor include @@ -11,3 +10,5 @@ peer=(name=:*, label=gnome-shell), /var/cache/gio-@{int}.@{int}/gnome-mimeapps.list r, + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/graphics b/apparmor.d/abstractions/graphics index a222c1db9..9b7954f0d 100644 --- a/apparmor.d/abstractions/graphics +++ b/apparmor.d/abstractions/graphics @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor include include @@ -21,3 +20,5 @@ @{sys}/devices/system/node/node@{int}/meminfo r, include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/graphics-full b/apparmor.d/abstractions/graphics-full index 62334b864..fe2d2001c 100644 --- a/apparmor.d/abstractions/graphics-full +++ b/apparmor.d/abstractions/graphics-full @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor include @@ -10,3 +9,5 @@ /dev/nvidia-uvm-tools rw, include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/gstreamer b/apparmor.d/abstractions/gstreamer index 58aa8eca4..60bac614e 100644 --- a/apparmor.d/abstractions/gstreamer +++ b/apparmor.d/abstractions/gstreamer @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor @{lib}/@{multiarch}/libproxy/*/modules/*.so mr, @{lib}/@{multiarch}/libvisual-[0-9].[0-9]/*/*.so mr, @@ -55,3 +54,5 @@ /dev/dri/ r, include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/gtk.d/complete b/apparmor.d/abstractions/gtk.d/complete index 1efef2f9c..ac702a70f 100644 --- a/apparmor.d/abstractions/gtk.d/complete +++ b/apparmor.d/abstractions/gtk.d/complete @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=session interface=org.gtk.Actions @@ -41,3 +40,5 @@ owner @{user_config_dirs}/gtk-{3,4}.0/servers r, owner @{user_config_dirs}/gtk-{3,4}.0/settings.ini r, owner @{user_config_dirs}/gtk-{3,4}.0/window_decorations.css r, + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/ibus.d/complete b/apparmor.d/abstractions/ibus.d/complete index c5a56891a..33d034b5a 100644 --- a/apparmor.d/abstractions/ibus.d/complete +++ b/apparmor.d/abstractions/ibus.d/complete @@ -2,7 +2,6 @@ # Copyright (C) 2020-2022 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # abstract path in ibus < 1.5.22 uses /tmp unix (connect, receive, send) @@ -23,3 +22,5 @@ addr="@/home/*/.cache/ibus/dbus-????????", owner @{user_cache_dirs}/ibus/dbus-@{rand8} rw, + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/kde-open5.d/complete b/apparmor.d/abstractions/kde-open5.d/complete index dd4266623..37038b129 100644 --- a/apparmor.d/abstractions/kde-open5.d/complete +++ b/apparmor.d/abstractions/kde-open5.d/complete @@ -1,10 +1,11 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor @{bin}/kde-open rix, owner @{user_config_dirs}/menus/{,**} r, owner @{run}/user/@{uid}/kioclient*.@{int}.kioworker.socket rwl -> @{run}/user/@{uid}/#@{int}, + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/kde-strict b/apparmor.d/abstractions/kde-strict index e89ad2acd..c164bd434 100644 --- a/apparmor.d/abstractions/kde-strict +++ b/apparmor.d/abstractions/kde-strict @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor include include @@ -35,3 +34,5 @@ owner @{user_config_dirs}/kwinrc r, include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/mesa.d/complete b/apparmor.d/abstractions/mesa.d/complete index e0e1aab2e..ed3306e42 100644 --- a/apparmor.d/abstractions/mesa.d/complete +++ b/apparmor.d/abstractions/mesa.d/complete @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # Extra Mesa rules for desktop environments owner @{desktop_cache_dirs}/ w, @@ -11,3 +10,5 @@ owner @{desktop_cache_dirs}/mesa_shader_cache/@{hex2}/@{hex38}.tmp rwk, owner @{desktop_cache_dirs}/mesa_shader_cache/index rw, owner @{desktop_cache_dirs}/mesa_shader_cache/marker rw, + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/nameservice-strict b/apparmor.d/abstractions/nameservice-strict index 6a43b8db0..b1d474717 100644 --- a/apparmor.d/abstractions/nameservice-strict +++ b/apparmor.d/abstractions/nameservice-strict @@ -2,7 +2,6 @@ # Copyright (C) 2019-2022 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # Many programs wish to perform nameservice-like operations, such as looking up # users by name or id, groups by name or id, hosts by name or IP, etc. @@ -50,3 +49,5 @@ @{PROC}/sys/kernel/random/boot_id r, include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/nvidia-strict b/apparmor.d/abstractions/nvidia-strict index b112e99eb..6521c9840 100644 --- a/apparmor.d/abstractions/nvidia-strict +++ b/apparmor.d/abstractions/nvidia-strict @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor @{bin}/nvidia-modprobe Px -> child-modprobe-nvidia, @@ -35,3 +34,5 @@ deny owner @{HOME}/.nv/.local/share/gvfs-metadata/* r, include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/nvidia.d/complete b/apparmor.d/abstractions/nvidia.d/complete index 1c79790cc..ef9d0c40d 100644 --- a/apparmor.d/abstractions/nvidia.d/complete +++ b/apparmor.d/abstractions/nvidia.d/complete @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor unix (send, receive) type=dgram peer=(addr="@var/run/nvidia-xdriver-*"), @@ -10,3 +9,5 @@ /etc/nvidia/nvidia-application-profiles* r, /dev/char/195:@{int} rw, # Nvidia graphics devices + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/opencl-intel.d/complete b/apparmor.d/abstractions/opencl-intel.d/complete index f3fc8cc7e..1845cd61d 100644 --- a/apparmor.d/abstractions/opencl-intel.d/complete +++ b/apparmor.d/abstractions/opencl-intel.d/complete @@ -1,7 +1,8 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor /opt/intel/oneapi/{compiler,lib,mkl}/**/ r, /opt/intel/oneapi/{compiler,lib,mkl}/**.so* mr, + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/python.d/complete b/apparmor.d/abstractions/python.d/complete index 405e6a808..e6eea6744 100644 --- a/apparmor.d/abstractions/python.d/complete +++ b/apparmor.d/abstractions/python.d/complete @@ -2,7 +2,6 @@ # Copyright (C) 2020-2022 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor @{bin}/ r, @{bin}/python{2.[4-7],3,3.[0-9],3.1[0-9]} r, @@ -11,3 +10,5 @@ owner @{user_lib_dirs}/python{2.[4-7],3,3.[0-9],3.1[0-9]}/**.{egg,py,pth} r, owner @{user_lib_dirs}/python{2.[4-7],3,3.[0-9],3.1[0-9]}/{site,dist}-packages/ r, owner @{user_lib_dirs}/python{2.[4-7],3,3.[0-9],3.1[0-9]}/{site,dist}-packages/**/ r, + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/qt5-shader-cache b/apparmor.d/abstractions/qt5-shader-cache index a6224251c..4ac0f7f1d 100644 --- a/apparmor.d/abstractions/qt5-shader-cache +++ b/apparmor.d/abstractions/qt5-shader-cache @@ -2,7 +2,6 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor owner @{user_cache_dirs}/ w, owner @{user_cache_dirs}/qtshadercache/ rw, @@ -13,3 +12,5 @@ owner @{user_cache_dirs}/qtshadercache-*-little_endian-*/@{hex}* rwl -> @{user_cache_dirs}/qtshadercache-*-little_endian-*/#@{int}, include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/qt5.d/complete b/apparmor.d/abstractions/qt5.d/complete index d02f57303..6063b47e2 100644 --- a/apparmor.d/abstractions/qt5.d/complete +++ b/apparmor.d/abstractions/qt5.d/complete @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor /usr/share/qt{,5,6}/qtlogging.ini r, /usr/share/qt{,5,6}/resources/*.pak r, @@ -10,3 +9,5 @@ /usr/share/qt{,5,6}ct/{,**} r, owner @{user_config_dirs}/qt{,5,6}ct/{,**} r, + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/shells b/apparmor.d/abstractions/shells index adf995036..b269f2335 100644 --- a/apparmor.d/abstractions/shells +++ b/apparmor.d/abstractions/shells @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # This abstraction is only required when an interactive shell is started. # Classic shell scripts do not need it. @@ -11,3 +10,5 @@ include include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/thumbnails-cache-read b/apparmor.d/abstractions/thumbnails-cache-read index f191fc9e8..dc164c6ba 100644 --- a/apparmor.d/abstractions/thumbnails-cache-read +++ b/apparmor.d/abstractions/thumbnails-cache-read @@ -2,7 +2,6 @@ # Copyright (C) 2018-2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor owner @{user_cache_dirs}/thumbnails/ r, owner @{user_cache_dirs}/thumbnails/{fail,*large,normal}/ r, @@ -13,3 +12,5 @@ owner @{user_cache_dirs}/thumbnails/{fail,*large,normal}/#@{int} r, include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/thumbnails-cache-write b/apparmor.d/abstractions/thumbnails-cache-write index 100dc6296..01de0407e 100644 --- a/apparmor.d/abstractions/thumbnails-cache-write +++ b/apparmor.d/abstractions/thumbnails-cache-write @@ -2,7 +2,6 @@ # Copyright (C) 2018-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor owner @{user_cache_dirs}/thumbnails/ rw, owner @{user_cache_dirs}/thumbnails/{fail,*large,normal}/ rw, @@ -13,3 +12,5 @@ owner @{user_cache_dirs}/thumbnails/{fail,*large,normal}/#@{int} rw, include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/trash-strict b/apparmor.d/abstractions/trash-strict index e3c3b3bf8..1f4202818 100644 --- a/apparmor.d/abstractions/trash-strict +++ b/apparmor.d/abstractions/trash-strict @@ -2,7 +2,6 @@ # Copyright (C) 2018-2022 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # Already upstreamed. Different because recent change does not play well # with upstream's version. @@ -81,3 +80,5 @@ @{MOUNTS}/*/.Trash-@{uid}/expunged/@{int}/** rw, include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/trash.d/complete b/apparmor.d/abstractions/trash.d/complete index cbc79c530..a80a1e5a6 100644 --- a/apparmor.d/abstractions/trash.d/complete +++ b/apparmor.d/abstractions/trash.d/complete @@ -2,7 +2,6 @@ # Copyright (C) 2018-2022 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor owner @{user_config_dirs}/trashrc rw, owner @{user_config_dirs}/trashrc.lock rwk, @@ -26,3 +25,5 @@ # Removable media's trash location when the admin doesn't create the .Trash/ folder in the top lvl dir owner /{media,mnt}/*/*/.Trash-@{int}/{,**} rwl, + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/uim b/apparmor.d/abstractions/uim index 7d9d64e0e..03ae9e3e8 100644 --- a/apparmor.d/abstractions/uim +++ b/apparmor.d/abstractions/uim @@ -2,7 +2,6 @@ # Copyright (C) 2024 Alexandre Pujol # Copyright (C) 2024 Jeroen Rijken # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor /usr/share/uim/* r, @@ -13,4 +12,6 @@ owner @{run}/user/@{uid}/uim/socket/uim-helper rw, - include if exists \ No newline at end of file + include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/user-download-strict b/apparmor.d/abstractions/user-download-strict index 89cc65156..3feed5cd8 100644 --- a/apparmor.d/abstractions/user-download-strict +++ b/apparmor.d/abstractions/user-download-strict @@ -2,7 +2,6 @@ # Copyright (C) 2018-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor owner @{HOME}/@{XDG_DESKTOP_DIR}/ w, owner @{HOME}/@{XDG_DOWNLOAD_DIR}/ w, @@ -14,3 +13,5 @@ owner @{user_download_dirs}/** rwkl, include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/user-read b/apparmor.d/abstractions/user-read index 7c54c8af7..4187ab9e2 100644 --- a/apparmor.d/abstractions/user-read +++ b/apparmor.d/abstractions/user-read @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # Warning: This abstraction gives unrestricted read access on all non hidden user directories. @@ -11,4 +10,6 @@ owner @{HOME}/[^.]** r, owner @{MOUNTS}/[^.]** r, - include if exists \ No newline at end of file + include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/user-read-strict b/apparmor.d/abstractions/user-read-strict index b3274bfe6..5211b0345 100644 --- a/apparmor.d/abstractions/user-read-strict +++ b/apparmor.d/abstractions/user-read-strict @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # This abstraction gives read access on all defined user directories. It should # only be used if access to **ALL** folders is required. @@ -31,4 +30,6 @@ owner @{user_vm_dirs}/{,**} rk, owner @{user_work_dirs}/{,**} rk, - include if exists \ No newline at end of file + include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/user-write-strict b/apparmor.d/abstractions/user-write-strict index c18bfd47b..223fc660a 100644 --- a/apparmor.d/abstractions/user-write-strict +++ b/apparmor.d/abstractions/user-write-strict @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # This abstraction gives write only access on all defined user directories. It should # only be used if access to **ALL** folders is required. @@ -31,4 +30,6 @@ owner @{user_vm_dirs}/{,**} wl, owner @{user_work_dirs}/{,**} wl, - include if exists \ No newline at end of file + include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/user-write.d/complete b/apparmor.d/abstractions/user-write.d/complete index dc39c5efe..a529324f5 100644 --- a/apparmor.d/abstractions/user-write.d/complete +++ b/apparmor.d/abstractions/user-write.d/complete @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # Warning: This abstraction gives unrestricted write access on all non hidden user directories. @@ -10,3 +9,5 @@ owner @{HOME}/[^.]** wl, owner @{MOUNTS}/[^.]** wl, + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/video.d/complete b/apparmor.d/abstractions/video.d/complete index 46628d3e4..97b7f1a2a 100644 --- a/apparmor.d/abstractions/video.d/complete +++ b/apparmor.d/abstractions/video.d/complete @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor @{run}/udev/data/c81:@{int} r, # For video4linux @@ -9,3 +8,5 @@ # Access to video /dev devices /dev/video@{int} rw, + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/vulkan-strict b/apparmor.d/abstractions/vulkan-strict index 1cdf3bc8d..fd86f1e81 100644 --- a/apparmor.d/abstractions/vulkan-strict +++ b/apparmor.d/abstractions/vulkan-strict @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor /usr/share/egl/egl_external_platform.d/{,*.json} r, /usr/share/glvnd/egl_vendor.d/{,*.json} r, @@ -30,3 +29,5 @@ include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/vulkan.d/complete b/apparmor.d/abstractions/vulkan.d/complete index 41b308d98..8e5b68c08 100644 --- a/apparmor.d/abstractions/vulkan.d/complete +++ b/apparmor.d/abstractions/vulkan.d/complete @@ -1,7 +1,8 @@ # apparmor.d - Full set of apparmor profiles # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor /etc/glvnd/egl_vendor.d/{,*.json} r, /usr/share/glvnd/egl_vendor.d/{,*.json} r, /usr/share/egl/egl_external_platform.d/{,*.json} r, + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/wayland.d/complete b/apparmor.d/abstractions/wayland.d/complete index b228c4fd0..245b9238d 100644 --- a/apparmor.d/abstractions/wayland.d/complete +++ b/apparmor.d/abstractions/wayland.d/complete @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor owner @{user_config_dirs}/ibus/bus/@{hex32}-unix-wayland-@{int} r, @@ -12,3 +11,5 @@ owner /dev/shm/sway* rw, owner /dev/shm/dunst-@{rand6} rw, + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/xfce b/apparmor.d/abstractions/xfce index 810079c9c..067de9148 100644 --- a/apparmor.d/abstractions/xfce +++ b/apparmor.d/abstractions/xfce @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor include include @@ -20,3 +19,5 @@ owner @{user_share_dirs}/ rw, include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/abstractions/zsh b/apparmor.d/abstractions/zsh index a914fed89..15711713c 100644 --- a/apparmor.d/abstractions/zsh +++ b/apparmor.d/abstractions/zsh @@ -2,7 +2,6 @@ # Copyright (C) 2018-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # This abstraction is only required when an interactive shell is started. # Classic shell scripts do not need it. @@ -27,4 +26,6 @@ owner @{user_config_dirs}/zsh/.zcompdump-* rw, owner @{user_config_dirs}/zsh/{,**} r, - include if exists \ No newline at end of file + include if exists + +# vim:syntax=apparmor diff --git a/apparmor.d/tunables/home.d/apparmor.d b/apparmor.d/tunables/home.d/apparmor.d index fb68ff20d..87daf969e 100644 --- a/apparmor.d/tunables/home.d/apparmor.d +++ b/apparmor.d/tunables/home.d/apparmor.d @@ -2,7 +2,6 @@ # Extended user XDG directories definition # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # To allow extended personalisation by the user without breaking everything. # All apparmor profiles should always use the variables defined here. @@ -66,3 +65,5 @@ @{user_sync_dirs}=@{HOME}/@{XDG_SYNC_DIR} @{MOUNTS}/*/@{XDG_SYNC_DIR} @{user_torrents_dirs}=@{HOME}/@{XDG_TORRENTS_DIR} @{MOUNTS}/@{XDG_TORRENTS_DIR} @{user_vm_dirs}=@{HOME}/@{XDG_VM_DIR} @{MOUNTS}/@{XDG_VM_DIR} + +# vim:syntax=apparmor \ No newline at end of file diff --git a/apparmor.d/tunables/home.d/whonix b/apparmor.d/tunables/home.d/whonix index 2b902472f..e3c3f3d8a 100644 --- a/apparmor.d/tunables/home.d/whonix +++ b/apparmor.d/tunables/home.d/whonix @@ -2,7 +2,6 @@ # Copyright (C) 2012-2023 ENCRYPTED SUPPORT LP # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # Whonix aliases copied here as they conflict with apparmor.d # Note: only installed on Whonix @@ -71,3 +70,5 @@ alias /etc/timezone -> /etc/timezone.anondist-orig, alias /etc/timezone -> /etc/timezone.anondist, alias /etc/tor/torrc -> /etc/tor/torrc.anondist-orig, alias /etc/tor/torrc -> /etc/tor/torrc.anondist, + +# vim:syntax=apparmor diff --git a/apparmor.d/tunables/multiarch.d/paths b/apparmor.d/tunables/multiarch.d/paths index 02e21be77..67f32bf8c 100644 --- a/apparmor.d/tunables/multiarch.d/paths +++ b/apparmor.d/tunables/multiarch.d/paths @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # Define some paths for some commonly used programs @@ -54,3 +53,5 @@ # Office suites @{offices_path} = @{bin}/@{offices} @{lib}/libreoffice/program/soffice + +# vim:syntax=apparmor diff --git a/apparmor.d/tunables/multiarch.d/profiles b/apparmor.d/tunables/multiarch.d/profiles index 72d8b715d..dd9386b09 100644 --- a/apparmor.d/tunables/multiarch.d/profiles +++ b/apparmor.d/tunables/multiarch.d/profiles @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # Define some variables for some commonly used profile. They may be used in # other profiles peer label. @@ -11,3 +10,5 @@ # Name of the systemd profiles. Can be `unconfined` or `systemd`, `systemd-user` @{p_systemd}=unconfined @{p_systemd_user}=unconfined + +# vim:syntax=apparmor diff --git a/apparmor.d/tunables/multiarch.d/programs b/apparmor.d/tunables/multiarch.d/programs index 2d5513e2a..a118d0cbe 100644 --- a/apparmor.d/tunables/multiarch.d/programs +++ b/apparmor.d/tunables/multiarch.d/programs @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # Define some some commonly used programs. This is not an exhaustive list. # It is meant to label programs to easily provide access in profiles. @@ -69,3 +68,5 @@ # Office suites @{offices} = libreoffice soffice + +# vim:syntax=apparmor diff --git a/apparmor.d/tunables/multiarch.d/system b/apparmor.d/tunables/multiarch.d/system index 10b35c52c..d219c1d4d 100644 --- a/apparmor.d/tunables/multiarch.d/system +++ b/apparmor.d/tunables/multiarch.d/system @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # To allow extended personalisation without breaking everything. # All apparmor profiles should always use the variables defined here. @@ -89,3 +88,5 @@ # OpenSUSE does not have the same multiarch structure @{multiarch}+=*-suse-linux* #aa:only opensuse + +# vim:syntax=apparmor diff --git a/apparmor.d/tunables/multiarch.d/system-users b/apparmor.d/tunables/multiarch.d/system-users index 2f90d6c6a..885913da3 100644 --- a/apparmor.d/tunables/multiarch.d/system-users +++ b/apparmor.d/tunables/multiarch.d/system-users @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # Define some extra paths for some commonly used system user @@ -32,3 +31,5 @@ @{desktop_config_dirs}=@{gdm_config_dirs} @{sddm_config_dirs} @{lightdm_config_dirs} @{desktop_local_dirs}=@{gdm_local_dirs} @{sddm_local_dirs} @{lightdm_local_dirs} @{desktop_share_dirs}=@{gdm_share_dirs} @{sddm_share_dirs} @{lightdm_share_dirs} + +# vim:syntax=apparmor diff --git a/apparmor.d/tunables/xdg-user-dirs.d/apparmor.d b/apparmor.d/tunables/xdg-user-dirs.d/apparmor.d index 1f0514bd5..00231cbce 100644 --- a/apparmor.d/tunables/xdg-user-dirs.d/apparmor.d +++ b/apparmor.d/tunables/xdg-user-dirs.d/apparmor.d @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # To allow extended personalisation by the user without breaking everything. # All apparmor profiles should always use the variables defined here. @@ -25,3 +24,5 @@ @{user_vm_shares}=@{HOME}/@{XDG_VM_SHARES_DIR} @{MOUNTS}/@{XDG_VM_SHARES_DIR} include if exists + +# vim:syntax=apparmor From 637c2b4ccd30873361a987976f7a216277554a6f Mon Sep 17 00:00:00 2001 From: REmerald <55359236+REmerald@users.noreply.github.com> Date: Sat, 15 Jun 2024 16:56:54 +0300 Subject: [PATCH 38/52] feat(development/index.md): add vim modeline Add vim syntax comment to the example as requested in #380. --- docs/development/index.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docs/development/index.md b/docs/development/index.md index 6da12d47d..c12226a7a 100644 --- a/docs/development/index.md +++ b/docs/development/index.md @@ -85,6 +85,8 @@ profile foo @{exec_path} { include if exists } + +# vim:syntax=apparmor ``` From 39bfa9a40bc0fddc791104e80e986e9c95089e69 Mon Sep 17 00:00:00 2001 From: Alexandre Pujol Date: Sat, 15 Jun 2024 16:35:44 +0100 Subject: [PATCH 39/52] feat(profile): update steam profiles. --- apparmor.d/abstractions/common/steam-game | 19 ++++++++---- apparmor.d/profiles-s-z/steam | 35 ++++++++++++++++++----- apparmor.d/profiles-s-z/steam-game-native | 1 + apparmor.d/profiles-s-z/steam-game-proton | 6 ++-- apparmor.d/profiles-s-z/steam-runtime | 1 + apparmor.d/tunables/home.d/apparmor.d | 1 + 6 files changed, 49 insertions(+), 14 deletions(-) diff --git a/apparmor.d/abstractions/common/steam-game b/apparmor.d/abstractions/common/steam-game index 5a2cbd6db..88bd3d1b6 100644 --- a/apparmor.d/abstractions/common/steam-game +++ b/apparmor.d/abstractions/common/steam-game @@ -36,19 +36,28 @@ owner @{user_games_dirs}/*/ r, owner @{user_games_dirs}/*/{,**} rwkl, - owner @{user_config_dirs}/unity3d/{,**} rwk, + owner @{user_config_dirs}/@{XDG_GAMESSTUDIO_DIR}/ rw, + owner @{user_config_dirs}/@{XDG_GAMESSTUDIO_DIR}/** rwlk, + + owner @{user_share_dirs}/@{XDG_GAMESSTUDIO_DIR}/ rw, + owner @{user_share_dirs}/@{XDG_GAMESSTUDIO_DIR}/** rwlk, owner @{share_dirs}/ r, owner @{share_dirs}/* r, - owner @{share_dirs}/config/*.vdf* rw, - owner @{share_dirs}/logs/* rw, + owner @{share_dirs}/appcache/** rk, + owner @{share_dirs}/config/ r, + owner @{share_dirs}/config/* rwk, + owner @{share_dirs}/logs/ rw, + owner @{share_dirs}/logs/* rwk, + owner @{share_dirs}/shader_cache_temp_dir_*/fozpipelinesv@{int}/{,**} rw, owner @{share_dirs}/steamapps/ r, owner @{share_dirs}/steamapps/common/ r, - owner @{share_dirs}/steamapps/common/*/** rwlk, + owner @{share_dirs}/steamapps/common/[^S]*/** rwlk, owner @{share_dirs}/steamapps/shadercache/{,**} rwk, - owner @{share_dirs}/shader_cache_temp_dir_*/fozpipelinesv@{int}/{,**} rw, @{tmp}/ r, + owner @{tmp}/@{XDG_GAMESSTUDIO_DIR}/ rw, + owner @{tmp}/@{XDG_GAMESSTUDIO_DIR}/** rwlk, owner @{tmp}/#@{int} rw, owner @{tmp}/CASESENSITIVETEST@{hex32} rw, owner @{tmp}/crashes/ rw, diff --git a/apparmor.d/profiles-s-z/steam b/apparmor.d/profiles-s-z/steam index 36b8bd54d..49157e257 100644 --- a/apparmor.d/profiles-s-z/steam +++ b/apparmor.d/profiles-s-z/steam @@ -49,7 +49,7 @@ profile steam @{exec_path} flags=(attach_disconnected,mediate_deleted) { network inet stream, network inet6 stream, network netlink raw, - network unix stream, + network unix, ptrace read, ptrace trace peer=steam, @@ -59,6 +59,8 @@ profile steam @{exec_path} flags=(attach_disconnected,mediate_deleted) { signal send peer=steam//journalctl, signal send peer=steam//web, + unix, + @{exec_path} mrix, @{sh_path} rix, @@ -88,9 +90,11 @@ profile steam @{exec_path} flags=(attach_disconnected,mediate_deleted) { @{share_dirs}/linux{32,64}/steamerrorreporter rpx, + @{runtime_dirs}/@{arch}/@{bin}/srt-logger rix, @{runtime_dirs}/@{arch}/@{bin}/steam-runtime-check-requirements rcx -> check, @{runtime_dirs}/@{arch}/@{bin}/steam-runtime-identify-library-abi rix, @{runtime_dirs}/@{arch}/@{bin}/steam-runtime-launcher-service rpx, + @{runtime_dirs}/@{arch}/@{bin}/steam-runtime-supervisor rix, @{runtime_dirs}/@{arch}/@{bin}/steam-runtime-system-info rix, @{runtime_dirs}/@{lib}/steam-runtime-tools-@{int}/@{multiarch}-* rix, @{runtime_dirs}/*entry-point rix, @@ -132,18 +136,22 @@ profile steam @{exec_path} flags=(attach_disconnected,mediate_deleted) { owner @{user_games_dirs}/ rw, owner @{user_games_dirs}/** rwlk -> @{user_games_dirs}/**, + owner @{user_config_dirs}/@{XDG_GAMESSTUDIO_DIR}/ rw, + owner @{user_config_dirs}/@{XDG_GAMESSTUDIO_DIR}/** rwlk, owner @{user_config_dirs}/autostart/ r, owner @{user_config_dirs}/cef_user_data/{,**} r, owner @{user_config_dirs}/cef_user_data/Dictionaries/* rw, owner @{user_config_dirs}/cef_user_data/WidevineCdm/** rwm, - owner @{user_config_dirs}/unity3d/{,**} rwk, - owner @{user_config_dirs}/user-dirs.dirs r, + owner @{user_share_dirs}/@{XDG_GAMESSTUDIO_DIR}/ rw, + owner @{user_share_dirs}/@{XDG_GAMESSTUDIO_DIR}/** rwlk, owner @{user_share_dirs}/applications/*.desktop w, owner @{user_share_dirs}/icons/hicolor/**/apps/steam*.png rw, owner @{user_share_dirs}/vulkan/implicit_layer.d/steam*.json rwk, @{tmp}/ r, + owner @{tmp}/@{XDG_GAMESSTUDIO_DIR}/ rw, + owner @{tmp}/@{XDG_GAMESSTUDIO_DIR}/** rwlk, owner @{tmp}/#@{int} rw, owner @{tmp}/dumps/ rw, owner @{tmp}/dumps/** rwk, @@ -155,7 +163,6 @@ profile steam @{exec_path} flags=(attach_disconnected,mediate_deleted) { owner @{tmp}/steam/** rwk, owner @{tmp}/vdpau-drivers-@{rand6}/{,**} rw, - /dev/shm/ r, owner /dev/shm/fossilize-*-@{int}-@{int} rw, owner /dev/shm/u@{uid}-Shm_@{hex6} rw, owner /dev/shm/u@{uid}-Shm_@{hex6}@{h} rw, @@ -176,6 +183,7 @@ profile steam @{exec_path} flags=(attach_disconnected,mediate_deleted) { @{sys}/class/hidraw/ r, @{sys}/class/input/ r, @{sys}/class/net/ r, + @{sys}/class/power_supply/ r, @{sys}/devices/ r, @{sys}/devices/@{pci}/boot_vga r, @{sys}/devices/@{pci}/sound/card@{int}/input@{int}/properties r, @@ -183,6 +191,7 @@ profile steam @{exec_path} flags=(attach_disconnected,mediate_deleted) { @{sys}/devices/**/input@{int}/capabilities/* r, @{sys}/devices/**/input/input@{int}/ r, @{sys}/devices/**/input/input@{int}/properties r, + @{sys}/devices/**/power_supply/{AC,BAT@{int},hidpp_battery_@{int}}/{,*} r, @{sys}/devices/**/report_descriptor r, @{sys}/devices/**/uevent r, @{sys}/devices/system/ r, @@ -204,15 +213,19 @@ profile steam @{exec_path} flags=(attach_disconnected,mediate_deleted) { @{PROC}/1/cgroup r, @{PROC}/locks r, @{PROC}/sys/kernel/sched_autogroup_enabled r, + @{PROC}/sys/kernel/unprivileged_userns_clone r, @{PROC}/sys/net/ipv6/conf/all/disable_ipv6 r, + @{PROC}/sys/user/max_user_namespaces r, @{PROC}/version r, owner @{PROC}/@{pid}/autogroup rw, owner @{PROC}/@{pid}/cmdline rk, owner @{PROC}/@{pid}/environ r, owner @{PROC}/@{pid}/fd/ r, + owner @{PROC}/@{pid}/fd/@{int} rw, owner @{PROC}/@{pid}/mem r, owner @{PROC}/@{pid}/mounts r, owner @{PROC}/@{pid}/task/ r, + owner @{PROC}/@{pid}/task/@{tid}/children r, owner @{PROC}/@{pid}/task/@{tid}/comm rw, /dev/input/ r, @@ -230,6 +243,9 @@ profile steam @{exec_path} flags=(attach_disconnected,mediate_deleted) { include include + capability dac_read_search, + capability sys_chroot, + network inet dgram, network inet6 dgram, network inet stream, @@ -302,6 +318,7 @@ profile steam @{exec_path} flags=(attach_disconnected,mediate_deleted) { /dev/shm/ r, owner /dev/shm/.org.chromium.Chromium.@{rand6} rw, + owner /dev/shm/u@{uid}-Shm_@{hex4}@{h} rw, owner /dev/shm/u@{uid}-Shm_@{hex6} rw, owner /dev/shm/u@{uid}-Shm_@{hex6}@{h} rw, owner /dev/shm/u@{uid}-Shm_@{hex8} rw, @@ -325,9 +342,11 @@ profile steam @{exec_path} flags=(attach_disconnected,mediate_deleted) { @{PROC}/sys/fs/inotify/max_user_watches r, @{PROC}/sys/kernel/yama/ptrace_scope r, owner @{PROC}/@{pid}/cmdline r, + owner @{PROC}/@{pid}/mem r, owner @{PROC}/@{pid}/oom_score_adj w, owner @{PROC}/@{pid}/statm r, owner @{PROC}/@{pid}/task/ r, + owner @{PROC}/@{pid}/task/@{tid}/comm r, owner @{PROC}/@{pid}/task/@{tid}/status r, /dev/hidraw@{int} rw, @@ -341,6 +360,8 @@ profile steam @{exec_path} flags=(attach_disconnected,mediate_deleted) { include include + capability dac_read_search, + unix receive type=stream, @{bin}/true rix, @@ -376,7 +397,7 @@ profile steam @{exec_path} flags=(attach_disconnected,mediate_deleted) { @{sys}/bus/pci/slots/ r, @{sys}/bus/pci/slots/@{int}/address r, @{sys}/devices/@{pci}/** r, - + owner /dev/shm/ValveIPCSHM_@{uid} rw, include if exists @@ -385,7 +406,7 @@ profile steam @{exec_path} flags=(attach_disconnected,mediate_deleted) { profile systemctl { include include - + /{run,var}/log/journal/ r, /{run,var}/log/journal/@{hex32}/ r, /{run,var}/log/journal/@{hex32}/system.journal* r, @@ -394,6 +415,6 @@ profile steam @{exec_path} flags=(attach_disconnected,mediate_deleted) { include if exists } - + include if exists } diff --git a/apparmor.d/profiles-s-z/steam-game-native b/apparmor.d/profiles-s-z/steam-game-native index da72bf279..0a79b99d8 100644 --- a/apparmor.d/profiles-s-z/steam-game-native +++ b/apparmor.d/profiles-s-z/steam-game-native @@ -22,6 +22,7 @@ profile steam-game-native @{exec_path} flags=(attach_disconnected) { network inet6 dgram, network inet stream, network inet6 stream, + network netlink raw, network unix stream, signal receive peer=steam, diff --git a/apparmor.d/profiles-s-z/steam-game-proton b/apparmor.d/profiles-s-z/steam-game-proton index 7f1e29820..ed67e72b9 100644 --- a/apparmor.d/profiles-s-z/steam-game-proton +++ b/apparmor.d/profiles-s-z/steam-game-proton @@ -20,6 +20,8 @@ profile steam-game-proton @{exec_path} flags=(attach_disconnected) { include include + capability dac_read_search, + network inet dgram, network inet6 dgram, network inet stream, @@ -74,14 +76,14 @@ profile steam-game-proton @{exec_path} flags=(attach_disconnected) { owner @{app_dirs}/Proton*/** rwkl, owner @{share_dirs}/*.dll r, - owner @{share_dirs}/steamapps/compatdata/{,**} rwk, + owner @{share_dirs}/bin/ r, owner @{share_dirs}/legacycompat/ r, owner @{share_dirs}/legacycompat/** mr, + owner @{share_dirs}/steamapps/compatdata/{,**} rwk, owner @{user_share_dirs}/applications/wine/ rw, owner @{user_share_dirs}/applications/wine/**/ rw, - owner @{tmp}/ r, owner @{tmp}/.wine-@{uid}/ rw, owner @{tmp}/.wine-@{uid}/** rwk, owner @{tmp}/glx-icds-@{rand6}/{,**} w, diff --git a/apparmor.d/profiles-s-z/steam-runtime b/apparmor.d/profiles-s-z/steam-runtime index 6893dbe2d..9beaa2e8c 100644 --- a/apparmor.d/profiles-s-z/steam-runtime +++ b/apparmor.d/profiles-s-z/steam-runtime @@ -54,6 +54,7 @@ profile steam-runtime @{exec_path} flags=(attach_disconnected) { owner @{HOME}/.steam/steam.pipe r, owner @{app_dirs}/*/ r, + owner @{app_dirs}/config/config.vdf rw, owner @{app_dirs}/@{runtime}/** r, owner @{app_dirs}/@{runtime}/pressure-vessel/** rwk, owner @{app_dirs}/@{runtime}/sniper_platform_*/** rwk, diff --git a/apparmor.d/tunables/home.d/apparmor.d b/apparmor.d/tunables/home.d/apparmor.d index 87daf969e..963e4bc88 100644 --- a/apparmor.d/tunables/home.d/apparmor.d +++ b/apparmor.d/tunables/home.d/apparmor.d @@ -24,6 +24,7 @@ @{XDG_VM_DIR}=".vm" @{XDG_VM_SHARES_DIR}="VM_Shares" @{XDG_IMG_DIR}="images" +@{XDG_GAMESSTUDIO_DIR}="unity3d" # User personal keyrings @{XDG_GPG_DIR}=".gnupg" From 035e1da7b205798df14468333ce43a491889f7e3 Mon Sep 17 00:00:00 2001 From: Alexandre Pujol Date: Sat, 15 Jun 2024 16:40:11 +0100 Subject: [PATCH 40/52] feat(abs): add udevadm app abstraction. --- apparmor.d/abstractions/app/udevadm | 26 +++++++++++++++++++ .../groups/display-manager/x11-xsession | 13 +--------- apparmor.d/groups/network/netplan.script | 6 +---- apparmor.d/profiles-a-f/f3fix | 22 +++------------- apparmor.d/profiles-a-f/fatresize | 22 +++------------- apparmor.d/profiles-g-l/gparted | 8 +----- apparmor.d/profiles-g-l/gpartedbin | 18 ++----------- apparmor.d/profiles-g-l/hw-probe | 14 ++-------- apparmor.d/profiles-g-l/hwinfo | 16 ++---------- apparmor.d/profiles-g-l/inxi | 10 +------ apparmor.d/profiles-m-r/parted | 20 +++----------- apparmor.d/profiles-m-r/partprobe | 22 +++------------- apparmor.d/profiles-s-z/sensors-detect | 8 +----- apparmor.d/profiles-s-z/xinit | 24 +---------------- 14 files changed, 51 insertions(+), 178 deletions(-) create mode 100644 apparmor.d/abstractions/app/udevadm diff --git a/apparmor.d/abstractions/app/udevadm b/apparmor.d/abstractions/app/udevadm new file mode 100644 index 000000000..1c36ea8b2 --- /dev/null +++ b/apparmor.d/abstractions/app/udevadm @@ -0,0 +1,26 @@ +# apparmor.d - Full set of apparmor profiles +# Copyright (C) 2024 Alexandre Pujol +# SPDX-License-Identifier: GPL-2.0-only + + ptrace read peer=@{p_systemd}, + + @{bin}/udevadm mr, + + /etc/udev/udev.conf r, + + @{run}/udev/data/* r, + + @{sys}/** r, + + @{PROC}/1/cgroup r, + @{PROC}/1/environ r, + @{PROC}/1/sched r, + @{PROC}/cmdline r, + @{PROC}/sys/kernel/osrelease r, + @{PROC}/sys/kernel/random/boot_id r, + owner @{PROC}/@{pid}/cgroup r, + owner @{PROC}/@{pid}/stat r, + + include if exists + +# vim:syntax=apparmor \ No newline at end of file diff --git a/apparmor.d/groups/display-manager/x11-xsession b/apparmor.d/groups/display-manager/x11-xsession index bafc9a31b..39169eaf7 100644 --- a/apparmor.d/groups/display-manager/x11-xsession +++ b/apparmor.d/groups/display-manager/x11-xsession @@ -139,18 +139,7 @@ profile x11-xsession @{exec_path} { profile udevadm { include - include - - @{bin}/udevadm mr, - - /etc/udev/udev.conf r, - - @{sys}/bus/ r, - @{sys}/bus/*/devices/ r, - @{sys}/class/ r, - @{sys}/class/*/ r, - @{sys}/devices/**/uevent r, - @{run}/udev/data/* r, + include include if exists } diff --git a/apparmor.d/groups/network/netplan.script b/apparmor.d/groups/network/netplan.script index b72b5c8af..dacb3711c 100644 --- a/apparmor.d/groups/network/netplan.script +++ b/apparmor.d/groups/network/netplan.script @@ -34,11 +34,7 @@ profile netplan.script @{exec_path} flags=(attach_disconnected) { profile udevadm { include - include - - @{bin}/udevadm mr, - - /etc/udev/udev.conf r, + include @{run}/udev/control rw, @{run}/udev/rules.d/90-netplan.rules rw, diff --git a/apparmor.d/profiles-a-f/f3fix b/apparmor.d/profiles-a-f/f3fix index f31f6cfe3..307e3270d 100644 --- a/apparmor.d/profiles-a-f/f3fix +++ b/apparmor.d/profiles-a-f/f3fix @@ -37,26 +37,12 @@ profile f3fix @{exec_path} { profile udevadm { include + include + include - ptrace (read), - - @{bin}/udevadm mr, - - /etc/udev/udev.conf r, - - owner @{PROC}/@{pid}/stat r, - owner @{PROC}/@{pid}/cgroup r, - @{PROC}/cmdline r, - @{PROC}/1/sched r, - @{PROC}/1/environ r, - @{PROC}/sys/kernel/osrelease r, - @{PROC}/sys/kernel/random/boot_id r, - - @{sys}/firmware/efi/efivars/SecureBoot-@{uuid} r, - - # file_inherit - /dev/sd[a-z]* rw, + ptrace read, + include if exists } include if exists diff --git a/apparmor.d/profiles-a-f/fatresize b/apparmor.d/profiles-a-f/fatresize index 08d5124ae..261aea0e4 100644 --- a/apparmor.d/profiles-a-f/fatresize +++ b/apparmor.d/profiles-a-f/fatresize @@ -36,26 +36,10 @@ profile fatresize @{exec_path} { profile udevadm { include + include + include - ptrace (read), - - @{bin}/udevadm mr, - - /etc/udev/udev.conf r, - - owner @{PROC}/@{pid}/stat r, - owner @{PROC}/@{pid}/cgroup r, - @{PROC}/cmdline r, - @{PROC}/1/sched r, - @{PROC}/1/environ r, - @{PROC}/sys/kernel/osrelease r, - @{PROC}/sys/kernel/random/boot_id r, - - @{sys}/firmware/efi/efivars/SecureBoot-@{uuid} r, - - # file_inherit - /dev/{s,v}d[a-z]* rw, - + include if exists } include if exists diff --git a/apparmor.d/profiles-g-l/gparted b/apparmor.d/profiles-g-l/gparted index 1e6be52c8..ca42f4669 100644 --- a/apparmor.d/profiles-g-l/gparted +++ b/apparmor.d/profiles-g-l/gparted @@ -60,16 +60,10 @@ profile gparted @{exec_path} { profile udevadm { include - include + include - @{bin}/udevadm mr, - - /etc/udev/udev.conf r, - - @{sys}/** r, @{sys}/devices/virtual/block/**/uevent rw, @{sys}/devices/@{pci}/block/**/uevent rw, - @{run}/udev/data/* r, include if exists } diff --git a/apparmor.d/profiles-g-l/gpartedbin b/apparmor.d/profiles-g-l/gpartedbin index ede60499d..dc3b1fe10 100644 --- a/apparmor.d/profiles-g-l/gpartedbin +++ b/apparmor.d/profiles-g-l/gpartedbin @@ -132,24 +132,10 @@ profile gpartedbin @{exec_path} { profile udevadm { include + include include - ptrace (read), - - @{bin}/udevadm mr, - - /etc/udev/udev.conf r, - - @{PROC}/1/environ r, - @{PROC}/1/sched r, - @{PROC}/cmdline r, - @{PROC}/sys/kernel/osrelease r, - @{PROC}/sys/kernel/random/boot_id r, - owner @{PROC}/@{pid}/cgroup r, - owner @{PROC}/@{pid}/stat r, - - /dev/mapper/control rw, - + include if exists } include if exists diff --git a/apparmor.d/profiles-g-l/hw-probe b/apparmor.d/profiles-g-l/hw-probe index 8c179e0d9..be5916132 100644 --- a/apparmor.d/profiles-g-l/hw-probe +++ b/apparmor.d/profiles-g-l/hw-probe @@ -163,19 +163,9 @@ profile hw-probe @{exec_path} { include if exists } - profile udevadm { + profile udevadm flags=(attach_disconnected) { include - include - - @{bin}/udevadm mr, - - /etc/udev/udev.conf r, - - @{sys}/bus/ r, - @{sys}/bus/*/devices/ r, - @{sys}/class/ r, - @{sys}/class/*/ r, - @{sys}/devices/**/uevent r, + include include if exists } diff --git a/apparmor.d/profiles-g-l/hwinfo b/apparmor.d/profiles-g-l/hwinfo index 277ce6e72..23cb006c9 100644 --- a/apparmor.d/profiles-g-l/hwinfo +++ b/apparmor.d/profiles-g-l/hwinfo @@ -92,23 +92,11 @@ profile hwinfo @{exec_path} { profile udevadm { include + include - @{bin}/udevadm mr, - - /etc/udev/udev.conf r, - - owner @{PROC}/@{pid}/stat r, - @{PROC}/cmdline r, - @{PROC}/1/sched r, - @{PROC}/1/environ r, - @{PROC}/sys/kernel/osrelease r, - - @{sys}/** r, - @{run}/udev/data/* r, - - # file_inherit owner @{tmp}/hwinfo*.txt rw, + include if exists } include if exists diff --git a/apparmor.d/profiles-g-l/inxi b/apparmor.d/profiles-g-l/inxi index 9f5632291..bc59dedb2 100644 --- a/apparmor.d/profiles-g-l/inxi +++ b/apparmor.d/profiles-g-l/inxi @@ -138,15 +138,7 @@ profile inxi @{exec_path} { profile udevadm { include - include - - @{bin}/udevadm mr, - - /etc/udev/udev.conf r, - - @{run}/udev/data/b* r, - - @{sys}/devices/@{pci}/block/**/uevent r, + include include if exists } diff --git a/apparmor.d/profiles-m-r/parted b/apparmor.d/profiles-m-r/parted index c403e7018..2b02eb398 100644 --- a/apparmor.d/profiles-m-r/parted +++ b/apparmor.d/profiles-m-r/parted @@ -48,26 +48,12 @@ profile parted @{exec_path} { profile udevadm { include + include + include - ptrace (read), - - @{bin}/udevadm mr, - - /etc/udev/udev.conf r, - - @{PROC}/1/cgroup r, - @{PROC}/1/environ r, - @{PROC}/1/sched r, - @{PROC}/cmdline r, - @{PROC}/sys/kernel/osrelease r, - @{PROC}/sys/kernel/random/boot_id r, - owner @{PROC}/@{pid}/cgroup r, - owner @{PROC}/@{pid}/stat r, - - # file_inherit - include # lots of files in this abstraction get inherited owner @{user_img_dirs}/{,**} rwk, + include if exists } include if exists diff --git a/apparmor.d/profiles-m-r/partprobe b/apparmor.d/profiles-m-r/partprobe index d1fade820..3138c13e2 100644 --- a/apparmor.d/profiles-m-r/partprobe +++ b/apparmor.d/profiles-m-r/partprobe @@ -43,26 +43,10 @@ profile partprobe @{exec_path} { profile udevadm { include + include + include - ptrace (read), - - @{bin}/udevadm mr, - - /etc/udev/udev.conf r, - - owner @{PROC}/@{pid}/stat r, - owner @{PROC}/@{pid}/cgroup r, - @{PROC}/cmdline r, - @{PROC}/1/sched r, - @{PROC}/1/environ r, - @{PROC}/1/cgroup r, - @{PROC}/sys/kernel/osrelease r, - @{PROC}/sys/kernel/random/boot_id r, - - # file_inherit - include # lots of files in this abstraction get inherited - /dev/mapper/control rw, - + include if exists } include if exists diff --git a/apparmor.d/profiles-s-z/sensors-detect b/apparmor.d/profiles-s-z/sensors-detect index 820c31d1f..6fcc6cac1 100644 --- a/apparmor.d/profiles-s-z/sensors-detect +++ b/apparmor.d/profiles-s-z/sensors-detect @@ -41,13 +41,7 @@ profile sensors-detect @{exec_path} { profile udevadm { include - include - - capability sys_ptrace, - - @{bin}/udevadm mr, - - /etc/udev/udev.conf r, + include include if exists } diff --git a/apparmor.d/profiles-s-z/xinit b/apparmor.d/profiles-s-z/xinit index 03ec3ff92..a789cc90f 100644 --- a/apparmor.d/profiles-s-z/xinit +++ b/apparmor.d/profiles-s-z/xinit @@ -92,29 +92,7 @@ profile xinit @{exec_path} { profile udevadm { include - - @{bin}/udevadm mr, - - /etc/udev/udev.conf r, - - @{run}/udev/data/* r, - - @{sys}/bus/ r, - @{sys}/bus/*/devices/ r, - @{sys}/class/ r, - @{sys}/class/*/ r, - @{sys}/devices/**/uevent r, - @{sys}/firmware/efi/efivars/SecureBoot-@{uuid} r, - - @{PROC}/1/environ r, - @{PROC}/1/sched r, - @{PROC}/cmdline r, - @{PROC}/sys/kernel/osrelease r, - owner @{PROC}/@{pid}/stat r, - - # file_inherit - owner /dev/tty@{int} rw, - owner @{HOME}/.xsession-errors w, + include include if exists } From 79eed4b93df6f79eaaef3ef4e8ad5484c6950d75 Mon Sep 17 00:00:00 2001 From: Alexandre Pujol Date: Sat, 15 Jun 2024 16:42:32 +0100 Subject: [PATCH 41/52] feat(profile): improve sqlite temp file definition. --- apparmor.d/groups/apps/dropbox | 2 +- apparmor.d/groups/gnome/tracker-miner | 4 ++-- apparmor.d/profiles-a-f/flatpak-app | 2 +- apparmor.d/profiles-a-f/fwupd | 2 +- apparmor.d/profiles-g-l/gpo | 10 +++++----- apparmor.d/profiles-m-r/protonmail-bridge-core | 4 ++-- apparmor.d/profiles-m-r/psi | 2 +- apparmor.d/profiles-m-r/psi-plus | 2 +- apparmor.d/profiles-m-r/quiterss | 2 +- apparmor.d/profiles-s-z/strawberry | 2 +- 10 files changed, 16 insertions(+), 16 deletions(-) diff --git a/apparmor.d/groups/apps/dropbox b/apparmor.d/groups/apps/dropbox index 961850c9e..066f9a5b7 100644 --- a/apparmor.d/groups/apps/dropbox +++ b/apparmor.d/groups/apps/dropbox @@ -58,7 +58,7 @@ profile dropbox @{exec_path} { # Dropbox first tries the /tmp/ dir, and if it's denied it uses the /var/tmp/ dir instead owner @{tmp}/dropbox-antifreeze-* rw, owner @{tmp}/#@{int} rw, - owner /var/tmp/etilqs_@{hex} rw, + owner /var/tmp/etilqs_@{hex16} rw, @{run}/systemd/users/@{uid} r, diff --git a/apparmor.d/groups/gnome/tracker-miner b/apparmor.d/groups/gnome/tracker-miner index 6646d69d7..5e073215a 100644 --- a/apparmor.d/groups/gnome/tracker-miner +++ b/apparmor.d/groups/gnome/tracker-miner @@ -65,8 +65,8 @@ profile tracker-miner @{exec_path} flags=(attach_disconnected) { owner @{gdm_config_dirs}/dconf/user r, owner @{gdm_share_dirs}/applications/ r, - owner /var/tmp/etilqs_@{hex} rw, - owner @{tmp}/etilqs_@{hex} rw, + owner /var/tmp/etilqs_@{hex16} rw, + owner @{tmp}/etilqs_@{hex16} rw, # Allow to search user files owner @{HOME}/{,**} r, diff --git a/apparmor.d/profiles-a-f/flatpak-app b/apparmor.d/profiles-a-f/flatpak-app index 9d06b4595..a4f994d04 100644 --- a/apparmor.d/profiles-a-f/flatpak-app +++ b/apparmor.d/profiles-a-f/flatpak-app @@ -78,7 +78,7 @@ profile flatpak-app flags=(attach_disconnected,mediate_deleted) { /var/lib/flatpak/app/{,**} r, /var/lib/flatpak/exports/** rw, - /var/tmp/etilqs_@{hex} rw, + /var/tmp/etilqs_@{hex16} rw, @{run}/.userns r, @{run}/parent/** r, diff --git a/apparmor.d/profiles-a-f/fwupd b/apparmor.d/profiles-a-f/fwupd index 57e006500..b9f095daa 100644 --- a/apparmor.d/profiles-a-f/fwupd +++ b/apparmor.d/profiles-a-f/fwupd @@ -65,7 +65,7 @@ profile fwupd @{exec_path} flags=(complain,attach_disconnected) { /var/lib/flatpak/exports/share/mime/mime.cache r, /var/lib/fwupd/{,**} rw, /var/lib/fwupd/pending.db rwk, - /var/tmp/etilqs_@{hex} rw, + /var/tmp/etilqs_@{hex16} rw, /boot/{,**} r, /boot/EFI/*/.goutputstream-@{rand6} rw, diff --git a/apparmor.d/profiles-g-l/gpo b/apparmor.d/profiles-g-l/gpo index da33f7bca..208036d8e 100644 --- a/apparmor.d/profiles-g-l/gpo +++ b/apparmor.d/profiles-g-l/gpo @@ -31,16 +31,16 @@ profile gpo @{exec_path} { @{bin}/less rPx -> child-pager, @{bin}/more rPx -> child-pager, - owner @{PROC}/@{pid}/fd/ r, + /etc/inputrc r, + + /usr/share/gpodder/extensions/{,*.py} r, owner @{HOME}/gPodder/ rw, owner @{HOME}/gPodder/** rwk, - /usr/share/gpodder/extensions/{,*.py} r, + owner /var/tmp/etilqs_@{hex16} rw, - /etc/inputrc r, - - owner /var/tmp/etilqs_@{hex} rw, + owner @{PROC}/@{pid}/fd/ r, include if exists } diff --git a/apparmor.d/profiles-m-r/protonmail-bridge-core b/apparmor.d/profiles-m-r/protonmail-bridge-core index ef7ec136c..b0d153ec2 100644 --- a/apparmor.d/profiles-m-r/protonmail-bridge-core +++ b/apparmor.d/profiles-m-r/protonmail-bridge-core @@ -39,8 +39,8 @@ profile protonmail-bridge-core @{exec_path} { owner "@{user_config_dirs}/autostart/Proton Mail Bridge.desktop" rw, owner @{tmp}/bridge@{int} rw, - owner @{tmp}/user/@{uid}/etilqs_@{hex} rw, - owner /var/tmp/etilqs_@{hex} rw, + owner @{tmp}/etilqs_@{hex16} rw, + owner /var/tmp/etilqs_@{hex16} rw, @{PROC}/ r, @{PROC}/sys/net/core/somaxconn r, diff --git a/apparmor.d/profiles-m-r/psi b/apparmor.d/profiles-m-r/psi index 90a2e380e..e764b69f8 100644 --- a/apparmor.d/profiles-m-r/psi +++ b/apparmor.d/profiles-m-r/psi @@ -56,7 +56,7 @@ profile psi @{exec_path} { owner @{user_share_dirs}/psi/** rwk, owner @{tmp}/#@{int} rw, - owner @{tmp}/etilqs_@{hex} rw, + owner @{tmp}/etilqs_@{hex16} rw, owner @{tmp}/Psi.* rwl -> /tmp/#@{int}, @{run}/systemd/inhibit/[0-9]*.ref rw, diff --git a/apparmor.d/profiles-m-r/psi-plus b/apparmor.d/profiles-m-r/psi-plus index 50a008061..d9b1f7fd5 100644 --- a/apparmor.d/profiles-m-r/psi-plus +++ b/apparmor.d/profiles-m-r/psi-plus @@ -56,7 +56,7 @@ profile psi-plus @{exec_path} { owner @{user_share_dirs}/psi+/** rwk, owner @{tmp}/#@{int} rw, - owner @{tmp}/etilqs_@{hex} rw, + owner @{tmp}/etilqs_@{hex16} rw, owner @{tmp}/Psi+.* rwl -> /tmp/#@{int}, @{run}/systemd/inhibit/[0-9]*.ref rw, diff --git a/apparmor.d/profiles-m-r/quiterss b/apparmor.d/profiles-m-r/quiterss index f1b6a0f24..1154ff337 100644 --- a/apparmor.d/profiles-m-r/quiterss +++ b/apparmor.d/profiles-m-r/quiterss @@ -63,7 +63,7 @@ profile quiterss @{exec_path} { owner @{tmp}/qtsingleapp-quiter-@{int}-@{int} rw, owner @{tmp}/qtsingleapp-quiter-@{int}-@{int}-lockfile rwk, - owner /var/tmp/etilqs_@{hex} rw, + owner /var/tmp/etilqs_@{hex16} rw, # Allowed apps to open @{lib}/firefox/firefox rPUx, diff --git a/apparmor.d/profiles-s-z/strawberry b/apparmor.d/profiles-s-z/strawberry index 39c68f5ed..5ed3ceace 100644 --- a/apparmor.d/profiles-s-z/strawberry +++ b/apparmor.d/profiles-s-z/strawberry @@ -64,7 +64,7 @@ profile strawberry @{exec_path} { owner @{tmp}/.*/s rw, owner @{tmp}/*= w, owner @{tmp}/#@{int} rw, - owner @{tmp}/etilqs_@{hex} rw, + owner @{tmp}/etilqs_@{hex16} rw, owner @{tmp}/qipc_{systemsem,sharedmemory}_*[a-f0-9]* rw, owner @{tmp}/strawberry-cover-@{rand6}.jpg rwl -> @{tmp}/#@{int}, owner @{tmp}/strawberry*[0-9] w, From faab4928ed223960bd5e38a2fb84b8bf0f2b32c0 Mon Sep 17 00:00:00 2001 From: Alexandre Pujol Date: Sat, 15 Jun 2024 16:49:06 +0100 Subject: [PATCH 42/52] feat(profile): general update. --- apparmor.d/groups/freedesktop/fc-cache | 4 +- apparmor.d/groups/freedesktop/xdg-mime | 1 + apparmor.d/groups/freedesktop/xdg-screensaver | 2 +- apparmor.d/groups/gnome/gnome-music | 2 +- apparmor.d/groups/pacman/aurpublish | 2 +- apparmor.d/groups/pacman/pacman | 1 + apparmor.d/groups/virt/libvirtd | 1 + apparmor.d/profiles-a-f/acpid | 2 +- apparmor.d/profiles-a-f/dmesg | 7 +- apparmor.d/profiles-a-f/f3fix | 16 +- apparmor.d/profiles-a-f/fatresize | 15 +- apparmor.d/profiles-a-f/findmnt | 1 + apparmor.d/profiles-g-l/gpartedbin | 35 ++-- apparmor.d/profiles-g-l/gpodder | 74 ++----- apparmor.d/profiles-g-l/hw-probe | 195 +++++++++--------- apparmor.d/profiles-g-l/hwinfo | 74 +++---- apparmor.d/profiles-g-l/libreoffice | 1 + apparmor.d/profiles-m-r/parted | 18 +- apparmor.d/profiles-m-r/partprobe | 21 +- apparmor.d/profiles-m-r/pass-import | 4 +- apparmor.d/profiles-m-r/pkexec | 7 +- apparmor.d/profiles-m-r/protonmail-bridge | 2 + apparmor.d/profiles-s-z/usb-devices | 14 +- 23 files changed, 213 insertions(+), 286 deletions(-) diff --git a/apparmor.d/groups/freedesktop/fc-cache b/apparmor.d/groups/freedesktop/fc-cache index affeb182c..a3e5beebb 100644 --- a/apparmor.d/groups/freedesktop/fc-cache +++ b/apparmor.d/groups/freedesktop/fc-cache @@ -7,7 +7,9 @@ abi , include -@{exec_path} = /{snap/snapd/@{int}/,}{usr/,}bin/fc-cache{,-32,-v*} +@{bin_dirs} = @{bin}/ /snap/{snapd,core}/@{int}@{bin} + +@{exec_path} = @{bin_dirs}/fc-cache{,-32,-v*} profile fc-cache @{exec_path} { include include diff --git a/apparmor.d/groups/freedesktop/xdg-mime b/apparmor.d/groups/freedesktop/xdg-mime index df733b16a..4ea8970b3 100644 --- a/apparmor.d/groups/freedesktop/xdg-mime +++ b/apparmor.d/groups/freedesktop/xdg-mime @@ -18,6 +18,7 @@ profile xdg-mime @{exec_path} flags=(attach_disconnected) { @{bin}/{,e}grep rix, @{bin}/{m,g,}awk rix, @{bin}/basename rix, + @{bin}/cat rix, @{bin}/cut rix, @{bin}/file rix, @{bin}/head rix, diff --git a/apparmor.d/groups/freedesktop/xdg-screensaver b/apparmor.d/groups/freedesktop/xdg-screensaver index 9b655a40b..353bb7b1b 100644 --- a/apparmor.d/groups/freedesktop/xdg-screensaver +++ b/apparmor.d/groups/freedesktop/xdg-screensaver @@ -32,7 +32,7 @@ profile xdg-screensaver @{exec_path} { @{bin}/xset rPx, @{bin}/hostname rix, - /dev/dri/card[0-9] rw, + /dev/dri/card@{int} rw, owner @{HOME}/ r, owner @{HOME}/.Xauthority r, diff --git a/apparmor.d/groups/gnome/gnome-music b/apparmor.d/groups/gnome/gnome-music index f22cde879..2eda9bb05 100644 --- a/apparmor.d/groups/gnome/gnome-music +++ b/apparmor.d/groups/gnome/gnome-music @@ -48,7 +48,7 @@ profile gnome-music @{exec_path} flags=(attach_disconnected) { @{run}/systemd/inhibit/[0-9]*.ref rw, owner @{tmp}/grilo-plugin-cache-[0-9A-Z]*/ rw, - owner /var/tmp/etilqs_@{hex} rw, + owner /var/tmp/etilqs_@{hex16} rw, @{PROC}/sys/net/ipv6/conf/all/disable_ipv6 r, owner @{PROC}/@{pid}/mounts r, diff --git a/apparmor.d/groups/pacman/aurpublish b/apparmor.d/groups/pacman/aurpublish index 1a3a6ec46..4446ad039 100644 --- a/apparmor.d/groups/pacman/aurpublish +++ b/apparmor.d/groups/pacman/aurpublish @@ -55,7 +55,7 @@ profile aurpublish @{exec_path} { owner @{user_cache_dirs}/makepkg/src/* rw, owner @{user_config_dirs}/pacman/makepkg.conf r, - owner @{tmp}/tmp.* rw, + owner @{tmp}/tmp.@{rand10} rw, owner @{PROC}/@{pid}/maps r, diff --git a/apparmor.d/groups/pacman/pacman b/apparmor.d/groups/pacman/pacman index 7207c714c..5a873f187 100644 --- a/apparmor.d/groups/pacman/pacman +++ b/apparmor.d/groups/pacman/pacman @@ -146,6 +146,7 @@ profile pacman @{exec_path} flags=(attach_disconnected) { # Silencer, deny @{HOME}/ r, + deny @{HOME}/**/ r, deny /tmp/ r, profile gpg { diff --git a/apparmor.d/groups/virt/libvirtd b/apparmor.d/groups/virt/libvirtd index 32428f2b5..96be24919 100644 --- a/apparmor.d/groups/virt/libvirtd +++ b/apparmor.d/groups/virt/libvirtd @@ -117,6 +117,7 @@ profile libvirtd @{exec_path} flags=(attach_disconnected) { @{sh_path} rix, @{bin}/ip rix, + @{bin}/nft rix, @{bin}/qemu-img rUx, # TODO: Integration with virt-aa-helper @{bin}/qemu-system* rUx, # TODO: Integration with virt-aa-helper @{bin}/tc rix, diff --git a/apparmor.d/profiles-a-f/acpid b/apparmor.d/profiles-a-f/acpid index 95eb98c61..e994edb95 100644 --- a/apparmor.d/profiles-a-f/acpid +++ b/apparmor.d/profiles-a-f/acpid @@ -18,7 +18,7 @@ profile acpid @{exec_path} flags=(attach_disconnected) { @{exec_path} mr, - @{bin}/{ba,da,}sh rix, + @{sh_path} rix, @{bin}/logger rix, /etc/acpi/powerbtn-acpi-support.sh rPx -> acpi-powerbtn, diff --git a/apparmor.d/profiles-a-f/dmesg b/apparmor.d/profiles-a-f/dmesg index 85943afa7..346a91c8c 100644 --- a/apparmor.d/profiles-a-f/dmesg +++ b/apparmor.d/profiles-a-f/dmesg @@ -12,8 +12,8 @@ profile dmesg @{exec_path} { include include - capability syslog, capability dac_read_search, + capability syslog, @{exec_path} mr, @@ -28,8 +28,11 @@ profile dmesg @{exec_path} { /dev/kmsg r, - deny /{usr/,}local/bin/ r, deny @{bin}/{,*/} r, + deny /{usr/,}local/{,s}bin/ r, + deny /var/lib/flatpak/exports/bin/ r, + deny @{HOME}/.go/bin/ r, + deny @{user_bin_dirs}/ r, include if exists } diff --git a/apparmor.d/profiles-a-f/f3fix b/apparmor.d/profiles-a-f/f3fix index 307e3270d..75d11148d 100644 --- a/apparmor.d/profiles-a-f/f3fix +++ b/apparmor.d/profiles-a-f/f3fix @@ -12,28 +12,20 @@ profile f3fix @{exec_path} { include include - # To remove the following errors: - # Error: Partition(s) * on /dev/sdb have been written, but we have been unable to inform the - # kernel of the change, probably because it/they are in use. As a result, the old partition(s) - # will remain in use. You should reboot now before making further changes. capability sys_admin, - - # Needed? (##FIXME##) capability sys_rawio, - # Needed? - ptrace (read), + ptrace read, @{exec_path} mr, - @{sh_path} rix, + @{sh_path} rix, @{bin}/dmidecode rPx, + @{bin}/udevadm rCx -> udevadm, - @{bin}/udevadm rCx -> udevadm, - - owner @{PROC}/@{pid}/mounts r, @{PROC}/swaps r, + owner @{PROC}/@{pid}/mounts r, profile udevadm { include diff --git a/apparmor.d/profiles-a-f/fatresize b/apparmor.d/profiles-a-f/fatresize index 261aea0e4..71fc917fb 100644 --- a/apparmor.d/profiles-a-f/fatresize +++ b/apparmor.d/profiles-a-f/fatresize @@ -12,27 +12,20 @@ profile fatresize @{exec_path} { include include - # Needed to inform the system of newly created/removed partitions - # ioctl(3, BLKFLSBUF) = -1 EACCES (Permission denied) capability sys_admin, - - # Needed? (##FIXME##) capability sys_rawio, - # Needed? - ptrace (read), + ptrace read, @{exec_path} mr, - @{sh_path} rix, + @{sh_path} rix, @{bin}/dmidecode rPx, + @{bin}/udevadm rCx -> udevadm, - @{bin}/udevadm rCx -> udevadm, - - owner @{PROC}/@{pid}/mounts r, @{PROC}/swaps r, - + owner @{PROC}/@{pid}/mounts r, profile udevadm { include diff --git a/apparmor.d/profiles-a-f/findmnt b/apparmor.d/profiles-a-f/findmnt index 663e40251..4aef829c7 100644 --- a/apparmor.d/profiles-a-f/findmnt +++ b/apparmor.d/profiles-a-f/findmnt @@ -14,6 +14,7 @@ profile findmnt @{exec_path} flags=(attach_disconnected,complain) { include capability dac_read_search, + capability sys_rawio, @{exec_path} mr, diff --git a/apparmor.d/profiles-g-l/gpartedbin b/apparmor.d/profiles-g-l/gpartedbin index dc3b1fe10..65f6bbc12 100644 --- a/apparmor.d/profiles-g-l/gpartedbin +++ b/apparmor.d/profiles-g-l/gpartedbin @@ -7,30 +7,26 @@ abi , include -@{exec_path} = @{bin}/gpartedbin -@{exec_path} += @{lib}/gpartedbin -@{exec_path} += @{lib}/gparted/gpartedbin +@{exec_path} = @{bin}/gpartedbin @{lib}/{,gparted/}gpartedbin profile gpartedbin @{exec_path} { include include + include include include - include - include - include capability dac_read_search, capability ipc_lock, capability sys_admin, capability sys_rawio, - ptrace (read), + ptrace read, - signal (send) peer=mke2fs, + signal send peer=mke2fs, @{exec_path} mr, - @{sh_path} rix, + @{sh_path} rix, @{bin}/blkid rPx, @{bin}/dmidecode rPx, @@ -84,29 +80,21 @@ profile gpartedbin @{exec_path} { owner @{PROC}/@{pid}/mountinfo r, owner @{PROC}/@{pid}/mounts r, - /dev/mapper/control rw, - profile mount { include + include capability sys_admin, - mount /dev/{s,v}d[a-z]*[0-9]* -> /tmp/gparted-*/, + mount /dev/{s,v}d[a-z]*@{int} -> /tmp/gparted-*/, - mount /dev/{s,v}d[a-z]*[0-9]* -> /boot/, - mount /dev/{s,v}d[a-z]*[0-9]* -> @{MOUNTS}/, - mount /dev/{s,v}d[a-z]*[0-9]* -> @{MOUNTS}/*/, + mount /dev/{s,v}d[a-z]*@{int} -> /boot/, + mount /dev/{s,v}d[a-z]*@{int} -> @{MOUNTS}/, + mount /dev/{s,v}d[a-z]*@{int} -> @{MOUNTS}/*/, @{bin}/mount mr, - @{sys}/devices/@{pci}/block/{s,v}d[a-z]/ r, - @{sys}/devices/@{pci}/block/{s,v}d[a-z]/dev r, - @{sys}/devices/@{pci}/block/{s,v}d[a-z]/{s,v}d[a-z][0-9]*/ r, - @{sys}/devices/@{pci}/block/{s,v}d[a-z]/{s,v}d[a-z][0-9]*/{start,size} r, - - /dev/{s,v}d[a-z]* r, - /dev/{s,v}d[a-z]*[0-9]* r, - + include if exists } profile umount { @@ -128,6 +116,7 @@ profile gpartedbin @{exec_path} { owner @{PROC}/@{pid}/mountinfo r, + include if exists } profile udevadm { diff --git a/apparmor.d/profiles-g-l/gpodder b/apparmor.d/profiles-g-l/gpodder index 60fe931f3..c945d59cb 100644 --- a/apparmor.d/profiles-g-l/gpodder +++ b/apparmor.d/profiles-g-l/gpodder @@ -10,14 +10,12 @@ include @{exec_path} = @{bin}/gpodder profile gpodder @{exec_path} { include - include - include + include include - include - include include - include + include include + include network inet dgram, network inet6 dgram, @@ -32,64 +30,30 @@ profile gpodder @{exec_path} { @{sh_path} rix, @{bin}/uname rix, - owner @{HOME}/ r, - owner @{HOME}/gPodder/ rw, - owner @{HOME}/gPodder/** rwk, - - /usr/share/gpodder/{,**} r, - - owner @{PROC}/@{pid}/fd/ r, - owner @{PROC}/@{pid}/mounts r, - owner @{PROC}/@{pid}/mountinfo r, - - /etc/fstab r, - - owner /var/tmp/etilqs_@{hex} rw, - - /etc/mime.types r, - - /usr/share/*/*.desktop r, - - @{bin}/xdg-settings rPUx, - - @{bin}/xdg-open rCx -> open, - @{lib}/@{multiarch}/glib-[0-9]*/gio-launch-desktop rCx -> open, + @{bin}/xdg-settings rPx, + @{open_path} rPx -> child-open, # A/V players @{bin}/smplayer rPUx, @{bin}/vlc rPUx, @{bin}/mpv rPUx, - # Open in a web browser - @{lib}/firefox/firefox rPUx, + /usr/share/gpodder/{,**} r, + + /etc/fstab r, + /etc/mime.types r, + + owner @{HOME}/ r, + owner @{HOME}/gPodder/ rw, + owner @{HOME}/gPodder/** rwk, + + owner /var/tmp/etilqs_@{hex16} rw, + + owner @{PROC}/@{pid}/fd/ r, + owner @{PROC}/@{pid}/mounts r, + owner @{PROC}/@{pid}/mountinfo r, - # file_inherit owner /dev/tty@{int} rw, - - profile open { - include - include - - @{bin}/xdg-open mr, - @{lib}/@{multiarch}/glib-[0-9]*/gio-launch-desktop mr, - - @{sh_path} rix, - @{bin}/{m,g,}awk rix, - @{bin}/readlink rix, - @{bin}/basename rix, - - owner @{HOME}/ r, - - owner @{run}/user/@{uid}/ r, - - # Allowed apps to open - @{lib}/firefox/firefox rPUx, - - # file_inherit - owner @{HOME}/.xsession-errors w, - - } - include if exists } diff --git a/apparmor.d/profiles-g-l/hw-probe b/apparmor.d/profiles-g-l/hw-probe index be5916132..c9aa1469c 100644 --- a/apparmor.d/profiles-g-l/hw-probe +++ b/apparmor.d/profiles-g-l/hw-probe @@ -8,9 +8,10 @@ abi , include @{exec_path} = @{bin}/hw-probe -profile hw-probe @{exec_path} { +profile hw-probe @{exec_path} flags=(attach_disconnected) { include include + include capability sys_admin, @@ -20,111 +21,134 @@ profile hw-probe @{exec_path} { @{exec_path} rm, @{bin}/perl r, - @{sh_path} rix, - @{bin}/{,e}grep rix, - @{bin}/{m,g,}awk rix, - @{bin}/dd rix, - @{bin}/efibootmgr rix, - @{bin}/efivar rix, - @{bin}/md5sum rix, - @{bin}/pwd rix, - @{bin}/sleep rix, - @{bin}/tar rix, - @{bin}/uname rix, - - @{bin}/lsb_release rPx -> lsb_release, - @{bin}/dpkg rPx -> child-dpkg, - - @{bin}/acpi rPx, - @{bin}/amixer rPx, - @{bin}/aplay rPx, - @{bin}/biosdecode rPx, - @{bin}/cpuid rPx, - @{bin}/cpupower rPx, - @{bin}/df rPx, - @{bin}/dkms rPx, - @{bin}/dmesg rPx, - @{bin}/dmidecode rPx, - @{bin}/edid-decode rPx, - @{bin}/fdisk rPx, - @{bin}/glxgears rPx, - @{bin}/glxinfo rPx, - @{bin}/hciconfig rPx, - @{bin}/hdparm rPx, - @{bin}/hwinfo rPx, - @{bin}/i2cdetect rPx, - @{bin}/inxi rPx, - @{bin}/lsblk rPx, - @{bin}/lscpu rPx, - @{bin}/lspci rPx, - @{bin}/lsusb rPx, - @{bin}/memtester rPx, - @{bin}/rfkill rPx, - @{bin}/sensors rPx, - @{bin}/smartctl rPx, - @{bin}/upower rPx, - @{bin}/uptime rPx, - @{bin}/usb-devices rPx, - @{bin}/xdpyinfo rPx, - @{bin}/xinput rPx, - @{bin}/xrandr rPx, + @{sh_path} rix, + @{bin}/{,e}grep rix, + @{bin}/{m,g,}awk rix, + @{bin}/dd rix, + @{bin}/efibootmgr rix, + @{bin}/efivar rix, + @{bin}/find rix, + @{bin}/md5sum rix, + @{bin}/pwd rix, + @{bin}/sleep rix, + @{bin}/sort rix, + @{bin}/tar rix, + @{bin}/uname rix, + @{bin}/acpi rPx, + @{bin}/amixer rPx, + @{bin}/aplay rPx, + @{bin}/biosdecode rPx, + @{bin}/cpuid rPx, + @{bin}/cpupower rPx, @{bin}/curl rCx -> curl, + @{bin}/df rPx, + @{bin}/dkms rPx, + @{bin}/dmesg rPx, + @{bin}/dmidecode rPx, + @{bin}/dpkg rPx -> child-dpkg, + @{bin}/edid-decode rPx, @{bin}/ethtool rCx -> netconfig, - @{bin}/find rCx -> find, + @{bin}/fdisk rPx, + @{bin}/glxgears rPx, + @{bin}/glxinfo rPx, + @{bin}/hciconfig rPx, + @{bin}/hdparm rPx, + @{bin}/hwinfo rPx, + @{bin}/i2cdetect rPx, @{bin}/ifconfig rCx -> netconfig, + @{bin}/inxi rPx, @{bin}/iw rCx -> netconfig, @{bin}/iwconfig rCx -> netconfig, @{bin}/journalctl rCx -> journalctl, @{bin}/killall rCx -> killall, - @{bin}/kmod rCx -> kmod, + @{bin}/kmod rix, + @{bin}/lsb_release rPx -> lsb_release, + @{bin}/lsblk rPx, + @{bin}/lscpu rPx, + @{bin}/lspci rPx, + @{bin}/lsusb rPx, + @{bin}/memtester rPx, + @{bin}/nmcli rPx, + @{bin}/pacman rCx -> pacman, + @{bin}/rfkill rPx, + @{bin}/rpm rCx -> rpm, + @{bin}/sensors rPx, + @{bin}/smartctl rPx, @{bin}/systemctl rCx -> systemctl, @{bin}/systemd-analyze rPx, @{bin}/udevadm rCx -> udevadm, - - /usr/share/X11/xorg.conf.d/{,*.conf} r, + @{bin}/upower rPx, + @{bin}/uptime rPx, + @{bin}/usb-devices rPx, + @{bin}/xdpyinfo rPx, + @{bin}/xinput rPx, + @{bin}/xrandr rPx, /etc/modprobe.d/{,*.conf} r, - /etc/X11/xorg.conf.d/{,*.conf} r, - /var/log/Xorg.[0-9].log{,.old} r, + owner @{HOME}/HW_PROBE/{,**} rw, - owner /root/HW_PROBE/{,**} rw, - - owner @{tmp}/*/ rw, + audit owner @{tmp}/*/ rw, owner @{tmp}/*/cpu_perf rw, @{sys}/class/drm/ r, @{sys}/class/power_supply/ r, - - @{sys}/devices/virtual/dmi/id/* r, @{sys}/devices/@{pci}/drm/card@{int}/*/edid r, @{sys}/devices/**/power_supply/*/uevent r, - + @{sys}/devices/virtual/dmi/id/* r, @{sys}/firmware/efi/efivars/ r, @{sys}/firmware/efi/efivars/* r, + @{sys}/module/*/ r, + @{sys}/module/*/{coresize,refcnt} r, + @{sys}/module/*/holders/ r, @{PROC}/bus/input/devices r, + @{PROC}/cmdline r, @{PROC}/interrupts r, @{PROC}/ioports r, + @{PROC}/modules r, @{PROC}/scsi/scsi r, - profile find { + /dev/{,**} r, + + profile pacman flags=(attach_disconnected) { include - include + include + + @{bin}/pacman mr, + + @{bin}/gpg rPx -> pacman//gpg, + @{bin}/gpgconf rPx -> pacman//gpg, + @{bin}/gpgsm rPx -> pacman//gpg, + + /etc/pacman.conf r, + /etc/pacman.d/{,**} r, + + /var/lib/pacman/{,**} r, + + include if exists + } + + profile rpm flags=(attach_disconnected) { + include + include capability dac_read_search, - @{bin}/find mr, + @{bin}/rpm mr, - /root/ r, + /var/ r, + /var/lib/ r, + /var/lib/rpm/ r, + /var/lib/rpm/rpmdb.sqlite rk, + /var/lib/rpm/rpmdb.sqlite-shm rwk, + /var/lib/rpm/rpmdb.sqlite-wal rw, - /dev/{,**} r, - - include if exists + include if exists } - profile journalctl { + profile journalctl flags=(attach_disconnected) { include @{bin}/journalctl mr, @@ -133,18 +157,18 @@ profile hw-probe @{exec_path} { /etc/machine-id r, @{run}/log/ rw, - /{run,var}/log/journal/ rw, - /{run,var}/log/journal/@{hex32}/ rw, - /{run,var}/log/journal/@{hex32}/user-@{hex}.journal* rw, - /{run,var}/log/journal/@{hex32}/system.journal* rw, - /{run,var}/log/journal/@{hex32}/system@@{hex}.journal* rw, + /{run,var}/log/journal/ r, + /{run,var}/log/journal/@{hex32}/ r, + /{run,var}/log/journal/@{hex32}/user-@{hex}.journal* r, + /{run,var}/log/journal/@{hex32}/system.journal* r, + /{run,var}/log/journal/@{hex32}/system@@{hex}.journal* r, owner @{PROC}/@{pid}/stat r, include if exists } - profile killall { + profile killall flags=(attach_disconnected) { include capability sys_ptrace, @@ -155,8 +179,6 @@ profile hw-probe @{exec_path} { @{bin}/killall mr, - # The /proc/ dir is needed to avoid the following error: - # /proc: Permission denied @{PROC}/ r, @{PROC}/@{pids}/stat r, @@ -170,22 +192,7 @@ profile hw-probe @{exec_path} { include if exists } - profile kmod { - include - - @{bin}/kmod mr, - - @{sys}/module/*/ r, - @{sys}/module/*/{coresize,refcnt} r, - @{sys}/module/*/holders/ r, - - @{PROC}/cmdline r, - @{PROC}/modules r, - - include if exists - } - - profile netconfig { + profile netconfig flags=(attach_disconnected) { include # Not needed @@ -210,7 +217,7 @@ profile hw-probe @{exec_path} { include if exists } - profile systemctl { + profile systemctl flags=(attach_disconnected) { include include diff --git a/apparmor.d/profiles-g-l/hwinfo b/apparmor.d/profiles-g-l/hwinfo index 23cb006c9..b8c46b96c 100644 --- a/apparmor.d/profiles-g-l/hwinfo +++ b/apparmor.d/profiles-g-l/hwinfo @@ -12,19 +12,10 @@ profile hwinfo @{exec_path} { include include - # Without the sys_admin CAP, some information, for instance the reserved I/O port address range - # in the /proc/ioports, will be hidden. - capability sys_admin, - - # For the kernel log entries to be shown in the output - capability syslog, - - # To remove the following errors: - # eth0: socket failed: Operation not permitted - capability net_raw, - - # Needed when passed disk related options (--block, --partition, --floppy) - capability sys_rawio, + capability net_raw, # Needed for network related options + capability sys_admin, # Needed for /proc/ioports + capability sys_rawio, # Needed for disk related options + capability syslog, # Needed for /proc/kmsg network inet dgram, network inet6 dgram, @@ -36,58 +27,61 @@ profile hwinfo @{exec_path} { @{bin}/kmod rCx -> kmod, @{bin}/udevadm rCx -> udevadm, + @{bin}/acpidump rPUx, @{bin}/dmraid rPUx, - @{PROC}/version r, - @{PROC}/cmdline r, - @{PROC}/dma r, - @{PROC}/interrupts r, - @{PROC}/modules r, - @{PROC}/tty/driver/serial r, - @{PROC}/ioports r, - @{PROC}/bus/input/devices r, - @{PROC}/partitions r, - @{PROC}/driver/nvram r, - @{PROC}/sys/dev/cdrom/info r, + /usr/share/hwinfo/{,**} r, - /dev/mem r, - /dev/nvram r, - /dev/psaux r, - /dev/console rw, - /dev/ttyS@{int} r, - /dev/fb@{int} r, + /var/lib/hardware/udi/{,**} r, + + owner @{tmp}/hwinfo*.txt rw, @{sys}/bus/{,**/} r, @{sys}/class/*/ r, - @{sys}/devices/@{pci_bus}/** r, - @{sys}/devices/**/input/**/dev r, + @{sys}/devices/@{pci}/** r, @{sys}/devices/**/{modalias,uevent} r, + @{sys}/devices/**/input/**/dev r, @{sys}/devices/virtual/net/*/{type,carrier,address} r, @{sys}/firmware/dmi/tables/DMI r, @{sys}/firmware/dmi/tables/smbios_entry_point r, @{sys}/firmware/edd/{,**} r, - /var/lib/hardware/udi/ r, - - # For a log file - owner @{tmp}/hwinfo*.txt rw, + @{PROC}/bus/input/devices r, + @{PROC}/cmdline r, + @{PROC}/dma r, + @{PROC}/driver/nvram r, + @{PROC}/interrupts r, + @{PROC}/ioports r, + @{PROC}/modules r, + @{PROC}/partitions r, + @{PROC}/sys/dev/cdrom/info r, + @{PROC}/tty/driver/serial r, + @{PROC}/version r, + /dev/console rw, + /dev/fb@{int} r, + /dev/mem r, + /dev/nvram r, + /dev/psaux r, + /dev/ttyS@{int} r, profile kmod { include + include @{bin}/kmod mr, /etc/modprobe.d/{,*.conf} r, - @{PROC}/cmdline r, - - # file_inherit - /dev/ttyS@{int} r, owner @{tmp}/hwinfo*.txt rw, + @{sys}/devices/@{pci}/drm/card@{int}/ r, + @{PROC}/cmdline r, + @{PROC}/modules r, + + include if exists } profile udevadm { diff --git a/apparmor.d/profiles-g-l/libreoffice b/apparmor.d/profiles-g-l/libreoffice index f9dc76461..c035517cc 100644 --- a/apparmor.d/profiles-g-l/libreoffice +++ b/apparmor.d/profiles-g-l/libreoffice @@ -10,6 +10,7 @@ include @{exec_path} += @{lib}/libreoffice/program/soffice profile libreoffice @{exec_path} { include + include include include include diff --git a/apparmor.d/profiles-m-r/parted b/apparmor.d/profiles-m-r/parted index 2b02eb398..9408674f8 100644 --- a/apparmor.d/profiles-m-r/parted +++ b/apparmor.d/profiles-m-r/parted @@ -12,40 +12,26 @@ profile parted @{exec_path} { include include - # Needed to inform the system of newly created/removed partitions - # ioctl(3, BLKRRPART) = -1 EACCES (Permission denied) - # - # Error: Partition(s) * on /dev/sd* have been written, but we have been unable to inform the - # kernel of the change, probably because it/they are in use. As a result, the old partition(s) - # will remain in use. You should reboot now before making further changes. capability sys_admin, - - # Needed? (#FIXME#) capability sys_rawio, - # Needed? - ptrace (read), + ptrace read, @{exec_path} mr, @{sh_path} rix, @{bin}/udevadm rCx -> udevadm, - - @{bin}/dmidecode rPx, + @{bin}/dmidecode rPx, /etc/inputrc r, - # Image files owner @{user_img_dirs}/{,**} rwk, @{PROC}/devices r, @{PROC}/swaps r, owner @{PROC}/@{pid}/mounts r, - /dev/mapper/ r, - /dev/mapper/control rw, - profile udevadm { include include diff --git a/apparmor.d/profiles-m-r/partprobe b/apparmor.d/profiles-m-r/partprobe index 3138c13e2..9e384c66c 100644 --- a/apparmor.d/profiles-m-r/partprobe +++ b/apparmor.d/profiles-m-r/partprobe @@ -12,34 +12,21 @@ profile partprobe @{exec_path} { include include - # To remove the following errors: - # device-mapper: version ioctl on failed: Permission denied - # Incompatible libdevmapper 1.02.167 (2019-11-30) and kernel driver (unknown version). capability sys_admin, - - # To remove the following errors: - # kernel: device-mapper: core: partprobe: sending ioctl 1261 to DM device without required - # privilege. capability sys_rawio, - # Needed? - ptrace (read), + ptrace read, @{exec_path} mr, @{sh_path} rix, @{bin}/udevadm rCx -> udevadm, + @{bin}/dmidecode rPx, - @{bin}/dmidecode rPx, - - owner @{PROC}/@{pid}/mounts r, - @{PROC}/swaps r, @{PROC}/devices r, - - /dev/mapper/ r, - /dev/mapper/control rw, - + @{PROC}/swaps r, + owner @{PROC}/@{pid}/mounts r, profile udevadm { include diff --git a/apparmor.d/profiles-m-r/pass-import b/apparmor.d/profiles-m-r/pass-import index ec77d7ca7..655804ccc 100644 --- a/apparmor.d/profiles-m-r/pass-import +++ b/apparmor.d/profiles-m-r/pass-import @@ -9,8 +9,10 @@ include @{exec_path} = @{bin}/pimport profile pass-import @{exec_path} { include - include + include include + include + include network inet dgram, network inet6 dgram, diff --git a/apparmor.d/profiles-m-r/pkexec b/apparmor.d/profiles-m-r/pkexec index 334531ec3..923d955af 100644 --- a/apparmor.d/profiles-m-r/pkexec +++ b/apparmor.d/profiles-m-r/pkexec @@ -37,12 +37,11 @@ profile pkexec @{exec_path} { # Apps to be run via pkexec @{bin}/* rPUx, + @{lib}/{,gvfs/}gvfsd-admin rPx, @{lib}/cc-remote-login-helper rPx, - @{lib}/gvfs/gvfsd-admin rPUx, #(#FIXME#) - @{lib}/polkit-[0-9]/polkit-agent-helper-[0-9] rPx, - @{lib}/polkit-agent-helper-[0-9] rPx, @{lib}/update-notifier/package-system-locked rPx, /usr/share/apport/apport-gtk rPx, + #aa:exec polkit-agent-helper @{etc_ro}/environment r, @{etc_ro}/security/limits.d/{,*} r, @@ -59,7 +58,7 @@ profile pkexec @{exec_path} { owner @{HOME}/.xsession-errors w, # Silencer -deny @{user_share_dirs}/gvfs-metadata/* r, + deny @{user_share_dirs}/gvfs-metadata/* r, include if exists } diff --git a/apparmor.d/profiles-m-r/protonmail-bridge b/apparmor.d/profiles-m-r/protonmail-bridge index 8d8920557..3d3878c3e 100644 --- a/apparmor.d/profiles-m-r/protonmail-bridge +++ b/apparmor.d/profiles-m-r/protonmail-bridge @@ -41,6 +41,8 @@ profile protonmail-bridge @{exec_path} { owner @{share_dirs}/ rw, owner @{share_dirs}/** rwlk -> @{share_dirs}/**, + owner @{tmp}/@{uuid}.txt w, + owner @{PROC}/@{pid}/cmdline r, include if exists diff --git a/apparmor.d/profiles-s-z/usb-devices b/apparmor.d/profiles-s-z/usb-devices index 881e35c45..188c6ec6b 100644 --- a/apparmor.d/profiles-s-z/usb-devices +++ b/apparmor.d/profiles-s-z/usb-devices @@ -13,17 +13,19 @@ profile usb-devices @{exec_path} { include include - capability dac_read_search, - deny capability dac_override, + capability dac_override, + capability dac_read_search, + + @{exec_path} mr, - @{exec_path} r, @{sh_path} rix, - - @{bin}/cat rix, - @{bin}/cut rix, @{bin}/{,e}grep rix, @{bin}/basename rix, + @{bin}/cat rix, + @{bin}/cut rix, + @{bin}/find rix, @{bin}/readlink rix, + @{bin}/sort rix, # For shell pwd /root/ r, From 275b77d2ac94dee2643701b102b5392b8a41fb13 Mon Sep 17 00:00:00 2001 From: Alexandre Pujol Date: Sat, 15 Jun 2024 17:14:15 +0100 Subject: [PATCH 43/52] fix: profile compilation. --- apparmor.d/abstractions/app/udevadm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apparmor.d/abstractions/app/udevadm b/apparmor.d/abstractions/app/udevadm index 1c36ea8b2..72fb4c61b 100644 --- a/apparmor.d/abstractions/app/udevadm +++ b/apparmor.d/abstractions/app/udevadm @@ -23,4 +23,4 @@ include if exists -# vim:syntax=apparmor \ No newline at end of file +# vim:syntax=apparmor From 5999fc5d409ef5468ec414ae750a2fcbe6b23e84 Mon Sep 17 00:00:00 2001 From: Alexandre Pujol Date: Sat, 15 Jun 2024 17:34:36 +0100 Subject: [PATCH 44/52] feat(aa): simplify unix log parsing. --- pkg/aa/profile.go | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-) diff --git a/pkg/aa/profile.go b/pkg/aa/profile.go index 365bf1eba..97349a456 100644 --- a/pkg/aa/profile.go +++ b/pkg/aa/profile.go @@ -176,13 +176,7 @@ var ( newRule := newLogMountMap[log["operation"]] return newRule(log) }, - "net": func(log map[string]string) Rule { - if log["family"] == "unix" { - return newUnixFromLog(log) - } else { - return newNetworkFromLog(log) - } - }, + "net": newNetworkFromLog, "file": func(log map[string]string) Rule { if log["operation"] == "change_onexec" { return newChangeProfileFromLog(log) From 72b11e5d050fe9b2f22856a83d275c654843f187 Mon Sep 17 00:00:00 2001 From: REmerald <55359236+REmerald@users.noreply.github.com> Date: Sun, 9 Jun 2024 19:31:02 +0300 Subject: [PATCH 45/52] feat(profiles-a-f): vim syntax support Add vim modeline instructing the editor to use syntax plugin provided by apparmor --- apparmor.d/profiles-a-f/aa-enabled | 1 + apparmor.d/profiles-a-f/aa-enforce | 1 + apparmor.d/profiles-a-f/aa-log | 1 + apparmor.d/profiles-a-f/aa-notify | 1 + apparmor.d/profiles-a-f/aa-status | 1 + apparmor.d/profiles-a-f/aa-teardown | 1 + apparmor.d/profiles-a-f/abook | 1 + apparmor.d/profiles-a-f/acpi | 1 + apparmor.d/profiles-a-f/acpi-powerbtn | 1 + apparmor.d/profiles-a-f/acpid | 1 + apparmor.d/profiles-a-f/adb | 1 + apparmor.d/profiles-a-f/adduser | 1 + apparmor.d/profiles-a-f/adequate | 1 + apparmor.d/profiles-a-f/agetty | 1 + apparmor.d/profiles-a-f/alacarte | 1 + apparmor.d/profiles-a-f/alsactl | 1 + apparmor.d/profiles-a-f/amixer | 1 + apparmor.d/profiles-a-f/anacron | 1 + apparmor.d/profiles-a-f/anyremote | 1 + apparmor.d/profiles-a-f/aplay | 1 + apparmor.d/profiles-a-f/apparmor.systemd | 1 + apparmor.d/profiles-a-f/apparmor_parser | 1 + apparmor.d/profiles-a-f/appstreamcli | 1 + apparmor.d/profiles-a-f/arandr | 1 + apparmor.d/profiles-a-f/archivemount | 1 + apparmor.d/profiles-a-f/arduino | 1 + apparmor.d/profiles-a-f/arduino-builder | 1 + apparmor.d/profiles-a-f/arduino-ctags | 1 + apparmor.d/profiles-a-f/aspell | 1 + apparmor.d/profiles-a-f/aspell-autobuildhash | 1 + apparmor.d/profiles-a-f/at | 1 + apparmor.d/profiles-a-f/atd | 1 + apparmor.d/profiles-a-f/atftpd | 1 + apparmor.d/profiles-a-f/atool | 1 + apparmor.d/profiles-a-f/atril | 1 + apparmor.d/profiles-a-f/atrild | 1 + apparmor.d/profiles-a-f/auditctl | 1 + apparmor.d/profiles-a-f/auditd | 1 + apparmor.d/profiles-a-f/augenrules | 1 + apparmor.d/profiles-a-f/badblocks | 1 + apparmor.d/profiles-a-f/biosdecode | 1 + apparmor.d/profiles-a-f/birdtray | 1 + apparmor.d/profiles-a-f/blkdeactivate | 1 + apparmor.d/profiles-a-f/blkid | 1 + apparmor.d/profiles-a-f/blockdev | 1 + apparmor.d/profiles-a-f/blueman | 1 + apparmor.d/profiles-a-f/blueman-mechanism | 1 + apparmor.d/profiles-a-f/blueman-rfcomm-watcher | 1 + apparmor.d/profiles-a-f/bluemoon | 1 + apparmor.d/profiles-a-f/bluetoothctl | 1 + apparmor.d/profiles-a-f/bluetoothd | 1 + apparmor.d/profiles-a-f/bmon | 1 + apparmor.d/profiles-a-f/boltd | 1 + apparmor.d/profiles-a-f/borg | 1 + apparmor.d/profiles-a-f/browserpass | 1 + apparmor.d/profiles-a-f/btop | 1 + apparmor.d/profiles-a-f/btrfs | 1 + apparmor.d/profiles-a-f/btrfs-convert | 1 + apparmor.d/profiles-a-f/btrfs-find-root | 1 + apparmor.d/profiles-a-f/btrfs-image | 1 + apparmor.d/profiles-a-f/btrfs-map-logical | 1 + apparmor.d/profiles-a-f/btrfs-select-super | 1 + apparmor.d/profiles-a-f/btrfstune | 1 + apparmor.d/profiles-a-f/cawbird | 1 + apparmor.d/profiles-a-f/cc-remote-login-helper | 1 + apparmor.d/profiles-a-f/cctk | 1 + apparmor.d/profiles-a-f/ccze | 1 + apparmor.d/profiles-a-f/cert-sync | 1 + apparmor.d/profiles-a-f/cfdisk | 1 + apparmor.d/profiles-a-f/cgdisk | 1 + apparmor.d/profiles-a-f/cgrulesengd | 1 + apparmor.d/profiles-a-f/chage | 1 + apparmor.d/profiles-a-f/changestool | 1 + apparmor.d/profiles-a-f/check-bios-nx | 1 + apparmor.d/profiles-a-f/check-support-status | 1 + apparmor.d/profiles-a-f/check-support-status-hook | 1 + apparmor.d/profiles-a-f/chfn | 1 + apparmor.d/profiles-a-f/chpasswd | 1 + apparmor.d/profiles-a-f/chronyd | 1 + apparmor.d/profiles-a-f/chsh | 1 + apparmor.d/profiles-a-f/claws-mail | 1 + apparmor.d/profiles-a-f/code | 1 + apparmor.d/profiles-a-f/code-extension-git-askpass | 1 + apparmor.d/profiles-a-f/code-extension-git-editor | 1 + apparmor.d/profiles-a-f/code-wrapper | 1 + apparmor.d/profiles-a-f/compton | 1 + apparmor.d/profiles-a-f/conky | 1 + apparmor.d/profiles-a-f/console-setup | 1 + apparmor.d/profiles-a-f/convertall | 1 + apparmor.d/profiles-a-f/cppw-cpgr | 1 + apparmor.d/profiles-a-f/cpuid | 1 + apparmor.d/profiles-a-f/cracklib-packer | 1 + apparmor.d/profiles-a-f/crda | 1 + apparmor.d/profiles-a-f/cups-backend-beh | 1 + apparmor.d/profiles-a-f/cups-backend-bluetooth | 1 + apparmor.d/profiles-a-f/cups-backend-brf | 1 + apparmor.d/profiles-a-f/cups-backend-dnssd | 1 + apparmor.d/profiles-a-f/cups-backend-hp | 1 + apparmor.d/profiles-a-f/cups-backend-implicitclass | 1 + apparmor.d/profiles-a-f/cups-backend-ipp | 1 + apparmor.d/profiles-a-f/cups-backend-lpd | 1 + apparmor.d/profiles-a-f/cups-backend-mdns | 1 + apparmor.d/profiles-a-f/cups-backend-parallel | 1 + apparmor.d/profiles-a-f/cups-backend-pdf | 1 + apparmor.d/profiles-a-f/cups-backend-serial | 1 + apparmor.d/profiles-a-f/cups-backend-snmp | 1 + apparmor.d/profiles-a-f/cups-backend-socket | 1 + apparmor.d/profiles-a-f/cups-backend-usb | 1 + apparmor.d/profiles-a-f/cups-browsed | 1 + apparmor.d/profiles-a-f/cups-notifier-dbus | 1 + apparmor.d/profiles-a-f/cups-notifier-mailto | 1 + apparmor.d/profiles-a-f/cups-notifier-rss | 1 + apparmor.d/profiles-a-f/cups-pk-helper-mechanism | 1 + apparmor.d/profiles-a-f/cupsd | 1 + apparmor.d/profiles-a-f/czkawka-cli | 1 + apparmor.d/profiles-a-f/czkawka-gui | 1 + apparmor.d/profiles-a-f/ddclient | 1 + apparmor.d/profiles-a-f/deltachat-desktop | 1 + apparmor.d/profiles-a-f/deluser | 1 + apparmor.d/profiles-a-f/df | 1 + apparmor.d/profiles-a-f/dfc | 1 + apparmor.d/profiles-a-f/dhclient | 1 + apparmor.d/profiles-a-f/dhclient-script | 1 + apparmor.d/profiles-a-f/dig | 1 + apparmor.d/profiles-a-f/dino-im | 1 + apparmor.d/profiles-a-f/dkms | 1 + apparmor.d/profiles-a-f/dkms-autoinstaller | 1 + apparmor.d/profiles-a-f/dleyna-renderer-service | 1 + apparmor.d/profiles-a-f/dleyna-server-service | 1 + apparmor.d/profiles-a-f/dlocate | 1 + apparmor.d/profiles-a-f/dmcrypt-get-device | 1 + apparmor.d/profiles-a-f/dmesg | 1 + apparmor.d/profiles-a-f/dmeventd | 1 + apparmor.d/profiles-a-f/dmidecode | 1 + apparmor.d/profiles-a-f/dnscrypt-proxy | 1 + apparmor.d/profiles-a-f/downloadhelper | 1 + apparmor.d/profiles-a-f/dring | 1 + apparmor.d/profiles-a-f/dumpcap | 1 + apparmor.d/profiles-a-f/dumpe2fs | 1 + apparmor.d/profiles-a-f/dunst | 1 + apparmor.d/profiles-a-f/dunstctl | 1 + apparmor.d/profiles-a-f/dunstify | 1 + apparmor.d/profiles-a-f/e2fsck | 1 + apparmor.d/profiles-a-f/e2image | 1 + apparmor.d/profiles-a-f/e2scrub_all | 1 + apparmor.d/profiles-a-f/edid-decode | 1 + apparmor.d/profiles-a-f/eject | 1 + apparmor.d/profiles-a-f/element-desktop | 1 + apparmor.d/profiles-a-f/engrampa | 1 + apparmor.d/profiles-a-f/etckeeper | 1 + apparmor.d/profiles-a-f/evince | 1 + apparmor.d/profiles-a-f/evince-previewer | 1 + apparmor.d/profiles-a-f/evince-thumbnailer | 1 + apparmor.d/profiles-a-f/execute-dcut | 1 + apparmor.d/profiles-a-f/execute-dput | 1 + apparmor.d/profiles-a-f/exiftool | 1 + apparmor.d/profiles-a-f/exim4 | 1 + apparmor.d/profiles-a-f/exo-compose-mail | 1 + apparmor.d/profiles-a-f/exo-helper | 1 + apparmor.d/profiles-a-f/exo-open | 1 + apparmor.d/profiles-a-f/f3brew | 1 + apparmor.d/profiles-a-f/f3fix | 1 + apparmor.d/profiles-a-f/f3probe | 1 + apparmor.d/profiles-a-f/f3read | 1 + apparmor.d/profiles-a-f/f3write | 1 + apparmor.d/profiles-a-f/fail2ban-client | 1 + apparmor.d/profiles-a-f/fail2ban-server | 1 + apparmor.d/profiles-a-f/fatlabel | 1 + apparmor.d/profiles-a-f/fatresize | 1 + apparmor.d/profiles-a-f/fdisk | 1 + apparmor.d/profiles-a-f/ffmpeg | 1 + apparmor.d/profiles-a-f/ffplay | 1 + apparmor.d/profiles-a-f/ffprobe | 1 + apparmor.d/profiles-a-f/file-roller | 1 + apparmor.d/profiles-a-f/filecap | 1 + apparmor.d/profiles-a-f/findmnt | 1 + apparmor.d/profiles-a-f/firecfg | 1 + apparmor.d/profiles-a-f/firewalld | 1 + apparmor.d/profiles-a-f/flameshot | 1 + apparmor.d/profiles-a-f/flatpak | 1 + apparmor.d/profiles-a-f/flatpak-app | 1 + apparmor.d/profiles-a-f/flatpak-oci-authenticator | 1 + apparmor.d/profiles-a-f/flatpak-portal | 1 + apparmor.d/profiles-a-f/flatpak-session-helper | 1 + apparmor.d/profiles-a-f/flatpak-system-helper | 1 + apparmor.d/profiles-a-f/flatpak-validate-icon | 1 + apparmor.d/profiles-a-f/foliate | 1 + apparmor.d/profiles-a-f/font-manager | 1 + apparmor.d/profiles-a-f/fping | 1 + apparmor.d/profiles-a-f/fprintd | 1 + apparmor.d/profiles-a-f/fractal | 1 + apparmor.d/profiles-a-f/freefall | 1 + apparmor.d/profiles-a-f/fritzing | 1 + apparmor.d/profiles-a-f/frontend | 1 + apparmor.d/profiles-a-f/fsck | 1 + apparmor.d/profiles-a-f/fsck.btrfs | 1 + apparmor.d/profiles-a-f/fsck.fat | 1 + apparmor.d/profiles-a-f/fuse-overlayfs | 1 + apparmor.d/profiles-a-f/fuseiso | 1 + apparmor.d/profiles-a-f/fusermount | 1 + apparmor.d/profiles-a-f/fwupd | 1 + apparmor.d/profiles-a-f/fwupdmgr | 1 + 202 files changed, 202 insertions(+) diff --git a/apparmor.d/profiles-a-f/aa-enabled b/apparmor.d/profiles-a-f/aa-enabled index f85a84cd6..41b892c5f 100644 --- a/apparmor.d/profiles-a-f/aa-enabled +++ b/apparmor.d/profiles-a-f/aa-enabled @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/aa-enforce b/apparmor.d/profiles-a-f/aa-enforce index df5c7972d..359fde762 100644 --- a/apparmor.d/profiles-a-f/aa-enforce +++ b/apparmor.d/profiles-a-f/aa-enforce @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/aa-log b/apparmor.d/profiles-a-f/aa-log index c5bc84c76..5c282c905 100644 --- a/apparmor.d/profiles-a-f/aa-log +++ b/apparmor.d/profiles-a-f/aa-log @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/aa-notify b/apparmor.d/profiles-a-f/aa-notify index 7d10b57af..be2d5ebb3 100644 --- a/apparmor.d/profiles-a-f/aa-notify +++ b/apparmor.d/profiles-a-f/aa-notify @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/aa-status b/apparmor.d/profiles-a-f/aa-status index 7b94ce35f..7b405cf69 100644 --- a/apparmor.d/profiles-a-f/aa-status +++ b/apparmor.d/profiles-a-f/aa-status @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/aa-teardown b/apparmor.d/profiles-a-f/aa-teardown index c42501644..dab5be5bd 100644 --- a/apparmor.d/profiles-a-f/aa-teardown +++ b/apparmor.d/profiles-a-f/aa-teardown @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/abook b/apparmor.d/profiles-a-f/abook index 14e345864..d89d87016 100644 --- a/apparmor.d/profiles-a-f/abook +++ b/apparmor.d/profiles-a-f/abook @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Zane Zakraisek # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/acpi b/apparmor.d/profiles-a-f/acpi index ce1e57541..9f24c10a9 100644 --- a/apparmor.d/profiles-a-f/acpi +++ b/apparmor.d/profiles-a-f/acpi @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/acpi-powerbtn b/apparmor.d/profiles-a-f/acpi-powerbtn index ba559644c..3236e106f 100644 --- a/apparmor.d/profiles-a-f/acpi-powerbtn +++ b/apparmor.d/profiles-a-f/acpi-powerbtn @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/acpid b/apparmor.d/profiles-a-f/acpid index e994edb95..3f74d18b4 100644 --- a/apparmor.d/profiles-a-f/acpid +++ b/apparmor.d/profiles-a-f/acpid @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/adb b/apparmor.d/profiles-a-f/adb index bbdc782ab..d0ad36648 100644 --- a/apparmor.d/profiles-a-f/adb +++ b/apparmor.d/profiles-a-f/adb @@ -2,6 +2,7 @@ # Copyright (C) 2021-2022 Mikhail Morfikov # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/adduser b/apparmor.d/profiles-a-f/adduser index e816822ae..5e48e005a 100644 --- a/apparmor.d/profiles-a-f/adduser +++ b/apparmor.d/profiles-a-f/adduser @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/adequate b/apparmor.d/profiles-a-f/adequate index cbcb25574..febeb5892 100644 --- a/apparmor.d/profiles-a-f/adequate +++ b/apparmor.d/profiles-a-f/adequate @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/agetty b/apparmor.d/profiles-a-f/agetty index bf83779a5..2295b8bc2 100644 --- a/apparmor.d/profiles-a-f/agetty +++ b/apparmor.d/profiles-a-f/agetty @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/alacarte b/apparmor.d/profiles-a-f/alacarte index 8497cb986..4299d9114 100644 --- a/apparmor.d/profiles-a-f/alacarte +++ b/apparmor.d/profiles-a-f/alacarte @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/alsactl b/apparmor.d/profiles-a-f/alsactl index c0f821a10..3d91058d2 100644 --- a/apparmor.d/profiles-a-f/alsactl +++ b/apparmor.d/profiles-a-f/alsactl @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/amixer b/apparmor.d/profiles-a-f/amixer index c6c49ecca..bf6407cc1 100644 --- a/apparmor.d/profiles-a-f/amixer +++ b/apparmor.d/profiles-a-f/amixer @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/anacron b/apparmor.d/profiles-a-f/anacron index 40f14779c..1ff93e0a7 100644 --- a/apparmor.d/profiles-a-f/anacron +++ b/apparmor.d/profiles-a-f/anacron @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/anyremote b/apparmor.d/profiles-a-f/anyremote index 4fa47c613..aeb878e90 100644 --- a/apparmor.d/profiles-a-f/anyremote +++ b/apparmor.d/profiles-a-f/anyremote @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/aplay b/apparmor.d/profiles-a-f/aplay index 44bdd100d..b798e21fd 100644 --- a/apparmor.d/profiles-a-f/aplay +++ b/apparmor.d/profiles-a-f/aplay @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/apparmor.systemd b/apparmor.d/profiles-a-f/apparmor.systemd index e993b3f85..ff2a7f61d 100644 --- a/apparmor.d/profiles-a-f/apparmor.systemd +++ b/apparmor.d/profiles-a-f/apparmor.systemd @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/apparmor_parser b/apparmor.d/profiles-a-f/apparmor_parser index ee442861f..898e2e003 100644 --- a/apparmor.d/profiles-a-f/apparmor_parser +++ b/apparmor.d/profiles-a-f/apparmor_parser @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/appstreamcli b/apparmor.d/profiles-a-f/appstreamcli index e280c7055..be0e4a727 100644 --- a/apparmor.d/profiles-a-f/appstreamcli +++ b/apparmor.d/profiles-a-f/appstreamcli @@ -2,6 +2,7 @@ # Copyright (C) 2019-2022 Mikhail Morfikov # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/arandr b/apparmor.d/profiles-a-f/arandr index cb2e5b37b..77bb711c8 100644 --- a/apparmor.d/profiles-a-f/arandr +++ b/apparmor.d/profiles-a-f/arandr @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/archivemount b/apparmor.d/profiles-a-f/archivemount index 106afa48f..a46c03578 100644 --- a/apparmor.d/profiles-a-f/archivemount +++ b/apparmor.d/profiles-a-f/archivemount @@ -2,6 +2,7 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/arduino b/apparmor.d/profiles-a-f/arduino index d92b5dce9..e2214737d 100644 --- a/apparmor.d/profiles-a-f/arduino +++ b/apparmor.d/profiles-a-f/arduino @@ -2,6 +2,7 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/arduino-builder b/apparmor.d/profiles-a-f/arduino-builder index 0eb54afe3..306aef640 100644 --- a/apparmor.d/profiles-a-f/arduino-builder +++ b/apparmor.d/profiles-a-f/arduino-builder @@ -2,6 +2,7 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/arduino-ctags b/apparmor.d/profiles-a-f/arduino-ctags index c97b00961..cc15ceef0 100644 --- a/apparmor.d/profiles-a-f/arduino-ctags +++ b/apparmor.d/profiles-a-f/arduino-ctags @@ -2,6 +2,7 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/aspell b/apparmor.d/profiles-a-f/aspell index 765234d6f..ef5cbdb2c 100644 --- a/apparmor.d/profiles-a-f/aspell +++ b/apparmor.d/profiles-a-f/aspell @@ -2,6 +2,7 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/aspell-autobuildhash b/apparmor.d/profiles-a-f/aspell-autobuildhash index f7bf193a9..76c1b9606 100644 --- a/apparmor.d/profiles-a-f/aspell-autobuildhash +++ b/apparmor.d/profiles-a-f/aspell-autobuildhash @@ -2,6 +2,7 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/at b/apparmor.d/profiles-a-f/at index 23d5d30d6..1ff9de345 100644 --- a/apparmor.d/profiles-a-f/at +++ b/apparmor.d/profiles-a-f/at @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/atd b/apparmor.d/profiles-a-f/atd index 9da2f3041..765d0d87e 100644 --- a/apparmor.d/profiles-a-f/atd +++ b/apparmor.d/profiles-a-f/atd @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/atftpd b/apparmor.d/profiles-a-f/atftpd index aa90818d6..cb1c9f7fc 100644 --- a/apparmor.d/profiles-a-f/atftpd +++ b/apparmor.d/profiles-a-f/atftpd @@ -2,6 +2,7 @@ # Copyright (C) 2017-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/atool b/apparmor.d/profiles-a-f/atool index cb5317ded..cbcb346c4 100644 --- a/apparmor.d/profiles-a-f/atool +++ b/apparmor.d/profiles-a-f/atool @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 valoq # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/atril b/apparmor.d/profiles-a-f/atril index a1caf6bc7..eb7c24748 100644 --- a/apparmor.d/profiles-a-f/atril +++ b/apparmor.d/profiles-a-f/atril @@ -2,6 +2,7 @@ # Copyright (C) 2022 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/atrild b/apparmor.d/profiles-a-f/atrild index d753d7f88..9c0092179 100644 --- a/apparmor.d/profiles-a-f/atrild +++ b/apparmor.d/profiles-a-f/atrild @@ -2,6 +2,7 @@ # Copyright (C) 2022 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/auditctl b/apparmor.d/profiles-a-f/auditctl index daee68977..924643592 100644 --- a/apparmor.d/profiles-a-f/auditctl +++ b/apparmor.d/profiles-a-f/auditctl @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/auditd b/apparmor.d/profiles-a-f/auditd index 0775c6183..709548dea 100644 --- a/apparmor.d/profiles-a-f/auditd +++ b/apparmor.d/profiles-a-f/auditd @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/augenrules b/apparmor.d/profiles-a-f/augenrules index f5a83b69a..6c27f53b5 100644 --- a/apparmor.d/profiles-a-f/augenrules +++ b/apparmor.d/profiles-a-f/augenrules @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/badblocks b/apparmor.d/profiles-a-f/badblocks index 0c514c76d..ed870ed29 100644 --- a/apparmor.d/profiles-a-f/badblocks +++ b/apparmor.d/profiles-a-f/badblocks @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/biosdecode b/apparmor.d/profiles-a-f/biosdecode index dc9540643..67ba638ec 100644 --- a/apparmor.d/profiles-a-f/biosdecode +++ b/apparmor.d/profiles-a-f/biosdecode @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/birdtray b/apparmor.d/profiles-a-f/birdtray index 93eb3d572..7c6c21bc7 100644 --- a/apparmor.d/profiles-a-f/birdtray +++ b/apparmor.d/profiles-a-f/birdtray @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/blkdeactivate b/apparmor.d/profiles-a-f/blkdeactivate index ea688a331..d29db9be3 100644 --- a/apparmor.d/profiles-a-f/blkdeactivate +++ b/apparmor.d/profiles-a-f/blkdeactivate @@ -2,6 +2,7 @@ # Copyright (C) 2022 Jeroen Rijken # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/blkid b/apparmor.d/profiles-a-f/blkid index fef77c18a..dd825ef2a 100644 --- a/apparmor.d/profiles-a-f/blkid +++ b/apparmor.d/profiles-a-f/blkid @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/blockdev b/apparmor.d/profiles-a-f/blockdev index a69104221..03a62f5be 100644 --- a/apparmor.d/profiles-a-f/blockdev +++ b/apparmor.d/profiles-a-f/blockdev @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/blueman b/apparmor.d/profiles-a-f/blueman index 13e3fed1b..4135794d6 100644 --- a/apparmor.d/profiles-a-f/blueman +++ b/apparmor.d/profiles-a-f/blueman @@ -2,6 +2,7 @@ # Copyright (C) 2021-2022 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/blueman-mechanism b/apparmor.d/profiles-a-f/blueman-mechanism index 968c98f3c..a56f9d88b 100644 --- a/apparmor.d/profiles-a-f/blueman-mechanism +++ b/apparmor.d/profiles-a-f/blueman-mechanism @@ -2,6 +2,7 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/blueman-rfcomm-watcher b/apparmor.d/profiles-a-f/blueman-rfcomm-watcher index 9e24bf7b7..ef666f806 100644 --- a/apparmor.d/profiles-a-f/blueman-rfcomm-watcher +++ b/apparmor.d/profiles-a-f/blueman-rfcomm-watcher @@ -2,6 +2,7 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/bluemoon b/apparmor.d/profiles-a-f/bluemoon index 5b975f1b9..018cfbbec 100644 --- a/apparmor.d/profiles-a-f/bluemoon +++ b/apparmor.d/profiles-a-f/bluemoon @@ -2,6 +2,7 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/bluetoothctl b/apparmor.d/profiles-a-f/bluetoothctl index 5af6e963e..f9111e12d 100644 --- a/apparmor.d/profiles-a-f/bluetoothctl +++ b/apparmor.d/profiles-a-f/bluetoothctl @@ -2,6 +2,7 @@ # Copyright (C) 2015-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/bluetoothd b/apparmor.d/profiles-a-f/bluetoothd index 499a7e3cb..7e69fae3f 100644 --- a/apparmor.d/profiles-a-f/bluetoothd +++ b/apparmor.d/profiles-a-f/bluetoothd @@ -2,6 +2,7 @@ # Copyright (C) 2015-2022 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/bmon b/apparmor.d/profiles-a-f/bmon index 3ed3aae29..8ddc1513f 100644 --- a/apparmor.d/profiles-a-f/bmon +++ b/apparmor.d/profiles-a-f/bmon @@ -2,6 +2,7 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/boltd b/apparmor.d/profiles-a-f/boltd index 29fd2aac9..d6a1ce25f 100644 --- a/apparmor.d/profiles-a-f/boltd +++ b/apparmor.d/profiles-a-f/boltd @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/borg b/apparmor.d/profiles-a-f/borg index dffe9087f..984886e95 100644 --- a/apparmor.d/profiles-a-f/borg +++ b/apparmor.d/profiles-a-f/borg @@ -2,6 +2,7 @@ # Copyright (C) 2020-2022 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/browserpass b/apparmor.d/profiles-a-f/browserpass index e616a9411..5eaa4abab 100644 --- a/apparmor.d/profiles-a-f/browserpass +++ b/apparmor.d/profiles-a-f/browserpass @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/btop b/apparmor.d/profiles-a-f/btop index 3ec7b2f3b..1fd06e899 100644 --- a/apparmor.d/profiles-a-f/btop +++ b/apparmor.d/profiles-a-f/btop @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/btrfs b/apparmor.d/profiles-a-f/btrfs index cb651e1c2..57db80da6 100644 --- a/apparmor.d/profiles-a-f/btrfs +++ b/apparmor.d/profiles-a-f/btrfs @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/btrfs-convert b/apparmor.d/profiles-a-f/btrfs-convert index 0143fd5c9..f10e53536 100644 --- a/apparmor.d/profiles-a-f/btrfs-convert +++ b/apparmor.d/profiles-a-f/btrfs-convert @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/btrfs-find-root b/apparmor.d/profiles-a-f/btrfs-find-root index d25c836bf..8d9ed4515 100644 --- a/apparmor.d/profiles-a-f/btrfs-find-root +++ b/apparmor.d/profiles-a-f/btrfs-find-root @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/btrfs-image b/apparmor.d/profiles-a-f/btrfs-image index 63a54f7d6..c3b8b66c8 100644 --- a/apparmor.d/profiles-a-f/btrfs-image +++ b/apparmor.d/profiles-a-f/btrfs-image @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/btrfs-map-logical b/apparmor.d/profiles-a-f/btrfs-map-logical index f50198a9e..b777d9f53 100644 --- a/apparmor.d/profiles-a-f/btrfs-map-logical +++ b/apparmor.d/profiles-a-f/btrfs-map-logical @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/btrfs-select-super b/apparmor.d/profiles-a-f/btrfs-select-super index 12efd68cd..1a4013a16 100644 --- a/apparmor.d/profiles-a-f/btrfs-select-super +++ b/apparmor.d/profiles-a-f/btrfs-select-super @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/btrfstune b/apparmor.d/profiles-a-f/btrfstune index 4eb522481..3459f7cbe 100644 --- a/apparmor.d/profiles-a-f/btrfstune +++ b/apparmor.d/profiles-a-f/btrfstune @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/cawbird b/apparmor.d/profiles-a-f/cawbird index 6ebd21052..a3e17d034 100644 --- a/apparmor.d/profiles-a-f/cawbird +++ b/apparmor.d/profiles-a-f/cawbird @@ -2,6 +2,7 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/cc-remote-login-helper b/apparmor.d/profiles-a-f/cc-remote-login-helper index 5bb52d718..1ee41d92e 100644 --- a/apparmor.d/profiles-a-f/cc-remote-login-helper +++ b/apparmor.d/profiles-a-f/cc-remote-login-helper @@ -1,5 +1,6 @@ # apparmor.d - Full set of apparmor profiles # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/cctk b/apparmor.d/profiles-a-f/cctk index f73936734..c8bde01d7 100644 --- a/apparmor.d/profiles-a-f/cctk +++ b/apparmor.d/profiles-a-f/cctk @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/ccze b/apparmor.d/profiles-a-f/ccze index 6ef28e832..86c540b9a 100644 --- a/apparmor.d/profiles-a-f/ccze +++ b/apparmor.d/profiles-a-f/ccze @@ -2,6 +2,7 @@ # Copyright (C) 2017-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/cert-sync b/apparmor.d/profiles-a-f/cert-sync index b3abfcbb8..ab1442298 100644 --- a/apparmor.d/profiles-a-f/cert-sync +++ b/apparmor.d/profiles-a-f/cert-sync @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/cfdisk b/apparmor.d/profiles-a-f/cfdisk index 48d129e3f..1b2f27663 100644 --- a/apparmor.d/profiles-a-f/cfdisk +++ b/apparmor.d/profiles-a-f/cfdisk @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/cgdisk b/apparmor.d/profiles-a-f/cgdisk index ee305de16..db45c05f0 100644 --- a/apparmor.d/profiles-a-f/cgdisk +++ b/apparmor.d/profiles-a-f/cgdisk @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/cgrulesengd b/apparmor.d/profiles-a-f/cgrulesengd index 1a9b6d81d..1e46f9c59 100644 --- a/apparmor.d/profiles-a-f/cgrulesengd +++ b/apparmor.d/profiles-a-f/cgrulesengd @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/chage b/apparmor.d/profiles-a-f/chage index 21d41f149..caa2d69f8 100644 --- a/apparmor.d/profiles-a-f/chage +++ b/apparmor.d/profiles-a-f/chage @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/changestool b/apparmor.d/profiles-a-f/changestool index 577e08395..63c867eb3 100644 --- a/apparmor.d/profiles-a-f/changestool +++ b/apparmor.d/profiles-a-f/changestool @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/check-bios-nx b/apparmor.d/profiles-a-f/check-bios-nx index a2021522d..11eb0c82a 100644 --- a/apparmor.d/profiles-a-f/check-bios-nx +++ b/apparmor.d/profiles-a-f/check-bios-nx @@ -2,6 +2,7 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/check-support-status b/apparmor.d/profiles-a-f/check-support-status index e6c6a2e0a..513fb86f6 100644 --- a/apparmor.d/profiles-a-f/check-support-status +++ b/apparmor.d/profiles-a-f/check-support-status @@ -2,6 +2,7 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/check-support-status-hook b/apparmor.d/profiles-a-f/check-support-status-hook index d10245d4c..9bdb5c145 100644 --- a/apparmor.d/profiles-a-f/check-support-status-hook +++ b/apparmor.d/profiles-a-f/check-support-status-hook @@ -2,6 +2,7 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/chfn b/apparmor.d/profiles-a-f/chfn index 1d6a56c5e..1030627e4 100644 --- a/apparmor.d/profiles-a-f/chfn +++ b/apparmor.d/profiles-a-f/chfn @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/chpasswd b/apparmor.d/profiles-a-f/chpasswd index b0414fad0..b66f33550 100644 --- a/apparmor.d/profiles-a-f/chpasswd +++ b/apparmor.d/profiles-a-f/chpasswd @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor include diff --git a/apparmor.d/profiles-a-f/chronyd b/apparmor.d/profiles-a-f/chronyd index ca1896015..82c42cdf4 100644 --- a/apparmor.d/profiles-a-f/chronyd +++ b/apparmor.d/profiles-a-f/chronyd @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # Based on https://salsa.debian.org/debian/chrony/-/blob/debian/latest/debian/usr.sbin.chronyd diff --git a/apparmor.d/profiles-a-f/chsh b/apparmor.d/profiles-a-f/chsh index 75f98c7c0..50ce2a84a 100644 --- a/apparmor.d/profiles-a-f/chsh +++ b/apparmor.d/profiles-a-f/chsh @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/claws-mail b/apparmor.d/profiles-a-f/claws-mail index 885d16027..85094bf54 100644 --- a/apparmor.d/profiles-a-f/claws-mail +++ b/apparmor.d/profiles-a-f/claws-mail @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/code b/apparmor.d/profiles-a-f/code index 8dcd847df..6577100fa 100644 --- a/apparmor.d/profiles-a-f/code +++ b/apparmor.d/profiles-a-f/code @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/code-extension-git-askpass b/apparmor.d/profiles-a-f/code-extension-git-askpass index 8b4196580..10f03f0b9 100644 --- a/apparmor.d/profiles-a-f/code-extension-git-askpass +++ b/apparmor.d/profiles-a-f/code-extension-git-askpass @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/code-extension-git-editor b/apparmor.d/profiles-a-f/code-extension-git-editor index 1708393d1..ccea64355 100644 --- a/apparmor.d/profiles-a-f/code-extension-git-editor +++ b/apparmor.d/profiles-a-f/code-extension-git-editor @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/code-wrapper b/apparmor.d/profiles-a-f/code-wrapper index e867892ab..af5a2ea7f 100644 --- a/apparmor.d/profiles-a-f/code-wrapper +++ b/apparmor.d/profiles-a-f/code-wrapper @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/compton b/apparmor.d/profiles-a-f/compton index 360957a7c..71f21ad02 100644 --- a/apparmor.d/profiles-a-f/compton +++ b/apparmor.d/profiles-a-f/compton @@ -2,6 +2,7 @@ # Copyright (C) 2017-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/conky b/apparmor.d/profiles-a-f/conky index fa71598fc..a63710c55 100644 --- a/apparmor.d/profiles-a-f/conky +++ b/apparmor.d/profiles-a-f/conky @@ -2,6 +2,7 @@ # Copyright (C) 2015-2020 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/console-setup b/apparmor.d/profiles-a-f/console-setup index a8bac3a11..18a99fb98 100644 --- a/apparmor.d/profiles-a-f/console-setup +++ b/apparmor.d/profiles-a-f/console-setup @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/convertall b/apparmor.d/profiles-a-f/convertall index a1453d122..e63ce3698 100644 --- a/apparmor.d/profiles-a-f/convertall +++ b/apparmor.d/profiles-a-f/convertall @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/cppw-cpgr b/apparmor.d/profiles-a-f/cppw-cpgr index 1795b49d5..5666b7de8 100644 --- a/apparmor.d/profiles-a-f/cppw-cpgr +++ b/apparmor.d/profiles-a-f/cppw-cpgr @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/cpuid b/apparmor.d/profiles-a-f/cpuid index 3c4f797e0..9fd267bc2 100644 --- a/apparmor.d/profiles-a-f/cpuid +++ b/apparmor.d/profiles-a-f/cpuid @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/cracklib-packer b/apparmor.d/profiles-a-f/cracklib-packer index 8cd26fff2..904e746fd 100644 --- a/apparmor.d/profiles-a-f/cracklib-packer +++ b/apparmor.d/profiles-a-f/cracklib-packer @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/crda b/apparmor.d/profiles-a-f/crda index 41e816370..5e5c0e3a7 100644 --- a/apparmor.d/profiles-a-f/crda +++ b/apparmor.d/profiles-a-f/crda @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/cups-backend-beh b/apparmor.d/profiles-a-f/cups-backend-beh index d3e7a4a7c..84addbf75 100644 --- a/apparmor.d/profiles-a-f/cups-backend-beh +++ b/apparmor.d/profiles-a-f/cups-backend-beh @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/cups-backend-bluetooth b/apparmor.d/profiles-a-f/cups-backend-bluetooth index 402c97f74..d73290210 100644 --- a/apparmor.d/profiles-a-f/cups-backend-bluetooth +++ b/apparmor.d/profiles-a-f/cups-backend-bluetooth @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/cups-backend-brf b/apparmor.d/profiles-a-f/cups-backend-brf index a0e46cf07..3840f47c0 100644 --- a/apparmor.d/profiles-a-f/cups-backend-brf +++ b/apparmor.d/profiles-a-f/cups-backend-brf @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/cups-backend-dnssd b/apparmor.d/profiles-a-f/cups-backend-dnssd index e047682f0..f1e052df6 100644 --- a/apparmor.d/profiles-a-f/cups-backend-dnssd +++ b/apparmor.d/profiles-a-f/cups-backend-dnssd @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/cups-backend-hp b/apparmor.d/profiles-a-f/cups-backend-hp index 268ef4e96..7547b4e06 100644 --- a/apparmor.d/profiles-a-f/cups-backend-hp +++ b/apparmor.d/profiles-a-f/cups-backend-hp @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/cups-backend-implicitclass b/apparmor.d/profiles-a-f/cups-backend-implicitclass index 53dd31cea..c5effeceb 100644 --- a/apparmor.d/profiles-a-f/cups-backend-implicitclass +++ b/apparmor.d/profiles-a-f/cups-backend-implicitclass @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/cups-backend-ipp b/apparmor.d/profiles-a-f/cups-backend-ipp index e20771d28..4cfba737b 100644 --- a/apparmor.d/profiles-a-f/cups-backend-ipp +++ b/apparmor.d/profiles-a-f/cups-backend-ipp @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/cups-backend-lpd b/apparmor.d/profiles-a-f/cups-backend-lpd index 198d8a561..0392d29cd 100644 --- a/apparmor.d/profiles-a-f/cups-backend-lpd +++ b/apparmor.d/profiles-a-f/cups-backend-lpd @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/cups-backend-mdns b/apparmor.d/profiles-a-f/cups-backend-mdns index 7945a8b5f..603d5c69d 100644 --- a/apparmor.d/profiles-a-f/cups-backend-mdns +++ b/apparmor.d/profiles-a-f/cups-backend-mdns @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/cups-backend-parallel b/apparmor.d/profiles-a-f/cups-backend-parallel index 54eb3f307..a93805ff6 100644 --- a/apparmor.d/profiles-a-f/cups-backend-parallel +++ b/apparmor.d/profiles-a-f/cups-backend-parallel @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/cups-backend-pdf b/apparmor.d/profiles-a-f/cups-backend-pdf index 650b5f879..7b5794cb5 100644 --- a/apparmor.d/profiles-a-f/cups-backend-pdf +++ b/apparmor.d/profiles-a-f/cups-backend-pdf @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/cups-backend-serial b/apparmor.d/profiles-a-f/cups-backend-serial index 1788cce1a..695143a4b 100644 --- a/apparmor.d/profiles-a-f/cups-backend-serial +++ b/apparmor.d/profiles-a-f/cups-backend-serial @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/cups-backend-snmp b/apparmor.d/profiles-a-f/cups-backend-snmp index a11035efd..fdd53fec8 100644 --- a/apparmor.d/profiles-a-f/cups-backend-snmp +++ b/apparmor.d/profiles-a-f/cups-backend-snmp @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/cups-backend-socket b/apparmor.d/profiles-a-f/cups-backend-socket index f65196454..52843ba90 100644 --- a/apparmor.d/profiles-a-f/cups-backend-socket +++ b/apparmor.d/profiles-a-f/cups-backend-socket @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/cups-backend-usb b/apparmor.d/profiles-a-f/cups-backend-usb index ec059f654..3067ecbbd 100644 --- a/apparmor.d/profiles-a-f/cups-backend-usb +++ b/apparmor.d/profiles-a-f/cups-backend-usb @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/cups-browsed b/apparmor.d/profiles-a-f/cups-browsed index 9a10d3de9..47bf19aa4 100644 --- a/apparmor.d/profiles-a-f/cups-browsed +++ b/apparmor.d/profiles-a-f/cups-browsed @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/cups-notifier-dbus b/apparmor.d/profiles-a-f/cups-notifier-dbus index dddfea78a..6510b26a3 100644 --- a/apparmor.d/profiles-a-f/cups-notifier-dbus +++ b/apparmor.d/profiles-a-f/cups-notifier-dbus @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/cups-notifier-mailto b/apparmor.d/profiles-a-f/cups-notifier-mailto index 7c7e79972..235fb1694 100644 --- a/apparmor.d/profiles-a-f/cups-notifier-mailto +++ b/apparmor.d/profiles-a-f/cups-notifier-mailto @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/cups-notifier-rss b/apparmor.d/profiles-a-f/cups-notifier-rss index d00b3dd34..5e0cced1e 100644 --- a/apparmor.d/profiles-a-f/cups-notifier-rss +++ b/apparmor.d/profiles-a-f/cups-notifier-rss @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/cups-pk-helper-mechanism b/apparmor.d/profiles-a-f/cups-pk-helper-mechanism index e71c37fe1..61544810d 100644 --- a/apparmor.d/profiles-a-f/cups-pk-helper-mechanism +++ b/apparmor.d/profiles-a-f/cups-pk-helper-mechanism @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/cupsd b/apparmor.d/profiles-a-f/cupsd index 13bcc3b8c..07bf3b282 100644 --- a/apparmor.d/profiles-a-f/cupsd +++ b/apparmor.d/profiles-a-f/cupsd @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor include diff --git a/apparmor.d/profiles-a-f/czkawka-cli b/apparmor.d/profiles-a-f/czkawka-cli index cae6daa46..473d83f36 100644 --- a/apparmor.d/profiles-a-f/czkawka-cli +++ b/apparmor.d/profiles-a-f/czkawka-cli @@ -2,6 +2,7 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/czkawka-gui b/apparmor.d/profiles-a-f/czkawka-gui index fb4fb601d..5e3aed6e0 100644 --- a/apparmor.d/profiles-a-f/czkawka-gui +++ b/apparmor.d/profiles-a-f/czkawka-gui @@ -2,6 +2,7 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/ddclient b/apparmor.d/profiles-a-f/ddclient index 96e02b281..4cf11e151 100644 --- a/apparmor.d/profiles-a-f/ddclient +++ b/apparmor.d/profiles-a-f/ddclient @@ -2,6 +2,7 @@ # Copyright (C) 2017-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/deltachat-desktop b/apparmor.d/profiles-a-f/deltachat-desktop index 1f554c4c4..e32faffa3 100644 --- a/apparmor.d/profiles-a-f/deltachat-desktop +++ b/apparmor.d/profiles-a-f/deltachat-desktop @@ -2,6 +2,7 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/deluser b/apparmor.d/profiles-a-f/deluser index 322df24e0..66767f468 100644 --- a/apparmor.d/profiles-a-f/deluser +++ b/apparmor.d/profiles-a-f/deluser @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/df b/apparmor.d/profiles-a-f/df index 67cba3931..8e330d1f4 100644 --- a/apparmor.d/profiles-a-f/df +++ b/apparmor.d/profiles-a-f/df @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/dfc b/apparmor.d/profiles-a-f/dfc index d8451a4d9..5304458d3 100644 --- a/apparmor.d/profiles-a-f/dfc +++ b/apparmor.d/profiles-a-f/dfc @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/dhclient b/apparmor.d/profiles-a-f/dhclient index 5925c6381..4ffe0285e 100644 --- a/apparmor.d/profiles-a-f/dhclient +++ b/apparmor.d/profiles-a-f/dhclient @@ -2,6 +2,7 @@ # Copyright (C) 2018-2022 Mikhail Morfikov # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/dhclient-script b/apparmor.d/profiles-a-f/dhclient-script index 45faf18a7..59492147d 100644 --- a/apparmor.d/profiles-a-f/dhclient-script +++ b/apparmor.d/profiles-a-f/dhclient-script @@ -2,6 +2,7 @@ # Copyright (C) 2018-2022 Mikhail Morfikov # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/dig b/apparmor.d/profiles-a-f/dig index 8d3d1e7dc..ae9b641c1 100644 --- a/apparmor.d/profiles-a-f/dig +++ b/apparmor.d/profiles-a-f/dig @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/dino-im b/apparmor.d/profiles-a-f/dino-im index 4fce76bcf..11b2b9358 100644 --- a/apparmor.d/profiles-a-f/dino-im +++ b/apparmor.d/profiles-a-f/dino-im @@ -2,6 +2,7 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/dkms b/apparmor.d/profiles-a-f/dkms index d551bbfc7..9dc74d072 100644 --- a/apparmor.d/profiles-a-f/dkms +++ b/apparmor.d/profiles-a-f/dkms @@ -3,6 +3,7 @@ # Copyright (C) 2021-2024 Alexandre Pujol # Copyright (C) 2022 Jeroen Rijken # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/dkms-autoinstaller b/apparmor.d/profiles-a-f/dkms-autoinstaller index bf81fe314..86f0b1c87 100644 --- a/apparmor.d/profiles-a-f/dkms-autoinstaller +++ b/apparmor.d/profiles-a-f/dkms-autoinstaller @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2022 Jeroen Rijken # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/dleyna-renderer-service b/apparmor.d/profiles-a-f/dleyna-renderer-service index 3fb0d800e..f0e5cef84 100644 --- a/apparmor.d/profiles-a-f/dleyna-renderer-service +++ b/apparmor.d/profiles-a-f/dleyna-renderer-service @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/dleyna-server-service b/apparmor.d/profiles-a-f/dleyna-server-service index bd74802f7..510104e61 100644 --- a/apparmor.d/profiles-a-f/dleyna-server-service +++ b/apparmor.d/profiles-a-f/dleyna-server-service @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/dlocate b/apparmor.d/profiles-a-f/dlocate index 95ed3f08b..5ae0a787e 100644 --- a/apparmor.d/profiles-a-f/dlocate +++ b/apparmor.d/profiles-a-f/dlocate @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/dmcrypt-get-device b/apparmor.d/profiles-a-f/dmcrypt-get-device index 11364c40c..e4171388f 100644 --- a/apparmor.d/profiles-a-f/dmcrypt-get-device +++ b/apparmor.d/profiles-a-f/dmcrypt-get-device @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/dmesg b/apparmor.d/profiles-a-f/dmesg index 346a91c8c..5c1d38d1a 100644 --- a/apparmor.d/profiles-a-f/dmesg +++ b/apparmor.d/profiles-a-f/dmesg @@ -2,6 +2,7 @@ # Copyright (C) 2019-2022 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/dmeventd b/apparmor.d/profiles-a-f/dmeventd index 952379e64..ab7bfaa54 100644 --- a/apparmor.d/profiles-a-f/dmeventd +++ b/apparmor.d/profiles-a-f/dmeventd @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022 Jeroen Rijken # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/dmidecode b/apparmor.d/profiles-a-f/dmidecode index d2200c256..2797dfe9f 100644 --- a/apparmor.d/profiles-a-f/dmidecode +++ b/apparmor.d/profiles-a-f/dmidecode @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/dnscrypt-proxy b/apparmor.d/profiles-a-f/dnscrypt-proxy index de1597160..e7b4a09c0 100644 --- a/apparmor.d/profiles-a-f/dnscrypt-proxy +++ b/apparmor.d/profiles-a-f/dnscrypt-proxy @@ -2,6 +2,7 @@ # Copyright (C) 2018-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/downloadhelper b/apparmor.d/profiles-a-f/downloadhelper index af3bc6f99..5556fb236 100644 --- a/apparmor.d/profiles-a-f/downloadhelper +++ b/apparmor.d/profiles-a-f/downloadhelper @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/dring b/apparmor.d/profiles-a-f/dring index c5b6742f4..7c7ae44d8 100644 --- a/apparmor.d/profiles-a-f/dring +++ b/apparmor.d/profiles-a-f/dring @@ -2,6 +2,7 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/dumpcap b/apparmor.d/profiles-a-f/dumpcap index 7013ff532..e3c3e800f 100644 --- a/apparmor.d/profiles-a-f/dumpcap +++ b/apparmor.d/profiles-a-f/dumpcap @@ -2,6 +2,7 @@ # Copyright (C) 2018-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/dumpe2fs b/apparmor.d/profiles-a-f/dumpe2fs index 1595d0f7d..188a4b279 100644 --- a/apparmor.d/profiles-a-f/dumpe2fs +++ b/apparmor.d/profiles-a-f/dumpe2fs @@ -2,6 +2,7 @@ # Copyright (C) 2018-2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/dunst b/apparmor.d/profiles-a-f/dunst index debb3bbe6..69bf8d066 100644 --- a/apparmor.d/profiles-a-f/dunst +++ b/apparmor.d/profiles-a-f/dunst @@ -2,6 +2,7 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/dunstctl b/apparmor.d/profiles-a-f/dunstctl index 052647fde..18c5ea562 100644 --- a/apparmor.d/profiles-a-f/dunstctl +++ b/apparmor.d/profiles-a-f/dunstctl @@ -2,6 +2,7 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/dunstify b/apparmor.d/profiles-a-f/dunstify index 22b36527d..94458981e 100644 --- a/apparmor.d/profiles-a-f/dunstify +++ b/apparmor.d/profiles-a-f/dunstify @@ -2,6 +2,7 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/e2fsck b/apparmor.d/profiles-a-f/e2fsck index 7e5c95c2f..ed1c574bb 100644 --- a/apparmor.d/profiles-a-f/e2fsck +++ b/apparmor.d/profiles-a-f/e2fsck @@ -2,6 +2,7 @@ # Copyright (C) 2019-2022 Mikhail Morfikov # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/e2image b/apparmor.d/profiles-a-f/e2image index 5948a831f..82f061f78 100644 --- a/apparmor.d/profiles-a-f/e2image +++ b/apparmor.d/profiles-a-f/e2image @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/e2scrub_all b/apparmor.d/profiles-a-f/e2scrub_all index be21cded0..2537b9402 100644 --- a/apparmor.d/profiles-a-f/e2scrub_all +++ b/apparmor.d/profiles-a-f/e2scrub_all @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/edid-decode b/apparmor.d/profiles-a-f/edid-decode index 8543b6412..f4a8921e9 100644 --- a/apparmor.d/profiles-a-f/edid-decode +++ b/apparmor.d/profiles-a-f/edid-decode @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/eject b/apparmor.d/profiles-a-f/eject index 83942708a..b2300da36 100644 --- a/apparmor.d/profiles-a-f/eject +++ b/apparmor.d/profiles-a-f/eject @@ -2,6 +2,7 @@ # Copyright (C) 2018-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/element-desktop b/apparmor.d/profiles-a-f/element-desktop index a2eff5a44..f1bc8d5a2 100644 --- a/apparmor.d/profiles-a-f/element-desktop +++ b/apparmor.d/profiles-a-f/element-desktop @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/engrampa b/apparmor.d/profiles-a-f/engrampa index d76f5c1de..33608786e 100644 --- a/apparmor.d/profiles-a-f/engrampa +++ b/apparmor.d/profiles-a-f/engrampa @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/etckeeper b/apparmor.d/profiles-a-f/etckeeper index f96fe8f34..ac24e53cb 100644 --- a/apparmor.d/profiles-a-f/etckeeper +++ b/apparmor.d/profiles-a-f/etckeeper @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/evince b/apparmor.d/profiles-a-f/evince index 266a7566d..510652be7 100644 --- a/apparmor.d/profiles-a-f/evince +++ b/apparmor.d/profiles-a-f/evince @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/evince-previewer b/apparmor.d/profiles-a-f/evince-previewer index 3a792e662..c83e429b8 100644 --- a/apparmor.d/profiles-a-f/evince-previewer +++ b/apparmor.d/profiles-a-f/evince-previewer @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/evince-thumbnailer b/apparmor.d/profiles-a-f/evince-thumbnailer index 6faf30098..a3eaf10a3 100644 --- a/apparmor.d/profiles-a-f/evince-thumbnailer +++ b/apparmor.d/profiles-a-f/evince-thumbnailer @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/execute-dcut b/apparmor.d/profiles-a-f/execute-dcut index b8c4f43b9..53a534de2 100644 --- a/apparmor.d/profiles-a-f/execute-dcut +++ b/apparmor.d/profiles-a-f/execute-dcut @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/execute-dput b/apparmor.d/profiles-a-f/execute-dput index 9700aae9e..1047f2087 100644 --- a/apparmor.d/profiles-a-f/execute-dput +++ b/apparmor.d/profiles-a-f/execute-dput @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/exiftool b/apparmor.d/profiles-a-f/exiftool index c21f991c8..f4b8864ff 100644 --- a/apparmor.d/profiles-a-f/exiftool +++ b/apparmor.d/profiles-a-f/exiftool @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 valoq # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/exim4 b/apparmor.d/profiles-a-f/exim4 index 5a8badc50..f17dfd2d9 100644 --- a/apparmor.d/profiles-a-f/exim4 +++ b/apparmor.d/profiles-a-f/exim4 @@ -2,6 +2,7 @@ # Copyright (C) 2018-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/exo-compose-mail b/apparmor.d/profiles-a-f/exo-compose-mail index edc88b0dd..0f733f953 100644 --- a/apparmor.d/profiles-a-f/exo-compose-mail +++ b/apparmor.d/profiles-a-f/exo-compose-mail @@ -2,6 +2,7 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/exo-helper b/apparmor.d/profiles-a-f/exo-helper index 378ac1ae8..3edd4b319 100644 --- a/apparmor.d/profiles-a-f/exo-helper +++ b/apparmor.d/profiles-a-f/exo-helper @@ -2,6 +2,7 @@ # Copyright (C) 2018-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/exo-open b/apparmor.d/profiles-a-f/exo-open index ebdf097a2..70bad7706 100644 --- a/apparmor.d/profiles-a-f/exo-open +++ b/apparmor.d/profiles-a-f/exo-open @@ -2,6 +2,7 @@ # Copyright (C) 2018-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/f3brew b/apparmor.d/profiles-a-f/f3brew index b1ad450af..a0dcd513b 100644 --- a/apparmor.d/profiles-a-f/f3brew +++ b/apparmor.d/profiles-a-f/f3brew @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/f3fix b/apparmor.d/profiles-a-f/f3fix index 75d11148d..f2f695b92 100644 --- a/apparmor.d/profiles-a-f/f3fix +++ b/apparmor.d/profiles-a-f/f3fix @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/f3probe b/apparmor.d/profiles-a-f/f3probe index 684901944..f3cfb4c2c 100644 --- a/apparmor.d/profiles-a-f/f3probe +++ b/apparmor.d/profiles-a-f/f3probe @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/f3read b/apparmor.d/profiles-a-f/f3read index 03b9e1a13..535016764 100644 --- a/apparmor.d/profiles-a-f/f3read +++ b/apparmor.d/profiles-a-f/f3read @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/f3write b/apparmor.d/profiles-a-f/f3write index 4c3a67047..19c432377 100644 --- a/apparmor.d/profiles-a-f/f3write +++ b/apparmor.d/profiles-a-f/f3write @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/fail2ban-client b/apparmor.d/profiles-a-f/fail2ban-client index 11d38537d..8e99384cb 100644 --- a/apparmor.d/profiles-a-f/fail2ban-client +++ b/apparmor.d/profiles-a-f/fail2ban-client @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/fail2ban-server b/apparmor.d/profiles-a-f/fail2ban-server index f023a04b3..7bc7ef21c 100644 --- a/apparmor.d/profiles-a-f/fail2ban-server +++ b/apparmor.d/profiles-a-f/fail2ban-server @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/fatlabel b/apparmor.d/profiles-a-f/fatlabel index fb65aa386..52e7a7e7f 100644 --- a/apparmor.d/profiles-a-f/fatlabel +++ b/apparmor.d/profiles-a-f/fatlabel @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/fatresize b/apparmor.d/profiles-a-f/fatresize index 71fc917fb..348794884 100644 --- a/apparmor.d/profiles-a-f/fatresize +++ b/apparmor.d/profiles-a-f/fatresize @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/fdisk b/apparmor.d/profiles-a-f/fdisk index cfc99a31a..880d4d7d7 100644 --- a/apparmor.d/profiles-a-f/fdisk +++ b/apparmor.d/profiles-a-f/fdisk @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/ffmpeg b/apparmor.d/profiles-a-f/ffmpeg index 3bc1fecfb..8c386abb1 100644 --- a/apparmor.d/profiles-a-f/ffmpeg +++ b/apparmor.d/profiles-a-f/ffmpeg @@ -2,6 +2,7 @@ # Copyright (C) 2017-2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/ffplay b/apparmor.d/profiles-a-f/ffplay index 528ebb6f2..3149ae191 100644 --- a/apparmor.d/profiles-a-f/ffplay +++ b/apparmor.d/profiles-a-f/ffplay @@ -2,6 +2,7 @@ # Copyright (C) 2017-2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/ffprobe b/apparmor.d/profiles-a-f/ffprobe index 97400e7b2..e917d1363 100644 --- a/apparmor.d/profiles-a-f/ffprobe +++ b/apparmor.d/profiles-a-f/ffprobe @@ -2,6 +2,7 @@ # Copyright (C) 2017-2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/file-roller b/apparmor.d/profiles-a-f/file-roller index de0479a3b..c2f540880 100644 --- a/apparmor.d/profiles-a-f/file-roller +++ b/apparmor.d/profiles-a-f/file-roller @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/filecap b/apparmor.d/profiles-a-f/filecap index 65c83bf90..71d461654 100644 --- a/apparmor.d/profiles-a-f/filecap +++ b/apparmor.d/profiles-a-f/filecap @@ -2,6 +2,7 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/findmnt b/apparmor.d/profiles-a-f/findmnt index 4aef829c7..c62b1a0a1 100644 --- a/apparmor.d/profiles-a-f/findmnt +++ b/apparmor.d/profiles-a-f/findmnt @@ -2,6 +2,7 @@ # Copyright (C) 2022 Jeroen Rijken # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/firecfg b/apparmor.d/profiles-a-f/firecfg index deacc3e77..9775c26bb 100644 --- a/apparmor.d/profiles-a-f/firecfg +++ b/apparmor.d/profiles-a-f/firecfg @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/firewalld b/apparmor.d/profiles-a-f/firewalld index 4e40ab10b..03d410a58 100644 --- a/apparmor.d/profiles-a-f/firewalld +++ b/apparmor.d/profiles-a-f/firewalld @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/flameshot b/apparmor.d/profiles-a-f/flameshot index 4d5c83fa9..88d5bb7d2 100644 --- a/apparmor.d/profiles-a-f/flameshot +++ b/apparmor.d/profiles-a-f/flameshot @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/flatpak b/apparmor.d/profiles-a-f/flatpak index 81b60a200..583993021 100644 --- a/apparmor.d/profiles-a-f/flatpak +++ b/apparmor.d/profiles-a-f/flatpak @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/flatpak-app b/apparmor.d/profiles-a-f/flatpak-app index a4f994d04..dc2eb24db 100644 --- a/apparmor.d/profiles-a-f/flatpak-app +++ b/apparmor.d/profiles-a-f/flatpak-app @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # Default profile for all flatpak applications. Ideally, this profile should be # generated by flatpak itself with settings from the flatpak manifest and diff --git a/apparmor.d/profiles-a-f/flatpak-oci-authenticator b/apparmor.d/profiles-a-f/flatpak-oci-authenticator index e01ee3c4f..8d2cfb60c 100644 --- a/apparmor.d/profiles-a-f/flatpak-oci-authenticator +++ b/apparmor.d/profiles-a-f/flatpak-oci-authenticator @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/flatpak-portal b/apparmor.d/profiles-a-f/flatpak-portal index a41bf3e77..144aa5a43 100644 --- a/apparmor.d/profiles-a-f/flatpak-portal +++ b/apparmor.d/profiles-a-f/flatpak-portal @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/flatpak-session-helper b/apparmor.d/profiles-a-f/flatpak-session-helper index 967787b3d..266ca0e96 100644 --- a/apparmor.d/profiles-a-f/flatpak-session-helper +++ b/apparmor.d/profiles-a-f/flatpak-session-helper @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/flatpak-system-helper b/apparmor.d/profiles-a-f/flatpak-system-helper index cb49cd9d7..fbbfd50ce 100644 --- a/apparmor.d/profiles-a-f/flatpak-system-helper +++ b/apparmor.d/profiles-a-f/flatpak-system-helper @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/flatpak-validate-icon b/apparmor.d/profiles-a-f/flatpak-validate-icon index c5ca0488f..1c245d91a 100644 --- a/apparmor.d/profiles-a-f/flatpak-validate-icon +++ b/apparmor.d/profiles-a-f/flatpak-validate-icon @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/foliate b/apparmor.d/profiles-a-f/foliate index dedf342e4..8e56018c7 100644 --- a/apparmor.d/profiles-a-f/foliate +++ b/apparmor.d/profiles-a-f/foliate @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/font-manager b/apparmor.d/profiles-a-f/font-manager index 2082dcfaa..3481dc109 100644 --- a/apparmor.d/profiles-a-f/font-manager +++ b/apparmor.d/profiles-a-f/font-manager @@ -2,6 +2,7 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/fping b/apparmor.d/profiles-a-f/fping index 5b9efa624..ddc45ddff 100644 --- a/apparmor.d/profiles-a-f/fping +++ b/apparmor.d/profiles-a-f/fping @@ -2,6 +2,7 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/fprintd b/apparmor.d/profiles-a-f/fprintd index 2fc866c6b..0dd8c2867 100644 --- a/apparmor.d/profiles-a-f/fprintd +++ b/apparmor.d/profiles-a-f/fprintd @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/fractal b/apparmor.d/profiles-a-f/fractal index 5e7d3d3b4..db8cbdb5f 100644 --- a/apparmor.d/profiles-a-f/fractal +++ b/apparmor.d/profiles-a-f/fractal @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/freefall b/apparmor.d/profiles-a-f/freefall index 638baa825..d47ff03f3 100644 --- a/apparmor.d/profiles-a-f/freefall +++ b/apparmor.d/profiles-a-f/freefall @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/fritzing b/apparmor.d/profiles-a-f/fritzing index e1ddc2f2b..b6153edfe 100644 --- a/apparmor.d/profiles-a-f/fritzing +++ b/apparmor.d/profiles-a-f/fritzing @@ -2,6 +2,7 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/frontend b/apparmor.d/profiles-a-f/frontend index 664b43b40..68954d111 100644 --- a/apparmor.d/profiles-a-f/frontend +++ b/apparmor.d/profiles-a-f/frontend @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/fsck b/apparmor.d/profiles-a-f/fsck index 6341954ae..be1ed77e9 100644 --- a/apparmor.d/profiles-a-f/fsck +++ b/apparmor.d/profiles-a-f/fsck @@ -2,6 +2,7 @@ # Copyright (C) 2020-2022 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/fsck.btrfs b/apparmor.d/profiles-a-f/fsck.btrfs index 7142f9cf1..85db8768c 100644 --- a/apparmor.d/profiles-a-f/fsck.btrfs +++ b/apparmor.d/profiles-a-f/fsck.btrfs @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/fsck.fat b/apparmor.d/profiles-a-f/fsck.fat index 6b5567d7d..38c372d2f 100644 --- a/apparmor.d/profiles-a-f/fsck.fat +++ b/apparmor.d/profiles-a-f/fsck.fat @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/fuse-overlayfs b/apparmor.d/profiles-a-f/fuse-overlayfs index fb957c462..327b9acce 100644 --- a/apparmor.d/profiles-a-f/fuse-overlayfs +++ b/apparmor.d/profiles-a-f/fuse-overlayfs @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/fuseiso b/apparmor.d/profiles-a-f/fuseiso index 01893d9c0..ca926a807 100644 --- a/apparmor.d/profiles-a-f/fuseiso +++ b/apparmor.d/profiles-a-f/fuseiso @@ -2,6 +2,7 @@ # Copyright (C) 2017-2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/fusermount b/apparmor.d/profiles-a-f/fusermount index 83d8e8092..59233a71d 100644 --- a/apparmor.d/profiles-a-f/fusermount +++ b/apparmor.d/profiles-a-f/fusermount @@ -2,6 +2,7 @@ # Copyright (C) 2020-2022 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/fwupd b/apparmor.d/profiles-a-f/fwupd index b9f095daa..cfccf778e 100644 --- a/apparmor.d/profiles-a-f/fwupd +++ b/apparmor.d/profiles-a-f/fwupd @@ -2,6 +2,7 @@ # Copyright (C) 2020-2022 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-a-f/fwupdmgr b/apparmor.d/profiles-a-f/fwupdmgr index 7315c550f..f8ef48a32 100644 --- a/apparmor.d/profiles-a-f/fwupdmgr +++ b/apparmor.d/profiles-a-f/fwupdmgr @@ -2,6 +2,7 @@ # Copyright (C) 2020-2022 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , From 293217aee25f44db00fd4de06ef654ef8cde9e22 Mon Sep 17 00:00:00 2001 From: REmerald <55359236+REmerald@users.noreply.github.com> Date: Sat, 15 Jun 2024 17:13:21 +0300 Subject: [PATCH 46/52] fix(profiles-a-f): move vim modeline Move vim syntax comment to the end of the file, separated by newline, as requested in #380. --- apparmor.d/profiles-a-f/aa-enabled | 5 +++-- apparmor.d/profiles-a-f/aa-enforce | 5 +++-- apparmor.d/profiles-a-f/aa-log | 3 ++- apparmor.d/profiles-a-f/aa-notify | 3 ++- apparmor.d/profiles-a-f/aa-status | 3 ++- apparmor.d/profiles-a-f/aa-teardown | 5 +++-- apparmor.d/profiles-a-f/abook | 3 ++- apparmor.d/profiles-a-f/acpi | 3 ++- apparmor.d/profiles-a-f/acpi-powerbtn | 3 ++- apparmor.d/profiles-a-f/acpid | 3 ++- apparmor.d/profiles-a-f/adb | 3 ++- apparmor.d/profiles-a-f/adduser | 3 ++- apparmor.d/profiles-a-f/adequate | 3 ++- apparmor.d/profiles-a-f/agetty | 3 ++- apparmor.d/profiles-a-f/alacarte | 5 +++-- apparmor.d/profiles-a-f/alsactl | 5 +++-- apparmor.d/profiles-a-f/amixer | 3 ++- apparmor.d/profiles-a-f/anacron | 3 ++- apparmor.d/profiles-a-f/anyremote | 3 ++- apparmor.d/profiles-a-f/aplay | 3 ++- apparmor.d/profiles-a-f/apparmor.systemd | 5 +++-- apparmor.d/profiles-a-f/apparmor_parser | 5 +++-- apparmor.d/profiles-a-f/appstreamcli | 3 ++- apparmor.d/profiles-a-f/arandr | 3 ++- apparmor.d/profiles-a-f/archivemount | 3 ++- apparmor.d/profiles-a-f/arduino | 3 ++- apparmor.d/profiles-a-f/arduino-builder | 3 ++- apparmor.d/profiles-a-f/arduino-ctags | 3 ++- apparmor.d/profiles-a-f/aspell | 3 ++- apparmor.d/profiles-a-f/aspell-autobuildhash | 3 ++- apparmor.d/profiles-a-f/at | 5 +++-- apparmor.d/profiles-a-f/atd | 5 +++-- apparmor.d/profiles-a-f/atftpd | 3 ++- apparmor.d/profiles-a-f/atool | 3 ++- apparmor.d/profiles-a-f/atril | 3 ++- apparmor.d/profiles-a-f/atrild | 3 ++- apparmor.d/profiles-a-f/auditctl | 5 +++-- apparmor.d/profiles-a-f/auditd | 3 ++- apparmor.d/profiles-a-f/augenrules | 3 ++- apparmor.d/profiles-a-f/badblocks | 3 ++- apparmor.d/profiles-a-f/biosdecode | 3 ++- apparmor.d/profiles-a-f/birdtray | 3 ++- apparmor.d/profiles-a-f/blkdeactivate | 3 ++- apparmor.d/profiles-a-f/blkid | 3 ++- apparmor.d/profiles-a-f/blockdev | 3 ++- apparmor.d/profiles-a-f/blueman | 3 ++- apparmor.d/profiles-a-f/blueman-mechanism | 3 ++- apparmor.d/profiles-a-f/blueman-rfcomm-watcher | 3 ++- apparmor.d/profiles-a-f/bluemoon | 3 ++- apparmor.d/profiles-a-f/bluetoothctl | 3 ++- apparmor.d/profiles-a-f/bluetoothd | 3 ++- apparmor.d/profiles-a-f/bmon | 3 ++- apparmor.d/profiles-a-f/boltd | 3 ++- apparmor.d/profiles-a-f/borg | 3 ++- apparmor.d/profiles-a-f/browserpass | 3 ++- apparmor.d/profiles-a-f/btop | 3 ++- apparmor.d/profiles-a-f/btrfs | 3 ++- apparmor.d/profiles-a-f/btrfs-convert | 3 ++- apparmor.d/profiles-a-f/btrfs-find-root | 3 ++- apparmor.d/profiles-a-f/btrfs-image | 3 ++- apparmor.d/profiles-a-f/btrfs-map-logical | 3 ++- apparmor.d/profiles-a-f/btrfs-select-super | 3 ++- apparmor.d/profiles-a-f/btrfstune | 3 ++- apparmor.d/profiles-a-f/cawbird | 3 ++- apparmor.d/profiles-a-f/cc-remote-login-helper | 3 ++- apparmor.d/profiles-a-f/cctk | 5 +++-- apparmor.d/profiles-a-f/ccze | 3 ++- apparmor.d/profiles-a-f/cert-sync | 5 +++-- apparmor.d/profiles-a-f/cfdisk | 3 ++- apparmor.d/profiles-a-f/cgdisk | 3 ++- apparmor.d/profiles-a-f/cgrulesengd | 3 ++- apparmor.d/profiles-a-f/chage | 3 ++- apparmor.d/profiles-a-f/changestool | 3 ++- apparmor.d/profiles-a-f/check-bios-nx | 3 ++- apparmor.d/profiles-a-f/check-support-status | 3 ++- apparmor.d/profiles-a-f/check-support-status-hook | 3 ++- apparmor.d/profiles-a-f/chfn | 3 ++- apparmor.d/profiles-a-f/chpasswd | 3 ++- apparmor.d/profiles-a-f/chronyd | 5 +++-- apparmor.d/profiles-a-f/chsh | 3 ++- apparmor.d/profiles-a-f/claws-mail | 3 ++- apparmor.d/profiles-a-f/code | 3 ++- apparmor.d/profiles-a-f/code-extension-git-askpass | 3 ++- apparmor.d/profiles-a-f/code-extension-git-editor | 5 +++-- apparmor.d/profiles-a-f/code-wrapper | 3 ++- apparmor.d/profiles-a-f/compton | 3 ++- apparmor.d/profiles-a-f/conky | 3 ++- apparmor.d/profiles-a-f/console-setup | 5 +++-- apparmor.d/profiles-a-f/convertall | 3 ++- apparmor.d/profiles-a-f/cppw-cpgr | 3 ++- apparmor.d/profiles-a-f/cpuid | 3 ++- apparmor.d/profiles-a-f/cracklib-packer | 5 +++-- apparmor.d/profiles-a-f/crda | 3 ++- apparmor.d/profiles-a-f/cups-backend-beh | 5 +++-- apparmor.d/profiles-a-f/cups-backend-bluetooth | 5 +++-- apparmor.d/profiles-a-f/cups-backend-brf | 5 +++-- apparmor.d/profiles-a-f/cups-backend-dnssd | 5 +++-- apparmor.d/profiles-a-f/cups-backend-hp | 5 +++-- apparmor.d/profiles-a-f/cups-backend-implicitclass | 5 +++-- apparmor.d/profiles-a-f/cups-backend-ipp | 5 +++-- apparmor.d/profiles-a-f/cups-backend-lpd | 5 +++-- apparmor.d/profiles-a-f/cups-backend-mdns | 5 +++-- apparmor.d/profiles-a-f/cups-backend-parallel | 5 +++-- apparmor.d/profiles-a-f/cups-backend-pdf | 5 +++-- apparmor.d/profiles-a-f/cups-backend-serial | 5 +++-- apparmor.d/profiles-a-f/cups-backend-snmp | 5 +++-- apparmor.d/profiles-a-f/cups-backend-socket | 5 +++-- apparmor.d/profiles-a-f/cups-backend-usb | 5 +++-- apparmor.d/profiles-a-f/cups-browsed | 3 ++- apparmor.d/profiles-a-f/cups-notifier-dbus | 5 +++-- apparmor.d/profiles-a-f/cups-notifier-mailto | 5 +++-- apparmor.d/profiles-a-f/cups-notifier-rss | 5 +++-- apparmor.d/profiles-a-f/cups-pk-helper-mechanism | 5 +++-- apparmor.d/profiles-a-f/cupsd | 3 ++- apparmor.d/profiles-a-f/czkawka-cli | 3 ++- apparmor.d/profiles-a-f/czkawka-gui | 3 ++- apparmor.d/profiles-a-f/ddclient | 3 ++- apparmor.d/profiles-a-f/deltachat-desktop | 3 ++- apparmor.d/profiles-a-f/deluser | 3 ++- apparmor.d/profiles-a-f/df | 3 ++- apparmor.d/profiles-a-f/dfc | 3 ++- apparmor.d/profiles-a-f/dhclient | 3 ++- apparmor.d/profiles-a-f/dhclient-script | 3 ++- apparmor.d/profiles-a-f/dig | 3 ++- apparmor.d/profiles-a-f/dino-im | 3 ++- apparmor.d/profiles-a-f/dkms | 3 ++- apparmor.d/profiles-a-f/dkms-autoinstaller | 3 ++- apparmor.d/profiles-a-f/dleyna-renderer-service | 5 +++-- apparmor.d/profiles-a-f/dleyna-server-service | 5 +++-- apparmor.d/profiles-a-f/dlocate | 3 ++- apparmor.d/profiles-a-f/dmcrypt-get-device | 3 ++- apparmor.d/profiles-a-f/dmesg | 3 ++- apparmor.d/profiles-a-f/dmeventd | 3 ++- apparmor.d/profiles-a-f/dmidecode | 3 ++- apparmor.d/profiles-a-f/dnscrypt-proxy | 3 ++- apparmor.d/profiles-a-f/downloadhelper | 5 +++-- apparmor.d/profiles-a-f/dring | 3 ++- apparmor.d/profiles-a-f/dumpcap | 3 ++- apparmor.d/profiles-a-f/dumpe2fs | 3 ++- apparmor.d/profiles-a-f/dunst | 3 ++- apparmor.d/profiles-a-f/dunstctl | 3 ++- apparmor.d/profiles-a-f/dunstify | 3 ++- apparmor.d/profiles-a-f/e2fsck | 3 ++- apparmor.d/profiles-a-f/e2image | 3 ++- apparmor.d/profiles-a-f/e2scrub_all | 5 +++-- apparmor.d/profiles-a-f/edid-decode | 3 ++- apparmor.d/profiles-a-f/eject | 3 ++- apparmor.d/profiles-a-f/element-desktop | 5 +++-- apparmor.d/profiles-a-f/engrampa | 3 ++- apparmor.d/profiles-a-f/etckeeper | 5 +++-- apparmor.d/profiles-a-f/evince | 3 ++- apparmor.d/profiles-a-f/evince-previewer | 5 +++-- apparmor.d/profiles-a-f/evince-thumbnailer | 5 +++-- apparmor.d/profiles-a-f/execute-dcut | 3 ++- apparmor.d/profiles-a-f/execute-dput | 3 ++- apparmor.d/profiles-a-f/exiftool | 3 ++- apparmor.d/profiles-a-f/exim4 | 3 ++- apparmor.d/profiles-a-f/exo-compose-mail | 3 ++- apparmor.d/profiles-a-f/exo-helper | 3 ++- apparmor.d/profiles-a-f/exo-open | 3 ++- apparmor.d/profiles-a-f/f3brew | 3 ++- apparmor.d/profiles-a-f/f3fix | 3 ++- apparmor.d/profiles-a-f/f3probe | 3 ++- apparmor.d/profiles-a-f/f3read | 3 ++- apparmor.d/profiles-a-f/f3write | 3 ++- apparmor.d/profiles-a-f/fail2ban-client | 5 +++-- apparmor.d/profiles-a-f/fail2ban-server | 5 +++-- apparmor.d/profiles-a-f/fatlabel | 3 ++- apparmor.d/profiles-a-f/fatresize | 3 ++- apparmor.d/profiles-a-f/fdisk | 3 ++- apparmor.d/profiles-a-f/ffmpeg | 3 ++- apparmor.d/profiles-a-f/ffplay | 3 ++- apparmor.d/profiles-a-f/ffprobe | 3 ++- apparmor.d/profiles-a-f/file-roller | 5 +++-- apparmor.d/profiles-a-f/filecap | 3 ++- apparmor.d/profiles-a-f/findmnt | 5 +++-- apparmor.d/profiles-a-f/firecfg | 3 ++- apparmor.d/profiles-a-f/firewalld | 5 +++-- apparmor.d/profiles-a-f/flameshot | 3 ++- apparmor.d/profiles-a-f/flatpak | 3 ++- apparmor.d/profiles-a-f/flatpak-app | 3 ++- apparmor.d/profiles-a-f/flatpak-oci-authenticator | 5 +++-- apparmor.d/profiles-a-f/flatpak-portal | 5 +++-- apparmor.d/profiles-a-f/flatpak-session-helper | 5 +++-- apparmor.d/profiles-a-f/flatpak-system-helper | 3 ++- apparmor.d/profiles-a-f/flatpak-validate-icon | 5 +++-- apparmor.d/profiles-a-f/foliate | 5 +++-- apparmor.d/profiles-a-f/font-manager | 3 ++- apparmor.d/profiles-a-f/fping | 3 ++- apparmor.d/profiles-a-f/fprintd | 3 ++- apparmor.d/profiles-a-f/fractal | 5 +++-- apparmor.d/profiles-a-f/freefall | 3 ++- apparmor.d/profiles-a-f/fritzing | 3 ++- apparmor.d/profiles-a-f/frontend | 3 ++- apparmor.d/profiles-a-f/fsck | 3 ++- apparmor.d/profiles-a-f/fsck.btrfs | 3 ++- apparmor.d/profiles-a-f/fsck.fat | 3 ++- apparmor.d/profiles-a-f/fuse-overlayfs | 5 +++-- apparmor.d/profiles-a-f/fuseiso | 3 ++- apparmor.d/profiles-a-f/fusermount | 3 ++- apparmor.d/profiles-a-f/fwupd | 3 ++- apparmor.d/profiles-a-f/fwupdmgr | 3 ++- 202 files changed, 459 insertions(+), 257 deletions(-) diff --git a/apparmor.d/profiles-a-f/aa-enabled b/apparmor.d/profiles-a-f/aa-enabled index 41b892c5f..d5ebe0c10 100644 --- a/apparmor.d/profiles-a-f/aa-enabled +++ b/apparmor.d/profiles-a-f/aa-enabled @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -19,4 +18,6 @@ profile aa-enabled @{exec_path} { owner @{PROC}/@{pid}/mounts r, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/aa-enforce b/apparmor.d/profiles-a-f/aa-enforce index 359fde762..a6f3d2b9e 100644 --- a/apparmor.d/profiles-a-f/aa-enforce +++ b/apparmor.d/profiles-a-f/aa-enforce @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -33,4 +32,6 @@ profile aa-enforce @{exec_path} { owner @{PROC}/@{pid}/fd r, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/aa-log b/apparmor.d/profiles-a-f/aa-log index 5c282c905..6d1f690f6 100644 --- a/apparmor.d/profiles-a-f/aa-log +++ b/apparmor.d/profiles-a-f/aa-log @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -36,3 +35,5 @@ profile aa-log @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/aa-notify b/apparmor.d/profiles-a-f/aa-notify index be2d5ebb3..7c65b9be2 100644 --- a/apparmor.d/profiles-a-f/aa-notify +++ b/apparmor.d/profiles-a-f/aa-notify @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -44,3 +43,5 @@ profile aa-notify @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/aa-status b/apparmor.d/profiles-a-f/aa-status index 7b405cf69..5d5840f6f 100644 --- a/apparmor.d/profiles-a-f/aa-status +++ b/apparmor.d/profiles-a-f/aa-status @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -31,3 +30,5 @@ profile aa-status @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/aa-teardown b/apparmor.d/profiles-a-f/aa-teardown index dab5be5bd..263c7b9af 100644 --- a/apparmor.d/profiles-a-f/aa-teardown +++ b/apparmor.d/profiles-a-f/aa-teardown @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -24,4 +23,6 @@ profile aa-teardown @{exec_path} { /dev/tty rw, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/abook b/apparmor.d/profiles-a-f/abook index d89d87016..f4252aeee 100644 --- a/apparmor.d/profiles-a-f/abook +++ b/apparmor.d/profiles-a-f/abook @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Zane Zakraisek # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -32,3 +31,5 @@ profile abook @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/acpi b/apparmor.d/profiles-a-f/acpi index 9f24c10a9..4f6132c25 100644 --- a/apparmor.d/profiles-a-f/acpi +++ b/apparmor.d/profiles-a-f/acpi @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -23,3 +22,5 @@ profile acpi @{exec_path} flags=(complain) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/acpi-powerbtn b/apparmor.d/profiles-a-f/acpi-powerbtn index 3236e106f..9372f46b4 100644 --- a/apparmor.d/profiles-a-f/acpi-powerbtn +++ b/apparmor.d/profiles-a-f/acpi-powerbtn @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -56,3 +55,5 @@ profile acpi-powerbtn flags=(attach_disconnected) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/acpid b/apparmor.d/profiles-a-f/acpid index 3f74d18b4..10600e3d7 100644 --- a/apparmor.d/profiles-a-f/acpid +++ b/apparmor.d/profiles-a-f/acpid @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -38,3 +37,5 @@ profile acpid @{exec_path} flags=(attach_disconnected) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/adb b/apparmor.d/profiles-a-f/adb index d0ad36648..13863c03a 100644 --- a/apparmor.d/profiles-a-f/adb +++ b/apparmor.d/profiles-a-f/adb @@ -2,7 +2,6 @@ # Copyright (C) 2021-2022 Mikhail Morfikov # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -33,3 +32,5 @@ profile adb @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/adduser b/apparmor.d/profiles-a-f/adduser index 5e48e005a..350f070b0 100644 --- a/apparmor.d/profiles-a-f/adduser +++ b/apparmor.d/profiles-a-f/adduser @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -55,3 +54,5 @@ profile adduser @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/adequate b/apparmor.d/profiles-a-f/adequate index febeb5892..fe3e7565f 100644 --- a/apparmor.d/profiles-a-f/adequate +++ b/apparmor.d/profiles-a-f/adequate @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -110,3 +109,5 @@ profile adequate @{exec_path} flags=(complain) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/agetty b/apparmor.d/profiles-a-f/agetty index 2295b8bc2..c15748c6a 100644 --- a/apparmor.d/profiles-a-f/agetty +++ b/apparmor.d/profiles-a-f/agetty @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -43,3 +42,5 @@ profile agetty @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/alacarte b/apparmor.d/profiles-a-f/alacarte index 4299d9114..80e64558a 100644 --- a/apparmor.d/profiles-a-f/alacarte +++ b/apparmor.d/profiles-a-f/alacarte @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -34,4 +33,6 @@ profile alacarte @{exec_path} { owner @{PROC}/@{pid}/mounts r, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/alsactl b/apparmor.d/profiles-a-f/alsactl index 3d91058d2..bde626660 100644 --- a/apparmor.d/profiles-a-f/alsactl +++ b/apparmor.d/profiles-a-f/alsactl @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -24,4 +23,6 @@ profile alsactl @{exec_path} { owner @{run}/alsa/{,**} rw, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/amixer b/apparmor.d/profiles-a-f/amixer index bf6407cc1..ea2842a74 100644 --- a/apparmor.d/profiles-a-f/amixer +++ b/apparmor.d/profiles-a-f/amixer @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -27,3 +26,5 @@ profile amixer @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/anacron b/apparmor.d/profiles-a-f/anacron index 1ff93e0a7..8893f1d70 100644 --- a/apparmor.d/profiles-a-f/anacron +++ b/apparmor.d/profiles-a-f/anacron @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -45,3 +44,5 @@ profile anacron @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/anyremote b/apparmor.d/profiles-a-f/anyremote index aeb878e90..b9031360f 100644 --- a/apparmor.d/profiles-a-f/anyremote +++ b/apparmor.d/profiles-a-f/anyremote @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -139,3 +138,5 @@ profile anyremote @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/aplay b/apparmor.d/profiles-a-f/aplay index b798e21fd..0bb417ae2 100644 --- a/apparmor.d/profiles-a-f/aplay +++ b/apparmor.d/profiles-a-f/aplay @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -22,3 +21,5 @@ profile aplay @{exec_path} flags=(complain) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/apparmor.systemd b/apparmor.d/profiles-a-f/apparmor.systemd index ff2a7f61d..a6d517b2a 100644 --- a/apparmor.d/profiles-a-f/apparmor.systemd +++ b/apparmor.d/profiles-a-f/apparmor.systemd @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -49,4 +48,6 @@ profile apparmor.systemd @{exec_path} flags=(complain) { /dev/tty rw, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/apparmor_parser b/apparmor.d/profiles-a-f/apparmor_parser index 898e2e003..82acd0d0f 100644 --- a/apparmor.d/profiles-a-f/apparmor_parser +++ b/apparmor.d/profiles-a-f/apparmor_parser @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -46,4 +45,6 @@ profile apparmor_parser @{exec_path} flags=(attach_disconnected) { owner @{PROC}/@{pid}/mounts r, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/appstreamcli b/apparmor.d/profiles-a-f/appstreamcli index be0e4a727..6b6bad8d8 100644 --- a/apparmor.d/profiles-a-f/appstreamcli +++ b/apparmor.d/profiles-a-f/appstreamcli @@ -2,7 +2,6 @@ # Copyright (C) 2019-2022 Mikhail Morfikov # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -75,3 +74,5 @@ profile appstreamcli @{exec_path} flags=(complain) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/arandr b/apparmor.d/profiles-a-f/arandr index 77bb711c8..6baddcf18 100644 --- a/apparmor.d/profiles-a-f/arandr +++ b/apparmor.d/profiles-a-f/arandr @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -38,3 +37,5 @@ profile arandr @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/archivemount b/apparmor.d/profiles-a-f/archivemount index a46c03578..03836a9dc 100644 --- a/apparmor.d/profiles-a-f/archivemount +++ b/apparmor.d/profiles-a-f/archivemount @@ -2,7 +2,6 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -57,3 +56,5 @@ profile archivemount @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/arduino b/apparmor.d/profiles-a-f/arduino index e2214737d..47d784212 100644 --- a/apparmor.d/profiles-a-f/arduino +++ b/apparmor.d/profiles-a-f/arduino @@ -2,7 +2,6 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -137,3 +136,5 @@ profile arduino @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/arduino-builder b/apparmor.d/profiles-a-f/arduino-builder index 306aef640..23f8628e5 100644 --- a/apparmor.d/profiles-a-f/arduino-builder +++ b/apparmor.d/profiles-a-f/arduino-builder @@ -2,7 +2,6 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -50,3 +49,5 @@ profile arduino-builder @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/arduino-ctags b/apparmor.d/profiles-a-f/arduino-ctags index cc15ceef0..0c3849643 100644 --- a/apparmor.d/profiles-a-f/arduino-ctags +++ b/apparmor.d/profiles-a-f/arduino-ctags @@ -2,7 +2,6 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -20,3 +19,5 @@ profile arduino-ctags @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/aspell b/apparmor.d/profiles-a-f/aspell index ef5cbdb2c..c5bd8d4f4 100644 --- a/apparmor.d/profiles-a-f/aspell +++ b/apparmor.d/profiles-a-f/aspell @@ -2,7 +2,6 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -24,3 +23,5 @@ profile aspell @{exec_path} flags=(complain) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/aspell-autobuildhash b/apparmor.d/profiles-a-f/aspell-autobuildhash index 76c1b9606..078fa0139 100644 --- a/apparmor.d/profiles-a-f/aspell-autobuildhash +++ b/apparmor.d/profiles-a-f/aspell-autobuildhash @@ -2,7 +2,6 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -74,3 +73,5 @@ profile aspell-autobuildhash @{exec_path} flags=(complain) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/at b/apparmor.d/profiles-a-f/at index 1ff9de345..2da487b9c 100644 --- a/apparmor.d/profiles-a-f/at +++ b/apparmor.d/profiles-a-f/at @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -30,4 +29,6 @@ profile at @{exec_path} { @{PROC}/@{pid}/loginuid r, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/atd b/apparmor.d/profiles-a-f/atd index 765d0d87e..b1b54f0fa 100644 --- a/apparmor.d/profiles-a-f/atd +++ b/apparmor.d/profiles-a-f/atd @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -45,4 +44,6 @@ profile atd @{exec_path} { @{PROC}/loadavg r, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/atftpd b/apparmor.d/profiles-a-f/atftpd index cb1c9f7fc..02a0a018b 100644 --- a/apparmor.d/profiles-a-f/atftpd +++ b/apparmor.d/profiles-a-f/atftpd @@ -2,7 +2,6 @@ # Copyright (C) 2017-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -27,3 +26,5 @@ profile atftpd @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/atool b/apparmor.d/profiles-a-f/atool index cbcb346c4..947245d2a 100644 --- a/apparmor.d/profiles-a-f/atool +++ b/apparmor.d/profiles-a-f/atool @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 valoq # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -50,3 +49,5 @@ profile atool @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/atril b/apparmor.d/profiles-a-f/atril index eb7c24748..2163346cc 100644 --- a/apparmor.d/profiles-a-f/atril +++ b/apparmor.d/profiles-a-f/atril @@ -2,7 +2,6 @@ # Copyright (C) 2022 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -88,3 +87,5 @@ profile @{bin}/atril-previewer { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/atrild b/apparmor.d/profiles-a-f/atrild index 9c0092179..c44686d5a 100644 --- a/apparmor.d/profiles-a-f/atrild +++ b/apparmor.d/profiles-a-f/atrild @@ -2,7 +2,6 @@ # Copyright (C) 2022 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -19,3 +18,5 @@ profile atrild @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/auditctl b/apparmor.d/profiles-a-f/auditctl index 924643592..daaee243f 100644 --- a/apparmor.d/profiles-a-f/auditctl +++ b/apparmor.d/profiles-a-f/auditctl @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -20,4 +19,6 @@ profile auditctl @{exec_path} flags=(attach_disconnected) { /etc/audit/audit.rules r, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/auditd b/apparmor.d/profiles-a-f/auditd index 709548dea..4e93a5d22 100644 --- a/apparmor.d/profiles-a-f/auditd +++ b/apparmor.d/profiles-a-f/auditd @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -39,3 +38,5 @@ profile auditd @{exec_path} flags=(attach_disconnected) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/augenrules b/apparmor.d/profiles-a-f/augenrules index 6c27f53b5..5f192e8cc 100644 --- a/apparmor.d/profiles-a-f/augenrules +++ b/apparmor.d/profiles-a-f/augenrules @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -35,3 +34,5 @@ profile augenrules @{exec_path} flags=(attach_disconnected) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/badblocks b/apparmor.d/profiles-a-f/badblocks index ed870ed29..48b4cc8af 100644 --- a/apparmor.d/profiles-a-f/badblocks +++ b/apparmor.d/profiles-a-f/badblocks @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -25,3 +24,5 @@ profile badblocks @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/biosdecode b/apparmor.d/profiles-a-f/biosdecode index 67ba638ec..caf8a50d2 100644 --- a/apparmor.d/profiles-a-f/biosdecode +++ b/apparmor.d/profiles-a-f/biosdecode @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -21,3 +20,5 @@ profile biosdecode @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/birdtray b/apparmor.d/profiles-a-f/birdtray index 7c6c21bc7..b6314e942 100644 --- a/apparmor.d/profiles-a-f/birdtray +++ b/apparmor.d/profiles-a-f/birdtray @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -58,3 +57,5 @@ profile birdtray @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/blkdeactivate b/apparmor.d/profiles-a-f/blkdeactivate index d29db9be3..f9db3e96f 100644 --- a/apparmor.d/profiles-a-f/blkdeactivate +++ b/apparmor.d/profiles-a-f/blkdeactivate @@ -2,7 +2,6 @@ # Copyright (C) 2022 Jeroen Rijken # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -30,3 +29,5 @@ profile blkdeactivate @{exec_path} flags=(complain) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/blkid b/apparmor.d/profiles-a-f/blkid index dd825ef2a..ad8134064 100644 --- a/apparmor.d/profiles-a-f/blkid +++ b/apparmor.d/profiles-a-f/blkid @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -42,3 +41,5 @@ profile blkid @{exec_path} flags=(attach_disconnected) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/blockdev b/apparmor.d/profiles-a-f/blockdev index 03a62f5be..1b6cc77cb 100644 --- a/apparmor.d/profiles-a-f/blockdev +++ b/apparmor.d/profiles-a-f/blockdev @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -21,3 +20,5 @@ profile blockdev @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/blueman b/apparmor.d/profiles-a-f/blueman index 4135794d6..9ac1c2c2b 100644 --- a/apparmor.d/profiles-a-f/blueman +++ b/apparmor.d/profiles-a-f/blueman @@ -2,7 +2,6 @@ # Copyright (C) 2021-2022 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -66,3 +65,5 @@ profile blueman @{exec_path} flags=(attach_disconnected) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/blueman-mechanism b/apparmor.d/profiles-a-f/blueman-mechanism index a56f9d88b..152520fad 100644 --- a/apparmor.d/profiles-a-f/blueman-mechanism +++ b/apparmor.d/profiles-a-f/blueman-mechanism @@ -2,7 +2,6 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -48,3 +47,5 @@ profile blueman-mechanism @{exec_path} flags=(attach_disconnected) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/blueman-rfcomm-watcher b/apparmor.d/profiles-a-f/blueman-rfcomm-watcher index ef666f806..a8753ac8f 100644 --- a/apparmor.d/profiles-a-f/blueman-rfcomm-watcher +++ b/apparmor.d/profiles-a-f/blueman-rfcomm-watcher @@ -2,7 +2,6 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -23,3 +22,5 @@ profile blueman-rfcomm-watcher @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/bluemoon b/apparmor.d/profiles-a-f/bluemoon index 018cfbbec..06f4040f8 100644 --- a/apparmor.d/profiles-a-f/bluemoon +++ b/apparmor.d/profiles-a-f/bluemoon @@ -2,7 +2,6 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -16,3 +15,5 @@ profile bluemoon @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/bluetoothctl b/apparmor.d/profiles-a-f/bluetoothctl index f9111e12d..603998f2c 100644 --- a/apparmor.d/profiles-a-f/bluetoothctl +++ b/apparmor.d/profiles-a-f/bluetoothctl @@ -2,7 +2,6 @@ # Copyright (C) 2015-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -22,3 +21,5 @@ profile bluetoothctl @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/bluetoothd b/apparmor.d/profiles-a-f/bluetoothd index 7e69fae3f..75934102b 100644 --- a/apparmor.d/profiles-a-f/bluetoothd +++ b/apparmor.d/profiles-a-f/bluetoothd @@ -2,7 +2,6 @@ # Copyright (C) 2015-2022 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -78,3 +77,5 @@ profile bluetoothd @{exec_path} flags=(attach_disconnected) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/bmon b/apparmor.d/profiles-a-f/bmon index 8ddc1513f..77feb3210 100644 --- a/apparmor.d/profiles-a-f/bmon +++ b/apparmor.d/profiles-a-f/bmon @@ -2,7 +2,6 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -20,3 +19,5 @@ profile bmon @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/boltd b/apparmor.d/profiles-a-f/boltd index d6a1ce25f..47c16d1cd 100644 --- a/apparmor.d/profiles-a-f/boltd +++ b/apparmor.d/profiles-a-f/boltd @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -51,3 +50,5 @@ profile boltd @{exec_path} flags=(attach_disconnected) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/borg b/apparmor.d/profiles-a-f/borg index 984886e95..107330419 100644 --- a/apparmor.d/profiles-a-f/borg +++ b/apparmor.d/profiles-a-f/borg @@ -2,7 +2,6 @@ # Copyright (C) 2020-2022 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -118,3 +117,5 @@ profile borg @{exec_path} { include if exists include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/browserpass b/apparmor.d/profiles-a-f/browserpass index 5eaa4abab..cfc5d3b0b 100644 --- a/apparmor.d/profiles-a-f/browserpass +++ b/apparmor.d/profiles-a-f/browserpass @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -63,3 +62,5 @@ profile browserpass @{exec_path} flags=(attach_disconnected) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/btop b/apparmor.d/profiles-a-f/btop index 1fd06e899..b6c3556ec 100644 --- a/apparmor.d/profiles-a-f/btop +++ b/apparmor.d/profiles-a-f/btop @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -61,3 +60,5 @@ profile btop @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/btrfs b/apparmor.d/profiles-a-f/btrfs index 57db80da6..f056d12ca 100644 --- a/apparmor.d/profiles-a-f/btrfs +++ b/apparmor.d/profiles-a-f/btrfs @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -59,3 +58,5 @@ profile btrfs @{exec_path} flags=(attach_disconnected) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/btrfs-convert b/apparmor.d/profiles-a-f/btrfs-convert index f10e53536..8b443cf6e 100644 --- a/apparmor.d/profiles-a-f/btrfs-convert +++ b/apparmor.d/profiles-a-f/btrfs-convert @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -19,3 +18,5 @@ profile btrfs-convert @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/btrfs-find-root b/apparmor.d/profiles-a-f/btrfs-find-root index 8d9ed4515..03c2d47bd 100644 --- a/apparmor.d/profiles-a-f/btrfs-find-root +++ b/apparmor.d/profiles-a-f/btrfs-find-root @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -20,3 +19,5 @@ profile btrfs-find-root @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/btrfs-image b/apparmor.d/profiles-a-f/btrfs-image index c3b8b66c8..c1508bb09 100644 --- a/apparmor.d/profiles-a-f/btrfs-image +++ b/apparmor.d/profiles-a-f/btrfs-image @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -22,3 +21,5 @@ profile btrfs-image @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/btrfs-map-logical b/apparmor.d/profiles-a-f/btrfs-map-logical index b777d9f53..12d2b09d6 100644 --- a/apparmor.d/profiles-a-f/btrfs-map-logical +++ b/apparmor.d/profiles-a-f/btrfs-map-logical @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -20,3 +19,5 @@ profile btrfs-map-logical @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/btrfs-select-super b/apparmor.d/profiles-a-f/btrfs-select-super index 1a4013a16..f083363cf 100644 --- a/apparmor.d/profiles-a-f/btrfs-select-super +++ b/apparmor.d/profiles-a-f/btrfs-select-super @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -19,3 +18,5 @@ profile btrfs-select-super @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/btrfstune b/apparmor.d/profiles-a-f/btrfstune index 3459f7cbe..cd8f7adfe 100644 --- a/apparmor.d/profiles-a-f/btrfstune +++ b/apparmor.d/profiles-a-f/btrfstune @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -23,3 +22,5 @@ profile btrfstune @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/cawbird b/apparmor.d/profiles-a-f/cawbird index a3e17d034..ee3bab550 100644 --- a/apparmor.d/profiles-a-f/cawbird +++ b/apparmor.d/profiles-a-f/cawbird @@ -2,7 +2,6 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -73,3 +72,5 @@ profile cawbird @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/cc-remote-login-helper b/apparmor.d/profiles-a-f/cc-remote-login-helper index 1ee41d92e..bc12ec50b 100644 --- a/apparmor.d/profiles-a-f/cc-remote-login-helper +++ b/apparmor.d/profiles-a-f/cc-remote-login-helper @@ -1,6 +1,5 @@ # apparmor.d - Full set of apparmor profiles # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -16,3 +15,5 @@ profile cc-remote-login-helper @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/cctk b/apparmor.d/profiles-a-f/cctk index c8bde01d7..3795d9836 100644 --- a/apparmor.d/profiles-a-f/cctk +++ b/apparmor.d/profiles-a-f/cctk @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -33,4 +32,6 @@ profile cctk @{exec_path} { /dev/wmi/dell-smbios r, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/ccze b/apparmor.d/profiles-a-f/ccze index 86c540b9a..e51310b63 100644 --- a/apparmor.d/profiles-a-f/ccze +++ b/apparmor.d/profiles-a-f/ccze @@ -2,7 +2,6 @@ # Copyright (C) 2017-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -22,3 +21,5 @@ profile ccze @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/cert-sync b/apparmor.d/profiles-a-f/cert-sync index ab1442298..e2770bda1 100644 --- a/apparmor.d/profiles-a-f/cert-sync +++ b/apparmor.d/profiles-a-f/cert-sync @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -16,4 +15,6 @@ profile cert-sync @{exec_path} { @{bin}/mono-sgen rPx, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/cfdisk b/apparmor.d/profiles-a-f/cfdisk index 1b2f27663..7559b5c84 100644 --- a/apparmor.d/profiles-a-f/cfdisk +++ b/apparmor.d/profiles-a-f/cfdisk @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -34,3 +33,5 @@ profile cfdisk @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/cgdisk b/apparmor.d/profiles-a-f/cgdisk index db45c05f0..f19e70c26 100644 --- a/apparmor.d/profiles-a-f/cgdisk +++ b/apparmor.d/profiles-a-f/cgdisk @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -26,3 +25,5 @@ profile cgdisk @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/cgrulesengd b/apparmor.d/profiles-a-f/cgrulesengd index 1e46f9c59..6c51eead1 100644 --- a/apparmor.d/profiles-a-f/cgrulesengd +++ b/apparmor.d/profiles-a-f/cgrulesengd @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -52,3 +51,5 @@ profile cgrulesengd @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/chage b/apparmor.d/profiles-a-f/chage index caa2d69f8..3eaa0efb9 100644 --- a/apparmor.d/profiles-a-f/chage +++ b/apparmor.d/profiles-a-f/chage @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -37,3 +36,5 @@ profile chage @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/changestool b/apparmor.d/profiles-a-f/changestool index 63c867eb3..9dd650d51 100644 --- a/apparmor.d/profiles-a-f/changestool +++ b/apparmor.d/profiles-a-f/changestool @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -38,3 +37,5 @@ profile changestool @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/check-bios-nx b/apparmor.d/profiles-a-f/check-bios-nx index 11eb0c82a..4873d3e06 100644 --- a/apparmor.d/profiles-a-f/check-bios-nx +++ b/apparmor.d/profiles-a-f/check-bios-nx @@ -2,7 +2,6 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -48,3 +47,5 @@ profile check-bios-nx @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/check-support-status b/apparmor.d/profiles-a-f/check-support-status index 513fb86f6..bdd9719d3 100644 --- a/apparmor.d/profiles-a-f/check-support-status +++ b/apparmor.d/profiles-a-f/check-support-status @@ -2,7 +2,6 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -80,3 +79,5 @@ profile check-support-status @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/check-support-status-hook b/apparmor.d/profiles-a-f/check-support-status-hook index 9bdb5c145..e0c312423 100644 --- a/apparmor.d/profiles-a-f/check-support-status-hook +++ b/apparmor.d/profiles-a-f/check-support-status-hook @@ -2,7 +2,6 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -129,3 +128,5 @@ profile check-support-status-hook @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/chfn b/apparmor.d/profiles-a-f/chfn index 1030627e4..162a08b84 100644 --- a/apparmor.d/profiles-a-f/chfn +++ b/apparmor.d/profiles-a-f/chfn @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -46,3 +45,5 @@ profile chfn @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/chpasswd b/apparmor.d/profiles-a-f/chpasswd index b66f33550..1fd84f53c 100644 --- a/apparmor.d/profiles-a-f/chpasswd +++ b/apparmor.d/profiles-a-f/chpasswd @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor include @@ -32,3 +31,5 @@ profile chpasswd @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/chronyd b/apparmor.d/profiles-a-f/chronyd index 82c42cdf4..5aa5c5ed2 100644 --- a/apparmor.d/profiles-a-f/chronyd +++ b/apparmor.d/profiles-a-f/chronyd @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # Based on https://salsa.debian.org/debian/chrony/-/blob/debian/latest/debian/usr.sbin.chronyd @@ -61,4 +60,6 @@ profile chronyd @{exec_path} flags=(attach_disconnected) { /dev/rtc{,@{int}} rw, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/chsh b/apparmor.d/profiles-a-f/chsh index 50ce2a84a..ffcdb5bdf 100644 --- a/apparmor.d/profiles-a-f/chsh +++ b/apparmor.d/profiles-a-f/chsh @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -47,3 +46,5 @@ profile chsh @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/claws-mail b/apparmor.d/profiles-a-f/claws-mail index 85094bf54..4de4543a4 100644 --- a/apparmor.d/profiles-a-f/claws-mail +++ b/apparmor.d/profiles-a-f/claws-mail @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -71,3 +70,5 @@ profile claws-mail @{exec_path} flags=(complain) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/code b/apparmor.d/profiles-a-f/code index 6577100fa..393598746 100644 --- a/apparmor.d/profiles-a-f/code +++ b/apparmor.d/profiles-a-f/code @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -102,3 +101,5 @@ profile code flags=(attach_disconnected) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/code-extension-git-askpass b/apparmor.d/profiles-a-f/code-extension-git-askpass index 10f03f0b9..6954ca966 100644 --- a/apparmor.d/profiles-a-f/code-extension-git-askpass +++ b/apparmor.d/profiles-a-f/code-extension-git-askpass @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -30,3 +29,5 @@ profile code-extension-git-askpass @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/code-extension-git-editor b/apparmor.d/profiles-a-f/code-extension-git-editor index ccea64355..104e01281 100644 --- a/apparmor.d/profiles-a-f/code-extension-git-editor +++ b/apparmor.d/profiles-a-f/code-extension-git-editor @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -21,4 +20,6 @@ profile code-extension-git-editor @{exec_path} { /dev/tty rw, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/code-wrapper b/apparmor.d/profiles-a-f/code-wrapper index af5a2ea7f..707164b09 100644 --- a/apparmor.d/profiles-a-f/code-wrapper +++ b/apparmor.d/profiles-a-f/code-wrapper @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -24,3 +23,5 @@ profile code-wrapper @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/compton b/apparmor.d/profiles-a-f/compton index 71f21ad02..b27228807 100644 --- a/apparmor.d/profiles-a-f/compton +++ b/apparmor.d/profiles-a-f/compton @@ -2,7 +2,6 @@ # Copyright (C) 2017-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -26,3 +25,5 @@ profile compton @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/conky b/apparmor.d/profiles-a-f/conky index a63710c55..1e1b10abc 100644 --- a/apparmor.d/profiles-a-f/conky +++ b/apparmor.d/profiles-a-f/conky @@ -2,7 +2,6 @@ # Copyright (C) 2015-2020 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -205,3 +204,5 @@ profile conky @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/console-setup b/apparmor.d/profiles-a-f/console-setup index 18a99fb98..d7b41ff20 100644 --- a/apparmor.d/profiles-a-f/console-setup +++ b/apparmor.d/profiles-a-f/console-setup @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -19,4 +18,6 @@ profile console-setup @{exec_path} { @{run}/console-setup/boot_completed w, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/convertall b/apparmor.d/profiles-a-f/convertall index e63ce3698..28a393470 100644 --- a/apparmor.d/profiles-a-f/convertall +++ b/apparmor.d/profiles-a-f/convertall @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -42,3 +41,5 @@ profile convertall @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/cppw-cpgr b/apparmor.d/profiles-a-f/cppw-cpgr index 5666b7de8..9e0aa0ad1 100644 --- a/apparmor.d/profiles-a-f/cppw-cpgr +++ b/apparmor.d/profiles-a-f/cppw-cpgr @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -35,3 +34,5 @@ profile cppw-cpgr @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/cpuid b/apparmor.d/profiles-a-f/cpuid index 9fd267bc2..8df6f750e 100644 --- a/apparmor.d/profiles-a-f/cpuid +++ b/apparmor.d/profiles-a-f/cpuid @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -22,3 +21,5 @@ profile cpuid @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/cracklib-packer b/apparmor.d/profiles-a-f/cracklib-packer index 904e746fd..d29bfbbee 100644 --- a/apparmor.d/profiles-a-f/cracklib-packer +++ b/apparmor.d/profiles-a-f/cracklib-packer @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -16,4 +15,6 @@ profile cracklib-packer @{exec_path} { owner /var/cache/cracklib/{,**} rw, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/crda b/apparmor.d/profiles-a-f/crda index 5e5c0e3a7..96fb4c706 100644 --- a/apparmor.d/profiles-a-f/crda +++ b/apparmor.d/profiles-a-f/crda @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -19,3 +18,5 @@ profile crda @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/cups-backend-beh b/apparmor.d/profiles-a-f/cups-backend-beh index 84addbf75..5945ac6ea 100644 --- a/apparmor.d/profiles-a-f/cups-backend-beh +++ b/apparmor.d/profiles-a-f/cups-backend-beh @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -16,4 +15,6 @@ profile cups-backend-beh @{exec_path} { /etc/papersize r, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/cups-backend-bluetooth b/apparmor.d/profiles-a-f/cups-backend-bluetooth index d73290210..ba606c7ef 100644 --- a/apparmor.d/profiles-a-f/cups-backend-bluetooth +++ b/apparmor.d/profiles-a-f/cups-backend-bluetooth @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -16,4 +15,6 @@ profile cups-backend-bluetooth @{exec_path} { /etc/papersize r, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/cups-backend-brf b/apparmor.d/profiles-a-f/cups-backend-brf index 3840f47c0..2ea66ba05 100644 --- a/apparmor.d/profiles-a-f/cups-backend-brf +++ b/apparmor.d/profiles-a-f/cups-backend-brf @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -18,4 +17,6 @@ profile cups-backend-brf @{exec_path} { /etc/papersize r, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/cups-backend-dnssd b/apparmor.d/profiles-a-f/cups-backend-dnssd index f1e052df6..0bb1a34d1 100644 --- a/apparmor.d/profiles-a-f/cups-backend-dnssd +++ b/apparmor.d/profiles-a-f/cups-backend-dnssd @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -17,4 +16,6 @@ profile cups-backend-dnssd @{exec_path} { /etc/papersize r, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/cups-backend-hp b/apparmor.d/profiles-a-f/cups-backend-hp index 7547b4e06..f82ce7e0a 100644 --- a/apparmor.d/profiles-a-f/cups-backend-hp +++ b/apparmor.d/profiles-a-f/cups-backend-hp @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -16,4 +15,6 @@ profile cups-backend-hp @{exec_path} { /etc/papersize r, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/cups-backend-implicitclass b/apparmor.d/profiles-a-f/cups-backend-implicitclass index c5effeceb..6a50ec237 100644 --- a/apparmor.d/profiles-a-f/cups-backend-implicitclass +++ b/apparmor.d/profiles-a-f/cups-backend-implicitclass @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -16,4 +15,6 @@ profile cups-backend-implicitclass @{exec_path} { /etc/papersize r, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/cups-backend-ipp b/apparmor.d/profiles-a-f/cups-backend-ipp index 4cfba737b..706e1a5ae 100644 --- a/apparmor.d/profiles-a-f/cups-backend-ipp +++ b/apparmor.d/profiles-a-f/cups-backend-ipp @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -16,4 +15,6 @@ profile cups-backend-ipp @{exec_path} { /etc/papersize r, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/cups-backend-lpd b/apparmor.d/profiles-a-f/cups-backend-lpd index 0392d29cd..077a913a0 100644 --- a/apparmor.d/profiles-a-f/cups-backend-lpd +++ b/apparmor.d/profiles-a-f/cups-backend-lpd @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -16,4 +15,6 @@ profile cups-backend-lpd @{exec_path} { /etc/papersize r, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/cups-backend-mdns b/apparmor.d/profiles-a-f/cups-backend-mdns index 603d5c69d..a520e9a19 100644 --- a/apparmor.d/profiles-a-f/cups-backend-mdns +++ b/apparmor.d/profiles-a-f/cups-backend-mdns @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -16,4 +15,6 @@ profile cups-backend-mdns @{exec_path} { /etc/papersize r, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/cups-backend-parallel b/apparmor.d/profiles-a-f/cups-backend-parallel index a93805ff6..fe2e752ef 100644 --- a/apparmor.d/profiles-a-f/cups-backend-parallel +++ b/apparmor.d/profiles-a-f/cups-backend-parallel @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -16,4 +15,6 @@ profile cups-backend-parallel @{exec_path} { /etc/papersize r, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/cups-backend-pdf b/apparmor.d/profiles-a-f/cups-backend-pdf index 7b5794cb5..efbb2a85d 100644 --- a/apparmor.d/profiles-a-f/cups-backend-pdf +++ b/apparmor.d/profiles-a-f/cups-backend-pdf @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -44,4 +43,6 @@ profile cups-backend-pdf @{exec_path} { /dev/tty rw, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/cups-backend-serial b/apparmor.d/profiles-a-f/cups-backend-serial index 695143a4b..e2ec19bce 100644 --- a/apparmor.d/profiles-a-f/cups-backend-serial +++ b/apparmor.d/profiles-a-f/cups-backend-serial @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -18,4 +17,6 @@ profile cups-backend-serial @{exec_path} { /dev/ttyS@{int} w, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/cups-backend-snmp b/apparmor.d/profiles-a-f/cups-backend-snmp index fdd53fec8..1532db04b 100644 --- a/apparmor.d/profiles-a-f/cups-backend-snmp +++ b/apparmor.d/profiles-a-f/cups-backend-snmp @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -22,4 +21,6 @@ profile cups-backend-snmp @{exec_path} { /etc/papersize r, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/cups-backend-socket b/apparmor.d/profiles-a-f/cups-backend-socket index 52843ba90..338d2e2e6 100644 --- a/apparmor.d/profiles-a-f/cups-backend-socket +++ b/apparmor.d/profiles-a-f/cups-backend-socket @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -16,4 +15,6 @@ profile cups-backend-socket @{exec_path} { /etc/papersize r, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/cups-backend-usb b/apparmor.d/profiles-a-f/cups-backend-usb index 3067ecbbd..e647939f4 100644 --- a/apparmor.d/profiles-a-f/cups-backend-usb +++ b/apparmor.d/profiles-a-f/cups-backend-usb @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -24,4 +23,6 @@ profile cups-backend-usb @{exec_path} { /etc/papersize r, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/cups-browsed b/apparmor.d/profiles-a-f/cups-browsed index 47bf19aa4..2abffbe16 100644 --- a/apparmor.d/profiles-a-f/cups-browsed +++ b/apparmor.d/profiles-a-f/cups-browsed @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -53,3 +52,5 @@ profile cups-browsed @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/cups-notifier-dbus b/apparmor.d/profiles-a-f/cups-notifier-dbus index 6510b26a3..9632ca91d 100644 --- a/apparmor.d/profiles-a-f/cups-notifier-dbus +++ b/apparmor.d/profiles-a-f/cups-notifier-dbus @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -24,4 +23,6 @@ profile cups-notifier-dbus @{exec_path} { owner @{tmp}/cups-dbus-notifier-lockfile rwk, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/cups-notifier-mailto b/apparmor.d/profiles-a-f/cups-notifier-mailto index 235fb1694..aad9f73c3 100644 --- a/apparmor.d/profiles-a-f/cups-notifier-mailto +++ b/apparmor.d/profiles-a-f/cups-notifier-mailto @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -14,4 +13,6 @@ profile cups-notifier-mailto @{exec_path} { @{exec_path} mr, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/cups-notifier-rss b/apparmor.d/profiles-a-f/cups-notifier-rss index 5e0cced1e..86dfecc9e 100644 --- a/apparmor.d/profiles-a-f/cups-notifier-rss +++ b/apparmor.d/profiles-a-f/cups-notifier-rss @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -14,4 +13,6 @@ profile cups-notifier-rss @{exec_path} { @{exec_path} mr, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/cups-pk-helper-mechanism b/apparmor.d/profiles-a-f/cups-pk-helper-mechanism index 61544810d..7c67e3e6a 100644 --- a/apparmor.d/profiles-a-f/cups-pk-helper-mechanism +++ b/apparmor.d/profiles-a-f/cups-pk-helper-mechanism @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -32,4 +31,6 @@ profile cups-pk-helper-mechanism @{exec_path} { @{run}/cups/cups.sock rw, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/cupsd b/apparmor.d/profiles-a-f/cupsd index 07bf3b282..9511c7495 100644 --- a/apparmor.d/profiles-a-f/cupsd +++ b/apparmor.d/profiles-a-f/cupsd @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor include @@ -101,3 +100,5 @@ profile cupsd @{exec_path} flags=(attach_disconnected) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/czkawka-cli b/apparmor.d/profiles-a-f/czkawka-cli index 473d83f36..6ad4c553b 100644 --- a/apparmor.d/profiles-a-f/czkawka-cli +++ b/apparmor.d/profiles-a-f/czkawka-cli @@ -2,7 +2,6 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -33,3 +32,5 @@ profile czkawka-cli @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/czkawka-gui b/apparmor.d/profiles-a-f/czkawka-gui index 5e3aed6e0..68a30c769 100644 --- a/apparmor.d/profiles-a-f/czkawka-gui +++ b/apparmor.d/profiles-a-f/czkawka-gui @@ -2,7 +2,6 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -67,3 +66,5 @@ profile czkawka-gui @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/ddclient b/apparmor.d/profiles-a-f/ddclient index 4cf11e151..000e61013 100644 --- a/apparmor.d/profiles-a-f/ddclient +++ b/apparmor.d/profiles-a-f/ddclient @@ -2,7 +2,6 @@ # Copyright (C) 2017-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -31,3 +30,5 @@ profile ddclient @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/deltachat-desktop b/apparmor.d/profiles-a-f/deltachat-desktop index e32faffa3..eaf12a933 100644 --- a/apparmor.d/profiles-a-f/deltachat-desktop +++ b/apparmor.d/profiles-a-f/deltachat-desktop @@ -2,7 +2,6 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -108,3 +107,5 @@ profile deltachat-desktop @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/deluser b/apparmor.d/profiles-a-f/deluser index 66767f468..67e52b376 100644 --- a/apparmor.d/profiles-a-f/deluser +++ b/apparmor.d/profiles-a-f/deluser @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -60,3 +59,5 @@ profile deluser @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/df b/apparmor.d/profiles-a-f/df index 8e330d1f4..18b3687e1 100644 --- a/apparmor.d/profiles-a-f/df +++ b/apparmor.d/profiles-a-f/df @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -27,3 +26,5 @@ profile df @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/dfc b/apparmor.d/profiles-a-f/dfc index 5304458d3..b4ccf6743 100644 --- a/apparmor.d/profiles-a-f/dfc +++ b/apparmor.d/profiles-a-f/dfc @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -26,3 +25,5 @@ profile dfc @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/dhclient b/apparmor.d/profiles-a-f/dhclient index 4ffe0285e..20e45b87f 100644 --- a/apparmor.d/profiles-a-f/dhclient +++ b/apparmor.d/profiles-a-f/dhclient @@ -2,7 +2,6 @@ # Copyright (C) 2018-2022 Mikhail Morfikov # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -40,3 +39,5 @@ profile dhclient @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/dhclient-script b/apparmor.d/profiles-a-f/dhclient-script index 59492147d..4261a8be7 100644 --- a/apparmor.d/profiles-a-f/dhclient-script +++ b/apparmor.d/profiles-a-f/dhclient-script @@ -2,7 +2,6 @@ # Copyright (C) 2018-2022 Mikhail Morfikov # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -82,3 +81,5 @@ profile dhclient-script @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/dig b/apparmor.d/profiles-a-f/dig index ae9b641c1..87b80e3da 100644 --- a/apparmor.d/profiles-a-f/dig +++ b/apparmor.d/profiles-a-f/dig @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -35,3 +34,5 @@ profile dig @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/dino-im b/apparmor.d/profiles-a-f/dino-im index 11b2b9358..f06989836 100644 --- a/apparmor.d/profiles-a-f/dino-im +++ b/apparmor.d/profiles-a-f/dino-im @@ -2,7 +2,6 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -51,3 +50,5 @@ profile dino-im @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/dkms b/apparmor.d/profiles-a-f/dkms index 9dc74d072..90206b44c 100644 --- a/apparmor.d/profiles-a-f/dkms +++ b/apparmor.d/profiles-a-f/dkms @@ -3,7 +3,6 @@ # Copyright (C) 2021-2024 Alexandre Pujol # Copyright (C) 2022 Jeroen Rijken # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -120,3 +119,5 @@ profile dkms @{exec_path} flags=(attach_disconnected) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/dkms-autoinstaller b/apparmor.d/profiles-a-f/dkms-autoinstaller index 86f0b1c87..f266791a1 100644 --- a/apparmor.d/profiles-a-f/dkms-autoinstaller +++ b/apparmor.d/profiles-a-f/dkms-autoinstaller @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2022 Jeroen Rijken # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -47,3 +46,5 @@ profile dkms-autoinstaller @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/dleyna-renderer-service b/apparmor.d/profiles-a-f/dleyna-renderer-service index f0e5cef84..d56098048 100644 --- a/apparmor.d/profiles-a-f/dleyna-renderer-service +++ b/apparmor.d/profiles-a-f/dleyna-renderer-service @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -24,4 +23,6 @@ profile dleyna-renderer-service @{exec_path} { owner @{user_config_dirs}/dleyna-renderer-service.conf rw, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/dleyna-server-service b/apparmor.d/profiles-a-f/dleyna-server-service index 510104e61..f41d250f6 100644 --- a/apparmor.d/profiles-a-f/dleyna-server-service +++ b/apparmor.d/profiles-a-f/dleyna-server-service @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -26,4 +25,6 @@ profile dleyna-server-service @{exec_path} { owner @{user_config_dirs}/dleyna-server-service.conf w, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/dlocate b/apparmor.d/profiles-a-f/dlocate index 5ae0a787e..e17a72c84 100644 --- a/apparmor.d/profiles-a-f/dlocate +++ b/apparmor.d/profiles-a-f/dlocate @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -64,3 +63,5 @@ profile dlocate @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/dmcrypt-get-device b/apparmor.d/profiles-a-f/dmcrypt-get-device index e4171388f..2fa3fc6a9 100644 --- a/apparmor.d/profiles-a-f/dmcrypt-get-device +++ b/apparmor.d/profiles-a-f/dmcrypt-get-device @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -25,3 +24,5 @@ profile dmcrypt-get-device @{exec_path} flags=(complain) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/dmesg b/apparmor.d/profiles-a-f/dmesg index 5c1d38d1a..6dcd5cbb8 100644 --- a/apparmor.d/profiles-a-f/dmesg +++ b/apparmor.d/profiles-a-f/dmesg @@ -2,7 +2,6 @@ # Copyright (C) 2019-2022 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -37,3 +36,5 @@ profile dmesg @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/dmeventd b/apparmor.d/profiles-a-f/dmeventd index ab7bfaa54..2d904eec0 100644 --- a/apparmor.d/profiles-a-f/dmeventd +++ b/apparmor.d/profiles-a-f/dmeventd @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022 Jeroen Rijken # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -15,3 +14,5 @@ profile dmeventd @{exec_path} flags=(complain) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/dmidecode b/apparmor.d/profiles-a-f/dmidecode index 2797dfe9f..061bc40ac 100644 --- a/apparmor.d/profiles-a-f/dmidecode +++ b/apparmor.d/profiles-a-f/dmidecode @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -23,3 +22,5 @@ profile dmidecode @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/dnscrypt-proxy b/apparmor.d/profiles-a-f/dnscrypt-proxy index e7b4a09c0..03d47e395 100644 --- a/apparmor.d/profiles-a-f/dnscrypt-proxy +++ b/apparmor.d/profiles-a-f/dnscrypt-proxy @@ -2,7 +2,6 @@ # Copyright (C) 2018-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -57,3 +56,5 @@ profile dnscrypt-proxy @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/downloadhelper b/apparmor.d/profiles-a-f/downloadhelper index 5556fb236..05b4085b3 100644 --- a/apparmor.d/profiles-a-f/downloadhelper +++ b/apparmor.d/profiles-a-f/downloadhelper @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -43,4 +42,6 @@ profile downloadhelper @{exec_path} { deny @{user_share_dirs}/gvfs-metadata/* r, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/dring b/apparmor.d/profiles-a-f/dring index 7c7ae44d8..8d0045030 100644 --- a/apparmor.d/profiles-a-f/dring +++ b/apparmor.d/profiles-a-f/dring @@ -2,7 +2,6 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -37,3 +36,5 @@ profile dring @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/dumpcap b/apparmor.d/profiles-a-f/dumpcap index e3c3e800f..e03ad1742 100644 --- a/apparmor.d/profiles-a-f/dumpcap +++ b/apparmor.d/profiles-a-f/dumpcap @@ -2,7 +2,6 @@ # Copyright (C) 2018-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -55,3 +54,5 @@ profile dumpcap @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/dumpe2fs b/apparmor.d/profiles-a-f/dumpe2fs index 188a4b279..725f725c5 100644 --- a/apparmor.d/profiles-a-f/dumpe2fs +++ b/apparmor.d/profiles-a-f/dumpe2fs @@ -2,7 +2,6 @@ # Copyright (C) 2018-2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -26,3 +25,5 @@ profile dumpe2fs @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/dunst b/apparmor.d/profiles-a-f/dunst index 69bf8d066..8fb895029 100644 --- a/apparmor.d/profiles-a-f/dunst +++ b/apparmor.d/profiles-a-f/dunst @@ -2,7 +2,6 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -24,3 +23,5 @@ profile dunst @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/dunstctl b/apparmor.d/profiles-a-f/dunstctl index 18c5ea562..42276c6c6 100644 --- a/apparmor.d/profiles-a-f/dunstctl +++ b/apparmor.d/profiles-a-f/dunstctl @@ -2,7 +2,6 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -24,3 +23,5 @@ profile dunstctl @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/dunstify b/apparmor.d/profiles-a-f/dunstify index 94458981e..3a8f16c2f 100644 --- a/apparmor.d/profiles-a-f/dunstify +++ b/apparmor.d/profiles-a-f/dunstify @@ -2,7 +2,6 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -19,3 +18,5 @@ profile dunstify @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/e2fsck b/apparmor.d/profiles-a-f/e2fsck index ed1c574bb..8ce1ed3c7 100644 --- a/apparmor.d/profiles-a-f/e2fsck +++ b/apparmor.d/profiles-a-f/e2fsck @@ -2,7 +2,6 @@ # Copyright (C) 2019-2022 Mikhail Morfikov # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -40,3 +39,5 @@ profile e2fsck @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/e2image b/apparmor.d/profiles-a-f/e2image index 82f061f78..ccb4cc5a4 100644 --- a/apparmor.d/profiles-a-f/e2image +++ b/apparmor.d/profiles-a-f/e2image @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -24,3 +23,5 @@ profile e2image @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/e2scrub_all b/apparmor.d/profiles-a-f/e2scrub_all index 2537b9402..de648cac2 100644 --- a/apparmor.d/profiles-a-f/e2scrub_all +++ b/apparmor.d/profiles-a-f/e2scrub_all @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -26,4 +25,6 @@ profile e2scrub_all @{exec_path} flags=(attach_disconnected) { /dev/tty rw, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/edid-decode b/apparmor.d/profiles-a-f/edid-decode index f4a8921e9..8925e5e2d 100644 --- a/apparmor.d/profiles-a-f/edid-decode +++ b/apparmor.d/profiles-a-f/edid-decode @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -18,3 +17,5 @@ profile edid-decode @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/eject b/apparmor.d/profiles-a-f/eject index b2300da36..bd467c2be 100644 --- a/apparmor.d/profiles-a-f/eject +++ b/apparmor.d/profiles-a-f/eject @@ -2,7 +2,6 @@ # Copyright (C) 2018-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -31,3 +30,5 @@ profile eject @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/element-desktop b/apparmor.d/profiles-a-f/element-desktop index f1bc8d5a2..1dd15b4b9 100644 --- a/apparmor.d/profiles-a-f/element-desktop +++ b/apparmor.d/profiles-a-f/element-desktop @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -47,4 +46,6 @@ profile element-desktop @{exec_path} { deny /var/lib/dbus/machine-id r, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/engrampa b/apparmor.d/profiles-a-f/engrampa index 33608786e..78fa87937 100644 --- a/apparmor.d/profiles-a-f/engrampa +++ b/apparmor.d/profiles-a-f/engrampa @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -93,3 +92,5 @@ profile engrampa @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/etckeeper b/apparmor.d/profiles-a-f/etckeeper index ac24e53cb..6f10293c7 100644 --- a/apparmor.d/profiles-a-f/etckeeper +++ b/apparmor.d/profiles-a-f/etckeeper @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -77,4 +76,6 @@ profile etckeeper @{exec_path} { } include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/evince b/apparmor.d/profiles-a-f/evince index 510652be7..73d73eb02 100644 --- a/apparmor.d/profiles-a-f/evince +++ b/apparmor.d/profiles-a-f/evince @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -66,3 +65,5 @@ profile evince @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/evince-previewer b/apparmor.d/profiles-a-f/evince-previewer index c83e429b8..7a2b939a6 100644 --- a/apparmor.d/profiles-a-f/evince-previewer +++ b/apparmor.d/profiles-a-f/evince-previewer @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -19,4 +18,6 @@ profile evince-previewer @{exec_path} { @{exec_path} mr, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/evince-thumbnailer b/apparmor.d/profiles-a-f/evince-thumbnailer index a3eaf10a3..d4e63c924 100644 --- a/apparmor.d/profiles-a-f/evince-thumbnailer +++ b/apparmor.d/profiles-a-f/evince-thumbnailer @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -20,4 +19,6 @@ profile evince-thumbnailer @{exec_path} flags=(attach_disconnected) { owner @{tmp}/gnome-desktop-thumbnailer.png w, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/execute-dcut b/apparmor.d/profiles-a-f/execute-dcut index 53a534de2..9f03de7fc 100644 --- a/apparmor.d/profiles-a-f/execute-dcut +++ b/apparmor.d/profiles-a-f/execute-dcut @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -18,3 +17,5 @@ profile execute-dcut @{exec_path} flags=(complain) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/execute-dput b/apparmor.d/profiles-a-f/execute-dput index 1047f2087..10edc6164 100644 --- a/apparmor.d/profiles-a-f/execute-dput +++ b/apparmor.d/profiles-a-f/execute-dput @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -51,3 +50,5 @@ profile execute-dput @{exec_path} flags=(complain) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/exiftool b/apparmor.d/profiles-a-f/exiftool index f4b8864ff..23aac34d4 100644 --- a/apparmor.d/profiles-a-f/exiftool +++ b/apparmor.d/profiles-a-f/exiftool @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 valoq # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -17,3 +16,5 @@ profile exiftool @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/exim4 b/apparmor.d/profiles-a-f/exim4 index f17dfd2d9..3dae4cae6 100644 --- a/apparmor.d/profiles-a-f/exim4 +++ b/apparmor.d/profiles-a-f/exim4 @@ -2,7 +2,6 @@ # Copyright (C) 2018-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -60,3 +59,5 @@ profile exim4 @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/exo-compose-mail b/apparmor.d/profiles-a-f/exo-compose-mail index 0f733f953..990c67b85 100644 --- a/apparmor.d/profiles-a-f/exo-compose-mail +++ b/apparmor.d/profiles-a-f/exo-compose-mail @@ -2,7 +2,6 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -23,3 +22,5 @@ profile exo-compose-mail @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/exo-helper b/apparmor.d/profiles-a-f/exo-helper index 3edd4b319..af38a5fa3 100644 --- a/apparmor.d/profiles-a-f/exo-helper +++ b/apparmor.d/profiles-a-f/exo-helper @@ -2,7 +2,6 @@ # Copyright (C) 2018-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -54,3 +53,5 @@ profile exo-helper @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/exo-open b/apparmor.d/profiles-a-f/exo-open index 70bad7706..7d265e566 100644 --- a/apparmor.d/profiles-a-f/exo-open +++ b/apparmor.d/profiles-a-f/exo-open @@ -2,7 +2,6 @@ # Copyright (C) 2018-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -32,3 +31,5 @@ profile exo-open @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/f3brew b/apparmor.d/profiles-a-f/f3brew index a0dcd513b..8572f369c 100644 --- a/apparmor.d/profiles-a-f/f3brew +++ b/apparmor.d/profiles-a-f/f3brew @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -17,3 +16,5 @@ profile f3brew @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/f3fix b/apparmor.d/profiles-a-f/f3fix index f2f695b92..a5d327e72 100644 --- a/apparmor.d/profiles-a-f/f3fix +++ b/apparmor.d/profiles-a-f/f3fix @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -41,3 +40,5 @@ profile f3fix @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/f3probe b/apparmor.d/profiles-a-f/f3probe index f3cfb4c2c..c7843c91f 100644 --- a/apparmor.d/profiles-a-f/f3probe +++ b/apparmor.d/profiles-a-f/f3probe @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -18,3 +17,5 @@ profile f3probe @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/f3read b/apparmor.d/profiles-a-f/f3read index 535016764..a25e7e0cc 100644 --- a/apparmor.d/profiles-a-f/f3read +++ b/apparmor.d/profiles-a-f/f3read @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -27,3 +26,5 @@ profile f3read @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/f3write b/apparmor.d/profiles-a-f/f3write index 19c432377..25282dff8 100644 --- a/apparmor.d/profiles-a-f/f3write +++ b/apparmor.d/profiles-a-f/f3write @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -31,3 +30,5 @@ profile f3write @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/fail2ban-client b/apparmor.d/profiles-a-f/fail2ban-client index 8e99384cb..23fd61125 100644 --- a/apparmor.d/profiles-a-f/fail2ban-client +++ b/apparmor.d/profiles-a-f/fail2ban-client @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -21,4 +20,6 @@ profile fail2ban-client @{exec_path} flags=(attach_disconnected) { /etc/fail2ban/{,**} r, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/fail2ban-server b/apparmor.d/profiles-a-f/fail2ban-server index 7bc7ef21c..2706c8e43 100644 --- a/apparmor.d/profiles-a-f/fail2ban-server +++ b/apparmor.d/profiles-a-f/fail2ban-server @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -40,4 +39,6 @@ profile fail2ban-server @{exec_path} flags=(attach_disconnected) { owner @{PROC}/@{pid}/fd/ r, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/fatlabel b/apparmor.d/profiles-a-f/fatlabel index 52e7a7e7f..df95d83c0 100644 --- a/apparmor.d/profiles-a-f/fatlabel +++ b/apparmor.d/profiles-a-f/fatlabel @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -17,3 +16,5 @@ profile fatlabel @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/fatresize b/apparmor.d/profiles-a-f/fatresize index 348794884..b94e0e49c 100644 --- a/apparmor.d/profiles-a-f/fatresize +++ b/apparmor.d/profiles-a-f/fatresize @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -38,3 +37,5 @@ profile fatresize @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/fdisk b/apparmor.d/profiles-a-f/fdisk index 880d4d7d7..815e3bc76 100644 --- a/apparmor.d/profiles-a-f/fdisk +++ b/apparmor.d/profiles-a-f/fdisk @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -36,3 +35,5 @@ profile fdisk @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/ffmpeg b/apparmor.d/profiles-a-f/ffmpeg index 8c386abb1..864becf32 100644 --- a/apparmor.d/profiles-a-f/ffmpeg +++ b/apparmor.d/profiles-a-f/ffmpeg @@ -2,7 +2,6 @@ # Copyright (C) 2017-2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -41,3 +40,5 @@ profile ffmpeg @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/ffplay b/apparmor.d/profiles-a-f/ffplay index 3149ae191..0615d1042 100644 --- a/apparmor.d/profiles-a-f/ffplay +++ b/apparmor.d/profiles-a-f/ffplay @@ -2,7 +2,6 @@ # Copyright (C) 2017-2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -35,3 +34,5 @@ profile ffplay @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/ffprobe b/apparmor.d/profiles-a-f/ffprobe index e917d1363..f5448d7ef 100644 --- a/apparmor.d/profiles-a-f/ffprobe +++ b/apparmor.d/profiles-a-f/ffprobe @@ -2,7 +2,6 @@ # Copyright (C) 2017-2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -25,3 +24,5 @@ profile ffprobe @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/file-roller b/apparmor.d/profiles-a-f/file-roller index c2f540880..4e432e2f1 100644 --- a/apparmor.d/profiles-a-f/file-roller +++ b/apparmor.d/profiles-a-f/file-roller @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -43,4 +42,6 @@ profile file-roller @{exec_path} { owner @{PROC}/@{pid}/mountinfo r, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/filecap b/apparmor.d/profiles-a-f/filecap index 71d461654..afad4070c 100644 --- a/apparmor.d/profiles-a-f/filecap +++ b/apparmor.d/profiles-a-f/filecap @@ -2,7 +2,6 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -30,3 +29,5 @@ profile filecap @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/findmnt b/apparmor.d/profiles-a-f/findmnt index c62b1a0a1..7fb7c9e1b 100644 --- a/apparmor.d/profiles-a-f/findmnt +++ b/apparmor.d/profiles-a-f/findmnt @@ -2,7 +2,6 @@ # Copyright (C) 2022 Jeroen Rijken # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -28,4 +27,6 @@ profile findmnt @{exec_path} flags=(attach_disconnected,complain) { deny unix (receive) type=stream, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/firecfg b/apparmor.d/profiles-a-f/firecfg index 9775c26bb..c470d068a 100644 --- a/apparmor.d/profiles-a-f/firecfg +++ b/apparmor.d/profiles-a-f/firecfg @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -40,3 +39,5 @@ profile firecfg @{exec_path} flags=(attach_disconnected) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/firewalld b/apparmor.d/profiles-a-f/firewalld index 03d410a58..143719f0d 100644 --- a/apparmor.d/profiles-a-f/firewalld +++ b/apparmor.d/profiles-a-f/firewalld @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -78,4 +77,6 @@ profile firewalld @{exec_path} { owner @{PROC}/@{pids}/net/ip_tables_names r, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/flameshot b/apparmor.d/profiles-a-f/flameshot index 88d5bb7d2..877e42912 100644 --- a/apparmor.d/profiles-a-f/flameshot +++ b/apparmor.d/profiles-a-f/flameshot @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -59,3 +58,5 @@ profile flameshot @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/flatpak b/apparmor.d/profiles-a-f/flatpak index 583993021..4d3220a08 100644 --- a/apparmor.d/profiles-a-f/flatpak +++ b/apparmor.d/profiles-a-f/flatpak @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -137,3 +136,5 @@ profile flatpak @{exec_path} flags=(attach_disconnected,mediate_deleted,complain include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/flatpak-app b/apparmor.d/profiles-a-f/flatpak-app index dc2eb24db..41d72d143 100644 --- a/apparmor.d/profiles-a-f/flatpak-app +++ b/apparmor.d/profiles-a-f/flatpak-app @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # Default profile for all flatpak applications. Ideally, this profile should be # generated by flatpak itself with settings from the flatpak manifest and @@ -95,3 +94,5 @@ profile flatpak-app flags=(attach_disconnected,mediate_deleted) { include if exists include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/flatpak-oci-authenticator b/apparmor.d/profiles-a-f/flatpak-oci-authenticator index 8d2cfb60c..9b379b55d 100644 --- a/apparmor.d/profiles-a-f/flatpak-oci-authenticator +++ b/apparmor.d/profiles-a-f/flatpak-oci-authenticator @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -17,4 +16,6 @@ profile flatpak-oci-authenticator @{exec_path} { @{exec_path} mr, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/flatpak-portal b/apparmor.d/profiles-a-f/flatpak-portal index 144aa5a43..570a3ea8c 100644 --- a/apparmor.d/profiles-a-f/flatpak-portal +++ b/apparmor.d/profiles-a-f/flatpak-portal @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -45,4 +44,6 @@ profile flatpak-portal @{exec_path} flags=(attach_disconnected) { owner @{run}/user/@{uid}/.flatpak/@{int}-private/* r, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/flatpak-session-helper b/apparmor.d/profiles-a-f/flatpak-session-helper index 266ca0e96..d27d0c24a 100644 --- a/apparmor.d/profiles-a-f/flatpak-session-helper +++ b/apparmor.d/profiles-a-f/flatpak-session-helper @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -46,4 +45,6 @@ profile flatpak-session-helper @{exec_path} flags=(attach_disconnected) { /dev/ptmx rw, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/flatpak-system-helper b/apparmor.d/profiles-a-f/flatpak-system-helper index fbbfd50ce..81a1231cb 100644 --- a/apparmor.d/profiles-a-f/flatpak-system-helper +++ b/apparmor.d/profiles-a-f/flatpak-system-helper @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -74,3 +73,5 @@ profile flatpak-system-helper @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/flatpak-validate-icon b/apparmor.d/profiles-a-f/flatpak-validate-icon index 1c245d91a..7669bb1e6 100644 --- a/apparmor.d/profiles-a-f/flatpak-validate-icon +++ b/apparmor.d/profiles-a-f/flatpak-validate-icon @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -14,4 +13,6 @@ profile flatpak-validate-icon @{exec_path} { @{exec_path} mr, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/foliate b/apparmor.d/profiles-a-f/foliate index 8e56018c7..8498285d1 100644 --- a/apparmor.d/profiles-a-f/foliate +++ b/apparmor.d/profiles-a-f/foliate @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -69,4 +68,6 @@ profile foliate @{exec_path} flags=(attach_disconnected) { deny @{user_share_dirs}/gvfs-metadata/* r, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/font-manager b/apparmor.d/profiles-a-f/font-manager index 3481dc109..6d7096ad7 100644 --- a/apparmor.d/profiles-a-f/font-manager +++ b/apparmor.d/profiles-a-f/font-manager @@ -2,7 +2,6 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -63,3 +62,5 @@ profile font-manager @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/fping b/apparmor.d/profiles-a-f/fping index ddc45ddff..5d30e4522 100644 --- a/apparmor.d/profiles-a-f/fping +++ b/apparmor.d/profiles-a-f/fping @@ -2,7 +2,6 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -27,3 +26,5 @@ profile fping @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/fprintd b/apparmor.d/profiles-a-f/fprintd index 0dd8c2867..d856867a3 100644 --- a/apparmor.d/profiles-a-f/fprintd +++ b/apparmor.d/profiles-a-f/fprintd @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -38,3 +37,5 @@ profile fprintd @{exec_path} flags=(attach_disconnected) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/fractal b/apparmor.d/profiles-a-f/fractal index db8cbdb5f..c6355c2ff 100644 --- a/apparmor.d/profiles-a-f/fractal +++ b/apparmor.d/profiles-a-f/fractal @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -41,4 +40,6 @@ profile fractal @{exec_path} flags=(attach_disconnected) { /dev/ r, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/freefall b/apparmor.d/profiles-a-f/freefall index d47ff03f3..0499beb0a 100644 --- a/apparmor.d/profiles-a-f/freefall +++ b/apparmor.d/profiles-a-f/freefall @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -26,3 +25,5 @@ profile freefall @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/fritzing b/apparmor.d/profiles-a-f/fritzing index b6153edfe..3e3dde2e9 100644 --- a/apparmor.d/profiles-a-f/fritzing +++ b/apparmor.d/profiles-a-f/fritzing @@ -2,7 +2,6 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -69,3 +68,5 @@ profile fritzing @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/frontend b/apparmor.d/profiles-a-f/frontend index 68954d111..eb90c18d6 100644 --- a/apparmor.d/profiles-a-f/frontend +++ b/apparmor.d/profiles-a-f/frontend @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -126,3 +125,5 @@ profile frontend @{exec_path} flags=(complain) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/fsck b/apparmor.d/profiles-a-f/fsck index be1ed77e9..d04b32e96 100644 --- a/apparmor.d/profiles-a-f/fsck +++ b/apparmor.d/profiles-a-f/fsck @@ -2,7 +2,6 @@ # Copyright (C) 2020-2022 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -41,3 +40,5 @@ profile fsck @{exec_path} flags=(attach_disconnected) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/fsck.btrfs b/apparmor.d/profiles-a-f/fsck.btrfs index 85db8768c..470b5a3d3 100644 --- a/apparmor.d/profiles-a-f/fsck.btrfs +++ b/apparmor.d/profiles-a-f/fsck.btrfs @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -20,3 +19,5 @@ profile fsck.btrfs @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/fsck.fat b/apparmor.d/profiles-a-f/fsck.fat index 38c372d2f..c188574ee 100644 --- a/apparmor.d/profiles-a-f/fsck.fat +++ b/apparmor.d/profiles-a-f/fsck.fat @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -23,3 +22,5 @@ profile fsck.fat @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/fuse-overlayfs b/apparmor.d/profiles-a-f/fuse-overlayfs index 327b9acce..643371c60 100644 --- a/apparmor.d/profiles-a-f/fuse-overlayfs +++ b/apparmor.d/profiles-a-f/fuse-overlayfs @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -29,4 +28,6 @@ profile fuse-overlayfs @{exec_path} { /dev/fuse rw, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/fuseiso b/apparmor.d/profiles-a-f/fuseiso index ca926a807..e4d6cfd99 100644 --- a/apparmor.d/profiles-a-f/fuseiso +++ b/apparmor.d/profiles-a-f/fuseiso @@ -2,7 +2,6 @@ # Copyright (C) 2017-2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -63,3 +62,5 @@ profile fuseiso @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/fusermount b/apparmor.d/profiles-a-f/fusermount index 59233a71d..6774ffa96 100644 --- a/apparmor.d/profiles-a-f/fusermount +++ b/apparmor.d/profiles-a-f/fusermount @@ -2,7 +2,6 @@ # Copyright (C) 2020-2022 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -56,3 +55,5 @@ profile fusermount @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/fwupd b/apparmor.d/profiles-a-f/fwupd index cfccf778e..316f6ebdd 100644 --- a/apparmor.d/profiles-a-f/fwupd +++ b/apparmor.d/profiles-a-f/fwupd @@ -2,7 +2,6 @@ # Copyright (C) 2020-2022 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -149,3 +148,5 @@ profile fwupd @{exec_path} flags=(complain,attach_disconnected) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-a-f/fwupdmgr b/apparmor.d/profiles-a-f/fwupdmgr index f8ef48a32..6064c0ff1 100644 --- a/apparmor.d/profiles-a-f/fwupdmgr +++ b/apparmor.d/profiles-a-f/fwupdmgr @@ -2,7 +2,6 @@ # Copyright (C) 2020-2022 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -67,3 +66,5 @@ profile fwupdmgr @{exec_path} flags=(attach_disconnected,complain) { include if exists } + +# vim:syntax=apparmor From e2c868bd804490068983e6310ae9f7e3d1fdf9a9 Mon Sep 17 00:00:00 2001 From: REmerald <55359236+REmerald@users.noreply.github.com> Date: Sun, 9 Jun 2024 19:38:05 +0300 Subject: [PATCH 47/52] feat(profiles-g-l): vim syntax support Add vim modeline instructing the editor to use syntax plugin provided by apparmor. --- apparmor.d/profiles-g-l/gajim | 1 + apparmor.d/profiles-g-l/ganyremote | 1 + apparmor.d/profiles-g-l/gconfd | 1 + apparmor.d/profiles-g-l/gdisk | 1 + apparmor.d/profiles-g-l/gdk-pixbuf-query-loaders | 1 + apparmor.d/profiles-g-l/ghc-pkg | 1 + apparmor.d/profiles-g-l/gio-querymodules | 1 + apparmor.d/profiles-g-l/git | 1 + apparmor.d/profiles-g-l/gitstatusd | 1 + apparmor.d/profiles-g-l/glib-compile-resources | 1 + apparmor.d/profiles-g-l/glib-compile-schemas | 1 + apparmor.d/profiles-g-l/glib-pacrunner | 1 + apparmor.d/profiles-g-l/globaltime | 1 + apparmor.d/profiles-g-l/glxgears | 1 + apparmor.d/profiles-g-l/glxinfo | 1 + apparmor.d/profiles-g-l/gpa | 1 + apparmor.d/profiles-g-l/gparted | 1 + apparmor.d/profiles-g-l/gpartedbin | 1 + apparmor.d/profiles-g-l/gpasswd | 1 + apparmor.d/profiles-g-l/gping | 1 + apparmor.d/profiles-g-l/gpo | 1 + apparmor.d/profiles-g-l/gpodder | 1 + apparmor.d/profiles-g-l/gpodder-migrate2tres | 1 + apparmor.d/profiles-g-l/gpu-manager | 1 + apparmor.d/profiles-g-l/groupadd | 1 + apparmor.d/profiles-g-l/groupdel | 1 + apparmor.d/profiles-g-l/groupmod | 1 + apparmor.d/profiles-g-l/groups | 1 + apparmor.d/profiles-g-l/grpck | 1 + apparmor.d/profiles-g-l/gsettings | 1 + apparmor.d/profiles-g-l/gsimplecal | 1 + apparmor.d/profiles-g-l/gsmartcontrol | 1 + apparmor.d/profiles-g-l/gsmartcontrol-root | 1 + apparmor.d/profiles-g-l/gssproxy | 1 + apparmor.d/profiles-g-l/gtk-query-immodules | 1 + apparmor.d/profiles-g-l/gtk-update-icon-cache | 1 + apparmor.d/profiles-g-l/gtk-youtube-viewer | 1 + apparmor.d/profiles-g-l/hardinfo | 1 + apparmor.d/profiles-g-l/hbbr | 1 + apparmor.d/profiles-g-l/hbbs | 1 + apparmor.d/profiles-g-l/hciconfig | 1 + apparmor.d/profiles-g-l/hddtemp | 1 + apparmor.d/profiles-g-l/hdparm | 1 + apparmor.d/profiles-g-l/hexchat | 1 + apparmor.d/profiles-g-l/highlight | 1 + apparmor.d/profiles-g-l/host | 1 + apparmor.d/profiles-g-l/hostname | 1 + apparmor.d/profiles-g-l/htop | 1 + apparmor.d/profiles-g-l/hugeadm | 1 + apparmor.d/profiles-g-l/hugo | 1 + apparmor.d/profiles-g-l/hw-probe | 1 + apparmor.d/profiles-g-l/hwinfo | 1 + apparmor.d/profiles-g-l/hypnotix | 1 + apparmor.d/profiles-g-l/i2cdetect | 1 + apparmor.d/profiles-g-l/i3lock | 1 + apparmor.d/profiles-g-l/i3lock-fancy | 1 + apparmor.d/profiles-g-l/iceauth | 1 + apparmor.d/profiles-g-l/id | 1 + apparmor.d/profiles-g-l/ifconfig | 1 + apparmor.d/profiles-g-l/ifup | 1 + apparmor.d/profiles-g-l/im-launch | 1 + apparmor.d/profiles-g-l/imv-wayland | 1 + apparmor.d/profiles-g-l/initd-kexec | 1 + apparmor.d/profiles-g-l/initd-kexec-load | 1 + apparmor.d/profiles-g-l/initd-kmod | 1 + apparmor.d/profiles-g-l/install-catalog | 1 + apparmor.d/profiles-g-l/install-info | 1 + apparmor.d/profiles-g-l/install-printerdriver | 1 + apparmor.d/profiles-g-l/inxi | 1 + apparmor.d/profiles-g-l/ioping | 1 + apparmor.d/profiles-g-l/iotop | 1 + apparmor.d/profiles-g-l/ip | 1 + apparmor.d/profiles-g-l/ipcalc | 1 + apparmor.d/profiles-g-l/irqbalance | 1 + apparmor.d/profiles-g-l/issue-generator | 1 + apparmor.d/profiles-g-l/iw | 1 + apparmor.d/profiles-g-l/iwconfig | 1 + apparmor.d/profiles-g-l/iwlist | 1 + apparmor.d/profiles-g-l/jackdbus | 1 + apparmor.d/profiles-g-l/jami-gnome | 1 + apparmor.d/profiles-g-l/jdownloader | 1 + apparmor.d/profiles-g-l/jekyll | 1 + apparmor.d/profiles-g-l/jgmenu | 1 + apparmor.d/profiles-g-l/jitterentropy-rngd | 1 + apparmor.d/profiles-g-l/jmtpfs | 1 + apparmor.d/profiles-g-l/kanyremote | 1 + apparmor.d/profiles-g-l/kcheckpass | 1 + apparmor.d/profiles-g-l/kconfig-hardened-check | 1 + apparmor.d/profiles-g-l/keepassxc | 1 + apparmor.d/profiles-g-l/keepassxc-cli | 1 + apparmor.d/profiles-g-l/keepassxc-proxy | 1 + apparmor.d/profiles-g-l/kernel-install | 1 + apparmor.d/profiles-g-l/kerneloops | 1 + apparmor.d/profiles-g-l/kerneloops-applet | 1 + apparmor.d/profiles-g-l/kexec | 1 + apparmor.d/profiles-g-l/kmod | 1 + apparmor.d/profiles-g-l/kodi | 1 + apparmor.d/profiles-g-l/kodi-xrandr | 1 + apparmor.d/profiles-g-l/kvm-ok | 1 + apparmor.d/profiles-g-l/labwc | 1 + apparmor.d/profiles-g-l/landscape-sysinfo | 1 + apparmor.d/profiles-g-l/landscape-sysinfo.wrapper | 1 + apparmor.d/profiles-g-l/language-validate | 1 + apparmor.d/profiles-g-l/last | 1 + apparmor.d/profiles-g-l/lastlog | 1 + apparmor.d/profiles-g-l/libreoffice | 1 + apparmor.d/profiles-g-l/light | 1 + apparmor.d/profiles-g-l/light-locker | 1 + apparmor.d/profiles-g-l/light-locker-command | 1 + apparmor.d/profiles-g-l/lightworks | 1 + apparmor.d/profiles-g-l/lightworks-ntcardvt | 1 + apparmor.d/profiles-g-l/linssid | 1 + apparmor.d/profiles-g-l/linux-check-removal | 1 + apparmor.d/profiles-g-l/linux-version | 1 + apparmor.d/profiles-g-l/locale-gen | 1 + apparmor.d/profiles-g-l/localepurge | 1 + apparmor.d/profiles-g-l/login | 1 + apparmor.d/profiles-g-l/logrotate | 1 + apparmor.d/profiles-g-l/losetup | 1 + apparmor.d/profiles-g-l/low-memory-monitor | 1 + apparmor.d/profiles-g-l/lsblk | 1 + apparmor.d/profiles-g-l/lscpu | 1 + apparmor.d/profiles-g-l/lsinitramfs | 1 + apparmor.d/profiles-g-l/lspci | 1 + apparmor.d/profiles-g-l/lsusb | 1 + apparmor.d/profiles-g-l/lvm | 1 + apparmor.d/profiles-g-l/lvmconfig | 1 + apparmor.d/profiles-g-l/lvmdump | 1 + apparmor.d/profiles-g-l/lvmpolld | 1 + apparmor.d/profiles-g-l/lxappearance | 1 + apparmor.d/profiles-g-l/lynx | 1 + 131 files changed, 131 insertions(+) diff --git a/apparmor.d/profiles-g-l/gajim b/apparmor.d/profiles-g-l/gajim index 361f6c7c0..0f19c7614 100644 --- a/apparmor.d/profiles-g-l/gajim +++ b/apparmor.d/profiles-g-l/gajim @@ -2,6 +2,7 @@ # Copyright (C) 2015-2020 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/ganyremote b/apparmor.d/profiles-g-l/ganyremote index 36cb8f90b..f169bfd3e 100644 --- a/apparmor.d/profiles-g-l/ganyremote +++ b/apparmor.d/profiles-g-l/ganyremote @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/gconfd b/apparmor.d/profiles-g-l/gconfd index 03544d354..c1d8cdde9 100644 --- a/apparmor.d/profiles-g-l/gconfd +++ b/apparmor.d/profiles-g-l/gconfd @@ -2,6 +2,7 @@ # Copyright (C) 2017-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/gdisk b/apparmor.d/profiles-g-l/gdisk index 13cf3e41e..6bff416b8 100644 --- a/apparmor.d/profiles-g-l/gdisk +++ b/apparmor.d/profiles-g-l/gdisk @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/gdk-pixbuf-query-loaders b/apparmor.d/profiles-g-l/gdk-pixbuf-query-loaders index cce69937f..48744f4cc 100644 --- a/apparmor.d/profiles-g-l/gdk-pixbuf-query-loaders +++ b/apparmor.d/profiles-g-l/gdk-pixbuf-query-loaders @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/ghc-pkg b/apparmor.d/profiles-g-l/ghc-pkg index f4518370e..bafe2bb34 100644 --- a/apparmor.d/profiles-g-l/ghc-pkg +++ b/apparmor.d/profiles-g-l/ghc-pkg @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/gio-querymodules b/apparmor.d/profiles-g-l/gio-querymodules index a8ba53f4f..34ff9eb23 100644 --- a/apparmor.d/profiles-g-l/gio-querymodules +++ b/apparmor.d/profiles-g-l/gio-querymodules @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/git b/apparmor.d/profiles-g-l/git index 0944759cf..c53acc398 100644 --- a/apparmor.d/profiles-g-l/git +++ b/apparmor.d/profiles-g-l/git @@ -2,6 +2,7 @@ # Copyright (C) 2020-2022 Mikhail Morfikov # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/gitstatusd b/apparmor.d/profiles-g-l/gitstatusd index f0b837c6a..ea351293c 100644 --- a/apparmor.d/profiles-g-l/gitstatusd +++ b/apparmor.d/profiles-g-l/gitstatusd @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/glib-compile-resources b/apparmor.d/profiles-g-l/glib-compile-resources index 6062bbff2..cf8466186 100644 --- a/apparmor.d/profiles-g-l/glib-compile-resources +++ b/apparmor.d/profiles-g-l/glib-compile-resources @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/glib-compile-schemas b/apparmor.d/profiles-g-l/glib-compile-schemas index 476b4ebfc..cff914ee3 100644 --- a/apparmor.d/profiles-g-l/glib-compile-schemas +++ b/apparmor.d/profiles-g-l/glib-compile-schemas @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/glib-pacrunner b/apparmor.d/profiles-g-l/glib-pacrunner index 13ae9222f..856775c05 100644 --- a/apparmor.d/profiles-g-l/glib-pacrunner +++ b/apparmor.d/profiles-g-l/glib-pacrunner @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/globaltime b/apparmor.d/profiles-g-l/globaltime index 4d3027ac0..484b15a60 100644 --- a/apparmor.d/profiles-g-l/globaltime +++ b/apparmor.d/profiles-g-l/globaltime @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/glxgears b/apparmor.d/profiles-g-l/glxgears index 321aaa702..04b9f0714 100644 --- a/apparmor.d/profiles-g-l/glxgears +++ b/apparmor.d/profiles-g-l/glxgears @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/glxinfo b/apparmor.d/profiles-g-l/glxinfo index a13a22e7eb..28744a364 100644 --- a/apparmor.d/profiles-g-l/glxinfo +++ b/apparmor.d/profiles-g-l/glxinfo @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/gpa b/apparmor.d/profiles-g-l/gpa index 566bd7815..e6b494503 100644 --- a/apparmor.d/profiles-g-l/gpa +++ b/apparmor.d/profiles-g-l/gpa @@ -2,6 +2,7 @@ # Copyright (C) 2018-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/gparted b/apparmor.d/profiles-g-l/gparted index ca42f4669..d0eaf0f71 100644 --- a/apparmor.d/profiles-g-l/gparted +++ b/apparmor.d/profiles-g-l/gparted @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/gpartedbin b/apparmor.d/profiles-g-l/gpartedbin index 65f6bbc12..18d4054d2 100644 --- a/apparmor.d/profiles-g-l/gpartedbin +++ b/apparmor.d/profiles-g-l/gpartedbin @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/gpasswd b/apparmor.d/profiles-g-l/gpasswd index 150b7b499..2c5e3f659 100644 --- a/apparmor.d/profiles-g-l/gpasswd +++ b/apparmor.d/profiles-g-l/gpasswd @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/gping b/apparmor.d/profiles-g-l/gping index e629ab584..63262a109 100644 --- a/apparmor.d/profiles-g-l/gping +++ b/apparmor.d/profiles-g-l/gping @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/gpo b/apparmor.d/profiles-g-l/gpo index 208036d8e..3573a3d80 100644 --- a/apparmor.d/profiles-g-l/gpo +++ b/apparmor.d/profiles-g-l/gpo @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/gpodder b/apparmor.d/profiles-g-l/gpodder index c945d59cb..5bc8685c3 100644 --- a/apparmor.d/profiles-g-l/gpodder +++ b/apparmor.d/profiles-g-l/gpodder @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/gpodder-migrate2tres b/apparmor.d/profiles-g-l/gpodder-migrate2tres index 0c048b19e..bbe9b33d9 100644 --- a/apparmor.d/profiles-g-l/gpodder-migrate2tres +++ b/apparmor.d/profiles-g-l/gpodder-migrate2tres @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/gpu-manager b/apparmor.d/profiles-g-l/gpu-manager index 9177b7b3c..11c3ac1fc 100644 --- a/apparmor.d/profiles-g-l/gpu-manager +++ b/apparmor.d/profiles-g-l/gpu-manager @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/groupadd b/apparmor.d/profiles-g-l/groupadd index b0fd33c5c..4ca7adeb6 100644 --- a/apparmor.d/profiles-g-l/groupadd +++ b/apparmor.d/profiles-g-l/groupadd @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/groupdel b/apparmor.d/profiles-g-l/groupdel index 1d7ecb4bc..c4c4d1e79 100644 --- a/apparmor.d/profiles-g-l/groupdel +++ b/apparmor.d/profiles-g-l/groupdel @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/groupmod b/apparmor.d/profiles-g-l/groupmod index acb53e6ff..0e0b4a6fd 100644 --- a/apparmor.d/profiles-g-l/groupmod +++ b/apparmor.d/profiles-g-l/groupmod @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/groups b/apparmor.d/profiles-g-l/groups index 2affa7562..3897ee0f6 100644 --- a/apparmor.d/profiles-g-l/groups +++ b/apparmor.d/profiles-g-l/groups @@ -2,6 +2,7 @@ # Copyright (C) 2017-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/grpck b/apparmor.d/profiles-g-l/grpck index 190322e3f..a9a4c69ff 100644 --- a/apparmor.d/profiles-g-l/grpck +++ b/apparmor.d/profiles-g-l/grpck @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/gsettings b/apparmor.d/profiles-g-l/gsettings index 17671f735..a3a2e2b86 100644 --- a/apparmor.d/profiles-g-l/gsettings +++ b/apparmor.d/profiles-g-l/gsettings @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/gsimplecal b/apparmor.d/profiles-g-l/gsimplecal index d1b6994e4..d05e262d8 100644 --- a/apparmor.d/profiles-g-l/gsimplecal +++ b/apparmor.d/profiles-g-l/gsimplecal @@ -2,6 +2,7 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/gsmartcontrol b/apparmor.d/profiles-g-l/gsmartcontrol index 6c4038e4a..8b1079d49 100644 --- a/apparmor.d/profiles-g-l/gsmartcontrol +++ b/apparmor.d/profiles-g-l/gsmartcontrol @@ -2,6 +2,7 @@ # Copyright (C) 2018-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/gsmartcontrol-root b/apparmor.d/profiles-g-l/gsmartcontrol-root index f5a817f6b..fc943e26b 100644 --- a/apparmor.d/profiles-g-l/gsmartcontrol-root +++ b/apparmor.d/profiles-g-l/gsmartcontrol-root @@ -2,6 +2,7 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/gssproxy b/apparmor.d/profiles-g-l/gssproxy index ca6b34ccf..c179d7a29 100644 --- a/apparmor.d/profiles-g-l/gssproxy +++ b/apparmor.d/profiles-g-l/gssproxy @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/gtk-query-immodules b/apparmor.d/profiles-g-l/gtk-query-immodules index eee4f7e51..1ff4a10ba 100644 --- a/apparmor.d/profiles-g-l/gtk-query-immodules +++ b/apparmor.d/profiles-g-l/gtk-query-immodules @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/gtk-update-icon-cache b/apparmor.d/profiles-g-l/gtk-update-icon-cache index 917332e3d..5ba0ba7a0 100644 --- a/apparmor.d/profiles-g-l/gtk-update-icon-cache +++ b/apparmor.d/profiles-g-l/gtk-update-icon-cache @@ -2,6 +2,7 @@ # Copyright (C) 2018-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/gtk-youtube-viewer b/apparmor.d/profiles-g-l/gtk-youtube-viewer index 9f3e50df2..86180f31b 100644 --- a/apparmor.d/profiles-g-l/gtk-youtube-viewer +++ b/apparmor.d/profiles-g-l/gtk-youtube-viewer @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/hardinfo b/apparmor.d/profiles-g-l/hardinfo index 02dd62dcd..9e8ba4cd3 100644 --- a/apparmor.d/profiles-g-l/hardinfo +++ b/apparmor.d/profiles-g-l/hardinfo @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/hbbr b/apparmor.d/profiles-g-l/hbbr index f2150ba95..a48386f67 100644 --- a/apparmor.d/profiles-g-l/hbbr +++ b/apparmor.d/profiles-g-l/hbbr @@ -1,5 +1,6 @@ # apparmor.d - Full set of apparmor profiles # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/hbbs b/apparmor.d/profiles-g-l/hbbs index 783ee97a2..6c7242f3e 100644 --- a/apparmor.d/profiles-g-l/hbbs +++ b/apparmor.d/profiles-g-l/hbbs @@ -1,5 +1,6 @@ # apparmor.d - Full set of apparmor profiles # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/hciconfig b/apparmor.d/profiles-g-l/hciconfig index a1bd70d14..b83867b9a 100644 --- a/apparmor.d/profiles-g-l/hciconfig +++ b/apparmor.d/profiles-g-l/hciconfig @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/hddtemp b/apparmor.d/profiles-g-l/hddtemp index efc3bbcb6..56b57d224 100644 --- a/apparmor.d/profiles-g-l/hddtemp +++ b/apparmor.d/profiles-g-l/hddtemp @@ -2,6 +2,7 @@ # Copyright (C) 2017-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/hdparm b/apparmor.d/profiles-g-l/hdparm index 4abb330e9..f236b9bf1 100644 --- a/apparmor.d/profiles-g-l/hdparm +++ b/apparmor.d/profiles-g-l/hdparm @@ -2,6 +2,7 @@ # Copyright (C) 2018-2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/hexchat b/apparmor.d/profiles-g-l/hexchat index a802ea639..471440ca7 100644 --- a/apparmor.d/profiles-g-l/hexchat +++ b/apparmor.d/profiles-g-l/hexchat @@ -2,6 +2,7 @@ # Copyright (C) 2018-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/highlight b/apparmor.d/profiles-g-l/highlight index 4a5ef1402..b7100b309 100644 --- a/apparmor.d/profiles-g-l/highlight +++ b/apparmor.d/profiles-g-l/highlight @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 valoq # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/host b/apparmor.d/profiles-g-l/host index d063bf167..5fc23e6fa 100644 --- a/apparmor.d/profiles-g-l/host +++ b/apparmor.d/profiles-g-l/host @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/hostname b/apparmor.d/profiles-g-l/hostname index d0c1cc18c..345d6062c 100644 --- a/apparmor.d/profiles-g-l/hostname +++ b/apparmor.d/profiles-g-l/hostname @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/htop b/apparmor.d/profiles-g-l/htop index 9c56a9986..cc0b566ed 100644 --- a/apparmor.d/profiles-g-l/htop +++ b/apparmor.d/profiles-g-l/htop @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/hugeadm b/apparmor.d/profiles-g-l/hugeadm index 858f2740a..a4f478b95 100644 --- a/apparmor.d/profiles-g-l/hugeadm +++ b/apparmor.d/profiles-g-l/hugeadm @@ -2,6 +2,7 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/hugo b/apparmor.d/profiles-g-l/hugo index b3222265d..04d81eea6 100644 --- a/apparmor.d/profiles-g-l/hugo +++ b/apparmor.d/profiles-g-l/hugo @@ -2,6 +2,7 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/hw-probe b/apparmor.d/profiles-g-l/hw-probe index c9aa1469c..4c79eb330 100644 --- a/apparmor.d/profiles-g-l/hw-probe +++ b/apparmor.d/profiles-g-l/hw-probe @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/hwinfo b/apparmor.d/profiles-g-l/hwinfo index b8c46b96c..a2155b11c 100644 --- a/apparmor.d/profiles-g-l/hwinfo +++ b/apparmor.d/profiles-g-l/hwinfo @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/hypnotix b/apparmor.d/profiles-g-l/hypnotix index 4a0679f52..96d06ad76 100644 --- a/apparmor.d/profiles-g-l/hypnotix +++ b/apparmor.d/profiles-g-l/hypnotix @@ -2,6 +2,7 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/i2cdetect b/apparmor.d/profiles-g-l/i2cdetect index baad4b969..141a7567b 100644 --- a/apparmor.d/profiles-g-l/i2cdetect +++ b/apparmor.d/profiles-g-l/i2cdetect @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/i3lock b/apparmor.d/profiles-g-l/i3lock index 4d3600a75..8e9c1154e 100644 --- a/apparmor.d/profiles-g-l/i3lock +++ b/apparmor.d/profiles-g-l/i3lock @@ -2,6 +2,7 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/i3lock-fancy b/apparmor.d/profiles-g-l/i3lock-fancy index f0e0f35ff..43004cdb3 100644 --- a/apparmor.d/profiles-g-l/i3lock-fancy +++ b/apparmor.d/profiles-g-l/i3lock-fancy @@ -2,6 +2,7 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/iceauth b/apparmor.d/profiles-g-l/iceauth index bd8df0f2e..adb3109c6 100644 --- a/apparmor.d/profiles-g-l/iceauth +++ b/apparmor.d/profiles-g-l/iceauth @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/id b/apparmor.d/profiles-g-l/id index 7c92f2b9a..2ce341558 100644 --- a/apparmor.d/profiles-g-l/id +++ b/apparmor.d/profiles-g-l/id @@ -2,6 +2,7 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/ifconfig b/apparmor.d/profiles-g-l/ifconfig index 74fe432ad..cad08d09f 100644 --- a/apparmor.d/profiles-g-l/ifconfig +++ b/apparmor.d/profiles-g-l/ifconfig @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/ifup b/apparmor.d/profiles-g-l/ifup index 6ee7d10d2..d0b1abfeb 100644 --- a/apparmor.d/profiles-g-l/ifup +++ b/apparmor.d/profiles-g-l/ifup @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/im-launch b/apparmor.d/profiles-g-l/im-launch index faf618d36..6f6af77b0 100644 --- a/apparmor.d/profiles-g-l/im-launch +++ b/apparmor.d/profiles-g-l/im-launch @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/imv-wayland b/apparmor.d/profiles-g-l/imv-wayland index 6bac7898b..daee53654 100644 --- a/apparmor.d/profiles-g-l/imv-wayland +++ b/apparmor.d/profiles-g-l/imv-wayland @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 valoq # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/initd-kexec b/apparmor.d/profiles-g-l/initd-kexec index fcda63e83..f9802d32d 100644 --- a/apparmor.d/profiles-g-l/initd-kexec +++ b/apparmor.d/profiles-g-l/initd-kexec @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/initd-kexec-load b/apparmor.d/profiles-g-l/initd-kexec-load index ab1d54536..4fb1daedd 100644 --- a/apparmor.d/profiles-g-l/initd-kexec-load +++ b/apparmor.d/profiles-g-l/initd-kexec-load @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/initd-kmod b/apparmor.d/profiles-g-l/initd-kmod index 53c39142b..fa7f06f4e 100644 --- a/apparmor.d/profiles-g-l/initd-kmod +++ b/apparmor.d/profiles-g-l/initd-kmod @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/install-catalog b/apparmor.d/profiles-g-l/install-catalog index 714d10a66..70552208b 100644 --- a/apparmor.d/profiles-g-l/install-catalog +++ b/apparmor.d/profiles-g-l/install-catalog @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/install-info b/apparmor.d/profiles-g-l/install-info index 4060e715e..df2017210 100644 --- a/apparmor.d/profiles-g-l/install-info +++ b/apparmor.d/profiles-g-l/install-info @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/install-printerdriver b/apparmor.d/profiles-g-l/install-printerdriver index e8d110a99..67c09ecea 100644 --- a/apparmor.d/profiles-g-l/install-printerdriver +++ b/apparmor.d/profiles-g-l/install-printerdriver @@ -2,6 +2,7 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/inxi b/apparmor.d/profiles-g-l/inxi index bc59dedb2..d79de8f00 100644 --- a/apparmor.d/profiles-g-l/inxi +++ b/apparmor.d/profiles-g-l/inxi @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/ioping b/apparmor.d/profiles-g-l/ioping index 5eb45817e..cedc79135 100644 --- a/apparmor.d/profiles-g-l/ioping +++ b/apparmor.d/profiles-g-l/ioping @@ -2,6 +2,7 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/iotop b/apparmor.d/profiles-g-l/iotop index 7cf6e55e6..fa7ad1e5a 100644 --- a/apparmor.d/profiles-g-l/iotop +++ b/apparmor.d/profiles-g-l/iotop @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/ip b/apparmor.d/profiles-g-l/ip index 33f0c57d7..fad0a172d 100644 --- a/apparmor.d/profiles-g-l/ip +++ b/apparmor.d/profiles-g-l/ip @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/ipcalc b/apparmor.d/profiles-g-l/ipcalc index bc28ac5f0..5a526121f 100644 --- a/apparmor.d/profiles-g-l/ipcalc +++ b/apparmor.d/profiles-g-l/ipcalc @@ -2,6 +2,7 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/irqbalance b/apparmor.d/profiles-g-l/irqbalance index 49f0dd90f..6fe5c9221 100644 --- a/apparmor.d/profiles-g-l/irqbalance +++ b/apparmor.d/profiles-g-l/irqbalance @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/issue-generator b/apparmor.d/profiles-g-l/issue-generator index f7b9fa5fe..60c82f4f3 100644 --- a/apparmor.d/profiles-g-l/issue-generator +++ b/apparmor.d/profiles-g-l/issue-generator @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/iw b/apparmor.d/profiles-g-l/iw index 3282afe9c..29fbca99b 100644 --- a/apparmor.d/profiles-g-l/iw +++ b/apparmor.d/profiles-g-l/iw @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/iwconfig b/apparmor.d/profiles-g-l/iwconfig index 4246f81e6..eaaeb7e22 100644 --- a/apparmor.d/profiles-g-l/iwconfig +++ b/apparmor.d/profiles-g-l/iwconfig @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/iwlist b/apparmor.d/profiles-g-l/iwlist index cfa7f1b53..b2051443e 100644 --- a/apparmor.d/profiles-g-l/iwlist +++ b/apparmor.d/profiles-g-l/iwlist @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/jackdbus b/apparmor.d/profiles-g-l/jackdbus index 9cf1be3b8..e317761e0 100644 --- a/apparmor.d/profiles-g-l/jackdbus +++ b/apparmor.d/profiles-g-l/jackdbus @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/jami-gnome b/apparmor.d/profiles-g-l/jami-gnome index a2798cbc9..60d6c492e 100644 --- a/apparmor.d/profiles-g-l/jami-gnome +++ b/apparmor.d/profiles-g-l/jami-gnome @@ -2,6 +2,7 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/jdownloader b/apparmor.d/profiles-g-l/jdownloader index 27981fe73..2bae0b723 100644 --- a/apparmor.d/profiles-g-l/jdownloader +++ b/apparmor.d/profiles-g-l/jdownloader @@ -2,6 +2,7 @@ # Copyright (C) 2018-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/jekyll b/apparmor.d/profiles-g-l/jekyll index 3142c44d6..f39226ffc 100644 --- a/apparmor.d/profiles-g-l/jekyll +++ b/apparmor.d/profiles-g-l/jekyll @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/jgmenu b/apparmor.d/profiles-g-l/jgmenu index a9eda288e..dd5697b14 100644 --- a/apparmor.d/profiles-g-l/jgmenu +++ b/apparmor.d/profiles-g-l/jgmenu @@ -2,6 +2,7 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/jitterentropy-rngd b/apparmor.d/profiles-g-l/jitterentropy-rngd index 1434e560f..4967c9e64 100644 --- a/apparmor.d/profiles-g-l/jitterentropy-rngd +++ b/apparmor.d/profiles-g-l/jitterentropy-rngd @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/jmtpfs b/apparmor.d/profiles-g-l/jmtpfs index a90c7de8f..9a2be96b8 100644 --- a/apparmor.d/profiles-g-l/jmtpfs +++ b/apparmor.d/profiles-g-l/jmtpfs @@ -2,6 +2,7 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/kanyremote b/apparmor.d/profiles-g-l/kanyremote index 8f0ba584b..32a6a8e45 100644 --- a/apparmor.d/profiles-g-l/kanyremote +++ b/apparmor.d/profiles-g-l/kanyremote @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/kcheckpass b/apparmor.d/profiles-g-l/kcheckpass index dd4343a32..f2ebf0010 100644 --- a/apparmor.d/profiles-g-l/kcheckpass +++ b/apparmor.d/profiles-g-l/kcheckpass @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/kconfig-hardened-check b/apparmor.d/profiles-g-l/kconfig-hardened-check index 5674abb4c..d58e2c9c0 100644 --- a/apparmor.d/profiles-g-l/kconfig-hardened-check +++ b/apparmor.d/profiles-g-l/kconfig-hardened-check @@ -2,6 +2,7 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/keepassxc b/apparmor.d/profiles-g-l/keepassxc index aeb155df1..c972f902c 100644 --- a/apparmor.d/profiles-g-l/keepassxc +++ b/apparmor.d/profiles-g-l/keepassxc @@ -2,6 +2,7 @@ # Copyright (C) 2018-2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/keepassxc-cli b/apparmor.d/profiles-g-l/keepassxc-cli index cdc3e94e2..858178aeb 100644 --- a/apparmor.d/profiles-g-l/keepassxc-cli +++ b/apparmor.d/profiles-g-l/keepassxc-cli @@ -2,6 +2,7 @@ # Copyright (C) 2018-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/keepassxc-proxy b/apparmor.d/profiles-g-l/keepassxc-proxy index f913de295..fba81df19 100644 --- a/apparmor.d/profiles-g-l/keepassxc-proxy +++ b/apparmor.d/profiles-g-l/keepassxc-proxy @@ -2,6 +2,7 @@ # Copyright (C) 2018-2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/kernel-install b/apparmor.d/profiles-g-l/kernel-install index af6578713..df12c8313 100644 --- a/apparmor.d/profiles-g-l/kernel-install +++ b/apparmor.d/profiles-g-l/kernel-install @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/kerneloops b/apparmor.d/profiles-g-l/kerneloops index 5b778b1fa..01d1386a4 100644 --- a/apparmor.d/profiles-g-l/kerneloops +++ b/apparmor.d/profiles-g-l/kerneloops @@ -2,6 +2,7 @@ # Copyright (C) 2018-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/kerneloops-applet b/apparmor.d/profiles-g-l/kerneloops-applet index 01f6aac19..1bda5cd90 100644 --- a/apparmor.d/profiles-g-l/kerneloops-applet +++ b/apparmor.d/profiles-g-l/kerneloops-applet @@ -2,6 +2,7 @@ # Copyright (C) 2018-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/kexec b/apparmor.d/profiles-g-l/kexec index 960af35a1..370aef005 100644 --- a/apparmor.d/profiles-g-l/kexec +++ b/apparmor.d/profiles-g-l/kexec @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/kmod b/apparmor.d/profiles-g-l/kmod index 4dbb2de6b..91b7d3427 100644 --- a/apparmor.d/profiles-g-l/kmod +++ b/apparmor.d/profiles-g-l/kmod @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/kodi b/apparmor.d/profiles-g-l/kodi index 87624f946..db5712a3f 100644 --- a/apparmor.d/profiles-g-l/kodi +++ b/apparmor.d/profiles-g-l/kodi @@ -2,6 +2,7 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/kodi-xrandr b/apparmor.d/profiles-g-l/kodi-xrandr index 843375246..eaa2bacb5 100644 --- a/apparmor.d/profiles-g-l/kodi-xrandr +++ b/apparmor.d/profiles-g-l/kodi-xrandr @@ -2,6 +2,7 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/kvm-ok b/apparmor.d/profiles-g-l/kvm-ok index 85849c429..9d7b8f23b 100644 --- a/apparmor.d/profiles-g-l/kvm-ok +++ b/apparmor.d/profiles-g-l/kvm-ok @@ -2,6 +2,7 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/labwc b/apparmor.d/profiles-g-l/labwc index 42548b880..1453eccb8 100644 --- a/apparmor.d/profiles-g-l/labwc +++ b/apparmor.d/profiles-g-l/labwc @@ -2,6 +2,7 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/landscape-sysinfo b/apparmor.d/profiles-g-l/landscape-sysinfo index 853416c3f..109034b2b 100644 --- a/apparmor.d/profiles-g-l/landscape-sysinfo +++ b/apparmor.d/profiles-g-l/landscape-sysinfo @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/landscape-sysinfo.wrapper b/apparmor.d/profiles-g-l/landscape-sysinfo.wrapper index 697328310..36262e5c5 100644 --- a/apparmor.d/profiles-g-l/landscape-sysinfo.wrapper +++ b/apparmor.d/profiles-g-l/landscape-sysinfo.wrapper @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/language-validate b/apparmor.d/profiles-g-l/language-validate index 782b413e9..bd168e9b6 100644 --- a/apparmor.d/profiles-g-l/language-validate +++ b/apparmor.d/profiles-g-l/language-validate @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/last b/apparmor.d/profiles-g-l/last index 91a78e0e5..fd218d5ad 100644 --- a/apparmor.d/profiles-g-l/last +++ b/apparmor.d/profiles-g-l/last @@ -2,6 +2,7 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/lastlog b/apparmor.d/profiles-g-l/lastlog index f665d06b2..5d41f9874 100644 --- a/apparmor.d/profiles-g-l/lastlog +++ b/apparmor.d/profiles-g-l/lastlog @@ -2,6 +2,7 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/libreoffice b/apparmor.d/profiles-g-l/libreoffice index c035517cc..9ce3b0817 100644 --- a/apparmor.d/profiles-g-l/libreoffice +++ b/apparmor.d/profiles-g-l/libreoffice @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/light b/apparmor.d/profiles-g-l/light index 845cf92cf..8b3a961c9 100644 --- a/apparmor.d/profiles-g-l/light +++ b/apparmor.d/profiles-g-l/light @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/light-locker b/apparmor.d/profiles-g-l/light-locker index 6bd62f77f..b259caae6 100644 --- a/apparmor.d/profiles-g-l/light-locker +++ b/apparmor.d/profiles-g-l/light-locker @@ -2,6 +2,7 @@ # Copyright (C) 2017-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/light-locker-command b/apparmor.d/profiles-g-l/light-locker-command index c77b1d07b..3975437fe 100644 --- a/apparmor.d/profiles-g-l/light-locker-command +++ b/apparmor.d/profiles-g-l/light-locker-command @@ -2,6 +2,7 @@ # Copyright (C) 2017-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/lightworks b/apparmor.d/profiles-g-l/lightworks index accbe2085..133ff52db 100644 --- a/apparmor.d/profiles-g-l/lightworks +++ b/apparmor.d/profiles-g-l/lightworks @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/lightworks-ntcardvt b/apparmor.d/profiles-g-l/lightworks-ntcardvt index ee5f0c71e..639a296b8 100644 --- a/apparmor.d/profiles-g-l/lightworks-ntcardvt +++ b/apparmor.d/profiles-g-l/lightworks-ntcardvt @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/linssid b/apparmor.d/profiles-g-l/linssid index 384fda9ea..57bd63eb6 100644 --- a/apparmor.d/profiles-g-l/linssid +++ b/apparmor.d/profiles-g-l/linssid @@ -2,6 +2,7 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/linux-check-removal b/apparmor.d/profiles-g-l/linux-check-removal index a6fd4d8ed..62917a8ee 100644 --- a/apparmor.d/profiles-g-l/linux-check-removal +++ b/apparmor.d/profiles-g-l/linux-check-removal @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/linux-version b/apparmor.d/profiles-g-l/linux-version index 3f866072e..8e5bf39d4 100644 --- a/apparmor.d/profiles-g-l/linux-version +++ b/apparmor.d/profiles-g-l/linux-version @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/locale-gen b/apparmor.d/profiles-g-l/locale-gen index 722349ea1..5128d96e4 100644 --- a/apparmor.d/profiles-g-l/locale-gen +++ b/apparmor.d/profiles-g-l/locale-gen @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/localepurge b/apparmor.d/profiles-g-l/localepurge index 53e3fd930..c8a2f0fe9 100644 --- a/apparmor.d/profiles-g-l/localepurge +++ b/apparmor.d/profiles-g-l/localepurge @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/login b/apparmor.d/profiles-g-l/login index ba8c2c254..05932c282 100644 --- a/apparmor.d/profiles-g-l/login +++ b/apparmor.d/profiles-g-l/login @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/logrotate b/apparmor.d/profiles-g-l/logrotate index ffc4099d3..aa3b8af94 100644 --- a/apparmor.d/profiles-g-l/logrotate +++ b/apparmor.d/profiles-g-l/logrotate @@ -2,6 +2,7 @@ # Copyright (C) 2019-2022 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/losetup b/apparmor.d/profiles-g-l/losetup index 8c62398ec..63ecb00be 100644 --- a/apparmor.d/profiles-g-l/losetup +++ b/apparmor.d/profiles-g-l/losetup @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/low-memory-monitor b/apparmor.d/profiles-g-l/low-memory-monitor index 625d147ac..80907e166 100644 --- a/apparmor.d/profiles-g-l/low-memory-monitor +++ b/apparmor.d/profiles-g-l/low-memory-monitor @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/lsblk b/apparmor.d/profiles-g-l/lsblk index e2a3207b5..f4642a4cc 100644 --- a/apparmor.d/profiles-g-l/lsblk +++ b/apparmor.d/profiles-g-l/lsblk @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/lscpu b/apparmor.d/profiles-g-l/lscpu index f59ee0e1e..4f5f93167 100644 --- a/apparmor.d/profiles-g-l/lscpu +++ b/apparmor.d/profiles-g-l/lscpu @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/lsinitramfs b/apparmor.d/profiles-g-l/lsinitramfs index ff3f52865..eba80fe94 100644 --- a/apparmor.d/profiles-g-l/lsinitramfs +++ b/apparmor.d/profiles-g-l/lsinitramfs @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/lspci b/apparmor.d/profiles-g-l/lspci index d8aa90103..d0628ec11 100644 --- a/apparmor.d/profiles-g-l/lspci +++ b/apparmor.d/profiles-g-l/lspci @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/lsusb b/apparmor.d/profiles-g-l/lsusb index 872ac8369..9ee06eb3a 100644 --- a/apparmor.d/profiles-g-l/lsusb +++ b/apparmor.d/profiles-g-l/lsusb @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/lvm b/apparmor.d/profiles-g-l/lvm index 7256c4b76..68630402a 100644 --- a/apparmor.d/profiles-g-l/lvm +++ b/apparmor.d/profiles-g-l/lvm @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022 Jeroen Rijken # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/lvmconfig b/apparmor.d/profiles-g-l/lvmconfig index 2423886e8..23f1be740 100644 --- a/apparmor.d/profiles-g-l/lvmconfig +++ b/apparmor.d/profiles-g-l/lvmconfig @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022 Jeroen Rijken # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/lvmdump b/apparmor.d/profiles-g-l/lvmdump index 1d97ecf73..8bdfe7e78 100644 --- a/apparmor.d/profiles-g-l/lvmdump +++ b/apparmor.d/profiles-g-l/lvmdump @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022 Jeroen Rijken # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/lvmpolld b/apparmor.d/profiles-g-l/lvmpolld index 7c5852d67..22708b596 100644 --- a/apparmor.d/profiles-g-l/lvmpolld +++ b/apparmor.d/profiles-g-l/lvmpolld @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022 Jeroen Rijken # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/lxappearance b/apparmor.d/profiles-g-l/lxappearance index 5bb7dc92f..619c180d8 100644 --- a/apparmor.d/profiles-g-l/lxappearance +++ b/apparmor.d/profiles-g-l/lxappearance @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , diff --git a/apparmor.d/profiles-g-l/lynx b/apparmor.d/profiles-g-l/lynx index 2c205f73c..6c5432da2 100644 --- a/apparmor.d/profiles-g-l/lynx +++ b/apparmor.d/profiles-g-l/lynx @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor abi , From 07f3ea979a109d2d92cff85cd2273911e001fe9c Mon Sep 17 00:00:00 2001 From: REmerald <55359236+REmerald@users.noreply.github.com> Date: Sat, 15 Jun 2024 17:18:03 +0300 Subject: [PATCH 48/52] fix(profiles-g-l): move vim modeline Move vim syntax comment to the end of the file, separated by newline, as requested in #380. --- apparmor.d/profiles-g-l/gajim | 3 ++- apparmor.d/profiles-g-l/ganyremote | 3 ++- apparmor.d/profiles-g-l/gconfd | 3 ++- apparmor.d/profiles-g-l/gdisk | 3 ++- apparmor.d/profiles-g-l/gdk-pixbuf-query-loaders | 5 +++-- apparmor.d/profiles-g-l/ghc-pkg | 5 +++-- apparmor.d/profiles-g-l/gio-querymodules | 5 +++-- apparmor.d/profiles-g-l/git | 3 ++- apparmor.d/profiles-g-l/gitstatusd | 3 ++- apparmor.d/profiles-g-l/glib-compile-resources | 3 ++- apparmor.d/profiles-g-l/glib-compile-schemas | 3 ++- apparmor.d/profiles-g-l/glib-pacrunner | 3 ++- apparmor.d/profiles-g-l/globaltime | 3 ++- apparmor.d/profiles-g-l/glxgears | 3 ++- apparmor.d/profiles-g-l/glxinfo | 3 ++- apparmor.d/profiles-g-l/gpa | 3 ++- apparmor.d/profiles-g-l/gparted | 3 ++- apparmor.d/profiles-g-l/gpartedbin | 3 ++- apparmor.d/profiles-g-l/gpasswd | 3 ++- apparmor.d/profiles-g-l/gping | 5 +++-- apparmor.d/profiles-g-l/gpo | 3 ++- apparmor.d/profiles-g-l/gpodder | 3 ++- apparmor.d/profiles-g-l/gpodder-migrate2tres | 3 ++- apparmor.d/profiles-g-l/gpu-manager | 5 +++-- apparmor.d/profiles-g-l/groupadd | 3 ++- apparmor.d/profiles-g-l/groupdel | 3 ++- apparmor.d/profiles-g-l/groupmod | 3 ++- apparmor.d/profiles-g-l/groups | 3 ++- apparmor.d/profiles-g-l/grpck | 3 ++- apparmor.d/profiles-g-l/gsettings | 3 ++- apparmor.d/profiles-g-l/gsimplecal | 3 ++- apparmor.d/profiles-g-l/gsmartcontrol | 3 ++- apparmor.d/profiles-g-l/gsmartcontrol-root | 3 ++- apparmor.d/profiles-g-l/gssproxy | 5 +++-- apparmor.d/profiles-g-l/gtk-query-immodules | 5 +++-- apparmor.d/profiles-g-l/gtk-update-icon-cache | 3 ++- apparmor.d/profiles-g-l/gtk-youtube-viewer | 3 ++- apparmor.d/profiles-g-l/hardinfo | 3 ++- apparmor.d/profiles-g-l/haveged | 2 ++ apparmor.d/profiles-g-l/hbbr | 3 ++- apparmor.d/profiles-g-l/hbbs | 3 ++- apparmor.d/profiles-g-l/hciconfig | 3 ++- apparmor.d/profiles-g-l/hddtemp | 3 ++- apparmor.d/profiles-g-l/hdparm | 3 ++- apparmor.d/profiles-g-l/hexchat | 3 ++- apparmor.d/profiles-g-l/highlight | 3 ++- apparmor.d/profiles-g-l/host | 3 ++- apparmor.d/profiles-g-l/hostname | 3 ++- apparmor.d/profiles-g-l/htop | 3 ++- apparmor.d/profiles-g-l/hugeadm | 3 ++- apparmor.d/profiles-g-l/hugo | 5 +++-- apparmor.d/profiles-g-l/hw-probe | 3 ++- apparmor.d/profiles-g-l/hwinfo | 3 ++- apparmor.d/profiles-g-l/hypnotix | 3 ++- apparmor.d/profiles-g-l/i2cdetect | 3 ++- apparmor.d/profiles-g-l/i3lock | 3 ++- apparmor.d/profiles-g-l/i3lock-fancy | 3 ++- apparmor.d/profiles-g-l/iceauth | 5 +++-- apparmor.d/profiles-g-l/id | 3 ++- apparmor.d/profiles-g-l/ifconfig | 3 ++- apparmor.d/profiles-g-l/ifup | 3 ++- apparmor.d/profiles-g-l/im-launch | 3 ++- apparmor.d/profiles-g-l/imv-wayland | 3 ++- apparmor.d/profiles-g-l/initd-kexec | 3 ++- apparmor.d/profiles-g-l/initd-kexec-load | 3 ++- apparmor.d/profiles-g-l/initd-kmod | 3 ++- apparmor.d/profiles-g-l/install-catalog | 5 +++-- apparmor.d/profiles-g-l/install-info | 5 +++-- apparmor.d/profiles-g-l/install-printerdriver | 3 ++- apparmor.d/profiles-g-l/inxi | 3 ++- apparmor.d/profiles-g-l/ioping | 3 ++- apparmor.d/profiles-g-l/iotop | 3 ++- apparmor.d/profiles-g-l/ip | 3 ++- apparmor.d/profiles-g-l/ipcalc | 3 ++- apparmor.d/profiles-g-l/irqbalance | 5 +++-- apparmor.d/profiles-g-l/issue-generator | 5 +++-- apparmor.d/profiles-g-l/iw | 3 ++- apparmor.d/profiles-g-l/iwconfig | 3 ++- apparmor.d/profiles-g-l/iwlist | 3 ++- apparmor.d/profiles-g-l/jackdbus | 5 +++-- apparmor.d/profiles-g-l/jami-gnome | 3 ++- apparmor.d/profiles-g-l/jdownloader | 3 ++- apparmor.d/profiles-g-l/jekyll | 3 ++- apparmor.d/profiles-g-l/jgmenu | 3 ++- apparmor.d/profiles-g-l/jitterentropy-rngd | 5 +++-- apparmor.d/profiles-g-l/jmtpfs | 3 ++- apparmor.d/profiles-g-l/kanyremote | 3 ++- apparmor.d/profiles-g-l/kcheckpass | 3 ++- apparmor.d/profiles-g-l/kconfig-hardened-check | 3 ++- apparmor.d/profiles-g-l/keepassxc | 3 ++- apparmor.d/profiles-g-l/keepassxc-cli | 3 ++- apparmor.d/profiles-g-l/keepassxc-proxy | 3 ++- apparmor.d/profiles-g-l/kernel-install | 3 ++- apparmor.d/profiles-g-l/kerneloops | 3 ++- apparmor.d/profiles-g-l/kerneloops-applet | 3 ++- apparmor.d/profiles-g-l/kexec | 3 ++- apparmor.d/profiles-g-l/kmod | 3 ++- apparmor.d/profiles-g-l/kodi | 3 ++- apparmor.d/profiles-g-l/kodi-xrandr | 3 ++- apparmor.d/profiles-g-l/kvm-ok | 3 ++- apparmor.d/profiles-g-l/labwc | 3 ++- apparmor.d/profiles-g-l/landscape-sysinfo | 5 +++-- apparmor.d/profiles-g-l/landscape-sysinfo.wrapper | 5 +++-- apparmor.d/profiles-g-l/language-validate | 5 +++-- apparmor.d/profiles-g-l/last | 3 ++- apparmor.d/profiles-g-l/lastlog | 3 ++- apparmor.d/profiles-g-l/libreoffice | 3 ++- apparmor.d/profiles-g-l/light | 3 ++- apparmor.d/profiles-g-l/light-locker | 3 ++- apparmor.d/profiles-g-l/light-locker-command | 3 ++- apparmor.d/profiles-g-l/lightworks | 3 ++- apparmor.d/profiles-g-l/lightworks-ntcardvt | 3 ++- apparmor.d/profiles-g-l/linssid | 3 ++- apparmor.d/profiles-g-l/linux-check-removal | 3 ++- apparmor.d/profiles-g-l/linux-version | 3 ++- apparmor.d/profiles-g-l/locale-gen | 5 +++-- apparmor.d/profiles-g-l/localepurge | 3 ++- apparmor.d/profiles-g-l/login | 3 ++- apparmor.d/profiles-g-l/logrotate | 3 ++- apparmor.d/profiles-g-l/losetup | 5 +++-- apparmor.d/profiles-g-l/low-memory-monitor | 5 +++-- apparmor.d/profiles-g-l/lsblk | 3 ++- apparmor.d/profiles-g-l/lscpu | 3 ++- apparmor.d/profiles-g-l/lsinitramfs | 3 ++- apparmor.d/profiles-g-l/lspci | 3 ++- apparmor.d/profiles-g-l/lsusb | 3 ++- apparmor.d/profiles-g-l/lvm | 3 ++- apparmor.d/profiles-g-l/lvmconfig | 3 ++- apparmor.d/profiles-g-l/lvmdump | 3 ++- apparmor.d/profiles-g-l/lvmpolld | 3 ++- apparmor.d/profiles-g-l/lxappearance | 3 ++- apparmor.d/profiles-g-l/lynx | 3 ++- 132 files changed, 285 insertions(+), 152 deletions(-) diff --git a/apparmor.d/profiles-g-l/gajim b/apparmor.d/profiles-g-l/gajim index 0f19c7614..5888743ef 100644 --- a/apparmor.d/profiles-g-l/gajim +++ b/apparmor.d/profiles-g-l/gajim @@ -2,7 +2,6 @@ # Copyright (C) 2015-2020 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -139,3 +138,5 @@ profile gajim @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/ganyremote b/apparmor.d/profiles-g-l/ganyremote index f169bfd3e..7db7a5cb8 100644 --- a/apparmor.d/profiles-g-l/ganyremote +++ b/apparmor.d/profiles-g-l/ganyremote @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -95,3 +94,5 @@ profile ganyremote @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/gconfd b/apparmor.d/profiles-g-l/gconfd index c1d8cdde9..5dffe8a0c 100644 --- a/apparmor.d/profiles-g-l/gconfd +++ b/apparmor.d/profiles-g-l/gconfd @@ -2,7 +2,6 @@ # Copyright (C) 2017-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -23,3 +22,5 @@ profile gconfd @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/gdisk b/apparmor.d/profiles-g-l/gdisk index 6bff416b8..8c3662ba1 100644 --- a/apparmor.d/profiles-g-l/gdisk +++ b/apparmor.d/profiles-g-l/gdisk @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -33,3 +32,5 @@ profile gdisk @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/gdk-pixbuf-query-loaders b/apparmor.d/profiles-g-l/gdk-pixbuf-query-loaders index 48744f4cc..a01425bb9 100644 --- a/apparmor.d/profiles-g-l/gdk-pixbuf-query-loaders +++ b/apparmor.d/profiles-g-l/gdk-pixbuf-query-loaders @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -25,4 +24,6 @@ profile gdk-pixbuf-query-loaders @{exec_path} { /usr/share/gvfs/remote-volume-monitors/{,**} r, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/ghc-pkg b/apparmor.d/profiles-g-l/ghc-pkg index bafe2bb34..8fdffbf87 100644 --- a/apparmor.d/profiles-g-l/ghc-pkg +++ b/apparmor.d/profiles-g-l/ghc-pkg @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -28,4 +27,6 @@ profile ghc-pkg @{exec_path} { @{sys}/devices/system/node/ r, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/gio-querymodules b/apparmor.d/profiles-g-l/gio-querymodules index 34ff9eb23..3520ec06e 100644 --- a/apparmor.d/profiles-g-l/gio-querymodules +++ b/apparmor.d/profiles-g-l/gio-querymodules @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -23,4 +22,6 @@ profile gio-querymodules @{exec_path} flags=(attach_disconnected) { deny network inet6 stream, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/git b/apparmor.d/profiles-g-l/git index c53acc398..c92f18656 100644 --- a/apparmor.d/profiles-g-l/git +++ b/apparmor.d/profiles-g-l/git @@ -2,7 +2,6 @@ # Copyright (C) 2020-2022 Mikhail Morfikov # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -181,3 +180,5 @@ profile git @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/gitstatusd b/apparmor.d/profiles-g-l/gitstatusd index ea351293c..da5566f9f 100644 --- a/apparmor.d/profiles-g-l/gitstatusd +++ b/apparmor.d/profiles-g-l/gitstatusd @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -26,3 +25,5 @@ profile gitstatusd @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/glib-compile-resources b/apparmor.d/profiles-g-l/glib-compile-resources index cf8466186..45e787840 100644 --- a/apparmor.d/profiles-g-l/glib-compile-resources +++ b/apparmor.d/profiles-g-l/glib-compile-resources @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -21,3 +20,5 @@ profile glib-compile-resources @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/glib-compile-schemas b/apparmor.d/profiles-g-l/glib-compile-schemas index cff914ee3..a9004c22f 100644 --- a/apparmor.d/profiles-g-l/glib-compile-schemas +++ b/apparmor.d/profiles-g-l/glib-compile-schemas @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -30,3 +29,5 @@ profile glib-compile-schemas @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/glib-pacrunner b/apparmor.d/profiles-g-l/glib-pacrunner index 856775c05..e3dfec88c 100644 --- a/apparmor.d/profiles-g-l/glib-pacrunner +++ b/apparmor.d/profiles-g-l/glib-pacrunner @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -29,3 +28,5 @@ profile glib-pacrunner @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/globaltime b/apparmor.d/profiles-g-l/globaltime index 484b15a60..566f58ee3 100644 --- a/apparmor.d/profiles-g-l/globaltime +++ b/apparmor.d/profiles-g-l/globaltime @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -26,3 +25,5 @@ profile globaltime @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/glxgears b/apparmor.d/profiles-g-l/glxgears index 04b9f0714..9ad458720 100644 --- a/apparmor.d/profiles-g-l/glxgears +++ b/apparmor.d/profiles-g-l/glxgears @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -29,3 +28,5 @@ profile glxgears @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/glxinfo b/apparmor.d/profiles-g-l/glxinfo index 28744a364..7defbaf80 100644 --- a/apparmor.d/profiles-g-l/glxinfo +++ b/apparmor.d/profiles-g-l/glxinfo @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -22,3 +21,5 @@ profile glxinfo @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/gpa b/apparmor.d/profiles-g-l/gpa index e6b494503..9ed18534e 100644 --- a/apparmor.d/profiles-g-l/gpa +++ b/apparmor.d/profiles-g-l/gpa @@ -2,7 +2,6 @@ # Copyright (C) 2018-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -54,3 +53,5 @@ profile gpa @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/gparted b/apparmor.d/profiles-g-l/gparted index d0eaf0f71..f225b5c06 100644 --- a/apparmor.d/profiles-g-l/gparted +++ b/apparmor.d/profiles-g-l/gparted @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -99,3 +98,5 @@ profile gparted @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/gpartedbin b/apparmor.d/profiles-g-l/gpartedbin index 18d4054d2..b60e386bb 100644 --- a/apparmor.d/profiles-g-l/gpartedbin +++ b/apparmor.d/profiles-g-l/gpartedbin @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -130,3 +129,5 @@ profile gpartedbin @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/gpasswd b/apparmor.d/profiles-g-l/gpasswd index 2c5e3f659..11c1e9767 100644 --- a/apparmor.d/profiles-g-l/gpasswd +++ b/apparmor.d/profiles-g-l/gpasswd @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -45,3 +44,5 @@ profile gpasswd @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/gping b/apparmor.d/profiles-g-l/gping index 63262a109..956a1781f 100644 --- a/apparmor.d/profiles-g-l/gping +++ b/apparmor.d/profiles-g-l/gping @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -17,4 +16,6 @@ profile gping @{exec_path} { @{bin}/ping rPx, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/gpo b/apparmor.d/profiles-g-l/gpo index 3573a3d80..97c89a433 100644 --- a/apparmor.d/profiles-g-l/gpo +++ b/apparmor.d/profiles-g-l/gpo @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -45,3 +44,5 @@ profile gpo @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/gpodder b/apparmor.d/profiles-g-l/gpodder index 5bc8685c3..10b8492e9 100644 --- a/apparmor.d/profiles-g-l/gpodder +++ b/apparmor.d/profiles-g-l/gpodder @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -58,3 +57,5 @@ profile gpodder @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/gpodder-migrate2tres b/apparmor.d/profiles-g-l/gpodder-migrate2tres index bbe9b33d9..f8e2c73f4 100644 --- a/apparmor.d/profiles-g-l/gpodder-migrate2tres +++ b/apparmor.d/profiles-g-l/gpodder-migrate2tres @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -27,3 +26,5 @@ profile gpodder-migrate2tres @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/gpu-manager b/apparmor.d/profiles-g-l/gpu-manager index 11c3ac1fc..4444662fc 100644 --- a/apparmor.d/profiles-g-l/gpu-manager +++ b/apparmor.d/profiles-g-l/gpu-manager @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -34,4 +33,6 @@ profile gpu-manager @{exec_path} { @{PROC}/cmdline r, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/groupadd b/apparmor.d/profiles-g-l/groupadd index 4ca7adeb6..4c6e80c59 100644 --- a/apparmor.d/profiles-g-l/groupadd +++ b/apparmor.d/profiles-g-l/groupadd @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -38,3 +37,5 @@ profile groupadd @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/groupdel b/apparmor.d/profiles-g-l/groupdel index c4c4d1e79..a28fb72f7 100644 --- a/apparmor.d/profiles-g-l/groupdel +++ b/apparmor.d/profiles-g-l/groupdel @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -41,3 +40,5 @@ profile groupdel @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/groupmod b/apparmor.d/profiles-g-l/groupmod index 0e0b4a6fd..a37273af6 100644 --- a/apparmor.d/profiles-g-l/groupmod +++ b/apparmor.d/profiles-g-l/groupmod @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -42,3 +41,5 @@ profile groupmod @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/groups b/apparmor.d/profiles-g-l/groups index 3897ee0f6..4c0f07d87 100644 --- a/apparmor.d/profiles-g-l/groups +++ b/apparmor.d/profiles-g-l/groups @@ -2,7 +2,6 @@ # Copyright (C) 2017-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -20,3 +19,5 @@ profile groups @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/grpck b/apparmor.d/profiles-g-l/grpck index a9a4c69ff..3e42f90c7 100644 --- a/apparmor.d/profiles-g-l/grpck +++ b/apparmor.d/profiles-g-l/grpck @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -35,3 +34,5 @@ profile grpck @{exec_path} flags=(attach_disconnected) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/gsettings b/apparmor.d/profiles-g-l/gsettings index a3a2e2b86..cd7ce37ce 100644 --- a/apparmor.d/profiles-g-l/gsettings +++ b/apparmor.d/profiles-g-l/gsettings @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -27,3 +26,5 @@ profile gsettings @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/gsimplecal b/apparmor.d/profiles-g-l/gsimplecal index d05e262d8..ba7ba4da4 100644 --- a/apparmor.d/profiles-g-l/gsimplecal +++ b/apparmor.d/profiles-g-l/gsimplecal @@ -2,7 +2,6 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -19,3 +18,5 @@ profile gsimplecal @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/gsmartcontrol b/apparmor.d/profiles-g-l/gsmartcontrol index 8b1079d49..f6f6b300f 100644 --- a/apparmor.d/profiles-g-l/gsmartcontrol +++ b/apparmor.d/profiles-g-l/gsmartcontrol @@ -2,7 +2,6 @@ # Copyright (C) 2018-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -111,3 +110,5 @@ profile gsmartcontrol @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/gsmartcontrol-root b/apparmor.d/profiles-g-l/gsmartcontrol-root index fc943e26b..01b7d22e1 100644 --- a/apparmor.d/profiles-g-l/gsmartcontrol-root +++ b/apparmor.d/profiles-g-l/gsmartcontrol-root @@ -2,7 +2,6 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -22,3 +21,5 @@ profile gsmartcontrol-root @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/gssproxy b/apparmor.d/profiles-g-l/gssproxy index c179d7a29..6a16d1dc7 100644 --- a/apparmor.d/profiles-g-l/gssproxy +++ b/apparmor.d/profiles-g-l/gssproxy @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -26,4 +25,6 @@ profile gssproxy @{exec_path} { owner @{PROC}/@{pids}/net/rpc/use-gss-proxy rw, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/gtk-query-immodules b/apparmor.d/profiles-g-l/gtk-query-immodules index 1ff4a10ba..e67def6d2 100644 --- a/apparmor.d/profiles-g-l/gtk-query-immodules +++ b/apparmor.d/profiles-g-l/gtk-query-immodules @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -24,4 +23,6 @@ profile gtk-query-immodules @{exec_path} { deny network inet stream, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/gtk-update-icon-cache b/apparmor.d/profiles-g-l/gtk-update-icon-cache index 5ba0ba7a0..a91dc3069 100644 --- a/apparmor.d/profiles-g-l/gtk-update-icon-cache +++ b/apparmor.d/profiles-g-l/gtk-update-icon-cache @@ -2,7 +2,6 @@ # Copyright (C) 2018-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -25,3 +24,5 @@ profile gtk-update-icon-cache @{exec_path} flags=(attach_disconnected) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/gtk-youtube-viewer b/apparmor.d/profiles-g-l/gtk-youtube-viewer index 86180f31b..96b114461 100644 --- a/apparmor.d/profiles-g-l/gtk-youtube-viewer +++ b/apparmor.d/profiles-g-l/gtk-youtube-viewer @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -120,3 +119,5 @@ profile gtk-youtube-viewer @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/hardinfo b/apparmor.d/profiles-g-l/hardinfo index 9e8ba4cd3..02ac63e6f 100644 --- a/apparmor.d/profiles-g-l/hardinfo +++ b/apparmor.d/profiles-g-l/hardinfo @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -198,3 +197,5 @@ profile hardinfo @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/haveged b/apparmor.d/profiles-g-l/haveged index 2e5471085..ff3870880 100644 --- a/apparmor.d/profiles-g-l/haveged +++ b/apparmor.d/profiles-g-l/haveged @@ -29,3 +29,5 @@ profile haveged @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/hbbr b/apparmor.d/profiles-g-l/hbbr index a48386f67..78c15672b 100644 --- a/apparmor.d/profiles-g-l/hbbr +++ b/apparmor.d/profiles-g-l/hbbr @@ -1,6 +1,5 @@ # apparmor.d - Full set of apparmor profiles # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -24,3 +23,5 @@ profile hbbr @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/hbbs b/apparmor.d/profiles-g-l/hbbs index 6c7242f3e..69ac0cc8c 100644 --- a/apparmor.d/profiles-g-l/hbbs +++ b/apparmor.d/profiles-g-l/hbbs @@ -1,6 +1,5 @@ # apparmor.d - Full set of apparmor profiles # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -29,3 +28,5 @@ profile hbbs @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/hciconfig b/apparmor.d/profiles-g-l/hciconfig index b83867b9a..eb0319c5f 100644 --- a/apparmor.d/profiles-g-l/hciconfig +++ b/apparmor.d/profiles-g-l/hciconfig @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -21,3 +20,5 @@ profile hciconfig @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/hddtemp b/apparmor.d/profiles-g-l/hddtemp index 56b57d224..e0be907a6 100644 --- a/apparmor.d/profiles-g-l/hddtemp +++ b/apparmor.d/profiles-g-l/hddtemp @@ -2,7 +2,6 @@ # Copyright (C) 2017-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -39,3 +38,5 @@ profile hddtemp @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/hdparm b/apparmor.d/profiles-g-l/hdparm index f236b9bf1..f29bc1c20 100644 --- a/apparmor.d/profiles-g-l/hdparm +++ b/apparmor.d/profiles-g-l/hdparm @@ -2,7 +2,6 @@ # Copyright (C) 2018-2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -35,3 +34,5 @@ profile hdparm @{exec_path} flags=(complain) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/hexchat b/apparmor.d/profiles-g-l/hexchat index 471440ca7..aaa550dfc 100644 --- a/apparmor.d/profiles-g-l/hexchat +++ b/apparmor.d/profiles-g-l/hexchat @@ -2,7 +2,6 @@ # Copyright (C) 2018-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -53,3 +52,5 @@ profile hexchat @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/highlight b/apparmor.d/profiles-g-l/highlight index b7100b309..fb90c4475 100644 --- a/apparmor.d/profiles-g-l/highlight +++ b/apparmor.d/profiles-g-l/highlight @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 valoq # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -21,3 +20,5 @@ profile highlight @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/host b/apparmor.d/profiles-g-l/host index 5fc23e6fa..5894c85a0 100644 --- a/apparmor.d/profiles-g-l/host +++ b/apparmor.d/profiles-g-l/host @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -28,3 +27,5 @@ profile host @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/hostname b/apparmor.d/profiles-g-l/hostname index 345d6062c..efda5b4a8 100644 --- a/apparmor.d/profiles-g-l/hostname +++ b/apparmor.d/profiles-g-l/hostname @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -26,3 +25,5 @@ profile hostname @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/htop b/apparmor.d/profiles-g-l/htop index cc0b566ed..d06991025 100644 --- a/apparmor.d/profiles-g-l/htop +++ b/apparmor.d/profiles-g-l/htop @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -137,3 +136,5 @@ profile htop @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/hugeadm b/apparmor.d/profiles-g-l/hugeadm index a4f478b95..731483cf6 100644 --- a/apparmor.d/profiles-g-l/hugeadm +++ b/apparmor.d/profiles-g-l/hugeadm @@ -2,7 +2,6 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -60,3 +59,5 @@ profile hugeadm @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/hugo b/apparmor.d/profiles-g-l/hugo index 04d81eea6..fcb585020 100644 --- a/apparmor.d/profiles-g-l/hugo +++ b/apparmor.d/profiles-g-l/hugo @@ -2,7 +2,6 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -46,4 +45,6 @@ profile hugo @{exec_path} { @{PROC}/sys/net/core/somaxconn r, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/hw-probe b/apparmor.d/profiles-g-l/hw-probe index 4c79eb330..7c6b87b6c 100644 --- a/apparmor.d/profiles-g-l/hw-probe +++ b/apparmor.d/profiles-g-l/hw-probe @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -227,3 +226,5 @@ profile hw-probe @{exec_path} flags=(attach_disconnected) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/hwinfo b/apparmor.d/profiles-g-l/hwinfo index a2155b11c..f56dd2b14 100644 --- a/apparmor.d/profiles-g-l/hwinfo +++ b/apparmor.d/profiles-g-l/hwinfo @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -96,3 +95,5 @@ profile hwinfo @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/hypnotix b/apparmor.d/profiles-g-l/hypnotix index 96d06ad76..3a9a6131d 100644 --- a/apparmor.d/profiles-g-l/hypnotix +++ b/apparmor.d/profiles-g-l/hypnotix @@ -2,7 +2,6 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -89,3 +88,5 @@ profile hypnotix @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/i2cdetect b/apparmor.d/profiles-g-l/i2cdetect index 141a7567b..f045b489d 100644 --- a/apparmor.d/profiles-g-l/i2cdetect +++ b/apparmor.d/profiles-g-l/i2cdetect @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -18,3 +17,5 @@ profile i2cdetect @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/i3lock b/apparmor.d/profiles-g-l/i3lock index 8e9c1154e..d2fbdff2c 100644 --- a/apparmor.d/profiles-g-l/i3lock +++ b/apparmor.d/profiles-g-l/i3lock @@ -2,7 +2,6 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -37,3 +36,5 @@ profile i3lock @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/i3lock-fancy b/apparmor.d/profiles-g-l/i3lock-fancy index 43004cdb3..fce4ff7d4 100644 --- a/apparmor.d/profiles-g-l/i3lock-fancy +++ b/apparmor.d/profiles-g-l/i3lock-fancy @@ -2,7 +2,6 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -72,3 +71,5 @@ profile i3lock-fancy @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/iceauth b/apparmor.d/profiles-g-l/iceauth index adb3109c6..66111ff55 100644 --- a/apparmor.d/profiles-g-l/iceauth +++ b/apparmor.d/profiles-g-l/iceauth @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -23,4 +22,6 @@ profile iceauth @{exec_path} { owner @{run}/user/@{uid}/ICEauthority-n rw, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/id b/apparmor.d/profiles-g-l/id index 2ce341558..061313d42 100644 --- a/apparmor.d/profiles-g-l/id +++ b/apparmor.d/profiles-g-l/id @@ -2,7 +2,6 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -22,3 +21,5 @@ profile id @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/ifconfig b/apparmor.d/profiles-g-l/ifconfig index cad08d09f..8dd7eaac0 100644 --- a/apparmor.d/profiles-g-l/ifconfig +++ b/apparmor.d/profiles-g-l/ifconfig @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -31,3 +30,5 @@ profile ifconfig @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/ifup b/apparmor.d/profiles-g-l/ifup index d0b1abfeb..74cf07da8 100644 --- a/apparmor.d/profiles-g-l/ifup +++ b/apparmor.d/profiles-g-l/ifup @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -130,3 +129,5 @@ profile ifup @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/im-launch b/apparmor.d/profiles-g-l/im-launch index 6f6af77b0..5520e990c 100644 --- a/apparmor.d/profiles-g-l/im-launch +++ b/apparmor.d/profiles-g-l/im-launch @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -41,3 +40,5 @@ profile im-launch @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/imv-wayland b/apparmor.d/profiles-g-l/imv-wayland index daee53654..72eaecc9c 100644 --- a/apparmor.d/profiles-g-l/imv-wayland +++ b/apparmor.d/profiles-g-l/imv-wayland @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 valoq # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -28,3 +27,5 @@ profile imv @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/initd-kexec b/apparmor.d/profiles-g-l/initd-kexec index f9802d32d..f17356fcc 100644 --- a/apparmor.d/profiles-g-l/initd-kexec +++ b/apparmor.d/profiles-g-l/initd-kexec @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -55,3 +54,5 @@ profile initd-kexec @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/initd-kexec-load b/apparmor.d/profiles-g-l/initd-kexec-load index 4fb1daedd..d36584ec9 100644 --- a/apparmor.d/profiles-g-l/initd-kexec-load +++ b/apparmor.d/profiles-g-l/initd-kexec-load @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -79,3 +78,5 @@ profile initd-kexec-load @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/initd-kmod b/apparmor.d/profiles-g-l/initd-kmod index fa7f06f4e..f8f975211 100644 --- a/apparmor.d/profiles-g-l/initd-kmod +++ b/apparmor.d/profiles-g-l/initd-kmod @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -61,3 +60,5 @@ profile initd-kmod @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/install-catalog b/apparmor.d/profiles-g-l/install-catalog index 70552208b..370cbf154 100644 --- a/apparmor.d/profiles-g-l/install-catalog +++ b/apparmor.d/profiles-g-l/install-catalog @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -27,4 +26,6 @@ profile install-catalog @{exec_path} { /etc/sgml/sgml-ent.cat{,.new} rw, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/install-info b/apparmor.d/profiles-g-l/install-info index df2017210..54e40386f 100644 --- a/apparmor.d/profiles-g-l/install-info +++ b/apparmor.d/profiles-g-l/install-info @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -30,4 +29,6 @@ profile install-info @{exec_path} { deny network inet stream, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/install-printerdriver b/apparmor.d/profiles-g-l/install-printerdriver index 67c09ecea..ddbf2e31c 100644 --- a/apparmor.d/profiles-g-l/install-printerdriver +++ b/apparmor.d/profiles-g-l/install-printerdriver @@ -2,7 +2,6 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -23,3 +22,5 @@ profile install-printerdriver @{exec_path} flags=(complain) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/inxi b/apparmor.d/profiles-g-l/inxi index d79de8f00..aba281c31 100644 --- a/apparmor.d/profiles-g-l/inxi +++ b/apparmor.d/profiles-g-l/inxi @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -164,3 +163,5 @@ profile inxi @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/ioping b/apparmor.d/profiles-g-l/ioping index cedc79135..497e5cb1c 100644 --- a/apparmor.d/profiles-g-l/ioping +++ b/apparmor.d/profiles-g-l/ioping @@ -2,7 +2,6 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -48,3 +47,5 @@ profile ioping @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/iotop b/apparmor.d/profiles-g-l/iotop index fa7ad1e5a..be2738443 100644 --- a/apparmor.d/profiles-g-l/iotop +++ b/apparmor.d/profiles-g-l/iotop @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -40,3 +39,5 @@ profile iotop @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/ip b/apparmor.d/profiles-g-l/ip index fad0a172d..7fee79abc 100644 --- a/apparmor.d/profiles-g-l/ip +++ b/apparmor.d/profiles-g-l/ip @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -52,3 +51,5 @@ profile ip @{exec_path} flags=(attach_disconnected) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/ipcalc b/apparmor.d/profiles-g-l/ipcalc index 5a526121f..dd750b8c9 100644 --- a/apparmor.d/profiles-g-l/ipcalc +++ b/apparmor.d/profiles-g-l/ipcalc @@ -2,7 +2,6 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -18,3 +17,5 @@ profile ipcalc @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/irqbalance b/apparmor.d/profiles-g-l/irqbalance index 6fe5c9221..2226e6dd2 100644 --- a/apparmor.d/profiles-g-l/irqbalance +++ b/apparmor.d/profiles-g-l/irqbalance @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -42,4 +41,6 @@ profile irqbalance @{exec_path} flags=(attach_disconnected) { @{PROC}/irq/@{int}/smp_affinity rw, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/issue-generator b/apparmor.d/profiles-g-l/issue-generator index 60c82f4f3..a54b024ad 100644 --- a/apparmor.d/profiles-g-l/issue-generator +++ b/apparmor.d/profiles-g-l/issue-generator @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -28,4 +27,6 @@ profile issue-generator @{exec_path} { @{run}/issue.d/{,**} r, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/iw b/apparmor.d/profiles-g-l/iw index 29fbca99b..3b62c32ba 100644 --- a/apparmor.d/profiles-g-l/iw +++ b/apparmor.d/profiles-g-l/iw @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -29,3 +28,5 @@ profile iw @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/iwconfig b/apparmor.d/profiles-g-l/iwconfig index eaaeb7e22..62bc16041 100644 --- a/apparmor.d/profiles-g-l/iwconfig +++ b/apparmor.d/profiles-g-l/iwconfig @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -29,3 +28,5 @@ profile iwconfig @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/iwlist b/apparmor.d/profiles-g-l/iwlist index b2051443e..ef2a280e0 100644 --- a/apparmor.d/profiles-g-l/iwlist +++ b/apparmor.d/profiles-g-l/iwlist @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -22,3 +21,5 @@ profile iwlist @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/jackdbus b/apparmor.d/profiles-g-l/jackdbus index e317761e0..ed1094a17 100644 --- a/apparmor.d/profiles-g-l/jackdbus +++ b/apparmor.d/profiles-g-l/jackdbus @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -27,4 +26,6 @@ profile jackdbus @{exec_path} flags=(attach_disconnected) { owner @{user_config_dirs}/jack/{,**} rw, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/jami-gnome b/apparmor.d/profiles-g-l/jami-gnome index 60d6c492e..9d22933fc 100644 --- a/apparmor.d/profiles-g-l/jami-gnome +++ b/apparmor.d/profiles-g-l/jami-gnome @@ -2,7 +2,6 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -58,3 +57,5 @@ profile jami-gnome @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/jdownloader b/apparmor.d/profiles-g-l/jdownloader index 2bae0b723..424074da4 100644 --- a/apparmor.d/profiles-g-l/jdownloader +++ b/apparmor.d/profiles-g-l/jdownloader @@ -2,7 +2,6 @@ # Copyright (C) 2018-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -125,3 +124,5 @@ profile jdownloader @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/jekyll b/apparmor.d/profiles-g-l/jekyll index f39226ffc..667b9304f 100644 --- a/apparmor.d/profiles-g-l/jekyll +++ b/apparmor.d/profiles-g-l/jekyll @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -34,3 +33,5 @@ profile jekyll @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/jgmenu b/apparmor.d/profiles-g-l/jgmenu index dd5697b14..6c7f3c1ff 100644 --- a/apparmor.d/profiles-g-l/jgmenu +++ b/apparmor.d/profiles-g-l/jgmenu @@ -2,7 +2,6 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -58,3 +57,5 @@ profile jgmenu @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/jitterentropy-rngd b/apparmor.d/profiles-g-l/jitterentropy-rngd index 4967c9e64..5b96e0c58 100644 --- a/apparmor.d/profiles-g-l/jitterentropy-rngd +++ b/apparmor.d/profiles-g-l/jitterentropy-rngd @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -22,4 +21,6 @@ profile jitterentropy-rngd @{exec_path} { /dev/random w, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/jmtpfs b/apparmor.d/profiles-g-l/jmtpfs index 9a2be96b8..77127171c 100644 --- a/apparmor.d/profiles-g-l/jmtpfs +++ b/apparmor.d/profiles-g-l/jmtpfs @@ -2,7 +2,6 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -63,3 +62,5 @@ profile jmtpfs @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/kanyremote b/apparmor.d/profiles-g-l/kanyremote index 32a6a8e45..fef624841 100644 --- a/apparmor.d/profiles-g-l/kanyremote +++ b/apparmor.d/profiles-g-l/kanyremote @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -99,3 +98,5 @@ profile kanyremote @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/kcheckpass b/apparmor.d/profiles-g-l/kcheckpass index f2ebf0010..9dddbe470 100644 --- a/apparmor.d/profiles-g-l/kcheckpass +++ b/apparmor.d/profiles-g-l/kcheckpass @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -24,3 +23,5 @@ profile kcheckpass @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/kconfig-hardened-check b/apparmor.d/profiles-g-l/kconfig-hardened-check index d58e2c9c0..6858f1b45 100644 --- a/apparmor.d/profiles-g-l/kconfig-hardened-check +++ b/apparmor.d/profiles-g-l/kconfig-hardened-check @@ -2,7 +2,6 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -28,3 +27,5 @@ profile kconfig-hardened-check @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/keepassxc b/apparmor.d/profiles-g-l/keepassxc index c972f902c..20be091cc 100644 --- a/apparmor.d/profiles-g-l/keepassxc +++ b/apparmor.d/profiles-g-l/keepassxc @@ -2,7 +2,6 @@ # Copyright (C) 2018-2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -100,3 +99,5 @@ profile keepassxc @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/keepassxc-cli b/apparmor.d/profiles-g-l/keepassxc-cli index 858178aeb..b1d6e0e86 100644 --- a/apparmor.d/profiles-g-l/keepassxc-cli +++ b/apparmor.d/profiles-g-l/keepassxc-cli @@ -2,7 +2,6 @@ # Copyright (C) 2018-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -16,3 +15,5 @@ profile keepassxc-cli @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/keepassxc-proxy b/apparmor.d/profiles-g-l/keepassxc-proxy index fba81df19..5e9736108 100644 --- a/apparmor.d/profiles-g-l/keepassxc-proxy +++ b/apparmor.d/profiles-g-l/keepassxc-proxy @@ -2,7 +2,6 @@ # Copyright (C) 2018-2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -48,3 +47,5 @@ profile keepassxc-proxy @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/kernel-install b/apparmor.d/profiles-g-l/kernel-install index df12c8313..93cb01b19 100644 --- a/apparmor.d/profiles-g-l/kernel-install +++ b/apparmor.d/profiles-g-l/kernel-install @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -66,3 +65,5 @@ profile kernel-install @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/kerneloops b/apparmor.d/profiles-g-l/kerneloops index 01d1386a4..f3c7e3b37 100644 --- a/apparmor.d/profiles-g-l/kerneloops +++ b/apparmor.d/profiles-g-l/kerneloops @@ -2,7 +2,6 @@ # Copyright (C) 2018-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -29,3 +28,5 @@ profile kerneloops @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/kerneloops-applet b/apparmor.d/profiles-g-l/kerneloops-applet index 1bda5cd90..e6860c5b9 100644 --- a/apparmor.d/profiles-g-l/kerneloops-applet +++ b/apparmor.d/profiles-g-l/kerneloops-applet @@ -2,7 +2,6 @@ # Copyright (C) 2018-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -25,3 +24,5 @@ profile kerneloops-applet @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/kexec b/apparmor.d/profiles-g-l/kexec index 370aef005..dc027eae6 100644 --- a/apparmor.d/profiles-g-l/kexec +++ b/apparmor.d/profiles-g-l/kexec @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -29,3 +28,5 @@ profile kexec @{exec_path} flags=(complain) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/kmod b/apparmor.d/profiles-g-l/kmod index 91b7d3427..ac03c2501 100644 --- a/apparmor.d/profiles-g-l/kmod +++ b/apparmor.d/profiles-g-l/kmod @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -77,3 +76,5 @@ profile kmod @{exec_path} flags=(attach_disconnected) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/kodi b/apparmor.d/profiles-g-l/kodi index db5712a3f..3d8800cc7 100644 --- a/apparmor.d/profiles-g-l/kodi +++ b/apparmor.d/profiles-g-l/kodi @@ -2,7 +2,6 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -67,3 +66,5 @@ profile kodi @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/kodi-xrandr b/apparmor.d/profiles-g-l/kodi-xrandr index eaa2bacb5..932b869b8 100644 --- a/apparmor.d/profiles-g-l/kodi-xrandr +++ b/apparmor.d/profiles-g-l/kodi-xrandr @@ -2,7 +2,6 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -23,3 +22,5 @@ profile kodi-xrandr @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/kvm-ok b/apparmor.d/profiles-g-l/kvm-ok index 9d7b8f23b..a023293fa 100644 --- a/apparmor.d/profiles-g-l/kvm-ok +++ b/apparmor.d/profiles-g-l/kvm-ok @@ -2,7 +2,6 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -47,3 +46,5 @@ profile kvm-ok @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/labwc b/apparmor.d/profiles-g-l/labwc index 1453eccb8..8fa7552af 100644 --- a/apparmor.d/profiles-g-l/labwc +++ b/apparmor.d/profiles-g-l/labwc @@ -2,7 +2,6 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -57,3 +56,5 @@ profile labwc @{exec_path} flags=(attach_disconnected) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/landscape-sysinfo b/apparmor.d/profiles-g-l/landscape-sysinfo index 109034b2b..a9df8a2b3 100644 --- a/apparmor.d/profiles-g-l/landscape-sysinfo +++ b/apparmor.d/profiles-g-l/landscape-sysinfo @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -46,4 +45,6 @@ profile landscape-sysinfo @{exec_path} { /dev/tty@{int} rw, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/landscape-sysinfo.wrapper b/apparmor.d/profiles-g-l/landscape-sysinfo.wrapper index 36262e5c5..e33195eb1 100644 --- a/apparmor.d/profiles-g-l/landscape-sysinfo.wrapper +++ b/apparmor.d/profiles-g-l/landscape-sysinfo.wrapper @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -33,4 +32,6 @@ profile landscape-sysinfo.wrapper @{exec_path} { /dev/tty@{int} rw, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/language-validate b/apparmor.d/profiles-g-l/language-validate index bd168e9b6..e77d997c5 100644 --- a/apparmor.d/profiles-g-l/language-validate +++ b/apparmor.d/profiles-g-l/language-validate @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -23,4 +22,6 @@ profile language-validate @{exec_path} flags=(attach_disconnected) { /usr/share/language-tools/{,*} r, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/last b/apparmor.d/profiles-g-l/last index fd218d5ad..fd0c403a4 100644 --- a/apparmor.d/profiles-g-l/last +++ b/apparmor.d/profiles-g-l/last @@ -2,7 +2,6 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -29,3 +28,5 @@ profile last @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/lastlog b/apparmor.d/profiles-g-l/lastlog index 5d41f9874..3df955097 100644 --- a/apparmor.d/profiles-g-l/lastlog +++ b/apparmor.d/profiles-g-l/lastlog @@ -2,7 +2,6 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -23,3 +22,5 @@ profile lastlog @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/libreoffice b/apparmor.d/profiles-g-l/libreoffice index 9ce3b0817..313b34a23 100644 --- a/apparmor.d/profiles-g-l/libreoffice +++ b/apparmor.d/profiles-g-l/libreoffice @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -96,3 +95,5 @@ profile libreoffice @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/light b/apparmor.d/profiles-g-l/light index 8b3a961c9..d4ff8a7d7 100644 --- a/apparmor.d/profiles-g-l/light +++ b/apparmor.d/profiles-g-l/light @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -37,3 +36,5 @@ profile light @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/light-locker b/apparmor.d/profiles-g-l/light-locker index b259caae6..8e8732c19 100644 --- a/apparmor.d/profiles-g-l/light-locker +++ b/apparmor.d/profiles-g-l/light-locker @@ -2,7 +2,6 @@ # Copyright (C) 2017-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -39,3 +38,5 @@ profile light-locker @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/light-locker-command b/apparmor.d/profiles-g-l/light-locker-command index 3975437fe..21daa1853 100644 --- a/apparmor.d/profiles-g-l/light-locker-command +++ b/apparmor.d/profiles-g-l/light-locker-command @@ -2,7 +2,6 @@ # Copyright (C) 2017-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -16,3 +15,5 @@ profile light-locker-command @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/lightworks b/apparmor.d/profiles-g-l/lightworks index 133ff52db..f2e6c74cf 100644 --- a/apparmor.d/profiles-g-l/lightworks +++ b/apparmor.d/profiles-g-l/lightworks @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -27,3 +26,5 @@ profile lightworks @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/lightworks-ntcardvt b/apparmor.d/profiles-g-l/lightworks-ntcardvt index 639a296b8..b4dc21398 100644 --- a/apparmor.d/profiles-g-l/lightworks-ntcardvt +++ b/apparmor.d/profiles-g-l/lightworks-ntcardvt @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -16,3 +15,5 @@ profile lightworks-ntcardvt @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/linssid b/apparmor.d/profiles-g-l/linssid index 57bd63eb6..615f51b62 100644 --- a/apparmor.d/profiles-g-l/linssid +++ b/apparmor.d/profiles-g-l/linssid @@ -2,7 +2,6 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -110,3 +109,5 @@ profile linssid @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/linux-check-removal b/apparmor.d/profiles-g-l/linux-check-removal index 62917a8ee..41813c1a1 100644 --- a/apparmor.d/profiles-g-l/linux-check-removal +++ b/apparmor.d/profiles-g-l/linux-check-removal @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -51,3 +50,5 @@ profile linux-check-removal @{exec_path} flags=(complain) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/linux-version b/apparmor.d/profiles-g-l/linux-version index 8e5bf39d4..998c48780 100644 --- a/apparmor.d/profiles-g-l/linux-version +++ b/apparmor.d/profiles-g-l/linux-version @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -21,3 +20,5 @@ profile linux-version @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/locale-gen b/apparmor.d/profiles-g-l/locale-gen index 5128d96e4..093074d1b 100644 --- a/apparmor.d/profiles-g-l/locale-gen +++ b/apparmor.d/profiles-g-l/locale-gen @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -40,4 +39,6 @@ profile locale-gen @{exec_path} { deny network inet stream, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/localepurge b/apparmor.d/profiles-g-l/localepurge index c8a2f0fe9..30018bf00 100644 --- a/apparmor.d/profiles-g-l/localepurge +++ b/apparmor.d/profiles-g-l/localepurge @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -58,3 +57,5 @@ profile localepurge @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/login b/apparmor.d/profiles-g-l/login index 05932c282..c93553030 100644 --- a/apparmor.d/profiles-g-l/login +++ b/apparmor.d/profiles-g-l/login @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -74,3 +73,5 @@ profile login @{exec_path} flags=(attach_disconnected) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/logrotate b/apparmor.d/profiles-g-l/logrotate index aa3b8af94..6004b8a35 100644 --- a/apparmor.d/profiles-g-l/logrotate +++ b/apparmor.d/profiles-g-l/logrotate @@ -2,7 +2,6 @@ # Copyright (C) 2019-2022 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -105,3 +104,5 @@ profile logrotate @{exec_path} flags=(attach_disconnected) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/losetup b/apparmor.d/profiles-g-l/losetup index 63ecb00be..fb8b448d1 100644 --- a/apparmor.d/profiles-g-l/losetup +++ b/apparmor.d/profiles-g-l/losetup @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -25,4 +24,6 @@ profile losetup @{exec_path} { /dev/loop[0-9]* rw, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/low-memory-monitor b/apparmor.d/profiles-g-l/low-memory-monitor index 80907e166..4471dbd2e 100644 --- a/apparmor.d/profiles-g-l/low-memory-monitor +++ b/apparmor.d/profiles-g-l/low-memory-monitor @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -18,4 +17,6 @@ profile low-memory-monitor @{exec_path} flags=(attach_disconnected) { owner @{PROC}/pressure/memory rw, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/lsblk b/apparmor.d/profiles-g-l/lsblk index f4642a4cc..56aad52b8 100644 --- a/apparmor.d/profiles-g-l/lsblk +++ b/apparmor.d/profiles-g-l/lsblk @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -31,3 +30,5 @@ profile lsblk @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/lscpu b/apparmor.d/profiles-g-l/lscpu index 4f5f93167..804e67632 100644 --- a/apparmor.d/profiles-g-l/lscpu +++ b/apparmor.d/profiles-g-l/lscpu @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -31,3 +30,5 @@ profile lscpu @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/lsinitramfs b/apparmor.d/profiles-g-l/lsinitramfs index eba80fe94..e5b6ff750 100644 --- a/apparmor.d/profiles-g-l/lsinitramfs +++ b/apparmor.d/profiles-g-l/lsinitramfs @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -22,3 +21,5 @@ profile lsinitramfs @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/lspci b/apparmor.d/profiles-g-l/lspci index d0628ec11..0d6936d22 100644 --- a/apparmor.d/profiles-g-l/lspci +++ b/apparmor.d/profiles-g-l/lspci @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -45,3 +44,5 @@ profile lspci @{exec_path} flags=(attach_disconnected) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/lsusb b/apparmor.d/profiles-g-l/lsusb index 9ee06eb3a..eadda4785 100644 --- a/apparmor.d/profiles-g-l/lsusb +++ b/apparmor.d/profiles-g-l/lsusb @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -22,3 +21,5 @@ profile lsusb @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/lvm b/apparmor.d/profiles-g-l/lvm index 68630402a..0bd6ef2e8 100644 --- a/apparmor.d/profiles-g-l/lvm +++ b/apparmor.d/profiles-g-l/lvm @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022 Jeroen Rijken # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -51,3 +50,5 @@ profile lvm @{exec_path} flags=(attach_disconnected) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/lvmconfig b/apparmor.d/profiles-g-l/lvmconfig index 23f1be740..f38bd6780 100644 --- a/apparmor.d/profiles-g-l/lvmconfig +++ b/apparmor.d/profiles-g-l/lvmconfig @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022 Jeroen Rijken # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -18,3 +17,5 @@ profile lvmconfig @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/lvmdump b/apparmor.d/profiles-g-l/lvmdump index 8bdfe7e78..9dbe000f7 100644 --- a/apparmor.d/profiles-g-l/lvmdump +++ b/apparmor.d/profiles-g-l/lvmdump @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022 Jeroen Rijken # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -18,3 +17,5 @@ profile lvmdump @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/lvmpolld b/apparmor.d/profiles-g-l/lvmpolld index 22708b596..7a4bc90b3 100644 --- a/apparmor.d/profiles-g-l/lvmpolld +++ b/apparmor.d/profiles-g-l/lvmpolld @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022 Jeroen Rijken # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -21,3 +20,5 @@ profile lvmpolld @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/lxappearance b/apparmor.d/profiles-g-l/lxappearance index 619c180d8..a400ef80c 100644 --- a/apparmor.d/profiles-g-l/lxappearance +++ b/apparmor.d/profiles-g-l/lxappearance @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -68,3 +67,5 @@ profile lxappearance @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-g-l/lynx b/apparmor.d/profiles-g-l/lynx index 6c5432da2..143472569 100644 --- a/apparmor.d/profiles-g-l/lynx +++ b/apparmor.d/profiles-g-l/lynx @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor abi , @@ -39,3 +38,5 @@ profile lynx @{exec_path} { include if exists } + +# vim:syntax=apparmor From 1206692e517acb04d468761142fb25d6655ed95e Mon Sep 17 00:00:00 2001 From: REmerald <55359236+REmerald@users.noreply.github.com> Date: Sun, 9 Jun 2024 16:17:55 +0300 Subject: [PATCH 49/52] feat(abstractions): vim syntax highlighting Add vim syntax support. See man apparmor.vim(5) --- apparmor.d/abstractions/X-strict | 1 + apparmor.d/abstractions/X.d/complete | 1 + apparmor.d/abstractions/app-launcher-root | 1 + apparmor.d/abstractions/app-launcher-user | 1 + apparmor.d/abstractions/app-open | 1 + apparmor.d/abstractions/app/chromium | 1 + apparmor.d/abstractions/app/editor | 1 + apparmor.d/abstractions/app/firefox | 1 + apparmor.d/abstractions/app/open | 1 + apparmor.d/abstractions/app/pgrep | 1 + apparmor.d/abstractions/app/sudo | 1 + apparmor.d/abstractions/app/systemctl | 1 + apparmor.d/abstractions/audio-client | 1 + apparmor.d/abstractions/audio-server | 1 + apparmor.d/abstractions/audio.d/complete | 1 + apparmor.d/abstractions/authentication.d/complete | 1 + apparmor.d/abstractions/base.d/complete | 1 + apparmor.d/abstractions/bash-strict | 1 + apparmor.d/abstractions/bash.d/complete | 1 + apparmor.d/abstractions/bus-accessibility | 1 + apparmor.d/abstractions/bus-session | 1 + apparmor.d/abstractions/bus-system | 1 + apparmor.d/abstractions/bus/com.canonical.Unity.LauncherEntry | 1 + apparmor.d/abstractions/bus/com.canonical.dbusmenu | 1 + apparmor.d/abstractions/bus/fi.w1.wpa_supplicant1 | 1 + apparmor.d/abstractions/bus/net.hadess.PowerProfiles | 1 + apparmor.d/abstractions/bus/net.hadess.SwitcherooControl | 1 + apparmor.d/abstractions/bus/net.reactivated.Fprint | 1 + apparmor.d/abstractions/bus/org.a11y | 1 + apparmor.d/abstractions/bus/org.bluez | 1 + apparmor.d/abstractions/bus/org.freedesktop.Accounts | 1 + apparmor.d/abstractions/bus/org.freedesktop.Avahi | 1 + apparmor.d/abstractions/bus/org.freedesktop.ColorManager | 1 + apparmor.d/abstractions/bus/org.freedesktop.FileManager1 | 1 + apparmor.d/abstractions/bus/org.freedesktop.GeoClue2 | 1 + apparmor.d/abstractions/bus/org.freedesktop.ModemManager1 | 1 + apparmor.d/abstractions/bus/org.freedesktop.NetworkManager | 1 + apparmor.d/abstractions/bus/org.freedesktop.Notifications | 1 + apparmor.d/abstractions/bus/org.freedesktop.PackageKit | 1 + apparmor.d/abstractions/bus/org.freedesktop.PolicyKit1 | 1 + apparmor.d/abstractions/bus/org.freedesktop.RealtimeKit1 | 1 + apparmor.d/abstractions/bus/org.freedesktop.ScreenSaver | 1 + apparmor.d/abstractions/bus/org.freedesktop.Tracker3.Miner.Files | 1 + apparmor.d/abstractions/bus/org.freedesktop.UDisks2 | 1 + apparmor.d/abstractions/bus/org.freedesktop.UPower | 1 + apparmor.d/abstractions/bus/org.freedesktop.background.Monitor | 1 + apparmor.d/abstractions/bus/org.freedesktop.hostname1 | 1 + .../abstractions/bus/org.freedesktop.impl.portal.PermissionStore | 1 + apparmor.d/abstractions/bus/org.freedesktop.locale1 | 1 + apparmor.d/abstractions/bus/org.freedesktop.login1 | 1 + apparmor.d/abstractions/bus/org.freedesktop.login1.Session | 1 + apparmor.d/abstractions/bus/org.freedesktop.network1 | 1 + apparmor.d/abstractions/bus/org.freedesktop.portal.Desktop | 1 + apparmor.d/abstractions/bus/org.freedesktop.resolve1 | 1 + apparmor.d/abstractions/bus/org.freedesktop.secrets | 1 + apparmor.d/abstractions/bus/org.freedesktop.systemd1 | 1 + apparmor.d/abstractions/bus/org.freedesktop.systemd1-session | 1 + apparmor.d/abstractions/bus/org.freedesktop.timedate1 | 1 + apparmor.d/abstractions/bus/org.gnome.ArchiveManager1 | 1 + apparmor.d/abstractions/bus/org.gnome.DisplayManager | 1 + apparmor.d/abstractions/bus/org.gnome.Mutter.DisplayConfig | 1 + apparmor.d/abstractions/bus/org.gnome.Mutter.IdleMonitor | 1 + apparmor.d/abstractions/bus/org.gnome.Nautilus.FileOperations2 | 1 + apparmor.d/abstractions/bus/org.gnome.ScreenSaver | 1 + apparmor.d/abstractions/bus/org.gnome.SessionManager | 1 + apparmor.d/abstractions/bus/org.gnome.Shell.Introspect | 1 + apparmor.d/abstractions/bus/org.gtk.Private.RemoteVolumeMonitor | 1 + apparmor.d/abstractions/bus/org.gtk.vfs.Daemon | 1 + apparmor.d/abstractions/bus/org.gtk.vfs.Metadata | 1 + apparmor.d/abstractions/bus/org.gtk.vfs.MountTracker | 1 + apparmor.d/abstractions/bus/org.kde.StatusNotifierItem | 1 + apparmor.d/abstractions/bus/org.kde.StatusNotifierWatcher | 1 + apparmor.d/abstractions/bus/org.kde.kwalletd | 1 + apparmor.d/abstractions/common/app | 1 + apparmor.d/abstractions/common/apt | 1 + apparmor.d/abstractions/common/bwrap | 1 + apparmor.d/abstractions/common/chromium | 1 + apparmor.d/abstractions/common/electron | 1 + apparmor.d/abstractions/common/gnome | 1 + apparmor.d/abstractions/common/systemd | 1 + apparmor.d/abstractions/crypto.d/complete | 1 + apparmor.d/abstractions/dconf-write | 1 + apparmor.d/abstractions/deny-sensitive-home | 1 + apparmor.d/abstractions/desktop | 1 + apparmor.d/abstractions/devices-usb | 1 + apparmor.d/abstractions/disks-read | 1 + apparmor.d/abstractions/disks-write | 1 + apparmor.d/abstractions/dri | 1 + apparmor.d/abstractions/fish | 1 + apparmor.d/abstractions/fontconfig-cache-read | 1 + apparmor.d/abstractions/fontconfig-cache-write | 1 + apparmor.d/abstractions/freedesktop.org.d/complete | 1 + apparmor.d/abstractions/gnome-strict | 1 + apparmor.d/abstractions/gnome.d/complete | 1 + apparmor.d/abstractions/graphics | 1 + apparmor.d/abstractions/graphics-full | 1 + apparmor.d/abstractions/gstreamer | 1 + apparmor.d/abstractions/gtk.d/complete | 1 + apparmor.d/abstractions/ibus.d/complete | 1 + apparmor.d/abstractions/kde-open5.d/complete | 1 + apparmor.d/abstractions/kde-strict | 1 + apparmor.d/abstractions/mesa.d/complete | 1 + apparmor.d/abstractions/nameservice-strict | 1 + apparmor.d/abstractions/nvidia-strict | 1 + apparmor.d/abstractions/nvidia.d/complete | 1 + apparmor.d/abstractions/opencl-intel.d/complete | 1 + apparmor.d/abstractions/python.d/complete | 1 + apparmor.d/abstractions/qt5-shader-cache | 1 + apparmor.d/abstractions/qt5.d/complete | 1 + apparmor.d/abstractions/shells | 1 + apparmor.d/abstractions/thumbnails-cache-read | 1 + apparmor.d/abstractions/thumbnails-cache-write | 1 + apparmor.d/abstractions/trash-strict | 1 + apparmor.d/abstractions/trash.d/complete | 1 + apparmor.d/abstractions/uim | 1 + apparmor.d/abstractions/user-download-strict | 1 + apparmor.d/abstractions/user-read | 1 + apparmor.d/abstractions/user-read-strict | 1 + apparmor.d/abstractions/user-write-strict | 1 + apparmor.d/abstractions/user-write.d/complete | 1 + apparmor.d/abstractions/video.d/complete | 1 + apparmor.d/abstractions/vulkan-strict | 1 + apparmor.d/abstractions/vulkan.d/complete | 1 + apparmor.d/abstractions/wayland.d/complete | 1 + apparmor.d/abstractions/xfce | 1 + apparmor.d/abstractions/zsh | 1 + 126 files changed, 126 insertions(+) diff --git a/apparmor.d/abstractions/X-strict b/apparmor.d/abstractions/X-strict index 0998bbb44..01d538509 100644 --- a/apparmor.d/abstractions/X-strict +++ b/apparmor.d/abstractions/X-strict @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # The unix socket to use to connect to the display unix (connect, receive, send) type=stream peer=(addr="@/tmp/.X11-unix/X[0-9]*"), diff --git a/apparmor.d/abstractions/X.d/complete b/apparmor.d/abstractions/X.d/complete index 8a6636664..b3acf4c06 100644 --- a/apparmor.d/abstractions/X.d/complete +++ b/apparmor.d/abstractions/X.d/complete @@ -2,6 +2,7 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # Available Xsessions /usr/share/xsessions/{,*.desktop} r, diff --git a/apparmor.d/abstractions/app-launcher-root b/apparmor.d/abstractions/app-launcher-root index c31d328fb..adf37c2eb 100644 --- a/apparmor.d/abstractions/app-launcher-root +++ b/apparmor.d/abstractions/app-launcher-root @@ -2,6 +2,7 @@ # Copyright (C) 2020-2022 Mikhail Morfikov # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor @{bin}/* PUx, /usr/local/{s,}bin/* PUx, diff --git a/apparmor.d/abstractions/app-launcher-user b/apparmor.d/abstractions/app-launcher-user index 5e7c50824..892e44f47 100644 --- a/apparmor.d/abstractions/app-launcher-user +++ b/apparmor.d/abstractions/app-launcher-user @@ -2,6 +2,7 @@ # Copyright (C) 2020-2022 Mikhail Morfikov # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor @{bin}/* PUx, /opt/*/** PUx, diff --git a/apparmor.d/abstractions/app-open b/apparmor.d/abstractions/app-open index 513924de6..2db071a91 100644 --- a/apparmor.d/abstractions/app-open +++ b/apparmor.d/abstractions/app-open @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # Instead of allowing the run of all software in @{bin}/, @{lib} the purpose of # this abstraction is to list all GUI program that can open resources. diff --git a/apparmor.d/abstractions/app/chromium b/apparmor.d/abstractions/app/chromium index 41bbab892..3321d273b 100644 --- a/apparmor.d/abstractions/app/chromium +++ b/apparmor.d/abstractions/app/chromium @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # Full set of rules for all chromium based browsers. It works as a *function* # and requires some variables to be provided as *arguments* and set in the diff --git a/apparmor.d/abstractions/app/editor b/apparmor.d/abstractions/app/editor index f0972f3e7..3bfce1cdb 100644 --- a/apparmor.d/abstractions/app/editor +++ b/apparmor.d/abstractions/app/editor @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Zane Zakraisek # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor include diff --git a/apparmor.d/abstractions/app/firefox b/apparmor.d/abstractions/app/firefox index bf86f419c..7984fd671 100644 --- a/apparmor.d/abstractions/app/firefox +++ b/apparmor.d/abstractions/app/firefox @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # Full set of rules for all firefox based browsers. It works as a *function* # and requires some variables to be provided as *arguments* and set in the diff --git a/apparmor.d/abstractions/app/open b/apparmor.d/abstractions/app/open index f93a1c444..a936f70fe 100644 --- a/apparmor.d/abstractions/app/open +++ b/apparmor.d/abstractions/app/open @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # Full set of rules for child-open-* profiles. diff --git a/apparmor.d/abstractions/app/pgrep b/apparmor.d/abstractions/app/pgrep index 4bab75387..2b6d3a22d 100644 --- a/apparmor.d/abstractions/app/pgrep +++ b/apparmor.d/abstractions/app/pgrep @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # Minimal set of rules for pgrep. diff --git a/apparmor.d/abstractions/app/sudo b/apparmor.d/abstractions/app/sudo index 6fba1adfd..5a1145e73 100644 --- a/apparmor.d/abstractions/app/sudo +++ b/apparmor.d/abstractions/app/sudo @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # Minimal set of rules for sudo. Interactive sudo need more rules. diff --git a/apparmor.d/abstractions/app/systemctl b/apparmor.d/abstractions/app/systemctl index 62b4aafdf..4f33ae743 100644 --- a/apparmor.d/abstractions/app/systemctl +++ b/apparmor.d/abstractions/app/systemctl @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor include include diff --git a/apparmor.d/abstractions/audio-client b/apparmor.d/abstractions/audio-client index ca4a8e16c..980b90172 100644 --- a/apparmor.d/abstractions/audio-client +++ b/apparmor.d/abstractions/audio-client @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # Most programs do not need access to audio devices, audio-client only includes # configuration files to be used by client applications. diff --git a/apparmor.d/abstractions/audio-server b/apparmor.d/abstractions/audio-server index 619ba1111..57eaa3c65 100644 --- a/apparmor.d/abstractions/audio-server +++ b/apparmor.d/abstractions/audio-server @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # Provide access to audio devices. It should only be used by audio servers that # need direct access to them. diff --git a/apparmor.d/abstractions/audio.d/complete b/apparmor.d/abstractions/audio.d/complete index 01d94e067..51ad53006 100644 --- a/apparmor.d/abstractions/audio.d/complete +++ b/apparmor.d/abstractions/audio.d/complete @@ -2,6 +2,7 @@ # Copyright (C) 2020-2022 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # PulseAudio module-ladspa-sink (plugin sc4m_1916) @{lib}/ladspa/ r, diff --git a/apparmor.d/abstractions/authentication.d/complete b/apparmor.d/abstractions/authentication.d/complete index 63819cc1b..15ea6c9e9 100644 --- a/apparmor.d/abstractions/authentication.d/complete +++ b/apparmor.d/abstractions/authentication.d/complete @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor @{bin}/pam-tmpdir-helper rPx, diff --git a/apparmor.d/abstractions/base.d/complete b/apparmor.d/abstractions/base.d/complete index e9761b843..0a5cbff70 100644 --- a/apparmor.d/abstractions/base.d/complete +++ b/apparmor.d/abstractions/base.d/complete @@ -2,6 +2,7 @@ # Copyright (C) 2020-2022 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # Allow to receive some signals from new well-known profiles signal (receive) peer=btop, diff --git a/apparmor.d/abstractions/bash-strict b/apparmor.d/abstractions/bash-strict index eb4f65230..d885d7ddd 100644 --- a/apparmor.d/abstractions/bash-strict +++ b/apparmor.d/abstractions/bash-strict @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # This abstraction is only required when an interactive shell is started. # Classic shell scripts do not need it. diff --git a/apparmor.d/abstractions/bash.d/complete b/apparmor.d/abstractions/bash.d/complete index 6d16109de..54d859963 100644 --- a/apparmor.d/abstractions/bash.d/complete +++ b/apparmor.d/abstractions/bash.d/complete @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor /usr/share/bash-completion/{,**} r, diff --git a/apparmor.d/abstractions/bus-accessibility b/apparmor.d/abstractions/bus-accessibility index f032f842b..5bf684136 100644 --- a/apparmor.d/abstractions/bus-accessibility +++ b/apparmor.d/abstractions/bus-accessibility @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=accessibility path=/org/freedesktop/DBus interface=org.freedesktop.DBus diff --git a/apparmor.d/abstractions/bus-session b/apparmor.d/abstractions/bus-session index d5ca957e8..522457cf2 100644 --- a/apparmor.d/abstractions/bus-session +++ b/apparmor.d/abstractions/bus-session @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor unix (bind, listen) type=stream addr="@/tmp/dbus-*", unix (connect, send, receive, accept) type=stream addr="@/tmp/dbus-*", diff --git a/apparmor.d/abstractions/bus-system b/apparmor.d/abstractions/bus-system index 0148d0711..84a44c966 100644 --- a/apparmor.d/abstractions/bus-system +++ b/apparmor.d/abstractions/bus-system @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=system path=/org/freedesktop/DBus interface=org.freedesktop.DBus diff --git a/apparmor.d/abstractions/bus/com.canonical.Unity.LauncherEntry b/apparmor.d/abstractions/bus/com.canonical.Unity.LauncherEntry index 3eceb53ab..4225e07c0 100644 --- a/apparmor.d/abstractions/bus/com.canonical.Unity.LauncherEntry +++ b/apparmor.d/abstractions/bus/com.canonical.Unity.LauncherEntry @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # Access required for connecting to/communicating with the Unity Launcher diff --git a/apparmor.d/abstractions/bus/com.canonical.dbusmenu b/apparmor.d/abstractions/bus/com.canonical.dbusmenu index 290a86de8..fb4964479 100644 --- a/apparmor.d/abstractions/bus/com.canonical.dbusmenu +++ b/apparmor.d/abstractions/bus/com.canonical.dbusmenu @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor include if exists diff --git a/apparmor.d/abstractions/bus/fi.w1.wpa_supplicant1 b/apparmor.d/abstractions/bus/fi.w1.wpa_supplicant1 index a8e3d52a5..8de9de893 100644 --- a/apparmor.d/abstractions/bus/fi.w1.wpa_supplicant1 +++ b/apparmor.d/abstractions/bus/fi.w1.wpa_supplicant1 @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=system path=/fi/w1/wpa_supplicant1 interface=org.freedesktop.DBus.Properties diff --git a/apparmor.d/abstractions/bus/net.hadess.PowerProfiles b/apparmor.d/abstractions/bus/net.hadess.PowerProfiles index b4032e033..e5d90ebce 100644 --- a/apparmor.d/abstractions/bus/net.hadess.PowerProfiles +++ b/apparmor.d/abstractions/bus/net.hadess.PowerProfiles @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=system path=/net/hadess/PowerProfiles interface=org.freedesktop.DBus.Properties diff --git a/apparmor.d/abstractions/bus/net.hadess.SwitcherooControl b/apparmor.d/abstractions/bus/net.hadess.SwitcherooControl index 55e4f414d..2fb9bdf50 100644 --- a/apparmor.d/abstractions/bus/net.hadess.SwitcherooControl +++ b/apparmor.d/abstractions/bus/net.hadess.SwitcherooControl @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=system path=/net/hadess/SwitcherooControl interface=org.freedesktop.DBus.Properties diff --git a/apparmor.d/abstractions/bus/net.reactivated.Fprint b/apparmor.d/abstractions/bus/net.reactivated.Fprint index 7e7b21565..27c7b07dd 100644 --- a/apparmor.d/abstractions/bus/net.reactivated.Fprint +++ b/apparmor.d/abstractions/bus/net.reactivated.Fprint @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=system path=/net/reactivated/Fprint/Manager interface=net.reactivated.Fprint.Manager diff --git a/apparmor.d/abstractions/bus/org.a11y b/apparmor.d/abstractions/bus/org.a11y index 5103361c9..ff9c9619a 100644 --- a/apparmor.d/abstractions/bus/org.a11y +++ b/apparmor.d/abstractions/bus/org.a11y @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # Accessibility bus diff --git a/apparmor.d/abstractions/bus/org.bluez b/apparmor.d/abstractions/bus/org.bluez index 7c86817f5..046f3470e 100644 --- a/apparmor.d/abstractions/bus/org.bluez +++ b/apparmor.d/abstractions/bus/org.bluez @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus receive bus=system path=/ interface=org.freedesktop.DBus.ObjectManager diff --git a/apparmor.d/abstractions/bus/org.freedesktop.Accounts b/apparmor.d/abstractions/bus/org.freedesktop.Accounts index 10a9e8fc0..842616bdc 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.Accounts +++ b/apparmor.d/abstractions/bus/org.freedesktop.Accounts @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=system path=/org/freedesktop/Accounts interface=org.freedesktop.Accounts diff --git a/apparmor.d/abstractions/bus/org.freedesktop.Avahi b/apparmor.d/abstractions/bus/org.freedesktop.Avahi index 8b24700db..ea79a33be 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.Avahi +++ b/apparmor.d/abstractions/bus/org.freedesktop.Avahi @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=system path=/ interface=org.freedesktop.DBus.Peer diff --git a/apparmor.d/abstractions/bus/org.freedesktop.ColorManager b/apparmor.d/abstractions/bus/org.freedesktop.ColorManager index 3950b77aa..5d97a6b04 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.ColorManager +++ b/apparmor.d/abstractions/bus/org.freedesktop.ColorManager @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=system path=/org/freedesktop/ColorManager interface=org.freedesktop.ColorManager diff --git a/apparmor.d/abstractions/bus/org.freedesktop.FileManager1 b/apparmor.d/abstractions/bus/org.freedesktop.FileManager1 index b4e985b9e..d43fdec81 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.FileManager1 +++ b/apparmor.d/abstractions/bus/org.freedesktop.FileManager1 @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=session path=/org/freedesktop/FileManager1 interface=org.freedesktop.DBus.Properties diff --git a/apparmor.d/abstractions/bus/org.freedesktop.GeoClue2 b/apparmor.d/abstractions/bus/org.freedesktop.GeoClue2 index 836e99d94..357601386 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.GeoClue2 +++ b/apparmor.d/abstractions/bus/org.freedesktop.GeoClue2 @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=system path=/org/freedesktop/GeoClue2/Manager interface=org.freedesktop.DBus.Properties diff --git a/apparmor.d/abstractions/bus/org.freedesktop.ModemManager1 b/apparmor.d/abstractions/bus/org.freedesktop.ModemManager1 index 217b588a4..ce6505c9d 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.ModemManager1 +++ b/apparmor.d/abstractions/bus/org.freedesktop.ModemManager1 @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=system path=/org/freedesktop/ModemManager1 interface=org.freedesktop.DBus.ObjectManager diff --git a/apparmor.d/abstractions/bus/org.freedesktop.NetworkManager b/apparmor.d/abstractions/bus/org.freedesktop.NetworkManager index 0fa92d3cc..f42ddd43e 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.NetworkManager +++ b/apparmor.d/abstractions/bus/org.freedesktop.NetworkManager @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=system path=/org/freedesktop interface=org.freedesktop.DBus.ObjectManager diff --git a/apparmor.d/abstractions/bus/org.freedesktop.Notifications b/apparmor.d/abstractions/bus/org.freedesktop.Notifications index 90ee1aefc..a45c59c48 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.Notifications +++ b/apparmor.d/abstractions/bus/org.freedesktop.Notifications @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=session path=/org/freedesktop/Notifications interface=org.freedesktop.DBus.Properties diff --git a/apparmor.d/abstractions/bus/org.freedesktop.PackageKit b/apparmor.d/abstractions/bus/org.freedesktop.PackageKit index 7cdd9a3ce..be5d97328 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.PackageKit +++ b/apparmor.d/abstractions/bus/org.freedesktop.PackageKit @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=system path=/org/freedesktop/PackageKit interface=org.freedesktop.DBus.Properties diff --git a/apparmor.d/abstractions/bus/org.freedesktop.PolicyKit1 b/apparmor.d/abstractions/bus/org.freedesktop.PolicyKit1 index 3201e48ce..38d4147de 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.PolicyKit1 +++ b/apparmor.d/abstractions/bus/org.freedesktop.PolicyKit1 @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus receive bus=system path=/org/freedesktop/PolicyKit1/Authority interface=org.freedesktop.PolicyKit1.Authority diff --git a/apparmor.d/abstractions/bus/org.freedesktop.RealtimeKit1 b/apparmor.d/abstractions/bus/org.freedesktop.RealtimeKit1 index 474c4c625..83166574b 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.RealtimeKit1 +++ b/apparmor.d/abstractions/bus/org.freedesktop.RealtimeKit1 @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=system path=/org/freedesktop/RealtimeKit1 interface=org.freedesktop.DBus.Properties diff --git a/apparmor.d/abstractions/bus/org.freedesktop.ScreenSaver b/apparmor.d/abstractions/bus/org.freedesktop.ScreenSaver index 842057a1d..2f2303b07 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.ScreenSaver +++ b/apparmor.d/abstractions/bus/org.freedesktop.ScreenSaver @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=session path=/ScreenSaver interface=org.freedesktop.ScreenSaver diff --git a/apparmor.d/abstractions/bus/org.freedesktop.Tracker3.Miner.Files b/apparmor.d/abstractions/bus/org.freedesktop.Tracker3.Miner.Files index 567740a35..535f4dfc3 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.Tracker3.Miner.Files +++ b/apparmor.d/abstractions/bus/org.freedesktop.Tracker3.Miner.Files @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=session path=/org/freedesktop/Tracker3/Endpoint interface=org.freedesktop.DBus.Peer diff --git a/apparmor.d/abstractions/bus/org.freedesktop.UDisks2 b/apparmor.d/abstractions/bus/org.freedesktop.UDisks2 index 79b882e51..6d8bd828e 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.UDisks2 +++ b/apparmor.d/abstractions/bus/org.freedesktop.UDisks2 @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=system path=/org/freedesktop/UDisks2 interface=org.freedesktop.DBus.ObjectManager diff --git a/apparmor.d/abstractions/bus/org.freedesktop.UPower b/apparmor.d/abstractions/bus/org.freedesktop.UPower index d8341d33c..3e327db47 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.UPower +++ b/apparmor.d/abstractions/bus/org.freedesktop.UPower @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=system path=/org/freedesktop/UPower interface=org.freedesktop.UPower diff --git a/apparmor.d/abstractions/bus/org.freedesktop.background.Monitor b/apparmor.d/abstractions/bus/org.freedesktop.background.Monitor index 5f951381b..8a51c3d54 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.background.Monitor +++ b/apparmor.d/abstractions/bus/org.freedesktop.background.Monitor @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=session path=/org/freedesktop/background/monitor interface=org.freedesktop.DBus.Properties diff --git a/apparmor.d/abstractions/bus/org.freedesktop.hostname1 b/apparmor.d/abstractions/bus/org.freedesktop.hostname1 index 54196d16b..5dc2a135f 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.hostname1 +++ b/apparmor.d/abstractions/bus/org.freedesktop.hostname1 @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=system path=/org/freedesktop/hostname1 interface=org.freedesktop.DBus.Properties diff --git a/apparmor.d/abstractions/bus/org.freedesktop.impl.portal.PermissionStore b/apparmor.d/abstractions/bus/org.freedesktop.impl.portal.PermissionStore index 6b965a2f5..9cf91d9ec 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.impl.portal.PermissionStore +++ b/apparmor.d/abstractions/bus/org.freedesktop.impl.portal.PermissionStore @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=session path=/org/freedesktop/impl/portal/PermissionStore interface=org.freedesktop.DBus.Properties diff --git a/apparmor.d/abstractions/bus/org.freedesktop.locale1 b/apparmor.d/abstractions/bus/org.freedesktop.locale1 index a2865c7c9..121124e8c 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.locale1 +++ b/apparmor.d/abstractions/bus/org.freedesktop.locale1 @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=system path=/org/freedesktop/locale1 interface=org.freedesktop.DBus.Properties diff --git a/apparmor.d/abstractions/bus/org.freedesktop.login1 b/apparmor.d/abstractions/bus/org.freedesktop.login1 index fdceceea4..25114d3d6 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.login1 +++ b/apparmor.d/abstractions/bus/org.freedesktop.login1 @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=system path=/org/freedesktop/login1 interface=org.freedesktop.DBus.Properties diff --git a/apparmor.d/abstractions/bus/org.freedesktop.login1.Session b/apparmor.d/abstractions/bus/org.freedesktop.login1.Session index 24d5c1452..d0fe0f87d 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.login1.Session +++ b/apparmor.d/abstractions/bus/org.freedesktop.login1.Session @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=system path=/org/freedesktop/login1 interface=org.freedesktop.login1.Manager diff --git a/apparmor.d/abstractions/bus/org.freedesktop.network1 b/apparmor.d/abstractions/bus/org.freedesktop.network1 index 268a21dea..4378d4a22 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.network1 +++ b/apparmor.d/abstractions/bus/org.freedesktop.network1 @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=system path=/org/freedesktop/network1 interface=org.freedesktop.DBus.Properties diff --git a/apparmor.d/abstractions/bus/org.freedesktop.portal.Desktop b/apparmor.d/abstractions/bus/org.freedesktop.portal.Desktop index a2a1a94a0..314e140d5 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.portal.Desktop +++ b/apparmor.d/abstractions/bus/org.freedesktop.portal.Desktop @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=session path=/org/freedesktop/portal/desktop interface=org.freedesktop.DBus.Properties diff --git a/apparmor.d/abstractions/bus/org.freedesktop.resolve1 b/apparmor.d/abstractions/bus/org.freedesktop.resolve1 index 3057282c9..c84377bdf 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.resolve1 +++ b/apparmor.d/abstractions/bus/org.freedesktop.resolve1 @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=system path=/org/freedesktop/resolve1 interface=org.freedesktop.resolve1.Manager diff --git a/apparmor.d/abstractions/bus/org.freedesktop.secrets b/apparmor.d/abstractions/bus/org.freedesktop.secrets index 01ecf0786..de20b8e79 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.secrets +++ b/apparmor.d/abstractions/bus/org.freedesktop.secrets @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=session path=/org/freedesktop/secrets{,/**} interface=org.freedesktop.DBus.Properties diff --git a/apparmor.d/abstractions/bus/org.freedesktop.systemd1 b/apparmor.d/abstractions/bus/org.freedesktop.systemd1 index 49e4b014d..d72645d72 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.systemd1 +++ b/apparmor.d/abstractions/bus/org.freedesktop.systemd1 @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=system path=/org/freedesktop/systemd1 interface=org.freedesktop.DBus.Properties diff --git a/apparmor.d/abstractions/bus/org.freedesktop.systemd1-session b/apparmor.d/abstractions/bus/org.freedesktop.systemd1-session index c0e852662..763a1c832 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.systemd1-session +++ b/apparmor.d/abstractions/bus/org.freedesktop.systemd1-session @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=session path=/org/freedesktop/systemd1 interface=org.freedesktop.DBus.Properties diff --git a/apparmor.d/abstractions/bus/org.freedesktop.timedate1 b/apparmor.d/abstractions/bus/org.freedesktop.timedate1 index 883c5c165..297343fa5 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.timedate1 +++ b/apparmor.d/abstractions/bus/org.freedesktop.timedate1 @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=system path=/org/freedesktop/timedate1 interface=org.freedesktop.DBus.Properties diff --git a/apparmor.d/abstractions/bus/org.gnome.ArchiveManager1 b/apparmor.d/abstractions/bus/org.gnome.ArchiveManager1 index 9953ee8bf..d960c1494 100644 --- a/apparmor.d/abstractions/bus/org.gnome.ArchiveManager1 +++ b/apparmor.d/abstractions/bus/org.gnome.ArchiveManager1 @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=session path=/org/gnome/ArchiveManager1 interface=org.freedesktop.DBus.Properties diff --git a/apparmor.d/abstractions/bus/org.gnome.DisplayManager b/apparmor.d/abstractions/bus/org.gnome.DisplayManager index 05945a253..a41a6b21e 100644 --- a/apparmor.d/abstractions/bus/org.gnome.DisplayManager +++ b/apparmor.d/abstractions/bus/org.gnome.DisplayManager @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=system path=/org/gnome/DisplayManager/Manager interface=org.gnome.DisplayManager.Manager diff --git a/apparmor.d/abstractions/bus/org.gnome.Mutter.DisplayConfig b/apparmor.d/abstractions/bus/org.gnome.Mutter.DisplayConfig index d701792a6..f4a93f889 100644 --- a/apparmor.d/abstractions/bus/org.gnome.Mutter.DisplayConfig +++ b/apparmor.d/abstractions/bus/org.gnome.Mutter.DisplayConfig @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=session path=/org/gnome/Mutter/DisplayConfig interface=org.gnome.Mutter.DisplayConfig diff --git a/apparmor.d/abstractions/bus/org.gnome.Mutter.IdleMonitor b/apparmor.d/abstractions/bus/org.gnome.Mutter.IdleMonitor index 7ada64f05..3fba15ea2 100644 --- a/apparmor.d/abstractions/bus/org.gnome.Mutter.IdleMonitor +++ b/apparmor.d/abstractions/bus/org.gnome.Mutter.IdleMonitor @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=session path=/org/gnome/Mutter/IdleMonitor interface=org.freedesktop.DBus.ObjectManager diff --git a/apparmor.d/abstractions/bus/org.gnome.Nautilus.FileOperations2 b/apparmor.d/abstractions/bus/org.gnome.Nautilus.FileOperations2 index e547ab2c5..baeff9230 100644 --- a/apparmor.d/abstractions/bus/org.gnome.Nautilus.FileOperations2 +++ b/apparmor.d/abstractions/bus/org.gnome.Nautilus.FileOperations2 @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=session path=/org/gnome/Nautilus/FileOperations2 interface=org.freedesktop.DBus.Properties diff --git a/apparmor.d/abstractions/bus/org.gnome.ScreenSaver b/apparmor.d/abstractions/bus/org.gnome.ScreenSaver index 3e228ad1f..d85fae4ba 100644 --- a/apparmor.d/abstractions/bus/org.gnome.ScreenSaver +++ b/apparmor.d/abstractions/bus/org.gnome.ScreenSaver @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=session path=/org/gnome/ScreenSaver interface=org.freedesktop.DBus.Properties diff --git a/apparmor.d/abstractions/bus/org.gnome.SessionManager b/apparmor.d/abstractions/bus/org.gnome.SessionManager index 4197fb4cf..b19e171d4 100644 --- a/apparmor.d/abstractions/bus/org.gnome.SessionManager +++ b/apparmor.d/abstractions/bus/org.gnome.SessionManager @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # FIXME: Too large, restrict it. diff --git a/apparmor.d/abstractions/bus/org.gnome.Shell.Introspect b/apparmor.d/abstractions/bus/org.gnome.Shell.Introspect index 72e4525bc..618cc9ea5 100644 --- a/apparmor.d/abstractions/bus/org.gnome.Shell.Introspect +++ b/apparmor.d/abstractions/bus/org.gnome.Shell.Introspect @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=session path=/org/gnome/Shell/Introspect interface=org.freedesktop.DBus.Properties diff --git a/apparmor.d/abstractions/bus/org.gtk.Private.RemoteVolumeMonitor b/apparmor.d/abstractions/bus/org.gtk.Private.RemoteVolumeMonitor index 73d958513..9ff04f175 100644 --- a/apparmor.d/abstractions/bus/org.gtk.Private.RemoteVolumeMonitor +++ b/apparmor.d/abstractions/bus/org.gtk.Private.RemoteVolumeMonitor @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=session path=/org/gtk/Private/RemoteVolumeMonitor interface=org.gtk.Private.RemoteVolumeMonitor diff --git a/apparmor.d/abstractions/bus/org.gtk.vfs.Daemon b/apparmor.d/abstractions/bus/org.gtk.vfs.Daemon index 35cd640d6..73a409d3d 100644 --- a/apparmor.d/abstractions/bus/org.gtk.vfs.Daemon +++ b/apparmor.d/abstractions/bus/org.gtk.vfs.Daemon @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=session path=/org/gtk/vfs/Daemon interface=org.gtk.vfs.Daemon diff --git a/apparmor.d/abstractions/bus/org.gtk.vfs.Metadata b/apparmor.d/abstractions/bus/org.gtk.vfs.Metadata index 33d3c1c36..0f646e7f0 100644 --- a/apparmor.d/abstractions/bus/org.gtk.vfs.Metadata +++ b/apparmor.d/abstractions/bus/org.gtk.vfs.Metadata @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=session path=/org/gtk/vfs/metadata interface=org.freedesktop.DBus.Properties diff --git a/apparmor.d/abstractions/bus/org.gtk.vfs.MountTracker b/apparmor.d/abstractions/bus/org.gtk.vfs.MountTracker index 4d59f0afc..626498c39 100644 --- a/apparmor.d/abstractions/bus/org.gtk.vfs.MountTracker +++ b/apparmor.d/abstractions/bus/org.gtk.vfs.MountTracker @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=session path=/org/gtk/vfs/mounttracker interface=org.gtk.vfs.MountTracker diff --git a/apparmor.d/abstractions/bus/org.kde.StatusNotifierItem b/apparmor.d/abstractions/bus/org.kde.StatusNotifierItem index 4fca40e84..fb7a0efff 100644 --- a/apparmor.d/abstractions/bus/org.kde.StatusNotifierItem +++ b/apparmor.d/abstractions/bus/org.kde.StatusNotifierItem @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor include if exists diff --git a/apparmor.d/abstractions/bus/org.kde.StatusNotifierWatcher b/apparmor.d/abstractions/bus/org.kde.StatusNotifierWatcher index 67ac1fb6d..7df6188d2 100644 --- a/apparmor.d/abstractions/bus/org.kde.StatusNotifierWatcher +++ b/apparmor.d/abstractions/bus/org.kde.StatusNotifierWatcher @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=session path=/StatusNotifierWatcher interface=org.freedesktop.DBus.Properties diff --git a/apparmor.d/abstractions/bus/org.kde.kwalletd b/apparmor.d/abstractions/bus/org.kde.kwalletd index c0d2ecba2..d992a1dcb 100644 --- a/apparmor.d/abstractions/bus/org.kde.kwalletd +++ b/apparmor.d/abstractions/bus/org.kde.kwalletd @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor include if exists diff --git a/apparmor.d/abstractions/common/app b/apparmor.d/abstractions/common/app index e44d8509c..25a06aee7 100644 --- a/apparmor.d/abstractions/common/app +++ b/apparmor.d/abstractions/common/app @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # LOGPROF-SUGGEST: no # Common rules for applications sandboxed using bwrap. diff --git a/apparmor.d/abstractions/common/apt b/apparmor.d/abstractions/common/apt index 77c5a0b7e..f50bdcf56 100644 --- a/apparmor.d/abstractions/common/apt +++ b/apparmor.d/abstractions/common/apt @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor /usr/share/dpkg/cputable r, /usr/share/dpkg/tupletable r, diff --git a/apparmor.d/abstractions/common/bwrap b/apparmor.d/abstractions/common/bwrap index a73626bb1..624e80719 100644 --- a/apparmor.d/abstractions/common/bwrap +++ b/apparmor.d/abstractions/common/bwrap @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # A minimal set of rules for sandboxed programs using bwrap. # A profile using this abstraction still needs to set: diff --git a/apparmor.d/abstractions/common/chromium b/apparmor.d/abstractions/common/chromium index 2e98c515a..386eb3af3 100644 --- a/apparmor.d/abstractions/common/chromium +++ b/apparmor.d/abstractions/common/chromium @@ -2,6 +2,7 @@ # Copyright (C) 2022 Mikhail Morfikov # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # This abstraction is for chromium based application. Chromium based browsers # need to use abstractions/chromium instead. diff --git a/apparmor.d/abstractions/common/electron b/apparmor.d/abstractions/common/electron index 732129c26..3ae7268cc 100644 --- a/apparmor.d/abstractions/common/electron +++ b/apparmor.d/abstractions/common/electron @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # Minimal set of rules for all electron based UI application. It works as a # *function* and requires some variables to be provided as *arguments* and set diff --git a/apparmor.d/abstractions/common/gnome b/apparmor.d/abstractions/common/gnome index c93f9bc05..239a79d81 100644 --- a/apparmor.d/abstractions/common/gnome +++ b/apparmor.d/abstractions/common/gnome @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # Minimal set of rules for all gnome based UI application. diff --git a/apparmor.d/abstractions/common/systemd b/apparmor.d/abstractions/common/systemd index 0ed3a824b..ccc35d6e1 100644 --- a/apparmor.d/abstractions/common/systemd +++ b/apparmor.d/abstractions/common/systemd @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor ptrace (read) peer=@{p_systemd}, diff --git a/apparmor.d/abstractions/crypto.d/complete b/apparmor.d/abstractions/crypto.d/complete index a163af66d..1c97e2512 100644 --- a/apparmor.d/abstractions/crypto.d/complete +++ b/apparmor.d/abstractions/crypto.d/complete @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor include diff --git a/apparmor.d/abstractions/dconf-write b/apparmor.d/abstractions/dconf-write index f25e1c3e6..e0397cce2 100644 --- a/apparmor.d/abstractions/dconf-write +++ b/apparmor.d/abstractions/dconf-write @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # Permissions for querying dconf settings with write access; use the dconf # abstraction first, and dconf-write only for specific application's profile. diff --git a/apparmor.d/abstractions/deny-sensitive-home b/apparmor.d/abstractions/deny-sensitive-home index d8e1fdfb8..f21859241 100644 --- a/apparmor.d/abstractions/deny-sensitive-home +++ b/apparmor.d/abstractions/deny-sensitive-home @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # DO NOT USE IT WITHOUT EXPLICIT AUTHORISATION FROM THE PROJECT MAINTAINER diff --git a/apparmor.d/abstractions/desktop b/apparmor.d/abstractions/desktop index befea8bcb..736f6b16e 100644 --- a/apparmor.d/abstractions/desktop +++ b/apparmor.d/abstractions/desktop @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # Unified minimal abstraction for all UI application regardless of the desktop environment. diff --git a/apparmor.d/abstractions/devices-usb b/apparmor.d/abstractions/devices-usb index 5a2a8b742..7d9fc3737 100644 --- a/apparmor.d/abstractions/devices-usb +++ b/apparmor.d/abstractions/devices-usb @@ -2,6 +2,7 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor /dev/ r, /dev/bus/usb/ r, diff --git a/apparmor.d/abstractions/disks-read b/apparmor.d/abstractions/disks-read index 10beb258d..b80175fe5 100644 --- a/apparmor.d/abstractions/disks-read +++ b/apparmor.d/abstractions/disks-read @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # The /sys/ entries probably should be tightened diff --git a/apparmor.d/abstractions/disks-write b/apparmor.d/abstractions/disks-write index 361b60d82..80299f1f4 100644 --- a/apparmor.d/abstractions/disks-write +++ b/apparmor.d/abstractions/disks-write @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # The /sys/ entries probably should be tightened diff --git a/apparmor.d/abstractions/dri b/apparmor.d/abstractions/dri index a1eb1cd41..8b2d9a64c 100644 --- a/apparmor.d/abstractions/dri +++ b/apparmor.d/abstractions/dri @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # The Direct Rendering Infrastructure (DRI) is the framework comprising the modern # Linux graphics stack which allows unprivileged user-space programs to issue diff --git a/apparmor.d/abstractions/fish b/apparmor.d/abstractions/fish index fe3cab891..450e12050 100644 --- a/apparmor.d/abstractions/fish +++ b/apparmor.d/abstractions/fish @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # This abstraction is only required when an interactive shell is started. # Classic shell scripts do not need it. diff --git a/apparmor.d/abstractions/fontconfig-cache-read b/apparmor.d/abstractions/fontconfig-cache-read index 216075648..2c6e04aca 100644 --- a/apparmor.d/abstractions/fontconfig-cache-read +++ b/apparmor.d/abstractions/fontconfig-cache-read @@ -2,6 +2,7 @@ # Copyright (C) 2018-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # The fontconfig cache can be generated via the following command: # $ fc-cache -f -v diff --git a/apparmor.d/abstractions/fontconfig-cache-write b/apparmor.d/abstractions/fontconfig-cache-write index 19fa7c53a..d642a93a2 100644 --- a/apparmor.d/abstractions/fontconfig-cache-write +++ b/apparmor.d/abstractions/fontconfig-cache-write @@ -2,6 +2,7 @@ # Copyright (C) 2018-2021 Mikhail Morfikov # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor owner @{user_cache_dirs}/fontconfig/ rw, owner @{user_cache_dirs}/fontconfig/CACHEDIR.TAG{,.NEW,.LCK,.TMP-*} rw, diff --git a/apparmor.d/abstractions/freedesktop.org.d/complete b/apparmor.d/abstractions/freedesktop.org.d/complete index 3e669f4dc..71dc290c6 100644 --- a/apparmor.d/abstractions/freedesktop.org.d/complete +++ b/apparmor.d/abstractions/freedesktop.org.d/complete @@ -2,6 +2,7 @@ # Copyright (C) 2020-2022 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor @{system_share_dirs}/*ubuntu/applications/{,**} r, @{system_share_dirs}/gnome/applications/{,**} r, diff --git a/apparmor.d/abstractions/gnome-strict b/apparmor.d/abstractions/gnome-strict index 891e5a573..ea191ab35 100644 --- a/apparmor.d/abstractions/gnome-strict +++ b/apparmor.d/abstractions/gnome-strict @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor include include diff --git a/apparmor.d/abstractions/gnome.d/complete b/apparmor.d/abstractions/gnome.d/complete index 90f705ac7..ba38eaa12 100644 --- a/apparmor.d/abstractions/gnome.d/complete +++ b/apparmor.d/abstractions/gnome.d/complete @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor include diff --git a/apparmor.d/abstractions/graphics b/apparmor.d/abstractions/graphics index 9b7954f0d..ca2f72622 100644 --- a/apparmor.d/abstractions/graphics +++ b/apparmor.d/abstractions/graphics @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor include include diff --git a/apparmor.d/abstractions/graphics-full b/apparmor.d/abstractions/graphics-full index fe2d2001c..1e14bd63f 100644 --- a/apparmor.d/abstractions/graphics-full +++ b/apparmor.d/abstractions/graphics-full @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor include diff --git a/apparmor.d/abstractions/gstreamer b/apparmor.d/abstractions/gstreamer index 60bac614e..403ee6419 100644 --- a/apparmor.d/abstractions/gstreamer +++ b/apparmor.d/abstractions/gstreamer @@ -2,6 +2,7 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor @{lib}/@{multiarch}/libproxy/*/modules/*.so mr, @{lib}/@{multiarch}/libvisual-[0-9].[0-9]/*/*.so mr, diff --git a/apparmor.d/abstractions/gtk.d/complete b/apparmor.d/abstractions/gtk.d/complete index ac702a70f..db3abf7d6 100644 --- a/apparmor.d/abstractions/gtk.d/complete +++ b/apparmor.d/abstractions/gtk.d/complete @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor dbus send bus=session interface=org.gtk.Actions diff --git a/apparmor.d/abstractions/ibus.d/complete b/apparmor.d/abstractions/ibus.d/complete index 33d034b5a..52740ddf0 100644 --- a/apparmor.d/abstractions/ibus.d/complete +++ b/apparmor.d/abstractions/ibus.d/complete @@ -2,6 +2,7 @@ # Copyright (C) 2020-2022 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # abstract path in ibus < 1.5.22 uses /tmp unix (connect, receive, send) diff --git a/apparmor.d/abstractions/kde-open5.d/complete b/apparmor.d/abstractions/kde-open5.d/complete index 37038b129..9b8df3d82 100644 --- a/apparmor.d/abstractions/kde-open5.d/complete +++ b/apparmor.d/abstractions/kde-open5.d/complete @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor @{bin}/kde-open rix, diff --git a/apparmor.d/abstractions/kde-strict b/apparmor.d/abstractions/kde-strict index c164bd434..49697ec70 100644 --- a/apparmor.d/abstractions/kde-strict +++ b/apparmor.d/abstractions/kde-strict @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor include include diff --git a/apparmor.d/abstractions/mesa.d/complete b/apparmor.d/abstractions/mesa.d/complete index ed3306e42..63b8fda26 100644 --- a/apparmor.d/abstractions/mesa.d/complete +++ b/apparmor.d/abstractions/mesa.d/complete @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # Extra Mesa rules for desktop environments owner @{desktop_cache_dirs}/ w, diff --git a/apparmor.d/abstractions/nameservice-strict b/apparmor.d/abstractions/nameservice-strict index b1d474717..50786f6b4 100644 --- a/apparmor.d/abstractions/nameservice-strict +++ b/apparmor.d/abstractions/nameservice-strict @@ -2,6 +2,7 @@ # Copyright (C) 2019-2022 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # Many programs wish to perform nameservice-like operations, such as looking up # users by name or id, groups by name or id, hosts by name or IP, etc. diff --git a/apparmor.d/abstractions/nvidia-strict b/apparmor.d/abstractions/nvidia-strict index 6521c9840..0a66b8e92 100644 --- a/apparmor.d/abstractions/nvidia-strict +++ b/apparmor.d/abstractions/nvidia-strict @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor @{bin}/nvidia-modprobe Px -> child-modprobe-nvidia, diff --git a/apparmor.d/abstractions/nvidia.d/complete b/apparmor.d/abstractions/nvidia.d/complete index ef9d0c40d..e4fff6739 100644 --- a/apparmor.d/abstractions/nvidia.d/complete +++ b/apparmor.d/abstractions/nvidia.d/complete @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor unix (send, receive) type=dgram peer=(addr="@var/run/nvidia-xdriver-*"), diff --git a/apparmor.d/abstractions/opencl-intel.d/complete b/apparmor.d/abstractions/opencl-intel.d/complete index 1845cd61d..ecc116a2e 100644 --- a/apparmor.d/abstractions/opencl-intel.d/complete +++ b/apparmor.d/abstractions/opencl-intel.d/complete @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor /opt/intel/oneapi/{compiler,lib,mkl}/**/ r, /opt/intel/oneapi/{compiler,lib,mkl}/**.so* mr, diff --git a/apparmor.d/abstractions/python.d/complete b/apparmor.d/abstractions/python.d/complete index e6eea6744..b334b2e4c 100644 --- a/apparmor.d/abstractions/python.d/complete +++ b/apparmor.d/abstractions/python.d/complete @@ -2,6 +2,7 @@ # Copyright (C) 2020-2022 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor @{bin}/ r, @{bin}/python{2.[4-7],3,3.[0-9],3.1[0-9]} r, diff --git a/apparmor.d/abstractions/qt5-shader-cache b/apparmor.d/abstractions/qt5-shader-cache index 4ac0f7f1d..660e4a39d 100644 --- a/apparmor.d/abstractions/qt5-shader-cache +++ b/apparmor.d/abstractions/qt5-shader-cache @@ -2,6 +2,7 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor owner @{user_cache_dirs}/ w, owner @{user_cache_dirs}/qtshadercache/ rw, diff --git a/apparmor.d/abstractions/qt5.d/complete b/apparmor.d/abstractions/qt5.d/complete index 6063b47e2..71305d3cf 100644 --- a/apparmor.d/abstractions/qt5.d/complete +++ b/apparmor.d/abstractions/qt5.d/complete @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor /usr/share/qt{,5,6}/qtlogging.ini r, /usr/share/qt{,5,6}/resources/*.pak r, diff --git a/apparmor.d/abstractions/shells b/apparmor.d/abstractions/shells index b269f2335..84dbb7c72 100644 --- a/apparmor.d/abstractions/shells +++ b/apparmor.d/abstractions/shells @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # This abstraction is only required when an interactive shell is started. # Classic shell scripts do not need it. diff --git a/apparmor.d/abstractions/thumbnails-cache-read b/apparmor.d/abstractions/thumbnails-cache-read index dc164c6ba..5bf6153c3 100644 --- a/apparmor.d/abstractions/thumbnails-cache-read +++ b/apparmor.d/abstractions/thumbnails-cache-read @@ -2,6 +2,7 @@ # Copyright (C) 2018-2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor owner @{user_cache_dirs}/thumbnails/ r, owner @{user_cache_dirs}/thumbnails/{fail,*large,normal}/ r, diff --git a/apparmor.d/abstractions/thumbnails-cache-write b/apparmor.d/abstractions/thumbnails-cache-write index 01de0407e..a9bf4cf14 100644 --- a/apparmor.d/abstractions/thumbnails-cache-write +++ b/apparmor.d/abstractions/thumbnails-cache-write @@ -2,6 +2,7 @@ # Copyright (C) 2018-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor owner @{user_cache_dirs}/thumbnails/ rw, owner @{user_cache_dirs}/thumbnails/{fail,*large,normal}/ rw, diff --git a/apparmor.d/abstractions/trash-strict b/apparmor.d/abstractions/trash-strict index 1f4202818..fb4f9b306 100644 --- a/apparmor.d/abstractions/trash-strict +++ b/apparmor.d/abstractions/trash-strict @@ -2,6 +2,7 @@ # Copyright (C) 2018-2022 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # Already upstreamed. Different because recent change does not play well # with upstream's version. diff --git a/apparmor.d/abstractions/trash.d/complete b/apparmor.d/abstractions/trash.d/complete index a80a1e5a6..10149ee1b 100644 --- a/apparmor.d/abstractions/trash.d/complete +++ b/apparmor.d/abstractions/trash.d/complete @@ -2,6 +2,7 @@ # Copyright (C) 2018-2022 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor owner @{user_config_dirs}/trashrc rw, owner @{user_config_dirs}/trashrc.lock rwk, diff --git a/apparmor.d/abstractions/uim b/apparmor.d/abstractions/uim index 03ae9e3e8..81abacb6b 100644 --- a/apparmor.d/abstractions/uim +++ b/apparmor.d/abstractions/uim @@ -2,6 +2,7 @@ # Copyright (C) 2024 Alexandre Pujol # Copyright (C) 2024 Jeroen Rijken # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor /usr/share/uim/* r, diff --git a/apparmor.d/abstractions/user-download-strict b/apparmor.d/abstractions/user-download-strict index 3feed5cd8..01465ddf7 100644 --- a/apparmor.d/abstractions/user-download-strict +++ b/apparmor.d/abstractions/user-download-strict @@ -2,6 +2,7 @@ # Copyright (C) 2018-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor owner @{HOME}/@{XDG_DESKTOP_DIR}/ w, owner @{HOME}/@{XDG_DOWNLOAD_DIR}/ w, diff --git a/apparmor.d/abstractions/user-read b/apparmor.d/abstractions/user-read index 4187ab9e2..c49e1fea2 100644 --- a/apparmor.d/abstractions/user-read +++ b/apparmor.d/abstractions/user-read @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # Warning: This abstraction gives unrestricted read access on all non hidden user directories. diff --git a/apparmor.d/abstractions/user-read-strict b/apparmor.d/abstractions/user-read-strict index 5211b0345..88b998401 100644 --- a/apparmor.d/abstractions/user-read-strict +++ b/apparmor.d/abstractions/user-read-strict @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # This abstraction gives read access on all defined user directories. It should # only be used if access to **ALL** folders is required. diff --git a/apparmor.d/abstractions/user-write-strict b/apparmor.d/abstractions/user-write-strict index 223fc660a..a478581d5 100644 --- a/apparmor.d/abstractions/user-write-strict +++ b/apparmor.d/abstractions/user-write-strict @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # This abstraction gives write only access on all defined user directories. It should # only be used if access to **ALL** folders is required. diff --git a/apparmor.d/abstractions/user-write.d/complete b/apparmor.d/abstractions/user-write.d/complete index a529324f5..7d8023309 100644 --- a/apparmor.d/abstractions/user-write.d/complete +++ b/apparmor.d/abstractions/user-write.d/complete @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # Warning: This abstraction gives unrestricted write access on all non hidden user directories. diff --git a/apparmor.d/abstractions/video.d/complete b/apparmor.d/abstractions/video.d/complete index 97b7f1a2a..4222fec54 100644 --- a/apparmor.d/abstractions/video.d/complete +++ b/apparmor.d/abstractions/video.d/complete @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor @{run}/udev/data/c81:@{int} r, # For video4linux diff --git a/apparmor.d/abstractions/vulkan-strict b/apparmor.d/abstractions/vulkan-strict index fd86f1e81..533fe4ecf 100644 --- a/apparmor.d/abstractions/vulkan-strict +++ b/apparmor.d/abstractions/vulkan-strict @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor /usr/share/egl/egl_external_platform.d/{,*.json} r, /usr/share/glvnd/egl_vendor.d/{,*.json} r, diff --git a/apparmor.d/abstractions/vulkan.d/complete b/apparmor.d/abstractions/vulkan.d/complete index 8e5b68c08..64c12b2bf 100644 --- a/apparmor.d/abstractions/vulkan.d/complete +++ b/apparmor.d/abstractions/vulkan.d/complete @@ -1,5 +1,6 @@ # apparmor.d - Full set of apparmor profiles # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor /etc/glvnd/egl_vendor.d/{,*.json} r, /usr/share/glvnd/egl_vendor.d/{,*.json} r, diff --git a/apparmor.d/abstractions/wayland.d/complete b/apparmor.d/abstractions/wayland.d/complete index 245b9238d..42066e814 100644 --- a/apparmor.d/abstractions/wayland.d/complete +++ b/apparmor.d/abstractions/wayland.d/complete @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor owner @{user_config_dirs}/ibus/bus/@{hex32}-unix-wayland-@{int} r, diff --git a/apparmor.d/abstractions/xfce b/apparmor.d/abstractions/xfce index 067de9148..26d93714b 100644 --- a/apparmor.d/abstractions/xfce +++ b/apparmor.d/abstractions/xfce @@ -1,6 +1,7 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor include include diff --git a/apparmor.d/abstractions/zsh b/apparmor.d/abstractions/zsh index 15711713c..01d69bc05 100644 --- a/apparmor.d/abstractions/zsh +++ b/apparmor.d/abstractions/zsh @@ -2,6 +2,7 @@ # Copyright (C) 2018-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only +# vim:syntax=apparmor # This abstraction is only required when an interactive shell is started. # Classic shell scripts do not need it. From c1d531525aa92d1d2cb9ce7cb4cb8ec67c59a04c Mon Sep 17 00:00:00 2001 From: REmerald <55359236+REmerald@users.noreply.github.com> Date: Sat, 15 Jun 2024 16:52:31 +0300 Subject: [PATCH 50/52] fix(abstractions, tunables): move vim modeline Move vim syntax comment to the end of the file, separated by newline, as requested in #380. --- apparmor.d/abstractions/X-strict | 1 - apparmor.d/abstractions/X.d/complete | 1 - apparmor.d/abstractions/app-launcher-root | 1 - apparmor.d/abstractions/app-launcher-user | 1 - apparmor.d/abstractions/app-open | 1 - apparmor.d/abstractions/app/chromium | 1 - apparmor.d/abstractions/app/editor | 1 - apparmor.d/abstractions/app/firefox | 1 - apparmor.d/abstractions/app/open | 1 - apparmor.d/abstractions/app/pgrep | 1 - apparmor.d/abstractions/app/sudo | 1 - apparmor.d/abstractions/app/systemctl | 1 - apparmor.d/abstractions/audio-client | 1 - apparmor.d/abstractions/audio-server | 1 - apparmor.d/abstractions/audio.d/complete | 1 - apparmor.d/abstractions/authentication.d/complete | 1 - apparmor.d/abstractions/base.d/complete | 1 - apparmor.d/abstractions/bash-strict | 1 - apparmor.d/abstractions/bash.d/complete | 1 - apparmor.d/abstractions/bus-accessibility | 1 - apparmor.d/abstractions/bus-session | 1 - apparmor.d/abstractions/bus-system | 1 - apparmor.d/abstractions/bus/com.canonical.Unity.LauncherEntry | 1 - apparmor.d/abstractions/bus/com.canonical.dbusmenu | 1 - apparmor.d/abstractions/bus/fi.w1.wpa_supplicant1 | 1 - apparmor.d/abstractions/bus/net.hadess.PowerProfiles | 1 - apparmor.d/abstractions/bus/net.hadess.SwitcherooControl | 1 - apparmor.d/abstractions/bus/net.reactivated.Fprint | 1 - apparmor.d/abstractions/bus/org.a11y | 1 - apparmor.d/abstractions/bus/org.bluez | 1 - apparmor.d/abstractions/bus/org.freedesktop.Accounts | 1 - apparmor.d/abstractions/bus/org.freedesktop.Avahi | 1 - apparmor.d/abstractions/bus/org.freedesktop.ColorManager | 1 - apparmor.d/abstractions/bus/org.freedesktop.FileManager1 | 1 - apparmor.d/abstractions/bus/org.freedesktop.GeoClue2 | 1 - apparmor.d/abstractions/bus/org.freedesktop.ModemManager1 | 1 - apparmor.d/abstractions/bus/org.freedesktop.NetworkManager | 1 - apparmor.d/abstractions/bus/org.freedesktop.Notifications | 1 - apparmor.d/abstractions/bus/org.freedesktop.PackageKit | 1 - apparmor.d/abstractions/bus/org.freedesktop.PolicyKit1 | 1 - apparmor.d/abstractions/bus/org.freedesktop.RealtimeKit1 | 1 - apparmor.d/abstractions/bus/org.freedesktop.ScreenSaver | 1 - apparmor.d/abstractions/bus/org.freedesktop.Tracker3.Miner.Files | 1 - apparmor.d/abstractions/bus/org.freedesktop.UDisks2 | 1 - apparmor.d/abstractions/bus/org.freedesktop.UPower | 1 - apparmor.d/abstractions/bus/org.freedesktop.background.Monitor | 1 - apparmor.d/abstractions/bus/org.freedesktop.hostname1 | 1 - .../abstractions/bus/org.freedesktop.impl.portal.PermissionStore | 1 - apparmor.d/abstractions/bus/org.freedesktop.locale1 | 1 - apparmor.d/abstractions/bus/org.freedesktop.login1 | 1 - apparmor.d/abstractions/bus/org.freedesktop.login1.Session | 1 - apparmor.d/abstractions/bus/org.freedesktop.network1 | 1 - apparmor.d/abstractions/bus/org.freedesktop.portal.Desktop | 1 - apparmor.d/abstractions/bus/org.freedesktop.resolve1 | 1 - apparmor.d/abstractions/bus/org.freedesktop.secrets | 1 - apparmor.d/abstractions/bus/org.freedesktop.systemd1 | 1 - apparmor.d/abstractions/bus/org.freedesktop.systemd1-session | 1 - apparmor.d/abstractions/bus/org.freedesktop.timedate1 | 1 - apparmor.d/abstractions/bus/org.gnome.ArchiveManager1 | 1 - apparmor.d/abstractions/bus/org.gnome.DisplayManager | 1 - apparmor.d/abstractions/bus/org.gnome.Mutter.DisplayConfig | 1 - apparmor.d/abstractions/bus/org.gnome.Mutter.IdleMonitor | 1 - apparmor.d/abstractions/bus/org.gnome.Nautilus.FileOperations2 | 1 - apparmor.d/abstractions/bus/org.gnome.ScreenSaver | 1 - apparmor.d/abstractions/bus/org.gnome.SessionManager | 1 - apparmor.d/abstractions/bus/org.gnome.Shell.Introspect | 1 - apparmor.d/abstractions/bus/org.gtk.Private.RemoteVolumeMonitor | 1 - apparmor.d/abstractions/bus/org.gtk.vfs.Daemon | 1 - apparmor.d/abstractions/bus/org.gtk.vfs.Metadata | 1 - apparmor.d/abstractions/bus/org.gtk.vfs.MountTracker | 1 - apparmor.d/abstractions/bus/org.kde.StatusNotifierItem | 1 - apparmor.d/abstractions/bus/org.kde.StatusNotifierWatcher | 1 - apparmor.d/abstractions/bus/org.kde.kwalletd | 1 - apparmor.d/abstractions/common/app | 1 - apparmor.d/abstractions/common/apt | 1 - apparmor.d/abstractions/common/bwrap | 1 - apparmor.d/abstractions/common/chromium | 1 - apparmor.d/abstractions/common/electron | 1 - apparmor.d/abstractions/common/gnome | 1 - apparmor.d/abstractions/common/systemd | 1 - apparmor.d/abstractions/crypto.d/complete | 1 - apparmor.d/abstractions/dconf-write | 1 - apparmor.d/abstractions/deny-sensitive-home | 1 - apparmor.d/abstractions/desktop | 1 - apparmor.d/abstractions/devices-usb | 1 - apparmor.d/abstractions/disks-read | 1 - apparmor.d/abstractions/disks-write | 1 - apparmor.d/abstractions/dri | 1 - apparmor.d/abstractions/fish | 1 - apparmor.d/abstractions/fontconfig-cache-read | 1 - apparmor.d/abstractions/fontconfig-cache-write | 1 - apparmor.d/abstractions/freedesktop.org.d/complete | 1 - apparmor.d/abstractions/gnome-strict | 1 - apparmor.d/abstractions/gnome.d/complete | 1 - apparmor.d/abstractions/graphics | 1 - apparmor.d/abstractions/graphics-full | 1 - apparmor.d/abstractions/gstreamer | 1 - apparmor.d/abstractions/gtk.d/complete | 1 - apparmor.d/abstractions/ibus.d/complete | 1 - apparmor.d/abstractions/kde-open5.d/complete | 1 - apparmor.d/abstractions/kde-strict | 1 - apparmor.d/abstractions/mesa.d/complete | 1 - apparmor.d/abstractions/nameservice-strict | 1 - apparmor.d/abstractions/nvidia-strict | 1 - apparmor.d/abstractions/nvidia.d/complete | 1 - apparmor.d/abstractions/opencl-intel.d/complete | 1 - apparmor.d/abstractions/python.d/complete | 1 - apparmor.d/abstractions/qt5-shader-cache | 1 - apparmor.d/abstractions/qt5.d/complete | 1 - apparmor.d/abstractions/shells | 1 - apparmor.d/abstractions/thumbnails-cache-read | 1 - apparmor.d/abstractions/thumbnails-cache-write | 1 - apparmor.d/abstractions/trash-strict | 1 - apparmor.d/abstractions/trash.d/complete | 1 - apparmor.d/abstractions/uim | 1 - apparmor.d/abstractions/user-download-strict | 1 - apparmor.d/abstractions/user-read | 1 - apparmor.d/abstractions/user-read-strict | 1 - apparmor.d/abstractions/user-write-strict | 1 - apparmor.d/abstractions/user-write.d/complete | 1 - apparmor.d/abstractions/video.d/complete | 1 - apparmor.d/abstractions/vulkan-strict | 1 - apparmor.d/abstractions/vulkan.d/complete | 1 - apparmor.d/abstractions/wayland.d/complete | 1 - apparmor.d/abstractions/xfce | 1 - apparmor.d/abstractions/zsh | 1 - 126 files changed, 126 deletions(-) diff --git a/apparmor.d/abstractions/X-strict b/apparmor.d/abstractions/X-strict index 01d538509..0998bbb44 100644 --- a/apparmor.d/abstractions/X-strict +++ b/apparmor.d/abstractions/X-strict @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # The unix socket to use to connect to the display unix (connect, receive, send) type=stream peer=(addr="@/tmp/.X11-unix/X[0-9]*"), diff --git a/apparmor.d/abstractions/X.d/complete b/apparmor.d/abstractions/X.d/complete index b3acf4c06..8a6636664 100644 --- a/apparmor.d/abstractions/X.d/complete +++ b/apparmor.d/abstractions/X.d/complete @@ -2,7 +2,6 @@ # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # Available Xsessions /usr/share/xsessions/{,*.desktop} r, diff --git a/apparmor.d/abstractions/app-launcher-root b/apparmor.d/abstractions/app-launcher-root index adf37c2eb..c31d328fb 100644 --- a/apparmor.d/abstractions/app-launcher-root +++ b/apparmor.d/abstractions/app-launcher-root @@ -2,7 +2,6 @@ # Copyright (C) 2020-2022 Mikhail Morfikov # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor @{bin}/* PUx, /usr/local/{s,}bin/* PUx, diff --git a/apparmor.d/abstractions/app-launcher-user b/apparmor.d/abstractions/app-launcher-user index 892e44f47..5e7c50824 100644 --- a/apparmor.d/abstractions/app-launcher-user +++ b/apparmor.d/abstractions/app-launcher-user @@ -2,7 +2,6 @@ # Copyright (C) 2020-2022 Mikhail Morfikov # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor @{bin}/* PUx, /opt/*/** PUx, diff --git a/apparmor.d/abstractions/app-open b/apparmor.d/abstractions/app-open index 2db071a91..513924de6 100644 --- a/apparmor.d/abstractions/app-open +++ b/apparmor.d/abstractions/app-open @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # Instead of allowing the run of all software in @{bin}/, @{lib} the purpose of # this abstraction is to list all GUI program that can open resources. diff --git a/apparmor.d/abstractions/app/chromium b/apparmor.d/abstractions/app/chromium index 3321d273b..41bbab892 100644 --- a/apparmor.d/abstractions/app/chromium +++ b/apparmor.d/abstractions/app/chromium @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # Full set of rules for all chromium based browsers. It works as a *function* # and requires some variables to be provided as *arguments* and set in the diff --git a/apparmor.d/abstractions/app/editor b/apparmor.d/abstractions/app/editor index 3bfce1cdb..f0972f3e7 100644 --- a/apparmor.d/abstractions/app/editor +++ b/apparmor.d/abstractions/app/editor @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Zane Zakraisek # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor include diff --git a/apparmor.d/abstractions/app/firefox b/apparmor.d/abstractions/app/firefox index 7984fd671..bf86f419c 100644 --- a/apparmor.d/abstractions/app/firefox +++ b/apparmor.d/abstractions/app/firefox @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # Full set of rules for all firefox based browsers. It works as a *function* # and requires some variables to be provided as *arguments* and set in the diff --git a/apparmor.d/abstractions/app/open b/apparmor.d/abstractions/app/open index a936f70fe..f93a1c444 100644 --- a/apparmor.d/abstractions/app/open +++ b/apparmor.d/abstractions/app/open @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # Full set of rules for child-open-* profiles. diff --git a/apparmor.d/abstractions/app/pgrep b/apparmor.d/abstractions/app/pgrep index 2b6d3a22d..4bab75387 100644 --- a/apparmor.d/abstractions/app/pgrep +++ b/apparmor.d/abstractions/app/pgrep @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # Minimal set of rules for pgrep. diff --git a/apparmor.d/abstractions/app/sudo b/apparmor.d/abstractions/app/sudo index 5a1145e73..6fba1adfd 100644 --- a/apparmor.d/abstractions/app/sudo +++ b/apparmor.d/abstractions/app/sudo @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # Minimal set of rules for sudo. Interactive sudo need more rules. diff --git a/apparmor.d/abstractions/app/systemctl b/apparmor.d/abstractions/app/systemctl index 4f33ae743..62b4aafdf 100644 --- a/apparmor.d/abstractions/app/systemctl +++ b/apparmor.d/abstractions/app/systemctl @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor include include diff --git a/apparmor.d/abstractions/audio-client b/apparmor.d/abstractions/audio-client index 980b90172..ca4a8e16c 100644 --- a/apparmor.d/abstractions/audio-client +++ b/apparmor.d/abstractions/audio-client @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # Most programs do not need access to audio devices, audio-client only includes # configuration files to be used by client applications. diff --git a/apparmor.d/abstractions/audio-server b/apparmor.d/abstractions/audio-server index 57eaa3c65..619ba1111 100644 --- a/apparmor.d/abstractions/audio-server +++ b/apparmor.d/abstractions/audio-server @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # Provide access to audio devices. It should only be used by audio servers that # need direct access to them. diff --git a/apparmor.d/abstractions/audio.d/complete b/apparmor.d/abstractions/audio.d/complete index 51ad53006..01d94e067 100644 --- a/apparmor.d/abstractions/audio.d/complete +++ b/apparmor.d/abstractions/audio.d/complete @@ -2,7 +2,6 @@ # Copyright (C) 2020-2022 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # PulseAudio module-ladspa-sink (plugin sc4m_1916) @{lib}/ladspa/ r, diff --git a/apparmor.d/abstractions/authentication.d/complete b/apparmor.d/abstractions/authentication.d/complete index 15ea6c9e9..63819cc1b 100644 --- a/apparmor.d/abstractions/authentication.d/complete +++ b/apparmor.d/abstractions/authentication.d/complete @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor @{bin}/pam-tmpdir-helper rPx, diff --git a/apparmor.d/abstractions/base.d/complete b/apparmor.d/abstractions/base.d/complete index 0a5cbff70..e9761b843 100644 --- a/apparmor.d/abstractions/base.d/complete +++ b/apparmor.d/abstractions/base.d/complete @@ -2,7 +2,6 @@ # Copyright (C) 2020-2022 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # Allow to receive some signals from new well-known profiles signal (receive) peer=btop, diff --git a/apparmor.d/abstractions/bash-strict b/apparmor.d/abstractions/bash-strict index d885d7ddd..eb4f65230 100644 --- a/apparmor.d/abstractions/bash-strict +++ b/apparmor.d/abstractions/bash-strict @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # This abstraction is only required when an interactive shell is started. # Classic shell scripts do not need it. diff --git a/apparmor.d/abstractions/bash.d/complete b/apparmor.d/abstractions/bash.d/complete index 54d859963..6d16109de 100644 --- a/apparmor.d/abstractions/bash.d/complete +++ b/apparmor.d/abstractions/bash.d/complete @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor /usr/share/bash-completion/{,**} r, diff --git a/apparmor.d/abstractions/bus-accessibility b/apparmor.d/abstractions/bus-accessibility index 5bf684136..f032f842b 100644 --- a/apparmor.d/abstractions/bus-accessibility +++ b/apparmor.d/abstractions/bus-accessibility @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=accessibility path=/org/freedesktop/DBus interface=org.freedesktop.DBus diff --git a/apparmor.d/abstractions/bus-session b/apparmor.d/abstractions/bus-session index 522457cf2..d5ca957e8 100644 --- a/apparmor.d/abstractions/bus-session +++ b/apparmor.d/abstractions/bus-session @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor unix (bind, listen) type=stream addr="@/tmp/dbus-*", unix (connect, send, receive, accept) type=stream addr="@/tmp/dbus-*", diff --git a/apparmor.d/abstractions/bus-system b/apparmor.d/abstractions/bus-system index 84a44c966..0148d0711 100644 --- a/apparmor.d/abstractions/bus-system +++ b/apparmor.d/abstractions/bus-system @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=system path=/org/freedesktop/DBus interface=org.freedesktop.DBus diff --git a/apparmor.d/abstractions/bus/com.canonical.Unity.LauncherEntry b/apparmor.d/abstractions/bus/com.canonical.Unity.LauncherEntry index 4225e07c0..3eceb53ab 100644 --- a/apparmor.d/abstractions/bus/com.canonical.Unity.LauncherEntry +++ b/apparmor.d/abstractions/bus/com.canonical.Unity.LauncherEntry @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # Access required for connecting to/communicating with the Unity Launcher diff --git a/apparmor.d/abstractions/bus/com.canonical.dbusmenu b/apparmor.d/abstractions/bus/com.canonical.dbusmenu index fb4964479..290a86de8 100644 --- a/apparmor.d/abstractions/bus/com.canonical.dbusmenu +++ b/apparmor.d/abstractions/bus/com.canonical.dbusmenu @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor include if exists diff --git a/apparmor.d/abstractions/bus/fi.w1.wpa_supplicant1 b/apparmor.d/abstractions/bus/fi.w1.wpa_supplicant1 index 8de9de893..a8e3d52a5 100644 --- a/apparmor.d/abstractions/bus/fi.w1.wpa_supplicant1 +++ b/apparmor.d/abstractions/bus/fi.w1.wpa_supplicant1 @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=system path=/fi/w1/wpa_supplicant1 interface=org.freedesktop.DBus.Properties diff --git a/apparmor.d/abstractions/bus/net.hadess.PowerProfiles b/apparmor.d/abstractions/bus/net.hadess.PowerProfiles index e5d90ebce..b4032e033 100644 --- a/apparmor.d/abstractions/bus/net.hadess.PowerProfiles +++ b/apparmor.d/abstractions/bus/net.hadess.PowerProfiles @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=system path=/net/hadess/PowerProfiles interface=org.freedesktop.DBus.Properties diff --git a/apparmor.d/abstractions/bus/net.hadess.SwitcherooControl b/apparmor.d/abstractions/bus/net.hadess.SwitcherooControl index 2fb9bdf50..55e4f414d 100644 --- a/apparmor.d/abstractions/bus/net.hadess.SwitcherooControl +++ b/apparmor.d/abstractions/bus/net.hadess.SwitcherooControl @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=system path=/net/hadess/SwitcherooControl interface=org.freedesktop.DBus.Properties diff --git a/apparmor.d/abstractions/bus/net.reactivated.Fprint b/apparmor.d/abstractions/bus/net.reactivated.Fprint index 27c7b07dd..7e7b21565 100644 --- a/apparmor.d/abstractions/bus/net.reactivated.Fprint +++ b/apparmor.d/abstractions/bus/net.reactivated.Fprint @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=system path=/net/reactivated/Fprint/Manager interface=net.reactivated.Fprint.Manager diff --git a/apparmor.d/abstractions/bus/org.a11y b/apparmor.d/abstractions/bus/org.a11y index ff9c9619a..5103361c9 100644 --- a/apparmor.d/abstractions/bus/org.a11y +++ b/apparmor.d/abstractions/bus/org.a11y @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # Accessibility bus diff --git a/apparmor.d/abstractions/bus/org.bluez b/apparmor.d/abstractions/bus/org.bluez index 046f3470e..7c86817f5 100644 --- a/apparmor.d/abstractions/bus/org.bluez +++ b/apparmor.d/abstractions/bus/org.bluez @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus receive bus=system path=/ interface=org.freedesktop.DBus.ObjectManager diff --git a/apparmor.d/abstractions/bus/org.freedesktop.Accounts b/apparmor.d/abstractions/bus/org.freedesktop.Accounts index 842616bdc..10a9e8fc0 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.Accounts +++ b/apparmor.d/abstractions/bus/org.freedesktop.Accounts @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=system path=/org/freedesktop/Accounts interface=org.freedesktop.Accounts diff --git a/apparmor.d/abstractions/bus/org.freedesktop.Avahi b/apparmor.d/abstractions/bus/org.freedesktop.Avahi index ea79a33be..8b24700db 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.Avahi +++ b/apparmor.d/abstractions/bus/org.freedesktop.Avahi @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=system path=/ interface=org.freedesktop.DBus.Peer diff --git a/apparmor.d/abstractions/bus/org.freedesktop.ColorManager b/apparmor.d/abstractions/bus/org.freedesktop.ColorManager index 5d97a6b04..3950b77aa 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.ColorManager +++ b/apparmor.d/abstractions/bus/org.freedesktop.ColorManager @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=system path=/org/freedesktop/ColorManager interface=org.freedesktop.ColorManager diff --git a/apparmor.d/abstractions/bus/org.freedesktop.FileManager1 b/apparmor.d/abstractions/bus/org.freedesktop.FileManager1 index d43fdec81..b4e985b9e 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.FileManager1 +++ b/apparmor.d/abstractions/bus/org.freedesktop.FileManager1 @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=session path=/org/freedesktop/FileManager1 interface=org.freedesktop.DBus.Properties diff --git a/apparmor.d/abstractions/bus/org.freedesktop.GeoClue2 b/apparmor.d/abstractions/bus/org.freedesktop.GeoClue2 index 357601386..836e99d94 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.GeoClue2 +++ b/apparmor.d/abstractions/bus/org.freedesktop.GeoClue2 @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=system path=/org/freedesktop/GeoClue2/Manager interface=org.freedesktop.DBus.Properties diff --git a/apparmor.d/abstractions/bus/org.freedesktop.ModemManager1 b/apparmor.d/abstractions/bus/org.freedesktop.ModemManager1 index ce6505c9d..217b588a4 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.ModemManager1 +++ b/apparmor.d/abstractions/bus/org.freedesktop.ModemManager1 @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=system path=/org/freedesktop/ModemManager1 interface=org.freedesktop.DBus.ObjectManager diff --git a/apparmor.d/abstractions/bus/org.freedesktop.NetworkManager b/apparmor.d/abstractions/bus/org.freedesktop.NetworkManager index f42ddd43e..0fa92d3cc 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.NetworkManager +++ b/apparmor.d/abstractions/bus/org.freedesktop.NetworkManager @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=system path=/org/freedesktop interface=org.freedesktop.DBus.ObjectManager diff --git a/apparmor.d/abstractions/bus/org.freedesktop.Notifications b/apparmor.d/abstractions/bus/org.freedesktop.Notifications index a45c59c48..90ee1aefc 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.Notifications +++ b/apparmor.d/abstractions/bus/org.freedesktop.Notifications @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=session path=/org/freedesktop/Notifications interface=org.freedesktop.DBus.Properties diff --git a/apparmor.d/abstractions/bus/org.freedesktop.PackageKit b/apparmor.d/abstractions/bus/org.freedesktop.PackageKit index be5d97328..7cdd9a3ce 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.PackageKit +++ b/apparmor.d/abstractions/bus/org.freedesktop.PackageKit @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=system path=/org/freedesktop/PackageKit interface=org.freedesktop.DBus.Properties diff --git a/apparmor.d/abstractions/bus/org.freedesktop.PolicyKit1 b/apparmor.d/abstractions/bus/org.freedesktop.PolicyKit1 index 38d4147de..3201e48ce 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.PolicyKit1 +++ b/apparmor.d/abstractions/bus/org.freedesktop.PolicyKit1 @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus receive bus=system path=/org/freedesktop/PolicyKit1/Authority interface=org.freedesktop.PolicyKit1.Authority diff --git a/apparmor.d/abstractions/bus/org.freedesktop.RealtimeKit1 b/apparmor.d/abstractions/bus/org.freedesktop.RealtimeKit1 index 83166574b..474c4c625 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.RealtimeKit1 +++ b/apparmor.d/abstractions/bus/org.freedesktop.RealtimeKit1 @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=system path=/org/freedesktop/RealtimeKit1 interface=org.freedesktop.DBus.Properties diff --git a/apparmor.d/abstractions/bus/org.freedesktop.ScreenSaver b/apparmor.d/abstractions/bus/org.freedesktop.ScreenSaver index 2f2303b07..842057a1d 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.ScreenSaver +++ b/apparmor.d/abstractions/bus/org.freedesktop.ScreenSaver @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=session path=/ScreenSaver interface=org.freedesktop.ScreenSaver diff --git a/apparmor.d/abstractions/bus/org.freedesktop.Tracker3.Miner.Files b/apparmor.d/abstractions/bus/org.freedesktop.Tracker3.Miner.Files index 535f4dfc3..567740a35 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.Tracker3.Miner.Files +++ b/apparmor.d/abstractions/bus/org.freedesktop.Tracker3.Miner.Files @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=session path=/org/freedesktop/Tracker3/Endpoint interface=org.freedesktop.DBus.Peer diff --git a/apparmor.d/abstractions/bus/org.freedesktop.UDisks2 b/apparmor.d/abstractions/bus/org.freedesktop.UDisks2 index 6d8bd828e..79b882e51 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.UDisks2 +++ b/apparmor.d/abstractions/bus/org.freedesktop.UDisks2 @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=system path=/org/freedesktop/UDisks2 interface=org.freedesktop.DBus.ObjectManager diff --git a/apparmor.d/abstractions/bus/org.freedesktop.UPower b/apparmor.d/abstractions/bus/org.freedesktop.UPower index 3e327db47..d8341d33c 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.UPower +++ b/apparmor.d/abstractions/bus/org.freedesktop.UPower @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=system path=/org/freedesktop/UPower interface=org.freedesktop.UPower diff --git a/apparmor.d/abstractions/bus/org.freedesktop.background.Monitor b/apparmor.d/abstractions/bus/org.freedesktop.background.Monitor index 8a51c3d54..5f951381b 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.background.Monitor +++ b/apparmor.d/abstractions/bus/org.freedesktop.background.Monitor @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=session path=/org/freedesktop/background/monitor interface=org.freedesktop.DBus.Properties diff --git a/apparmor.d/abstractions/bus/org.freedesktop.hostname1 b/apparmor.d/abstractions/bus/org.freedesktop.hostname1 index 5dc2a135f..54196d16b 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.hostname1 +++ b/apparmor.d/abstractions/bus/org.freedesktop.hostname1 @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=system path=/org/freedesktop/hostname1 interface=org.freedesktop.DBus.Properties diff --git a/apparmor.d/abstractions/bus/org.freedesktop.impl.portal.PermissionStore b/apparmor.d/abstractions/bus/org.freedesktop.impl.portal.PermissionStore index 9cf91d9ec..6b965a2f5 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.impl.portal.PermissionStore +++ b/apparmor.d/abstractions/bus/org.freedesktop.impl.portal.PermissionStore @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=session path=/org/freedesktop/impl/portal/PermissionStore interface=org.freedesktop.DBus.Properties diff --git a/apparmor.d/abstractions/bus/org.freedesktop.locale1 b/apparmor.d/abstractions/bus/org.freedesktop.locale1 index 121124e8c..a2865c7c9 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.locale1 +++ b/apparmor.d/abstractions/bus/org.freedesktop.locale1 @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=system path=/org/freedesktop/locale1 interface=org.freedesktop.DBus.Properties diff --git a/apparmor.d/abstractions/bus/org.freedesktop.login1 b/apparmor.d/abstractions/bus/org.freedesktop.login1 index 25114d3d6..fdceceea4 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.login1 +++ b/apparmor.d/abstractions/bus/org.freedesktop.login1 @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=system path=/org/freedesktop/login1 interface=org.freedesktop.DBus.Properties diff --git a/apparmor.d/abstractions/bus/org.freedesktop.login1.Session b/apparmor.d/abstractions/bus/org.freedesktop.login1.Session index d0fe0f87d..24d5c1452 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.login1.Session +++ b/apparmor.d/abstractions/bus/org.freedesktop.login1.Session @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=system path=/org/freedesktop/login1 interface=org.freedesktop.login1.Manager diff --git a/apparmor.d/abstractions/bus/org.freedesktop.network1 b/apparmor.d/abstractions/bus/org.freedesktop.network1 index 4378d4a22..268a21dea 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.network1 +++ b/apparmor.d/abstractions/bus/org.freedesktop.network1 @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=system path=/org/freedesktop/network1 interface=org.freedesktop.DBus.Properties diff --git a/apparmor.d/abstractions/bus/org.freedesktop.portal.Desktop b/apparmor.d/abstractions/bus/org.freedesktop.portal.Desktop index 314e140d5..a2a1a94a0 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.portal.Desktop +++ b/apparmor.d/abstractions/bus/org.freedesktop.portal.Desktop @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=session path=/org/freedesktop/portal/desktop interface=org.freedesktop.DBus.Properties diff --git a/apparmor.d/abstractions/bus/org.freedesktop.resolve1 b/apparmor.d/abstractions/bus/org.freedesktop.resolve1 index c84377bdf..3057282c9 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.resolve1 +++ b/apparmor.d/abstractions/bus/org.freedesktop.resolve1 @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=system path=/org/freedesktop/resolve1 interface=org.freedesktop.resolve1.Manager diff --git a/apparmor.d/abstractions/bus/org.freedesktop.secrets b/apparmor.d/abstractions/bus/org.freedesktop.secrets index de20b8e79..01ecf0786 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.secrets +++ b/apparmor.d/abstractions/bus/org.freedesktop.secrets @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=session path=/org/freedesktop/secrets{,/**} interface=org.freedesktop.DBus.Properties diff --git a/apparmor.d/abstractions/bus/org.freedesktop.systemd1 b/apparmor.d/abstractions/bus/org.freedesktop.systemd1 index d72645d72..49e4b014d 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.systemd1 +++ b/apparmor.d/abstractions/bus/org.freedesktop.systemd1 @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=system path=/org/freedesktop/systemd1 interface=org.freedesktop.DBus.Properties diff --git a/apparmor.d/abstractions/bus/org.freedesktop.systemd1-session b/apparmor.d/abstractions/bus/org.freedesktop.systemd1-session index 763a1c832..c0e852662 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.systemd1-session +++ b/apparmor.d/abstractions/bus/org.freedesktop.systemd1-session @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=session path=/org/freedesktop/systemd1 interface=org.freedesktop.DBus.Properties diff --git a/apparmor.d/abstractions/bus/org.freedesktop.timedate1 b/apparmor.d/abstractions/bus/org.freedesktop.timedate1 index 297343fa5..883c5c165 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.timedate1 +++ b/apparmor.d/abstractions/bus/org.freedesktop.timedate1 @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=system path=/org/freedesktop/timedate1 interface=org.freedesktop.DBus.Properties diff --git a/apparmor.d/abstractions/bus/org.gnome.ArchiveManager1 b/apparmor.d/abstractions/bus/org.gnome.ArchiveManager1 index d960c1494..9953ee8bf 100644 --- a/apparmor.d/abstractions/bus/org.gnome.ArchiveManager1 +++ b/apparmor.d/abstractions/bus/org.gnome.ArchiveManager1 @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=session path=/org/gnome/ArchiveManager1 interface=org.freedesktop.DBus.Properties diff --git a/apparmor.d/abstractions/bus/org.gnome.DisplayManager b/apparmor.d/abstractions/bus/org.gnome.DisplayManager index a41a6b21e..05945a253 100644 --- a/apparmor.d/abstractions/bus/org.gnome.DisplayManager +++ b/apparmor.d/abstractions/bus/org.gnome.DisplayManager @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=system path=/org/gnome/DisplayManager/Manager interface=org.gnome.DisplayManager.Manager diff --git a/apparmor.d/abstractions/bus/org.gnome.Mutter.DisplayConfig b/apparmor.d/abstractions/bus/org.gnome.Mutter.DisplayConfig index f4a93f889..d701792a6 100644 --- a/apparmor.d/abstractions/bus/org.gnome.Mutter.DisplayConfig +++ b/apparmor.d/abstractions/bus/org.gnome.Mutter.DisplayConfig @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=session path=/org/gnome/Mutter/DisplayConfig interface=org.gnome.Mutter.DisplayConfig diff --git a/apparmor.d/abstractions/bus/org.gnome.Mutter.IdleMonitor b/apparmor.d/abstractions/bus/org.gnome.Mutter.IdleMonitor index 3fba15ea2..7ada64f05 100644 --- a/apparmor.d/abstractions/bus/org.gnome.Mutter.IdleMonitor +++ b/apparmor.d/abstractions/bus/org.gnome.Mutter.IdleMonitor @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=session path=/org/gnome/Mutter/IdleMonitor interface=org.freedesktop.DBus.ObjectManager diff --git a/apparmor.d/abstractions/bus/org.gnome.Nautilus.FileOperations2 b/apparmor.d/abstractions/bus/org.gnome.Nautilus.FileOperations2 index baeff9230..e547ab2c5 100644 --- a/apparmor.d/abstractions/bus/org.gnome.Nautilus.FileOperations2 +++ b/apparmor.d/abstractions/bus/org.gnome.Nautilus.FileOperations2 @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=session path=/org/gnome/Nautilus/FileOperations2 interface=org.freedesktop.DBus.Properties diff --git a/apparmor.d/abstractions/bus/org.gnome.ScreenSaver b/apparmor.d/abstractions/bus/org.gnome.ScreenSaver index d85fae4ba..3e228ad1f 100644 --- a/apparmor.d/abstractions/bus/org.gnome.ScreenSaver +++ b/apparmor.d/abstractions/bus/org.gnome.ScreenSaver @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=session path=/org/gnome/ScreenSaver interface=org.freedesktop.DBus.Properties diff --git a/apparmor.d/abstractions/bus/org.gnome.SessionManager b/apparmor.d/abstractions/bus/org.gnome.SessionManager index b19e171d4..4197fb4cf 100644 --- a/apparmor.d/abstractions/bus/org.gnome.SessionManager +++ b/apparmor.d/abstractions/bus/org.gnome.SessionManager @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # FIXME: Too large, restrict it. diff --git a/apparmor.d/abstractions/bus/org.gnome.Shell.Introspect b/apparmor.d/abstractions/bus/org.gnome.Shell.Introspect index 618cc9ea5..72e4525bc 100644 --- a/apparmor.d/abstractions/bus/org.gnome.Shell.Introspect +++ b/apparmor.d/abstractions/bus/org.gnome.Shell.Introspect @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=session path=/org/gnome/Shell/Introspect interface=org.freedesktop.DBus.Properties diff --git a/apparmor.d/abstractions/bus/org.gtk.Private.RemoteVolumeMonitor b/apparmor.d/abstractions/bus/org.gtk.Private.RemoteVolumeMonitor index 9ff04f175..73d958513 100644 --- a/apparmor.d/abstractions/bus/org.gtk.Private.RemoteVolumeMonitor +++ b/apparmor.d/abstractions/bus/org.gtk.Private.RemoteVolumeMonitor @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=session path=/org/gtk/Private/RemoteVolumeMonitor interface=org.gtk.Private.RemoteVolumeMonitor diff --git a/apparmor.d/abstractions/bus/org.gtk.vfs.Daemon b/apparmor.d/abstractions/bus/org.gtk.vfs.Daemon index 73a409d3d..35cd640d6 100644 --- a/apparmor.d/abstractions/bus/org.gtk.vfs.Daemon +++ b/apparmor.d/abstractions/bus/org.gtk.vfs.Daemon @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=session path=/org/gtk/vfs/Daemon interface=org.gtk.vfs.Daemon diff --git a/apparmor.d/abstractions/bus/org.gtk.vfs.Metadata b/apparmor.d/abstractions/bus/org.gtk.vfs.Metadata index 0f646e7f0..33d3c1c36 100644 --- a/apparmor.d/abstractions/bus/org.gtk.vfs.Metadata +++ b/apparmor.d/abstractions/bus/org.gtk.vfs.Metadata @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=session path=/org/gtk/vfs/metadata interface=org.freedesktop.DBus.Properties diff --git a/apparmor.d/abstractions/bus/org.gtk.vfs.MountTracker b/apparmor.d/abstractions/bus/org.gtk.vfs.MountTracker index 626498c39..4d59f0afc 100644 --- a/apparmor.d/abstractions/bus/org.gtk.vfs.MountTracker +++ b/apparmor.d/abstractions/bus/org.gtk.vfs.MountTracker @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=session path=/org/gtk/vfs/mounttracker interface=org.gtk.vfs.MountTracker diff --git a/apparmor.d/abstractions/bus/org.kde.StatusNotifierItem b/apparmor.d/abstractions/bus/org.kde.StatusNotifierItem index fb7a0efff..4fca40e84 100644 --- a/apparmor.d/abstractions/bus/org.kde.StatusNotifierItem +++ b/apparmor.d/abstractions/bus/org.kde.StatusNotifierItem @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor include if exists diff --git a/apparmor.d/abstractions/bus/org.kde.StatusNotifierWatcher b/apparmor.d/abstractions/bus/org.kde.StatusNotifierWatcher index 7df6188d2..67ac1fb6d 100644 --- a/apparmor.d/abstractions/bus/org.kde.StatusNotifierWatcher +++ b/apparmor.d/abstractions/bus/org.kde.StatusNotifierWatcher @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=session path=/StatusNotifierWatcher interface=org.freedesktop.DBus.Properties diff --git a/apparmor.d/abstractions/bus/org.kde.kwalletd b/apparmor.d/abstractions/bus/org.kde.kwalletd index d992a1dcb..c0d2ecba2 100644 --- a/apparmor.d/abstractions/bus/org.kde.kwalletd +++ b/apparmor.d/abstractions/bus/org.kde.kwalletd @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor include if exists diff --git a/apparmor.d/abstractions/common/app b/apparmor.d/abstractions/common/app index 25a06aee7..e44d8509c 100644 --- a/apparmor.d/abstractions/common/app +++ b/apparmor.d/abstractions/common/app @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # LOGPROF-SUGGEST: no # Common rules for applications sandboxed using bwrap. diff --git a/apparmor.d/abstractions/common/apt b/apparmor.d/abstractions/common/apt index f50bdcf56..77c5a0b7e 100644 --- a/apparmor.d/abstractions/common/apt +++ b/apparmor.d/abstractions/common/apt @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor /usr/share/dpkg/cputable r, /usr/share/dpkg/tupletable r, diff --git a/apparmor.d/abstractions/common/bwrap b/apparmor.d/abstractions/common/bwrap index 624e80719..a73626bb1 100644 --- a/apparmor.d/abstractions/common/bwrap +++ b/apparmor.d/abstractions/common/bwrap @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # A minimal set of rules for sandboxed programs using bwrap. # A profile using this abstraction still needs to set: diff --git a/apparmor.d/abstractions/common/chromium b/apparmor.d/abstractions/common/chromium index 386eb3af3..2e98c515a 100644 --- a/apparmor.d/abstractions/common/chromium +++ b/apparmor.d/abstractions/common/chromium @@ -2,7 +2,6 @@ # Copyright (C) 2022 Mikhail Morfikov # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # This abstraction is for chromium based application. Chromium based browsers # need to use abstractions/chromium instead. diff --git a/apparmor.d/abstractions/common/electron b/apparmor.d/abstractions/common/electron index 3ae7268cc..732129c26 100644 --- a/apparmor.d/abstractions/common/electron +++ b/apparmor.d/abstractions/common/electron @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # Minimal set of rules for all electron based UI application. It works as a # *function* and requires some variables to be provided as *arguments* and set diff --git a/apparmor.d/abstractions/common/gnome b/apparmor.d/abstractions/common/gnome index 239a79d81..c93f9bc05 100644 --- a/apparmor.d/abstractions/common/gnome +++ b/apparmor.d/abstractions/common/gnome @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # Minimal set of rules for all gnome based UI application. diff --git a/apparmor.d/abstractions/common/systemd b/apparmor.d/abstractions/common/systemd index ccc35d6e1..0ed3a824b 100644 --- a/apparmor.d/abstractions/common/systemd +++ b/apparmor.d/abstractions/common/systemd @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor ptrace (read) peer=@{p_systemd}, diff --git a/apparmor.d/abstractions/crypto.d/complete b/apparmor.d/abstractions/crypto.d/complete index 1c97e2512..a163af66d 100644 --- a/apparmor.d/abstractions/crypto.d/complete +++ b/apparmor.d/abstractions/crypto.d/complete @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor include diff --git a/apparmor.d/abstractions/dconf-write b/apparmor.d/abstractions/dconf-write index e0397cce2..f25e1c3e6 100644 --- a/apparmor.d/abstractions/dconf-write +++ b/apparmor.d/abstractions/dconf-write @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # Permissions for querying dconf settings with write access; use the dconf # abstraction first, and dconf-write only for specific application's profile. diff --git a/apparmor.d/abstractions/deny-sensitive-home b/apparmor.d/abstractions/deny-sensitive-home index f21859241..d8e1fdfb8 100644 --- a/apparmor.d/abstractions/deny-sensitive-home +++ b/apparmor.d/abstractions/deny-sensitive-home @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # DO NOT USE IT WITHOUT EXPLICIT AUTHORISATION FROM THE PROJECT MAINTAINER diff --git a/apparmor.d/abstractions/desktop b/apparmor.d/abstractions/desktop index 736f6b16e..befea8bcb 100644 --- a/apparmor.d/abstractions/desktop +++ b/apparmor.d/abstractions/desktop @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # Unified minimal abstraction for all UI application regardless of the desktop environment. diff --git a/apparmor.d/abstractions/devices-usb b/apparmor.d/abstractions/devices-usb index 7d9fc3737..5a2a8b742 100644 --- a/apparmor.d/abstractions/devices-usb +++ b/apparmor.d/abstractions/devices-usb @@ -2,7 +2,6 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor /dev/ r, /dev/bus/usb/ r, diff --git a/apparmor.d/abstractions/disks-read b/apparmor.d/abstractions/disks-read index b80175fe5..10beb258d 100644 --- a/apparmor.d/abstractions/disks-read +++ b/apparmor.d/abstractions/disks-read @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # The /sys/ entries probably should be tightened diff --git a/apparmor.d/abstractions/disks-write b/apparmor.d/abstractions/disks-write index 80299f1f4..361b60d82 100644 --- a/apparmor.d/abstractions/disks-write +++ b/apparmor.d/abstractions/disks-write @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # The /sys/ entries probably should be tightened diff --git a/apparmor.d/abstractions/dri b/apparmor.d/abstractions/dri index 8b2d9a64c..a1eb1cd41 100644 --- a/apparmor.d/abstractions/dri +++ b/apparmor.d/abstractions/dri @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # The Direct Rendering Infrastructure (DRI) is the framework comprising the modern # Linux graphics stack which allows unprivileged user-space programs to issue diff --git a/apparmor.d/abstractions/fish b/apparmor.d/abstractions/fish index 450e12050..fe3cab891 100644 --- a/apparmor.d/abstractions/fish +++ b/apparmor.d/abstractions/fish @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # This abstraction is only required when an interactive shell is started. # Classic shell scripts do not need it. diff --git a/apparmor.d/abstractions/fontconfig-cache-read b/apparmor.d/abstractions/fontconfig-cache-read index 2c6e04aca..216075648 100644 --- a/apparmor.d/abstractions/fontconfig-cache-read +++ b/apparmor.d/abstractions/fontconfig-cache-read @@ -2,7 +2,6 @@ # Copyright (C) 2018-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # The fontconfig cache can be generated via the following command: # $ fc-cache -f -v diff --git a/apparmor.d/abstractions/fontconfig-cache-write b/apparmor.d/abstractions/fontconfig-cache-write index d642a93a2..19fa7c53a 100644 --- a/apparmor.d/abstractions/fontconfig-cache-write +++ b/apparmor.d/abstractions/fontconfig-cache-write @@ -2,7 +2,6 @@ # Copyright (C) 2018-2021 Mikhail Morfikov # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor owner @{user_cache_dirs}/fontconfig/ rw, owner @{user_cache_dirs}/fontconfig/CACHEDIR.TAG{,.NEW,.LCK,.TMP-*} rw, diff --git a/apparmor.d/abstractions/freedesktop.org.d/complete b/apparmor.d/abstractions/freedesktop.org.d/complete index 71dc290c6..3e669f4dc 100644 --- a/apparmor.d/abstractions/freedesktop.org.d/complete +++ b/apparmor.d/abstractions/freedesktop.org.d/complete @@ -2,7 +2,6 @@ # Copyright (C) 2020-2022 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor @{system_share_dirs}/*ubuntu/applications/{,**} r, @{system_share_dirs}/gnome/applications/{,**} r, diff --git a/apparmor.d/abstractions/gnome-strict b/apparmor.d/abstractions/gnome-strict index ea191ab35..891e5a573 100644 --- a/apparmor.d/abstractions/gnome-strict +++ b/apparmor.d/abstractions/gnome-strict @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor include include diff --git a/apparmor.d/abstractions/gnome.d/complete b/apparmor.d/abstractions/gnome.d/complete index ba38eaa12..90f705ac7 100644 --- a/apparmor.d/abstractions/gnome.d/complete +++ b/apparmor.d/abstractions/gnome.d/complete @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor include diff --git a/apparmor.d/abstractions/graphics b/apparmor.d/abstractions/graphics index ca2f72622..9b7954f0d 100644 --- a/apparmor.d/abstractions/graphics +++ b/apparmor.d/abstractions/graphics @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor include include diff --git a/apparmor.d/abstractions/graphics-full b/apparmor.d/abstractions/graphics-full index 1e14bd63f..fe2d2001c 100644 --- a/apparmor.d/abstractions/graphics-full +++ b/apparmor.d/abstractions/graphics-full @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor include diff --git a/apparmor.d/abstractions/gstreamer b/apparmor.d/abstractions/gstreamer index 403ee6419..60bac614e 100644 --- a/apparmor.d/abstractions/gstreamer +++ b/apparmor.d/abstractions/gstreamer @@ -2,7 +2,6 @@ # Copyright (C) 2019-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor @{lib}/@{multiarch}/libproxy/*/modules/*.so mr, @{lib}/@{multiarch}/libvisual-[0-9].[0-9]/*/*.so mr, diff --git a/apparmor.d/abstractions/gtk.d/complete b/apparmor.d/abstractions/gtk.d/complete index db3abf7d6..ac702a70f 100644 --- a/apparmor.d/abstractions/gtk.d/complete +++ b/apparmor.d/abstractions/gtk.d/complete @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor dbus send bus=session interface=org.gtk.Actions diff --git a/apparmor.d/abstractions/ibus.d/complete b/apparmor.d/abstractions/ibus.d/complete index 52740ddf0..33d034b5a 100644 --- a/apparmor.d/abstractions/ibus.d/complete +++ b/apparmor.d/abstractions/ibus.d/complete @@ -2,7 +2,6 @@ # Copyright (C) 2020-2022 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # abstract path in ibus < 1.5.22 uses /tmp unix (connect, receive, send) diff --git a/apparmor.d/abstractions/kde-open5.d/complete b/apparmor.d/abstractions/kde-open5.d/complete index 9b8df3d82..37038b129 100644 --- a/apparmor.d/abstractions/kde-open5.d/complete +++ b/apparmor.d/abstractions/kde-open5.d/complete @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor @{bin}/kde-open rix, diff --git a/apparmor.d/abstractions/kde-strict b/apparmor.d/abstractions/kde-strict index 49697ec70..c164bd434 100644 --- a/apparmor.d/abstractions/kde-strict +++ b/apparmor.d/abstractions/kde-strict @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor include include diff --git a/apparmor.d/abstractions/mesa.d/complete b/apparmor.d/abstractions/mesa.d/complete index 63b8fda26..ed3306e42 100644 --- a/apparmor.d/abstractions/mesa.d/complete +++ b/apparmor.d/abstractions/mesa.d/complete @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # Extra Mesa rules for desktop environments owner @{desktop_cache_dirs}/ w, diff --git a/apparmor.d/abstractions/nameservice-strict b/apparmor.d/abstractions/nameservice-strict index 50786f6b4..b1d474717 100644 --- a/apparmor.d/abstractions/nameservice-strict +++ b/apparmor.d/abstractions/nameservice-strict @@ -2,7 +2,6 @@ # Copyright (C) 2019-2022 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # Many programs wish to perform nameservice-like operations, such as looking up # users by name or id, groups by name or id, hosts by name or IP, etc. diff --git a/apparmor.d/abstractions/nvidia-strict b/apparmor.d/abstractions/nvidia-strict index 0a66b8e92..6521c9840 100644 --- a/apparmor.d/abstractions/nvidia-strict +++ b/apparmor.d/abstractions/nvidia-strict @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor @{bin}/nvidia-modprobe Px -> child-modprobe-nvidia, diff --git a/apparmor.d/abstractions/nvidia.d/complete b/apparmor.d/abstractions/nvidia.d/complete index e4fff6739..ef9d0c40d 100644 --- a/apparmor.d/abstractions/nvidia.d/complete +++ b/apparmor.d/abstractions/nvidia.d/complete @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2022-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor unix (send, receive) type=dgram peer=(addr="@var/run/nvidia-xdriver-*"), diff --git a/apparmor.d/abstractions/opencl-intel.d/complete b/apparmor.d/abstractions/opencl-intel.d/complete index ecc116a2e..1845cd61d 100644 --- a/apparmor.d/abstractions/opencl-intel.d/complete +++ b/apparmor.d/abstractions/opencl-intel.d/complete @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor /opt/intel/oneapi/{compiler,lib,mkl}/**/ r, /opt/intel/oneapi/{compiler,lib,mkl}/**.so* mr, diff --git a/apparmor.d/abstractions/python.d/complete b/apparmor.d/abstractions/python.d/complete index b334b2e4c..e6eea6744 100644 --- a/apparmor.d/abstractions/python.d/complete +++ b/apparmor.d/abstractions/python.d/complete @@ -2,7 +2,6 @@ # Copyright (C) 2020-2022 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor @{bin}/ r, @{bin}/python{2.[4-7],3,3.[0-9],3.1[0-9]} r, diff --git a/apparmor.d/abstractions/qt5-shader-cache b/apparmor.d/abstractions/qt5-shader-cache index 660e4a39d..4ac0f7f1d 100644 --- a/apparmor.d/abstractions/qt5-shader-cache +++ b/apparmor.d/abstractions/qt5-shader-cache @@ -2,7 +2,6 @@ # Copyright (C) 2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor owner @{user_cache_dirs}/ w, owner @{user_cache_dirs}/qtshadercache/ rw, diff --git a/apparmor.d/abstractions/qt5.d/complete b/apparmor.d/abstractions/qt5.d/complete index 71305d3cf..6063b47e2 100644 --- a/apparmor.d/abstractions/qt5.d/complete +++ b/apparmor.d/abstractions/qt5.d/complete @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor /usr/share/qt{,5,6}/qtlogging.ini r, /usr/share/qt{,5,6}/resources/*.pak r, diff --git a/apparmor.d/abstractions/shells b/apparmor.d/abstractions/shells index 84dbb7c72..b269f2335 100644 --- a/apparmor.d/abstractions/shells +++ b/apparmor.d/abstractions/shells @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # This abstraction is only required when an interactive shell is started. # Classic shell scripts do not need it. diff --git a/apparmor.d/abstractions/thumbnails-cache-read b/apparmor.d/abstractions/thumbnails-cache-read index 5bf6153c3..dc164c6ba 100644 --- a/apparmor.d/abstractions/thumbnails-cache-read +++ b/apparmor.d/abstractions/thumbnails-cache-read @@ -2,7 +2,6 @@ # Copyright (C) 2018-2021 Mikhail Morfikov # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor owner @{user_cache_dirs}/thumbnails/ r, owner @{user_cache_dirs}/thumbnails/{fail,*large,normal}/ r, diff --git a/apparmor.d/abstractions/thumbnails-cache-write b/apparmor.d/abstractions/thumbnails-cache-write index a9bf4cf14..01de0407e 100644 --- a/apparmor.d/abstractions/thumbnails-cache-write +++ b/apparmor.d/abstractions/thumbnails-cache-write @@ -2,7 +2,6 @@ # Copyright (C) 2018-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor owner @{user_cache_dirs}/thumbnails/ rw, owner @{user_cache_dirs}/thumbnails/{fail,*large,normal}/ rw, diff --git a/apparmor.d/abstractions/trash-strict b/apparmor.d/abstractions/trash-strict index fb4f9b306..1f4202818 100644 --- a/apparmor.d/abstractions/trash-strict +++ b/apparmor.d/abstractions/trash-strict @@ -2,7 +2,6 @@ # Copyright (C) 2018-2022 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # Already upstreamed. Different because recent change does not play well # with upstream's version. diff --git a/apparmor.d/abstractions/trash.d/complete b/apparmor.d/abstractions/trash.d/complete index 10149ee1b..a80a1e5a6 100644 --- a/apparmor.d/abstractions/trash.d/complete +++ b/apparmor.d/abstractions/trash.d/complete @@ -2,7 +2,6 @@ # Copyright (C) 2018-2022 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor owner @{user_config_dirs}/trashrc rw, owner @{user_config_dirs}/trashrc.lock rwk, diff --git a/apparmor.d/abstractions/uim b/apparmor.d/abstractions/uim index 81abacb6b..03ae9e3e8 100644 --- a/apparmor.d/abstractions/uim +++ b/apparmor.d/abstractions/uim @@ -2,7 +2,6 @@ # Copyright (C) 2024 Alexandre Pujol # Copyright (C) 2024 Jeroen Rijken # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor /usr/share/uim/* r, diff --git a/apparmor.d/abstractions/user-download-strict b/apparmor.d/abstractions/user-download-strict index 01465ddf7..3feed5cd8 100644 --- a/apparmor.d/abstractions/user-download-strict +++ b/apparmor.d/abstractions/user-download-strict @@ -2,7 +2,6 @@ # Copyright (C) 2018-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor owner @{HOME}/@{XDG_DESKTOP_DIR}/ w, owner @{HOME}/@{XDG_DOWNLOAD_DIR}/ w, diff --git a/apparmor.d/abstractions/user-read b/apparmor.d/abstractions/user-read index c49e1fea2..4187ab9e2 100644 --- a/apparmor.d/abstractions/user-read +++ b/apparmor.d/abstractions/user-read @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # Warning: This abstraction gives unrestricted read access on all non hidden user directories. diff --git a/apparmor.d/abstractions/user-read-strict b/apparmor.d/abstractions/user-read-strict index 88b998401..5211b0345 100644 --- a/apparmor.d/abstractions/user-read-strict +++ b/apparmor.d/abstractions/user-read-strict @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # This abstraction gives read access on all defined user directories. It should # only be used if access to **ALL** folders is required. diff --git a/apparmor.d/abstractions/user-write-strict b/apparmor.d/abstractions/user-write-strict index a478581d5..223fc660a 100644 --- a/apparmor.d/abstractions/user-write-strict +++ b/apparmor.d/abstractions/user-write-strict @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # This abstraction gives write only access on all defined user directories. It should # only be used if access to **ALL** folders is required. diff --git a/apparmor.d/abstractions/user-write.d/complete b/apparmor.d/abstractions/user-write.d/complete index 7d8023309..a529324f5 100644 --- a/apparmor.d/abstractions/user-write.d/complete +++ b/apparmor.d/abstractions/user-write.d/complete @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # Warning: This abstraction gives unrestricted write access on all non hidden user directories. diff --git a/apparmor.d/abstractions/video.d/complete b/apparmor.d/abstractions/video.d/complete index 4222fec54..97b7f1a2a 100644 --- a/apparmor.d/abstractions/video.d/complete +++ b/apparmor.d/abstractions/video.d/complete @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor @{run}/udev/data/c81:@{int} r, # For video4linux diff --git a/apparmor.d/abstractions/vulkan-strict b/apparmor.d/abstractions/vulkan-strict index 533fe4ecf..fd86f1e81 100644 --- a/apparmor.d/abstractions/vulkan-strict +++ b/apparmor.d/abstractions/vulkan-strict @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor /usr/share/egl/egl_external_platform.d/{,*.json} r, /usr/share/glvnd/egl_vendor.d/{,*.json} r, diff --git a/apparmor.d/abstractions/vulkan.d/complete b/apparmor.d/abstractions/vulkan.d/complete index 64c12b2bf..8e5b68c08 100644 --- a/apparmor.d/abstractions/vulkan.d/complete +++ b/apparmor.d/abstractions/vulkan.d/complete @@ -1,6 +1,5 @@ # apparmor.d - Full set of apparmor profiles # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor /etc/glvnd/egl_vendor.d/{,*.json} r, /usr/share/glvnd/egl_vendor.d/{,*.json} r, diff --git a/apparmor.d/abstractions/wayland.d/complete b/apparmor.d/abstractions/wayland.d/complete index 42066e814..245b9238d 100644 --- a/apparmor.d/abstractions/wayland.d/complete +++ b/apparmor.d/abstractions/wayland.d/complete @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor owner @{user_config_dirs}/ibus/bus/@{hex32}-unix-wayland-@{int} r, diff --git a/apparmor.d/abstractions/xfce b/apparmor.d/abstractions/xfce index 26d93714b..067de9148 100644 --- a/apparmor.d/abstractions/xfce +++ b/apparmor.d/abstractions/xfce @@ -1,7 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2023-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor include include diff --git a/apparmor.d/abstractions/zsh b/apparmor.d/abstractions/zsh index 01d69bc05..15711713c 100644 --- a/apparmor.d/abstractions/zsh +++ b/apparmor.d/abstractions/zsh @@ -2,7 +2,6 @@ # Copyright (C) 2018-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# vim:syntax=apparmor # This abstraction is only required when an interactive shell is started. # Classic shell scripts do not need it. From da3717991e2726e000574382fa8872aa109d8743 Mon Sep 17 00:00:00 2001 From: REmerald <55359236+REmerald@users.noreply.github.com> Date: Sat, 15 Jun 2024 17:36:23 +0300 Subject: [PATCH 51/52] feat(profiles-s-z): vim syntax support Add vim modeline instructing the editor to use the syntax plugin provided by apparmor. Continuation of #379, #380, #381, #390 to keep the diff list relatively short. --- apparmor.d/profiles-s-z/YACReader | 4 +++- apparmor.d/profiles-s-z/YACReaderLibrary | 4 +++- apparmor.d/profiles-s-z/s3fs | 4 +++- apparmor.d/profiles-s-z/sanoid | 2 ++ apparmor.d/profiles-s-z/sbctl | 4 +++- apparmor.d/profiles-s-z/scrcpy | 2 ++ apparmor.d/profiles-s-z/scrot | 2 ++ apparmor.d/profiles-s-z/sdcv | 4 +++- apparmor.d/profiles-s-z/secure-time-sync | 2 ++ apparmor.d/profiles-s-z/sensors | 2 ++ apparmor.d/profiles-s-z/sensors-detect | 2 ++ apparmor.d/profiles-s-z/setpci | 2 ++ apparmor.d/profiles-s-z/setvtrgb | 4 +++- apparmor.d/profiles-s-z/sfdisk | 2 ++ apparmor.d/profiles-s-z/sgdisk | 2 ++ apparmor.d/profiles-s-z/sing-box | 2 ++ apparmor.d/profiles-s-z/slirp4netns | 4 +++- apparmor.d/profiles-s-z/smartctl | 2 ++ apparmor.d/profiles-s-z/smartd | 2 ++ apparmor.d/profiles-s-z/smbspool | 4 +++- apparmor.d/profiles-s-z/smplayer | 2 ++ apparmor.d/profiles-s-z/smtube | 2 ++ apparmor.d/profiles-s-z/snap | 2 ++ apparmor.d/profiles-s-z/snap-bootstrap | 4 +++- apparmor.d/profiles-s-z/snap-device-helper | 4 +++- apparmor.d/profiles-s-z/snap-discard-ns | 4 +++- apparmor.d/profiles-s-z/snap-failure | 4 +++- apparmor.d/profiles-s-z/snap-repair | 4 +++- apparmor.d/profiles-s-z/snap-seccomp | 4 +++- apparmor.d/profiles-s-z/snap-update-ns | 4 +++- apparmor.d/profiles-s-z/snapd | 4 +++- apparmor.d/profiles-s-z/snapd-aa-prompt-listener | 4 +++- apparmor.d/profiles-s-z/snapd-aa-prompt-ui | 4 +++- apparmor.d/profiles-s-z/snapd-apparmor | 4 +++- apparmor.d/profiles-s-z/snapd-core-fixup | 4 +++- apparmor.d/profiles-s-z/spacefm-auth | 2 ++ apparmor.d/profiles-s-z/spectre-meltdown-checker | 2 ++ apparmor.d/profiles-s-z/speedtest | 2 ++ apparmor.d/profiles-s-z/spice-client-glib-usb-acl-helper | 4 +++- apparmor.d/profiles-s-z/spice-vdagent | 2 ++ apparmor.d/profiles-s-z/spice-vdagentd | 2 ++ apparmor.d/profiles-s-z/spotify | 2 ++ apparmor.d/profiles-s-z/ss | 2 ++ apparmor.d/profiles-s-z/sslocal | 2 ++ apparmor.d/profiles-s-z/ssmanager | 2 ++ apparmor.d/profiles-s-z/ssserver | 2 ++ apparmor.d/profiles-s-z/ssservice | 2 ++ apparmor.d/profiles-s-z/ssurl | 2 ++ apparmor.d/profiles-s-z/start-pulseaudio-x11 | 4 +++- apparmor.d/profiles-s-z/startx | 2 ++ apparmor.d/profiles-s-z/steam | 2 ++ apparmor.d/profiles-s-z/steam-fossilize | 2 ++ apparmor.d/profiles-s-z/steam-game-native | 4 +++- apparmor.d/profiles-s-z/steam-game-proton | 4 +++- apparmor.d/profiles-s-z/steam-gameoverlayui | 2 ++ apparmor.d/profiles-s-z/steam-launch | 4 +++- apparmor.d/profiles-s-z/steam-launcher | 4 +++- apparmor.d/profiles-s-z/steam-runtime | 4 +++- apparmor.d/profiles-s-z/steamerrorreporter | 4 +++- apparmor.d/profiles-s-z/strawberry | 2 ++ apparmor.d/profiles-s-z/strawberry-tagreader | 2 ++ apparmor.d/profiles-s-z/su | 2 ++ apparmor.d/profiles-s-z/sudo | 2 ++ apparmor.d/profiles-s-z/sulogin | 4 +++- apparmor.d/profiles-s-z/swaplabel | 2 ++ apparmor.d/profiles-s-z/swapon | 2 ++ apparmor.d/profiles-s-z/switcheroo-control | 2 ++ apparmor.d/profiles-s-z/switcherooctl | 4 +++- apparmor.d/profiles-s-z/swtpm | 4 +++- apparmor.d/profiles-s-z/swtpm_ioctl | 4 +++- apparmor.d/profiles-s-z/swtpm_localca | 4 +++- apparmor.d/profiles-s-z/swtpm_setup | 4 +++- apparmor.d/profiles-s-z/sync | 4 +++- apparmor.d/profiles-s-z/syncoid | 2 ++ apparmor.d/profiles-s-z/syncthing | 2 ++ apparmor.d/profiles-s-z/sysctl | 4 +++- apparmor.d/profiles-s-z/system-config-printer | 2 ++ apparmor.d/profiles-s-z/system-config-printer-applet | 2 ++ apparmor.d/profiles-s-z/task | 2 ++ apparmor.d/profiles-s-z/tasksel | 2 ++ apparmor.d/profiles-s-z/taskwarrior-tui | 2 ++ apparmor.d/profiles-s-z/terminator | 4 +++- apparmor.d/profiles-s-z/tftp | 2 ++ apparmor.d/profiles-s-z/thermald | 2 ++ apparmor.d/profiles-s-z/thinkfan | 2 ++ apparmor.d/profiles-s-z/thunderbird | 2 ++ apparmor.d/profiles-s-z/thunderbird-glxtest | 4 +++- apparmor.d/profiles-s-z/thunderbird-vaapitest | 2 ++ apparmor.d/profiles-s-z/tint2 | 2 ++ apparmor.d/profiles-s-z/tint2conf | 2 ++ apparmor.d/profiles-s-z/top | 2 ++ apparmor.d/profiles-s-z/torify | 2 ++ apparmor.d/profiles-s-z/torsocks | 2 ++ apparmor.d/profiles-s-z/tpacpi-bat | 2 ++ apparmor.d/profiles-s-z/transmission-gtk | 2 ++ apparmor.d/profiles-s-z/transmission-qt | 2 ++ apparmor.d/profiles-s-z/tune2fs | 2 ++ apparmor.d/profiles-s-z/udev-dmi-memory-id | 4 +++- apparmor.d/profiles-s-z/udiskie | 2 ++ apparmor.d/profiles-s-z/udiskie-info | 2 ++ apparmor.d/profiles-s-z/udiskie-mount | 2 ++ apparmor.d/profiles-s-z/udiskie-umount | 2 ++ apparmor.d/profiles-s-z/udisksctl | 2 ++ apparmor.d/profiles-s-z/udisksd | 2 ++ apparmor.d/profiles-s-z/umount | 2 ++ apparmor.d/profiles-s-z/umount.udisks2 | 2 ++ apparmor.d/profiles-s-z/uname | 2 ++ apparmor.d/profiles-s-z/unhide-linux | 2 ++ apparmor.d/profiles-s-z/unhide-posix | 2 ++ apparmor.d/profiles-s-z/unhide-rb | 2 ++ apparmor.d/profiles-s-z/unhide-tcp | 2 ++ apparmor.d/profiles-s-z/unix-chkpwd | 2 ++ apparmor.d/profiles-s-z/unmkinitramfs | 2 ++ apparmor.d/profiles-s-z/update-alternatives | 2 ++ apparmor.d/profiles-s-z/update-ca-certificates | 2 ++ apparmor.d/profiles-s-z/update-ca-trust | 4 +++- apparmor.d/profiles-s-z/update-command-not-found | 2 ++ apparmor.d/profiles-s-z/update-cracklib | 4 +++- apparmor.d/profiles-s-z/update-dlocatedb | 2 ++ apparmor.d/profiles-s-z/update-initramfs | 2 ++ apparmor.d/profiles-s-z/update-pciids | 2 ++ apparmor.d/profiles-s-z/update-secureboot-policy | 2 ++ apparmor.d/profiles-s-z/update-smart-drivedb | 2 ++ apparmor.d/profiles-s-z/updatedb-mlocate | 2 ++ apparmor.d/profiles-s-z/updatedb.plocate | 2 ++ apparmor.d/profiles-s-z/uptime | 2 ++ apparmor.d/profiles-s-z/uptimed | 4 +++- apparmor.d/profiles-s-z/usb-devices | 2 ++ apparmor.d/profiles-s-z/usbguard | 2 ++ apparmor.d/profiles-s-z/usbguard-applet-qt | 2 ++ apparmor.d/profiles-s-z/usbguard-daemon | 2 ++ apparmor.d/profiles-s-z/usbguard-dbus | 2 ++ apparmor.d/profiles-s-z/usbguard-notifier | 2 ++ apparmor.d/profiles-s-z/useradd | 2 ++ apparmor.d/profiles-s-z/userdel | 2 ++ apparmor.d/profiles-s-z/usermod | 2 ++ apparmor.d/profiles-s-z/users | 2 ++ apparmor.d/profiles-s-z/utmpdump | 2 ++ apparmor.d/profiles-s-z/utox | 2 ++ apparmor.d/profiles-s-z/uuidd | 4 +++- apparmor.d/profiles-s-z/uuidgen | 4 +++- apparmor.d/profiles-s-z/uupdate | 2 ++ apparmor.d/profiles-s-z/vcsi | 2 ++ apparmor.d/profiles-s-z/vidcutter | 2 ++ apparmor.d/profiles-s-z/vipw-vigr | 2 ++ apparmor.d/profiles-s-z/virt-manager | 2 ++ apparmor.d/profiles-s-z/vlc | 2 ++ apparmor.d/profiles-s-z/vlc-cache-gen | 4 +++- apparmor.d/profiles-s-z/vnstat | 2 ++ apparmor.d/profiles-s-z/vnstatd | 2 ++ apparmor.d/profiles-s-z/volumeicon | 2 ++ apparmor.d/profiles-s-z/vsftpd | 2 ++ apparmor.d/profiles-s-z/w | 2 ++ apparmor.d/profiles-s-z/w3m | 2 ++ apparmor.d/profiles-s-z/wavemon | 2 ++ apparmor.d/profiles-s-z/whatis | 2 ++ apparmor.d/profiles-s-z/whdd | 2 ++ apparmor.d/profiles-s-z/whereis | 2 ++ apparmor.d/profiles-s-z/which | 2 ++ apparmor.d/profiles-s-z/whiptail | 2 ++ apparmor.d/profiles-s-z/who | 2 ++ apparmor.d/profiles-s-z/whoami | 2 ++ apparmor.d/profiles-s-z/wireplumber | 2 ++ apparmor.d/profiles-s-z/wireshark | 2 ++ apparmor.d/profiles-s-z/wl-copy | 4 +++- apparmor.d/profiles-s-z/wmctrl | 2 ++ apparmor.d/profiles-s-z/wpa-action | 2 ++ apparmor.d/profiles-s-z/wpa-cli | 2 ++ apparmor.d/profiles-s-z/wpa-gui | 2 ++ apparmor.d/profiles-s-z/wpa-supplicant | 2 ++ apparmor.d/profiles-s-z/wrmsr | 2 ++ apparmor.d/profiles-s-z/wsdd | 4 +++- apparmor.d/profiles-s-z/xarchiver | 2 ++ apparmor.d/profiles-s-z/xauth | 2 ++ apparmor.d/profiles-s-z/xautolock | 2 ++ apparmor.d/profiles-s-z/xbacklight | 2 ++ apparmor.d/profiles-s-z/xbrlapi | 2 ++ apparmor.d/profiles-s-z/xclip | 2 ++ apparmor.d/profiles-s-z/xdpyinfo | 2 ++ apparmor.d/profiles-s-z/xinit | 2 ++ apparmor.d/profiles-s-z/xinput | 2 ++ apparmor.d/profiles-s-z/xsel | 2 ++ apparmor.d/profiles-s-z/yadifad | 2 ++ apparmor.d/profiles-s-z/youtube-dl | 2 ++ apparmor.d/profiles-s-z/youtube-viewer | 2 ++ apparmor.d/profiles-s-z/yt-dlp | 2 ++ apparmor.d/profiles-s-z/ytdl | 2 ++ apparmor.d/profiles-s-z/zathura | 2 ++ apparmor.d/profiles-s-z/zed | 2 ++ apparmor.d/profiles-s-z/zenmap | 2 ++ apparmor.d/profiles-s-z/zfs | 2 ++ apparmor.d/profiles-s-z/zpool | 2 ++ apparmor.d/profiles-s-z/zsys-system-autosnapshot | 2 ++ apparmor.d/profiles-s-z/zsysd | 2 ++ 194 files changed, 435 insertions(+), 47 deletions(-) diff --git a/apparmor.d/profiles-s-z/YACReader b/apparmor.d/profiles-s-z/YACReader index dee5b3522..ccbbb2494 100644 --- a/apparmor.d/profiles-s-z/YACReader +++ b/apparmor.d/profiles-s-z/YACReader @@ -43,4 +43,6 @@ profile YACReader @{exec_path} flags=(attach_disconnected,mediate_deleted) { owner @{PROC}/@{pid}/mountinfo r, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/YACReaderLibrary b/apparmor.d/profiles-s-z/YACReaderLibrary index 50e5ae8c8..418167345 100644 --- a/apparmor.d/profiles-s-z/YACReaderLibrary +++ b/apparmor.d/profiles-s-z/YACReaderLibrary @@ -46,4 +46,6 @@ profile YACReaderLibrary @{exec_path} flags=(attach_disconnected,mediate_deleted owner @{PROC}/@{pid}/cmdline r, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/s3fs b/apparmor.d/profiles-s-z/s3fs index 1bc9288da..d614330d2 100644 --- a/apparmor.d/profiles-s-z/s3fs +++ b/apparmor.d/profiles-s-z/s3fs @@ -69,4 +69,6 @@ profile s3fs @{exec_path} { } include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/sanoid b/apparmor.d/profiles-s-z/sanoid index f0b8426c6..aadad6860 100644 --- a/apparmor.d/profiles-s-z/sanoid +++ b/apparmor.d/profiles-s-z/sanoid @@ -31,3 +31,5 @@ profile sanoid @{exec_path} flags=(complain) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/sbctl b/apparmor.d/profiles-s-z/sbctl index 388145d76..938ecb638 100644 --- a/apparmor.d/profiles-s-z/sbctl +++ b/apparmor.d/profiles-s-z/sbctl @@ -39,4 +39,6 @@ profile sbctl @{exec_path} { deny network inet6 stream, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/scrcpy b/apparmor.d/profiles-s-z/scrcpy index 711cd73ad..8903fe287 100644 --- a/apparmor.d/profiles-s-z/scrcpy +++ b/apparmor.d/profiles-s-z/scrcpy @@ -38,3 +38,5 @@ profile scrcpy @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/scrot b/apparmor.d/profiles-s-z/scrot index f423775f6..377bb7962 100644 --- a/apparmor.d/profiles-s-z/scrot +++ b/apparmor.d/profiles-s-z/scrot @@ -29,3 +29,5 @@ profile scrot @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/sdcv b/apparmor.d/profiles-s-z/sdcv index 7ad78e8a4..cfc6c1b3c 100644 --- a/apparmor.d/profiles-s-z/sdcv +++ b/apparmor.d/profiles-s-z/sdcv @@ -21,4 +21,6 @@ profile sdcv @{exec_path} { owner @{user_cache_dirs}/sdcv/{,**} rwk, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/secure-time-sync b/apparmor.d/profiles-s-z/secure-time-sync index bf11debcd..3ded8b7ae 100644 --- a/apparmor.d/profiles-s-z/secure-time-sync +++ b/apparmor.d/profiles-s-z/secure-time-sync @@ -31,3 +31,5 @@ profile secure-time-sync @{exec_path} flags=(attach_disconnected) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/sensors b/apparmor.d/profiles-s-z/sensors index b64790203..618332bce 100644 --- a/apparmor.d/profiles-s-z/sensors +++ b/apparmor.d/profiles-s-z/sensors @@ -45,3 +45,5 @@ profile sensors @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/sensors-detect b/apparmor.d/profiles-s-z/sensors-detect index 6fcc6cac1..577041922 100644 --- a/apparmor.d/profiles-s-z/sensors-detect +++ b/apparmor.d/profiles-s-z/sensors-detect @@ -68,3 +68,5 @@ profile sensors-detect @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/setpci b/apparmor.d/profiles-s-z/setpci index 9bfc43d0f..25fe43065 100644 --- a/apparmor.d/profiles-s-z/setpci +++ b/apparmor.d/profiles-s-z/setpci @@ -19,3 +19,5 @@ profile setpci @{exec_path} flags=(complain) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/setvtrgb b/apparmor.d/profiles-s-z/setvtrgb index 7080cd909..79398e82d 100644 --- a/apparmor.d/profiles-s-z/setvtrgb +++ b/apparmor.d/profiles-s-z/setvtrgb @@ -18,4 +18,6 @@ profile setvtrgb @{exec_path} { /dev/tty@{int} rw, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/sfdisk b/apparmor.d/profiles-s-z/sfdisk index 4afa8e575..5b75a27ef 100644 --- a/apparmor.d/profiles-s-z/sfdisk +++ b/apparmor.d/profiles-s-z/sfdisk @@ -34,3 +34,5 @@ profile sfdisk @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/sgdisk b/apparmor.d/profiles-s-z/sgdisk index 778548d75..00a8c7a56 100644 --- a/apparmor.d/profiles-s-z/sgdisk +++ b/apparmor.d/profiles-s-z/sgdisk @@ -25,3 +25,5 @@ profile sgdisk @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/sing-box b/apparmor.d/profiles-s-z/sing-box index 07c557d7c..eb9866b53 100644 --- a/apparmor.d/profiles-s-z/sing-box +++ b/apparmor.d/profiles-s-z/sing-box @@ -35,3 +35,5 @@ profile sing-box @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/slirp4netns b/apparmor.d/profiles-s-z/slirp4netns index efd6756b7..0ec43cc9b 100644 --- a/apparmor.d/profiles-s-z/slirp4netns +++ b/apparmor.d/profiles-s-z/slirp4netns @@ -41,4 +41,6 @@ profile slirp4netns @{exec_path} flags=(attach_disconnected) { /dev/net/tun rw, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/smartctl b/apparmor.d/profiles-s-z/smartctl index 442f4fd9b..6487e82e3 100644 --- a/apparmor.d/profiles-s-z/smartctl +++ b/apparmor.d/profiles-s-z/smartctl @@ -27,3 +27,5 @@ profile smartctl @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/smartd b/apparmor.d/profiles-s-z/smartd index 3e710291b..4548813bf 100644 --- a/apparmor.d/profiles-s-z/smartd +++ b/apparmor.d/profiles-s-z/smartd @@ -53,3 +53,5 @@ profile smartd @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/smbspool b/apparmor.d/profiles-s-z/smbspool index 4ae50fbb4..010226342 100644 --- a/apparmor.d/profiles-s-z/smbspool +++ b/apparmor.d/profiles-s-z/smbspool @@ -15,4 +15,6 @@ profile smbspool @{exec_path} { /etc/papersize r, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/smplayer b/apparmor.d/profiles-s-z/smplayer index 3751c4ab0..d8de18f20 100644 --- a/apparmor.d/profiles-s-z/smplayer +++ b/apparmor.d/profiles-s-z/smplayer @@ -87,3 +87,5 @@ profile smplayer @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/smtube b/apparmor.d/profiles-s-z/smtube index c8cb926e3..af761d43c 100644 --- a/apparmor.d/profiles-s-z/smtube +++ b/apparmor.d/profiles-s-z/smtube @@ -102,3 +102,5 @@ profile smtube @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/snap b/apparmor.d/profiles-s-z/snap index 3d71ce766..f59fd9226 100644 --- a/apparmor.d/profiles-s-z/snap +++ b/apparmor.d/profiles-s-z/snap @@ -111,3 +111,5 @@ profile snap @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/snap-bootstrap b/apparmor.d/profiles-s-z/snap-bootstrap index de4635dd1..71a4ad8f2 100644 --- a/apparmor.d/profiles-s-z/snap-bootstrap +++ b/apparmor.d/profiles-s-z/snap-bootstrap @@ -13,4 +13,6 @@ profile snap-bootstrap @{exec_path} { @{exec_path} mr, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/snap-device-helper b/apparmor.d/profiles-s-z/snap-device-helper index 836071c08..ec342d4e2 100644 --- a/apparmor.d/profiles-s-z/snap-device-helper +++ b/apparmor.d/profiles-s-z/snap-device-helper @@ -20,4 +20,6 @@ profile snap-device-helper @{exec_path} { @{sys}/fs/bpf/snap/ w, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/snap-discard-ns b/apparmor.d/profiles-s-z/snap-discard-ns index 2ba6f81ad..ab90529b7 100644 --- a/apparmor.d/profiles-s-z/snap-discard-ns +++ b/apparmor.d/profiles-s-z/snap-discard-ns @@ -30,4 +30,6 @@ profile snap-discard-ns @{exec_path} { @{run}/snapd/ns/* rw, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/snap-failure b/apparmor.d/profiles-s-z/snap-failure index 9f6399064..df8fe47fb 100644 --- a/apparmor.d/profiles-s-z/snap-failure +++ b/apparmor.d/profiles-s-z/snap-failure @@ -31,4 +31,6 @@ profile snap-failure @{exec_path} { } include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/snap-repair b/apparmor.d/profiles-s-z/snap-repair index 1527a465c..d5f282ffa 100644 --- a/apparmor.d/profiles-s-z/snap-repair +++ b/apparmor.d/profiles-s-z/snap-repair @@ -13,4 +13,6 @@ profile snap-repair @{exec_path} { @{exec_path} mr, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/snap-seccomp b/apparmor.d/profiles-s-z/snap-seccomp index f62f3a3f3..0da410bca 100644 --- a/apparmor.d/profiles-s-z/snap-seccomp +++ b/apparmor.d/profiles-s-z/snap-seccomp @@ -27,4 +27,6 @@ profile snap-seccomp @{exec_path} { deny @{user_share_dirs}/gvfs-metadata/* r, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/snap-update-ns b/apparmor.d/profiles-s-z/snap-update-ns index 328eab743..e9315f5c7 100644 --- a/apparmor.d/profiles-s-z/snap-update-ns +++ b/apparmor.d/profiles-s-z/snap-update-ns @@ -54,4 +54,6 @@ profile snap-update-ns @{exec_path} { @{PROC}/version r, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/snapd b/apparmor.d/profiles-s-z/snapd index dfae29999..3892a8ca4 100644 --- a/apparmor.d/profiles-s-z/snapd +++ b/apparmor.d/profiles-s-z/snapd @@ -180,4 +180,6 @@ profile snapd @{exec_path} { } include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/snapd-aa-prompt-listener b/apparmor.d/profiles-s-z/snapd-aa-prompt-listener index f8c1df718..3e3045b80 100644 --- a/apparmor.d/profiles-s-z/snapd-aa-prompt-listener +++ b/apparmor.d/profiles-s-z/snapd-aa-prompt-listener @@ -21,4 +21,6 @@ profile snapd-aa-prompt-listener @{exec_path} { @{PROC}/cmdline r, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/snapd-aa-prompt-ui b/apparmor.d/profiles-s-z/snapd-aa-prompt-ui index 35c6d5e4c..d7b9b3713 100644 --- a/apparmor.d/profiles-s-z/snapd-aa-prompt-ui +++ b/apparmor.d/profiles-s-z/snapd-aa-prompt-ui @@ -19,4 +19,6 @@ profile snapd-aa-prompt-ui @{exec_path} { @{PROC}/cmdline r, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/snapd-apparmor b/apparmor.d/profiles-s-z/snapd-apparmor index d9be96e87..22a9c5faa 100644 --- a/apparmor.d/profiles-s-z/snapd-apparmor +++ b/apparmor.d/profiles-s-z/snapd-apparmor @@ -27,4 +27,6 @@ profile snapd-apparmor @{exec_path} { @{PROC}/cmdline r, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/snapd-core-fixup b/apparmor.d/profiles-s-z/snapd-core-fixup index 7d407df32..fffbc4468 100644 --- a/apparmor.d/profiles-s-z/snapd-core-fixup +++ b/apparmor.d/profiles-s-z/snapd-core-fixup @@ -13,4 +13,6 @@ profile snapd-core-fixup @{exec_path} { @{exec_path} mr, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/spacefm-auth b/apparmor.d/profiles-s-z/spacefm-auth index 2e7f34125..754908eac 100644 --- a/apparmor.d/profiles-s-z/spacefm-auth +++ b/apparmor.d/profiles-s-z/spacefm-auth @@ -16,3 +16,5 @@ profile spacefm-auth @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/spectre-meltdown-checker b/apparmor.d/profiles-s-z/spectre-meltdown-checker index 2ff6defc3..98d677189 100644 --- a/apparmor.d/profiles-s-z/spectre-meltdown-checker +++ b/apparmor.d/profiles-s-z/spectre-meltdown-checker @@ -187,3 +187,5 @@ profile spectre-meltdown-checker @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/speedtest b/apparmor.d/profiles-s-z/speedtest index 5c299fb8d..511f32a96 100644 --- a/apparmor.d/profiles-s-z/speedtest +++ b/apparmor.d/profiles-s-z/speedtest @@ -34,3 +34,5 @@ profile speedtest @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/spice-client-glib-usb-acl-helper b/apparmor.d/profiles-s-z/spice-client-glib-usb-acl-helper index be131b3e9..1847c93d7 100644 --- a/apparmor.d/profiles-s-z/spice-client-glib-usb-acl-helper +++ b/apparmor.d/profiles-s-z/spice-client-glib-usb-acl-helper @@ -23,4 +23,6 @@ profile spice-client-glib-usb-acl-helper @{exec_path} { @{PROC}/sys/kernel/cap_last_cap r, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/spice-vdagent b/apparmor.d/profiles-s-z/spice-vdagent index e25574bb9..c2fd27ced 100644 --- a/apparmor.d/profiles-s-z/spice-vdagent +++ b/apparmor.d/profiles-s-z/spice-vdagent @@ -47,3 +47,5 @@ profile spice-vdagent @{exec_path} flags=(attach_disconnected) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/spice-vdagentd b/apparmor.d/profiles-s-z/spice-vdagentd index cdaf03b9a..e9a8b6330 100644 --- a/apparmor.d/profiles-s-z/spice-vdagentd +++ b/apparmor.d/profiles-s-z/spice-vdagentd @@ -30,3 +30,5 @@ profile spice-vdagentd @{exec_path} flags=(attach_disconnected) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/spotify b/apparmor.d/profiles-s-z/spotify index e588ffbcf..db2e7ebe9 100644 --- a/apparmor.d/profiles-s-z/spotify +++ b/apparmor.d/profiles-s-z/spotify @@ -56,3 +56,5 @@ profile spotify @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/ss b/apparmor.d/profiles-s-z/ss index 99d05d286..36f4c988d 100644 --- a/apparmor.d/profiles-s-z/ss +++ b/apparmor.d/profiles-s-z/ss @@ -45,3 +45,5 @@ profile ss @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/sslocal b/apparmor.d/profiles-s-z/sslocal index 2ce04f3e6..beff6a1e9 100644 --- a/apparmor.d/profiles-s-z/sslocal +++ b/apparmor.d/profiles-s-z/sslocal @@ -29,3 +29,5 @@ profile sslocal @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/ssmanager b/apparmor.d/profiles-s-z/ssmanager index affdd3e85..7a89ea8bd 100644 --- a/apparmor.d/profiles-s-z/ssmanager +++ b/apparmor.d/profiles-s-z/ssmanager @@ -29,3 +29,5 @@ profile ssmanager @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/ssserver b/apparmor.d/profiles-s-z/ssserver index 07690f08c..51dc62837 100644 --- a/apparmor.d/profiles-s-z/ssserver +++ b/apparmor.d/profiles-s-z/ssserver @@ -28,3 +28,5 @@ profile ssserver @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/ssservice b/apparmor.d/profiles-s-z/ssservice index 5c63da5c2..1c62764b2 100644 --- a/apparmor.d/profiles-s-z/ssservice +++ b/apparmor.d/profiles-s-z/ssservice @@ -16,3 +16,5 @@ profile ssservice @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/ssurl b/apparmor.d/profiles-s-z/ssurl index 9471ab0ad..e1c7b9068 100644 --- a/apparmor.d/profiles-s-z/ssurl +++ b/apparmor.d/profiles-s-z/ssurl @@ -24,3 +24,5 @@ profile ssurl @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/start-pulseaudio-x11 b/apparmor.d/profiles-s-z/start-pulseaudio-x11 index 3287c7556..616b66963 100644 --- a/apparmor.d/profiles-s-z/start-pulseaudio-x11 +++ b/apparmor.d/profiles-s-z/start-pulseaudio-x11 @@ -24,4 +24,6 @@ profile start-pulseaudio-x11 @{exec_path} { /dev/tty rw, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/startx b/apparmor.d/profiles-s-z/startx index 9a51396c9..26cf4027f 100644 --- a/apparmor.d/profiles-s-z/startx +++ b/apparmor.d/profiles-s-z/startx @@ -47,3 +47,5 @@ profile startx @{exec_path} flags=(attach_disconnected) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/steam b/apparmor.d/profiles-s-z/steam index 49157e257..8de447bfe 100644 --- a/apparmor.d/profiles-s-z/steam +++ b/apparmor.d/profiles-s-z/steam @@ -418,3 +418,5 @@ profile steam @{exec_path} flags=(attach_disconnected,mediate_deleted) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/steam-fossilize b/apparmor.d/profiles-s-z/steam-fossilize index b8ec7e182..b33c90d8b 100644 --- a/apparmor.d/profiles-s-z/steam-fossilize +++ b/apparmor.d/profiles-s-z/steam-fossilize @@ -49,3 +49,5 @@ profile steam-fossilize @{exec_path} flags=(attach_disconnected) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/steam-game-native b/apparmor.d/profiles-s-z/steam-game-native index 0a79b99d8..9453076ea 100644 --- a/apparmor.d/profiles-s-z/steam-game-native +++ b/apparmor.d/profiles-s-z/steam-game-native @@ -35,4 +35,6 @@ profile steam-game-native @{exec_path} flags=(attach_disconnected) { @{lib_dirs}/** mr, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/steam-game-proton b/apparmor.d/profiles-s-z/steam-game-proton index ed67e72b9..49a668996 100644 --- a/apparmor.d/profiles-s-z/steam-game-proton +++ b/apparmor.d/profiles-s-z/steam-game-proton @@ -106,4 +106,6 @@ profile steam-game-proton @{exec_path} flags=(attach_disconnected) { @{PROC}/sys/net/core/bpf_jit_enable r, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/steam-gameoverlayui b/apparmor.d/profiles-s-z/steam-gameoverlayui index d78751bf9..bbe2452e2 100644 --- a/apparmor.d/profiles-s-z/steam-gameoverlayui +++ b/apparmor.d/profiles-s-z/steam-gameoverlayui @@ -69,3 +69,5 @@ profile steam-gameoverlayui @{exec_path} flags=(attach_disconnected) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/steam-launch b/apparmor.d/profiles-s-z/steam-launch index 1b2afd212..877181b61 100644 --- a/apparmor.d/profiles-s-z/steam-launch +++ b/apparmor.d/profiles-s-z/steam-launch @@ -43,4 +43,6 @@ profile steam-launch @{exec_path} { deny /opt/** r, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/steam-launcher b/apparmor.d/profiles-s-z/steam-launcher index 9b4f09b91..45fa30245 100644 --- a/apparmor.d/profiles-s-z/steam-launcher +++ b/apparmor.d/profiles-s-z/steam-launcher @@ -26,4 +26,6 @@ profile steam-launcher @{exec_path} flags=(attach_disconnected) { @{lib_dirs}/** mr, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/steam-runtime b/apparmor.d/profiles-s-z/steam-runtime index 9beaa2e8c..5d6d0f856 100644 --- a/apparmor.d/profiles-s-z/steam-runtime +++ b/apparmor.d/profiles-s-z/steam-runtime @@ -80,4 +80,6 @@ profile steam-runtime @{exec_path} flags=(attach_disconnected) { /dev/tty rw, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/steamerrorreporter b/apparmor.d/profiles-s-z/steamerrorreporter index 0f765c301..3e206e898 100644 --- a/apparmor.d/profiles-s-z/steamerrorreporter +++ b/apparmor.d/profiles-s-z/steamerrorreporter @@ -38,4 +38,6 @@ profile steamerrorreporter @{exec_path} flags=(attach_disconnected) { owner @{PROC}/@{pid}/status r, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/strawberry b/apparmor.d/profiles-s-z/strawberry index 5ed3ceace..a790e6b7b 100644 --- a/apparmor.d/profiles-s-z/strawberry +++ b/apparmor.d/profiles-s-z/strawberry @@ -79,3 +79,5 @@ profile strawberry @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/strawberry-tagreader b/apparmor.d/profiles-s-z/strawberry-tagreader index de4462c8c..0e1aced4f 100644 --- a/apparmor.d/profiles-s-z/strawberry-tagreader +++ b/apparmor.d/profiles-s-z/strawberry-tagreader @@ -29,3 +29,5 @@ profile strawberry-tagreader @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/su b/apparmor.d/profiles-s-z/su index 940536a07..429c48938 100644 --- a/apparmor.d/profiles-s-z/su +++ b/apparmor.d/profiles-s-z/su @@ -28,3 +28,5 @@ profile su @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/sudo b/apparmor.d/profiles-s-z/sudo index f67917f55..0ba2694bd 100644 --- a/apparmor.d/profiles-s-z/sudo +++ b/apparmor.d/profiles-s-z/sudo @@ -47,3 +47,5 @@ profile sudo @{exec_path} flags=(attach_disconnected) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/sulogin b/apparmor.d/profiles-s-z/sulogin index a50aeea42..3793df043 100644 --- a/apparmor.d/profiles-s-z/sulogin +++ b/apparmor.d/profiles-s-z/sulogin @@ -26,4 +26,6 @@ profile sulogin @{exec_path} { /dev/tty@{int} rw, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/swaplabel b/apparmor.d/profiles-s-z/swaplabel index a038e9dc9..03d2fe8d0 100644 --- a/apparmor.d/profiles-s-z/swaplabel +++ b/apparmor.d/profiles-s-z/swaplabel @@ -19,3 +19,5 @@ profile swaplabel @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/swapon b/apparmor.d/profiles-s-z/swapon index 613e1b3de..31ee2e93a 100644 --- a/apparmor.d/profiles-s-z/swapon +++ b/apparmor.d/profiles-s-z/swapon @@ -28,3 +28,5 @@ profile swapon @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/switcheroo-control b/apparmor.d/profiles-s-z/switcheroo-control index 19b991cc1..4cfa8ba96 100644 --- a/apparmor.d/profiles-s-z/switcheroo-control +++ b/apparmor.d/profiles-s-z/switcheroo-control @@ -34,3 +34,5 @@ profile switcheroo-control @{exec_path} flags=(attach_disconnected) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/switcherooctl b/apparmor.d/profiles-s-z/switcherooctl index 1afd61d9c..9979c9246 100644 --- a/apparmor.d/profiles-s-z/switcherooctl +++ b/apparmor.d/profiles-s-z/switcherooctl @@ -17,4 +17,6 @@ profile switcherooctl @{exec_path} { @{exec_path} mr, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/swtpm b/apparmor.d/profiles-s-z/swtpm index 8b4fd09d0..4f6d1b38c 100644 --- a/apparmor.d/profiles-s-z/swtpm +++ b/apparmor.d/profiles-s-z/swtpm @@ -28,4 +28,6 @@ profile swtpm @{exec_path} { @{run}/libvirt/qemu/swtpm/*.pid w, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/swtpm_ioctl b/apparmor.d/profiles-s-z/swtpm_ioctl index 708ee3982..c77810624 100644 --- a/apparmor.d/profiles-s-z/swtpm_ioctl +++ b/apparmor.d/profiles-s-z/swtpm_ioctl @@ -16,4 +16,6 @@ profile swtpm_ioctl @{exec_path} { @{exec_path} mr, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/swtpm_localca b/apparmor.d/profiles-s-z/swtpm_localca index 6a8998829..a9749c91f 100644 --- a/apparmor.d/profiles-s-z/swtpm_localca +++ b/apparmor.d/profiles-s-z/swtpm_localca @@ -30,4 +30,6 @@ profile swtpm_localca @{exec_path} { @{run}/libvirt/qemu/swtpm/*.sock w, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/swtpm_setup b/apparmor.d/profiles-s-z/swtpm_setup index 18aafae60..f4b01f0e0 100644 --- a/apparmor.d/profiles-s-z/swtpm_setup +++ b/apparmor.d/profiles-s-z/swtpm_setup @@ -26,4 +26,6 @@ profile swtpm_setup @{exec_path} { owner @{tmp}/.swtpm_setup.pidfile* rw, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/sync b/apparmor.d/profiles-s-z/sync index 3211a2b59..6bdb55732 100644 --- a/apparmor.d/profiles-s-z/sync +++ b/apparmor.d/profiles-s-z/sync @@ -14,4 +14,6 @@ profile sync @{exec_path} { @{exec_path} mr, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/syncoid b/apparmor.d/profiles-s-z/syncoid index 36a5c9856..c90665cdf 100644 --- a/apparmor.d/profiles-s-z/syncoid +++ b/apparmor.d/profiles-s-z/syncoid @@ -31,3 +31,5 @@ profile syncoid @{exec_path} flags=(complain) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/syncthing b/apparmor.d/profiles-s-z/syncthing index f669e73dc..50b04668b 100644 --- a/apparmor.d/profiles-s-z/syncthing +++ b/apparmor.d/profiles-s-z/syncthing @@ -45,3 +45,5 @@ profile syncthing @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/sysctl b/apparmor.d/profiles-s-z/sysctl index 839e473f6..4e50430be 100644 --- a/apparmor.d/profiles-s-z/sysctl +++ b/apparmor.d/profiles-s-z/sysctl @@ -31,4 +31,6 @@ profile sysctl @{exec_path} { deny network inet stream, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/system-config-printer b/apparmor.d/profiles-s-z/system-config-printer index fb3c60772..ab36047f2 100644 --- a/apparmor.d/profiles-s-z/system-config-printer +++ b/apparmor.d/profiles-s-z/system-config-printer @@ -58,3 +58,5 @@ profile system-config-printer @{exec_path} flags=(complain) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/system-config-printer-applet b/apparmor.d/profiles-s-z/system-config-printer-applet index f5c393f64..0112b152a 100644 --- a/apparmor.d/profiles-s-z/system-config-printer-applet +++ b/apparmor.d/profiles-s-z/system-config-printer-applet @@ -31,3 +31,5 @@ profile system-config-printer-applet @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/task b/apparmor.d/profiles-s-z/task index 3c0ea26b5..bd7f276a8 100644 --- a/apparmor.d/profiles-s-z/task +++ b/apparmor.d/profiles-s-z/task @@ -47,3 +47,5 @@ profile task @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/tasksel b/apparmor.d/profiles-s-z/tasksel index 94bba6ce9..b96200dea 100644 --- a/apparmor.d/profiles-s-z/tasksel +++ b/apparmor.d/profiles-s-z/tasksel @@ -80,3 +80,5 @@ profile tasksel @{exec_path} flags=(complain) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/taskwarrior-tui b/apparmor.d/profiles-s-z/taskwarrior-tui index f3678ff82..f125c993d 100644 --- a/apparmor.d/profiles-s-z/taskwarrior-tui +++ b/apparmor.d/profiles-s-z/taskwarrior-tui @@ -30,3 +30,5 @@ profile taskwarrior-tui @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/terminator b/apparmor.d/profiles-s-z/terminator index c63a5657c..3f9ba6e25 100644 --- a/apparmor.d/profiles-s-z/terminator +++ b/apparmor.d/profiles-s-z/terminator @@ -63,4 +63,6 @@ profile terminator @{exec_path} flags=(attach_disconnected) { deny @{user_share_dirs}/gvfs-metadata/{,*} r, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/tftp b/apparmor.d/profiles-s-z/tftp index 977b51790..fb848cb1c 100644 --- a/apparmor.d/profiles-s-z/tftp +++ b/apparmor.d/profiles-s-z/tftp @@ -17,3 +17,5 @@ profile tftp @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/thermald b/apparmor.d/profiles-s-z/thermald index 5dfa66125..1e72d45ec 100644 --- a/apparmor.d/profiles-s-z/thermald +++ b/apparmor.d/profiles-s-z/thermald @@ -82,3 +82,5 @@ profile thermald @{exec_path} flags=(attach_disconnected) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/thinkfan b/apparmor.d/profiles-s-z/thinkfan index cd5160493..56a39736e 100644 --- a/apparmor.d/profiles-s-z/thinkfan +++ b/apparmor.d/profiles-s-z/thinkfan @@ -28,3 +28,5 @@ profile thinkfan @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/thunderbird b/apparmor.d/profiles-s-z/thunderbird index 7e9b67d6d..d6553d990 100644 --- a/apparmor.d/profiles-s-z/thunderbird +++ b/apparmor.d/profiles-s-z/thunderbird @@ -179,3 +179,5 @@ profile thunderbird @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/thunderbird-glxtest b/apparmor.d/profiles-s-z/thunderbird-glxtest index b69db4912..17fda9d56 100644 --- a/apparmor.d/profiles-s-z/thunderbird-glxtest +++ b/apparmor.d/profiles-s-z/thunderbird-glxtest @@ -26,4 +26,6 @@ profile thunderbird-glxtest @{exec_path} { owner @{PROC}/@{pid}/cmdline r, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/thunderbird-vaapitest b/apparmor.d/profiles-s-z/thunderbird-vaapitest index 345b7a6f8..85c1a08cb 100644 --- a/apparmor.d/profiles-s-z/thunderbird-vaapitest +++ b/apparmor.d/profiles-s-z/thunderbird-vaapitest @@ -28,3 +28,5 @@ profile thunderbird-vaapitest @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/tint2 b/apparmor.d/profiles-s-z/tint2 index e098f55e4..2e44d0fab 100644 --- a/apparmor.d/profiles-s-z/tint2 +++ b/apparmor.d/profiles-s-z/tint2 @@ -62,3 +62,5 @@ profile tint2 @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/tint2conf b/apparmor.d/profiles-s-z/tint2conf index 2ad3762cf..776b843a3 100644 --- a/apparmor.d/profiles-s-z/tint2conf +++ b/apparmor.d/profiles-s-z/tint2conf @@ -41,3 +41,5 @@ profile tint2conf @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/top b/apparmor.d/profiles-s-z/top index 91cdd57a1..9e4b7c11a 100644 --- a/apparmor.d/profiles-s-z/top +++ b/apparmor.d/profiles-s-z/top @@ -68,3 +68,5 @@ profile top @{exec_path} flags=(attach_disconnected) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/torify b/apparmor.d/profiles-s-z/torify index 6eb5f76fa..fcc4c9b98 100644 --- a/apparmor.d/profiles-s-z/torify +++ b/apparmor.d/profiles-s-z/torify @@ -16,3 +16,5 @@ profile torify @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/torsocks b/apparmor.d/profiles-s-z/torsocks index b72a959e7..8d75133da 100644 --- a/apparmor.d/profiles-s-z/torsocks +++ b/apparmor.d/profiles-s-z/torsocks @@ -25,3 +25,5 @@ profile torsocks @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/tpacpi-bat b/apparmor.d/profiles-s-z/tpacpi-bat index 3febe67c9..673f46e32 100644 --- a/apparmor.d/profiles-s-z/tpacpi-bat +++ b/apparmor.d/profiles-s-z/tpacpi-bat @@ -28,3 +28,5 @@ profile tpacpi-bat @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/transmission-gtk b/apparmor.d/profiles-s-z/transmission-gtk index 3da3784e5..40586fa03 100644 --- a/apparmor.d/profiles-s-z/transmission-gtk +++ b/apparmor.d/profiles-s-z/transmission-gtk @@ -50,3 +50,5 @@ profile transmission-gtk @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/transmission-qt b/apparmor.d/profiles-s-z/transmission-qt index 5b232a005..bbfe5bff4 100644 --- a/apparmor.d/profiles-s-z/transmission-qt +++ b/apparmor.d/profiles-s-z/transmission-qt @@ -52,3 +52,5 @@ profile transmission-qt @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/tune2fs b/apparmor.d/profiles-s-z/tune2fs index 192fff844..d9a8c5409 100644 --- a/apparmor.d/profiles-s-z/tune2fs +++ b/apparmor.d/profiles-s-z/tune2fs @@ -34,3 +34,5 @@ profile tune2fs @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/udev-dmi-memory-id b/apparmor.d/profiles-s-z/udev-dmi-memory-id index 62c834d99..ab6a2de77 100644 --- a/apparmor.d/profiles-s-z/udev-dmi-memory-id +++ b/apparmor.d/profiles-s-z/udev-dmi-memory-id @@ -18,4 +18,6 @@ profile udev-dmi-memory-id @{exec_path} { @{sys}/firmware/dmi/tables/smbios_entry_point r, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/udiskie b/apparmor.d/profiles-s-z/udiskie index f6e7aaafc..505017bcd 100644 --- a/apparmor.d/profiles-s-z/udiskie +++ b/apparmor.d/profiles-s-z/udiskie @@ -68,3 +68,5 @@ profile udiskie @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/udiskie-info b/apparmor.d/profiles-s-z/udiskie-info index 947144150..aa359ef56 100644 --- a/apparmor.d/profiles-s-z/udiskie-info +++ b/apparmor.d/profiles-s-z/udiskie-info @@ -24,3 +24,5 @@ profile udiskie-info @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/udiskie-mount b/apparmor.d/profiles-s-z/udiskie-mount index bbfb20ad8..7e72e9713 100644 --- a/apparmor.d/profiles-s-z/udiskie-mount +++ b/apparmor.d/profiles-s-z/udiskie-mount @@ -24,3 +24,5 @@ profile udiskie-mount @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/udiskie-umount b/apparmor.d/profiles-s-z/udiskie-umount index edf8c79b9..8dc30eb9a 100644 --- a/apparmor.d/profiles-s-z/udiskie-umount +++ b/apparmor.d/profiles-s-z/udiskie-umount @@ -24,3 +24,5 @@ profile udiskie-umount @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/udisksctl b/apparmor.d/profiles-s-z/udisksctl index c4f6dc96b..a05cede9c 100644 --- a/apparmor.d/profiles-s-z/udisksctl +++ b/apparmor.d/profiles-s-z/udisksctl @@ -23,3 +23,5 @@ profile udisksctl @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/udisksd b/apparmor.d/profiles-s-z/udisksd index cbe3a79b0..365044702 100644 --- a/apparmor.d/profiles-s-z/udisksd +++ b/apparmor.d/profiles-s-z/udisksd @@ -150,3 +150,5 @@ profile udisksd @{exec_path} flags=(attach_disconnected) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/umount b/apparmor.d/profiles-s-z/umount index 8253f4335..e066dff89 100644 --- a/apparmor.d/profiles-s-z/umount +++ b/apparmor.d/profiles-s-z/umount @@ -48,3 +48,5 @@ profile umount @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/umount.udisks2 b/apparmor.d/profiles-s-z/umount.udisks2 index 87a8e2b33..2a6f7747d 100644 --- a/apparmor.d/profiles-s-z/umount.udisks2 +++ b/apparmor.d/profiles-s-z/umount.udisks2 @@ -15,3 +15,5 @@ profile umount.udisks2 @{exec_path} flags=(complain) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/uname b/apparmor.d/profiles-s-z/uname index 267fdb82a..4dd41a7bf 100644 --- a/apparmor.d/profiles-s-z/uname +++ b/apparmor.d/profiles-s-z/uname @@ -21,3 +21,5 @@ profile uname @{exec_path} flags=(attach_disconnected) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/unhide-linux b/apparmor.d/profiles-s-z/unhide-linux index a782c72ca..d03561452 100644 --- a/apparmor.d/profiles-s-z/unhide-linux +++ b/apparmor.d/profiles-s-z/unhide-linux @@ -36,3 +36,5 @@ profile unhide-linux @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/unhide-posix b/apparmor.d/profiles-s-z/unhide-posix index 0e869207c..1277e299c 100644 --- a/apparmor.d/profiles-s-z/unhide-posix +++ b/apparmor.d/profiles-s-z/unhide-posix @@ -39,3 +39,5 @@ profile unhide-posix @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/unhide-rb b/apparmor.d/profiles-s-z/unhide-rb index a860f5218..e503f639a 100644 --- a/apparmor.d/profiles-s-z/unhide-rb +++ b/apparmor.d/profiles-s-z/unhide-rb @@ -23,3 +23,5 @@ profile unhide-rb @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/unhide-tcp b/apparmor.d/profiles-s-z/unhide-tcp index bd17557df..bb54d19b1 100644 --- a/apparmor.d/profiles-s-z/unhide-tcp +++ b/apparmor.d/profiles-s-z/unhide-tcp @@ -33,3 +33,5 @@ profile unhide-tcp @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/unix-chkpwd b/apparmor.d/profiles-s-z/unix-chkpwd index 65fd4330c..c24da3bab 100644 --- a/apparmor.d/profiles-s-z/unix-chkpwd +++ b/apparmor.d/profiles-s-z/unix-chkpwd @@ -30,3 +30,5 @@ profile unix-chkpwd @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/unmkinitramfs b/apparmor.d/profiles-s-z/unmkinitramfs index 23f4e2490..d5d1cb953 100644 --- a/apparmor.d/profiles-s-z/unmkinitramfs +++ b/apparmor.d/profiles-s-z/unmkinitramfs @@ -52,3 +52,5 @@ profile unmkinitramfs @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/update-alternatives b/apparmor.d/profiles-s-z/update-alternatives index 3ef1d8f1d..dfe7725d8 100644 --- a/apparmor.d/profiles-s-z/update-alternatives +++ b/apparmor.d/profiles-s-z/update-alternatives @@ -32,3 +32,5 @@ profile update-alternatives @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/update-ca-certificates b/apparmor.d/profiles-s-z/update-ca-certificates index d1dba09ea..f08383fba 100644 --- a/apparmor.d/profiles-s-z/update-ca-certificates +++ b/apparmor.d/profiles-s-z/update-ca-certificates @@ -59,3 +59,5 @@ profile update-ca-certificates @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/update-ca-trust b/apparmor.d/profiles-s-z/update-ca-trust index 4a9df2282..a4434ad48 100644 --- a/apparmor.d/profiles-s-z/update-ca-trust +++ b/apparmor.d/profiles-s-z/update-ca-trust @@ -37,4 +37,6 @@ profile update-ca-trust @{exec_path} { deny network inet stream, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/update-command-not-found b/apparmor.d/profiles-s-z/update-command-not-found index a6e3eb3b4..56c215402 100644 --- a/apparmor.d/profiles-s-z/update-command-not-found +++ b/apparmor.d/profiles-s-z/update-command-not-found @@ -47,3 +47,5 @@ profile update-command-not-found @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/update-cracklib b/apparmor.d/profiles-s-z/update-cracklib index 7c2d4c1b9..6b4192903 100644 --- a/apparmor.d/profiles-s-z/update-cracklib +++ b/apparmor.d/profiles-s-z/update-cracklib @@ -39,4 +39,6 @@ profile update-cracklib @{exec_path} { owner @{tmp}/sort@{rand6} rw, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/update-dlocatedb b/apparmor.d/profiles-s-z/update-dlocatedb index fcf3c65b1..08687c6c8 100644 --- a/apparmor.d/profiles-s-z/update-dlocatedb +++ b/apparmor.d/profiles-s-z/update-dlocatedb @@ -62,3 +62,5 @@ profile update-dlocatedb @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/update-initramfs b/apparmor.d/profiles-s-z/update-initramfs index be61c82b0..fc62d99f2 100644 --- a/apparmor.d/profiles-s-z/update-initramfs +++ b/apparmor.d/profiles-s-z/update-initramfs @@ -53,3 +53,5 @@ profile update-initramfs @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/update-pciids b/apparmor.d/profiles-s-z/update-pciids index 759166464..233ed60be 100644 --- a/apparmor.d/profiles-s-z/update-pciids +++ b/apparmor.d/profiles-s-z/update-pciids @@ -66,3 +66,5 @@ profile update-pciids @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/update-secureboot-policy b/apparmor.d/profiles-s-z/update-secureboot-policy index 8c3db4b0d..8431fd1e6 100644 --- a/apparmor.d/profiles-s-z/update-secureboot-policy +++ b/apparmor.d/profiles-s-z/update-secureboot-policy @@ -34,3 +34,5 @@ profile update-secureboot-policy @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/update-smart-drivedb b/apparmor.d/profiles-s-z/update-smart-drivedb index 60c1de581..7140bbd5b 100644 --- a/apparmor.d/profiles-s-z/update-smart-drivedb +++ b/apparmor.d/profiles-s-z/update-smart-drivedb @@ -92,3 +92,5 @@ profile update-smart-drivedb @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/updatedb-mlocate b/apparmor.d/profiles-s-z/updatedb-mlocate index 6a2469e3a..9e470d878 100644 --- a/apparmor.d/profiles-s-z/updatedb-mlocate +++ b/apparmor.d/profiles-s-z/updatedb-mlocate @@ -64,3 +64,5 @@ profile updatedb-mlocate @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/updatedb.plocate b/apparmor.d/profiles-s-z/updatedb.plocate index 3b2cdd991..67ea546fd 100644 --- a/apparmor.d/profiles-s-z/updatedb.plocate +++ b/apparmor.d/profiles-s-z/updatedb.plocate @@ -38,3 +38,5 @@ profile updatedb.plocate @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/uptime b/apparmor.d/profiles-s-z/uptime index b0cb79a81..1b28a07da 100644 --- a/apparmor.d/profiles-s-z/uptime +++ b/apparmor.d/profiles-s-z/uptime @@ -21,3 +21,5 @@ profile uptime @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/uptimed b/apparmor.d/profiles-s-z/uptimed index 0c87a121b..a850d7771 100644 --- a/apparmor.d/profiles-s-z/uptimed +++ b/apparmor.d/profiles-s-z/uptimed @@ -19,4 +19,6 @@ profile uptimed @{exec_path} { @{run}/uptimed/uptimed.pid rw, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/usb-devices b/apparmor.d/profiles-s-z/usb-devices index 188c6ec6b..94e6526ab 100644 --- a/apparmor.d/profiles-s-z/usb-devices +++ b/apparmor.d/profiles-s-z/usb-devices @@ -32,3 +32,5 @@ profile usb-devices @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/usbguard b/apparmor.d/profiles-s-z/usbguard index 7ceb6038b..deb5ef46d 100644 --- a/apparmor.d/profiles-s-z/usbguard +++ b/apparmor.d/profiles-s-z/usbguard @@ -37,3 +37,5 @@ profile usbguard @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/usbguard-applet-qt b/apparmor.d/profiles-s-z/usbguard-applet-qt index a266575ee..bc004b86f 100644 --- a/apparmor.d/profiles-s-z/usbguard-applet-qt +++ b/apparmor.d/profiles-s-z/usbguard-applet-qt @@ -44,3 +44,5 @@ profile usbguard-applet-qt @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/usbguard-daemon b/apparmor.d/profiles-s-z/usbguard-daemon index f831200e0..d6c05f782 100644 --- a/apparmor.d/profiles-s-z/usbguard-daemon +++ b/apparmor.d/profiles-s-z/usbguard-daemon @@ -40,3 +40,5 @@ profile usbguard-daemon @{exec_path} flags=(attach_disconnected) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/usbguard-dbus b/apparmor.d/profiles-s-z/usbguard-dbus index f4cc7a4cb..b02524d55 100644 --- a/apparmor.d/profiles-s-z/usbguard-dbus +++ b/apparmor.d/profiles-s-z/usbguard-dbus @@ -23,3 +23,5 @@ profile usbguard-dbus @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/usbguard-notifier b/apparmor.d/profiles-s-z/usbguard-notifier index f8f2b75a5..48f88d0aa 100644 --- a/apparmor.d/profiles-s-z/usbguard-notifier +++ b/apparmor.d/profiles-s-z/usbguard-notifier @@ -20,3 +20,5 @@ profile usbguard-notifier @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/useradd b/apparmor.d/profiles-s-z/useradd index 78cc81779..a6094867a 100644 --- a/apparmor.d/profiles-s-z/useradd +++ b/apparmor.d/profiles-s-z/useradd @@ -73,3 +73,5 @@ profile useradd @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/userdel b/apparmor.d/profiles-s-z/userdel index 5c5b4f9bb..6b95a4848 100644 --- a/apparmor.d/profiles-s-z/userdel +++ b/apparmor.d/profiles-s-z/userdel @@ -55,3 +55,5 @@ profile userdel @{exec_path} flags=(attach_disconnected) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/usermod b/apparmor.d/profiles-s-z/usermod index 6c9dd9b2a..cfcdc6bdc 100644 --- a/apparmor.d/profiles-s-z/usermod +++ b/apparmor.d/profiles-s-z/usermod @@ -56,3 +56,5 @@ profile usermod @{exec_path} flags=(attach_disconnected) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/users b/apparmor.d/profiles-s-z/users index 684b489a3..fbad304bf 100644 --- a/apparmor.d/profiles-s-z/users +++ b/apparmor.d/profiles-s-z/users @@ -20,3 +20,5 @@ profile users @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/utmpdump b/apparmor.d/profiles-s-z/utmpdump index 3cb319f23..054bb69ce 100644 --- a/apparmor.d/profiles-s-z/utmpdump +++ b/apparmor.d/profiles-s-z/utmpdump @@ -18,3 +18,5 @@ profile utmpdump @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/utox b/apparmor.d/profiles-s-z/utox index 5a0c2cc81..e5642c263 100644 --- a/apparmor.d/profiles-s-z/utox +++ b/apparmor.d/profiles-s-z/utox @@ -39,3 +39,5 @@ profile utox @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/uuidd b/apparmor.d/profiles-s-z/uuidd index 2fd5956f5..c98d8175f 100644 --- a/apparmor.d/profiles-s-z/uuidd +++ b/apparmor.d/profiles-s-z/uuidd @@ -13,4 +13,6 @@ profile uuidd @{exec_path} { @{exec_path} mr, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/uuidgen b/apparmor.d/profiles-s-z/uuidgen index 4a433508f..b00ed1f26 100644 --- a/apparmor.d/profiles-s-z/uuidgen +++ b/apparmor.d/profiles-s-z/uuidgen @@ -14,4 +14,6 @@ profile uuidgen @{exec_path} { @{exec_path} mr, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/uupdate b/apparmor.d/profiles-s-z/uupdate index ffc6c4069..f49441ebf 100644 --- a/apparmor.d/profiles-s-z/uupdate +++ b/apparmor.d/profiles-s-z/uupdate @@ -52,3 +52,5 @@ profile uupdate @{exec_path} flags=(complain) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/vcsi b/apparmor.d/profiles-s-z/vcsi index 9ceb9ec4b..37422840c 100644 --- a/apparmor.d/profiles-s-z/vcsi +++ b/apparmor.d/profiles-s-z/vcsi @@ -32,3 +32,5 @@ profile vcsi @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/vidcutter b/apparmor.d/profiles-s-z/vidcutter index b9c129559..226a0dd98 100644 --- a/apparmor.d/profiles-s-z/vidcutter +++ b/apparmor.d/profiles-s-z/vidcutter @@ -70,3 +70,5 @@ profile vidcutter @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/vipw-vigr b/apparmor.d/profiles-s-z/vipw-vigr index c6e58e7f5..835267c2d 100644 --- a/apparmor.d/profiles-s-z/vipw-vigr +++ b/apparmor.d/profiles-s-z/vipw-vigr @@ -49,3 +49,5 @@ profile vipw-vigr @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/virt-manager b/apparmor.d/profiles-s-z/virt-manager index 68f52dd37..9fa13e500 100644 --- a/apparmor.d/profiles-s-z/virt-manager +++ b/apparmor.d/profiles-s-z/virt-manager @@ -100,3 +100,5 @@ profile virt-manager @{exec_path} flags=(attach_disconnected) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/vlc b/apparmor.d/profiles-s-z/vlc index a457d6c89..5d113ba3b 100644 --- a/apparmor.d/profiles-s-z/vlc +++ b/apparmor.d/profiles-s-z/vlc @@ -85,3 +85,5 @@ profile vlc @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/vlc-cache-gen b/apparmor.d/profiles-s-z/vlc-cache-gen index bffbd8fc0..b464f1712 100644 --- a/apparmor.d/profiles-s-z/vlc-cache-gen +++ b/apparmor.d/profiles-s-z/vlc-cache-gen @@ -23,4 +23,6 @@ profile vlc-cache-gen @{exec_path} { deny network inet stream, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/vnstat b/apparmor.d/profiles-s-z/vnstat index 2a2f3b55a..25bdcfb1b 100644 --- a/apparmor.d/profiles-s-z/vnstat +++ b/apparmor.d/profiles-s-z/vnstat @@ -68,3 +68,5 @@ profile vnstat @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/vnstatd b/apparmor.d/profiles-s-z/vnstatd index a037c684d..c37c8b6d7 100644 --- a/apparmor.d/profiles-s-z/vnstatd +++ b/apparmor.d/profiles-s-z/vnstatd @@ -30,3 +30,5 @@ profile vnstatd @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/volumeicon b/apparmor.d/profiles-s-z/volumeicon index 010b83789..c58381d7d 100644 --- a/apparmor.d/profiles-s-z/volumeicon +++ b/apparmor.d/profiles-s-z/volumeicon @@ -36,3 +36,5 @@ profile volumeicon @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/vsftpd b/apparmor.d/profiles-s-z/vsftpd index 33915f7c5..aa45b805e 100644 --- a/apparmor.d/profiles-s-z/vsftpd +++ b/apparmor.d/profiles-s-z/vsftpd @@ -71,3 +71,5 @@ profile vsftpd @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/w b/apparmor.d/profiles-s-z/w index 839080510..a3fc8c9e3 100644 --- a/apparmor.d/profiles-s-z/w +++ b/apparmor.d/profiles-s-z/w @@ -35,3 +35,5 @@ profile w @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/w3m b/apparmor.d/profiles-s-z/w3m index 4cc6b57e0..5b919ecc0 100644 --- a/apparmor.d/profiles-s-z/w3m +++ b/apparmor.d/profiles-s-z/w3m @@ -31,3 +31,5 @@ profile w3m @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/wavemon b/apparmor.d/profiles-s-z/wavemon index 12299df81..9ec082580 100644 --- a/apparmor.d/profiles-s-z/wavemon +++ b/apparmor.d/profiles-s-z/wavemon @@ -30,3 +30,5 @@ profile wavemon @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/whatis b/apparmor.d/profiles-s-z/whatis index db62117f8..e99900304 100644 --- a/apparmor.d/profiles-s-z/whatis +++ b/apparmor.d/profiles-s-z/whatis @@ -30,3 +30,5 @@ profile whatis @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/whdd b/apparmor.d/profiles-s-z/whdd index 77e93426b..e5e111b8b 100644 --- a/apparmor.d/profiles-s-z/whdd +++ b/apparmor.d/profiles-s-z/whdd @@ -34,3 +34,5 @@ profile whdd @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/whereis b/apparmor.d/profiles-s-z/whereis index c79baf349..330957a62 100644 --- a/apparmor.d/profiles-s-z/whereis +++ b/apparmor.d/profiles-s-z/whereis @@ -40,3 +40,5 @@ profile whereis @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/which b/apparmor.d/profiles-s-z/which index 6b24b8a71..32d0945e1 100644 --- a/apparmor.d/profiles-s-z/which +++ b/apparmor.d/profiles-s-z/which @@ -35,3 +35,5 @@ profile which @{exec_path} flags=(attach_disconnected) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/whiptail b/apparmor.d/profiles-s-z/whiptail index 464d5862c..f2339717a 100644 --- a/apparmor.d/profiles-s-z/whiptail +++ b/apparmor.d/profiles-s-z/whiptail @@ -22,3 +22,5 @@ profile whiptail @{exec_path} flags=(complain) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/who b/apparmor.d/profiles-s-z/who index 5a9ef26c6..bed53e7e6 100644 --- a/apparmor.d/profiles-s-z/who +++ b/apparmor.d/profiles-s-z/who @@ -22,3 +22,5 @@ profile who @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/whoami b/apparmor.d/profiles-s-z/whoami index cb7e2bb81..3072d7da0 100644 --- a/apparmor.d/profiles-s-z/whoami +++ b/apparmor.d/profiles-s-z/whoami @@ -17,3 +17,5 @@ profile whoami @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/wireplumber b/apparmor.d/profiles-s-z/wireplumber index 143b9a4cc..146408bc7 100644 --- a/apparmor.d/profiles-s-z/wireplumber +++ b/apparmor.d/profiles-s-z/wireplumber @@ -76,3 +76,5 @@ profile wireplumber @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/wireshark b/apparmor.d/profiles-s-z/wireshark index 3c10760d3..ed8fd0efa 100644 --- a/apparmor.d/profiles-s-z/wireshark +++ b/apparmor.d/profiles-s-z/wireshark @@ -63,3 +63,5 @@ profile wireshark @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/wl-copy b/apparmor.d/profiles-s-z/wl-copy index bf395d80a..3ea916395 100644 --- a/apparmor.d/profiles-s-z/wl-copy +++ b/apparmor.d/profiles-s-z/wl-copy @@ -23,4 +23,6 @@ profile wl-copy @{exec_path} { /dev/tty rw, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/wmctrl b/apparmor.d/profiles-s-z/wmctrl index ac3bf48fc..8d99da352 100644 --- a/apparmor.d/profiles-s-z/wmctrl +++ b/apparmor.d/profiles-s-z/wmctrl @@ -17,3 +17,5 @@ profile wmctrl @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/wpa-action b/apparmor.d/profiles-s-z/wpa-action index 59c06ee50..3495849e7 100644 --- a/apparmor.d/profiles-s-z/wpa-action +++ b/apparmor.d/profiles-s-z/wpa-action @@ -40,3 +40,5 @@ profile wpa-action @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/wpa-cli b/apparmor.d/profiles-s-z/wpa-cli index 03c3db367..5edd2f177 100644 --- a/apparmor.d/profiles-s-z/wpa-cli +++ b/apparmor.d/profiles-s-z/wpa-cli @@ -25,3 +25,5 @@ profile wpa-cli @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/wpa-gui b/apparmor.d/profiles-s-z/wpa-gui index 6718f20cc..ceefecbf2 100644 --- a/apparmor.d/profiles-s-z/wpa-gui +++ b/apparmor.d/profiles-s-z/wpa-gui @@ -35,3 +35,5 @@ profile wpa-gui @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/wpa-supplicant b/apparmor.d/profiles-s-z/wpa-supplicant index 0a16592a5..f3da61258 100644 --- a/apparmor.d/profiles-s-z/wpa-supplicant +++ b/apparmor.d/profiles-s-z/wpa-supplicant @@ -54,3 +54,5 @@ profile wpa-supplicant @{exec_path} flags=(attach_disconnected) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/wrmsr b/apparmor.d/profiles-s-z/wrmsr index cbbc56b17..1ee5bd806 100644 --- a/apparmor.d/profiles-s-z/wrmsr +++ b/apparmor.d/profiles-s-z/wrmsr @@ -20,3 +20,5 @@ profile wrmsr @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/wsdd b/apparmor.d/profiles-s-z/wsdd index d850e9f02..92b0f360f 100644 --- a/apparmor.d/profiles-s-z/wsdd +++ b/apparmor.d/profiles-s-z/wsdd @@ -27,4 +27,6 @@ profile wsdd @{exec_path} { owner @{run}/user/@{uid}/gvfsd/wsdd w, include if exists -} \ No newline at end of file +} + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/xarchiver b/apparmor.d/profiles-s-z/xarchiver index dccccc2b4..a5ec89fd9 100644 --- a/apparmor.d/profiles-s-z/xarchiver +++ b/apparmor.d/profiles-s-z/xarchiver @@ -100,3 +100,5 @@ profile xarchiver @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/xauth b/apparmor.d/profiles-s-z/xauth index 02ab30427..f051fdc0c 100644 --- a/apparmor.d/profiles-s-z/xauth +++ b/apparmor.d/profiles-s-z/xauth @@ -42,3 +42,5 @@ profile xauth @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/xautolock b/apparmor.d/profiles-s-z/xautolock index 3aebbe521..89de67bd1 100644 --- a/apparmor.d/profiles-s-z/xautolock +++ b/apparmor.d/profiles-s-z/xautolock @@ -30,3 +30,5 @@ profile xautolock @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/xbacklight b/apparmor.d/profiles-s-z/xbacklight index 8d44638f6..19eb4a9f3 100644 --- a/apparmor.d/profiles-s-z/xbacklight +++ b/apparmor.d/profiles-s-z/xbacklight @@ -17,3 +17,5 @@ profile xbacklight @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/xbrlapi b/apparmor.d/profiles-s-z/xbrlapi index f38beeca9..dc30114bd 100644 --- a/apparmor.d/profiles-s-z/xbrlapi +++ b/apparmor.d/profiles-s-z/xbrlapi @@ -19,3 +19,5 @@ profile xbrlapi @{exec_path} flags=(attach_disconnected) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/xclip b/apparmor.d/profiles-s-z/xclip index 192f17104..378e8cae3 100644 --- a/apparmor.d/profiles-s-z/xclip +++ b/apparmor.d/profiles-s-z/xclip @@ -20,3 +20,5 @@ profile xclip @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/xdpyinfo b/apparmor.d/profiles-s-z/xdpyinfo index 2bad9b330..902905d09 100644 --- a/apparmor.d/profiles-s-z/xdpyinfo +++ b/apparmor.d/profiles-s-z/xdpyinfo @@ -16,3 +16,5 @@ profile xdpyinfo @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/xinit b/apparmor.d/profiles-s-z/xinit index a789cc90f..521a182ba 100644 --- a/apparmor.d/profiles-s-z/xinit +++ b/apparmor.d/profiles-s-z/xinit @@ -99,3 +99,5 @@ profile xinit @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/xinput b/apparmor.d/profiles-s-z/xinput index 1c3304538..18eab6a78 100644 --- a/apparmor.d/profiles-s-z/xinput +++ b/apparmor.d/profiles-s-z/xinput @@ -18,3 +18,5 @@ profile xinput @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/xsel b/apparmor.d/profiles-s-z/xsel index 9fb9593d3..949aa19f7 100644 --- a/apparmor.d/profiles-s-z/xsel +++ b/apparmor.d/profiles-s-z/xsel @@ -27,3 +27,5 @@ profile xsel @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/yadifad b/apparmor.d/profiles-s-z/yadifad index 0e03b9f7f..c22e3cdd9 100644 --- a/apparmor.d/profiles-s-z/yadifad +++ b/apparmor.d/profiles-s-z/yadifad @@ -32,3 +32,5 @@ profile yadifad @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/youtube-dl b/apparmor.d/profiles-s-z/youtube-dl index 23d6b16e6..85da6bfe0 100644 --- a/apparmor.d/profiles-s-z/youtube-dl +++ b/apparmor.d/profiles-s-z/youtube-dl @@ -60,3 +60,5 @@ profile youtube-dl @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/youtube-viewer b/apparmor.d/profiles-s-z/youtube-viewer index 92c60e389..1c405e8fe 100644 --- a/apparmor.d/profiles-s-z/youtube-viewer +++ b/apparmor.d/profiles-s-z/youtube-viewer @@ -66,3 +66,5 @@ profile youtube-viewer @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/yt-dlp b/apparmor.d/profiles-s-z/yt-dlp index d147f3a65..c71b87efd 100644 --- a/apparmor.d/profiles-s-z/yt-dlp +++ b/apparmor.d/profiles-s-z/yt-dlp @@ -46,3 +46,5 @@ profile yt-dlp @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/ytdl b/apparmor.d/profiles-s-z/ytdl index 452eef3f5..230e15f80 100644 --- a/apparmor.d/profiles-s-z/ytdl +++ b/apparmor.d/profiles-s-z/ytdl @@ -43,3 +43,5 @@ profile ytdl @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/zathura b/apparmor.d/profiles-s-z/zathura index 98f218e13..b055fe31b 100644 --- a/apparmor.d/profiles-s-z/zathura +++ b/apparmor.d/profiles-s-z/zathura @@ -29,3 +29,5 @@ profile zathura @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/zed b/apparmor.d/profiles-s-z/zed index 1ce392886..c966ce839 100644 --- a/apparmor.d/profiles-s-z/zed +++ b/apparmor.d/profiles-s-z/zed @@ -57,3 +57,5 @@ profile zed @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/zenmap b/apparmor.d/profiles-s-z/zenmap index 2136952ad..bc4090be8 100644 --- a/apparmor.d/profiles-s-z/zenmap +++ b/apparmor.d/profiles-s-z/zenmap @@ -42,3 +42,5 @@ profile zenmap @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/zfs b/apparmor.d/profiles-s-z/zfs index cb36774d0..9538b9c13 100644 --- a/apparmor.d/profiles-s-z/zfs +++ b/apparmor.d/profiles-s-z/zfs @@ -34,3 +34,5 @@ profile zfs @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/zpool b/apparmor.d/profiles-s-z/zpool index aad07309a..7d12cf3b7 100644 --- a/apparmor.d/profiles-s-z/zpool +++ b/apparmor.d/profiles-s-z/zpool @@ -42,3 +42,5 @@ profile zpool @{exec_path} { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/zsys-system-autosnapshot b/apparmor.d/profiles-s-z/zsys-system-autosnapshot index 0732978e9..653690898 100644 --- a/apparmor.d/profiles-s-z/zsys-system-autosnapshot +++ b/apparmor.d/profiles-s-z/zsys-system-autosnapshot @@ -28,3 +28,5 @@ profile zsys-system-autosnapshot @{exec_path} flags=(complain) { include if exists } + +# vim:syntax=apparmor diff --git a/apparmor.d/profiles-s-z/zsysd b/apparmor.d/profiles-s-z/zsysd index d492635eb..c325e216d 100644 --- a/apparmor.d/profiles-s-z/zsysd +++ b/apparmor.d/profiles-s-z/zsysd @@ -44,3 +44,5 @@ profile zsysd @{exec_path} flags=(complain) { include if exists } + +# vim:syntax=apparmor From a2c658072599c090c37a9f9e996a75244e5266cf Mon Sep 17 00:00:00 2001 From: Alexandre Pujol Date: Sat, 15 Jun 2024 22:28:37 +0100 Subject: [PATCH 52/52] fix: profile compilation. --- apparmor.d/tunables/home.d/apparmor.d | 2 +- pkg/aa/apparmor_test.go | 10 +++++++++- 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/apparmor.d/tunables/home.d/apparmor.d b/apparmor.d/tunables/home.d/apparmor.d index 963e4bc88..c23a8d956 100644 --- a/apparmor.d/tunables/home.d/apparmor.d +++ b/apparmor.d/tunables/home.d/apparmor.d @@ -67,4 +67,4 @@ @{user_torrents_dirs}=@{HOME}/@{XDG_TORRENTS_DIR} @{MOUNTS}/@{XDG_TORRENTS_DIR} @{user_vm_dirs}=@{HOME}/@{XDG_VM_DIR} @{MOUNTS}/@{XDG_VM_DIR} -# vim:syntax=apparmor \ No newline at end of file +# vim:syntax=apparmor diff --git a/pkg/aa/apparmor_test.go b/pkg/aa/apparmor_test.go index a580e7e52..ffdf107de 100644 --- a/pkg/aa/apparmor_test.go +++ b/pkg/aa/apparmor_test.go @@ -6,6 +6,7 @@ package aa import ( "reflect" + "strings" "testing" "github.com/roddhjav/apparmor.d/pkg/paths" @@ -17,6 +18,13 @@ var ( intData = paths.New("../../apparmor.d") ) +// mustReadProfileFile read a file and return its content as a slice of string. +// It panics if an error occurs. It removes the last comment line. +func mustReadProfileFile(path *paths.Path) string { + res := strings.Split(util.MustReadFile(path), "\n") + return strings.Join(res[:len(res)-2], "\n") +} + func TestAppArmorProfileFile_String(t *testing.T) { tests := []struct { name string @@ -230,7 +238,7 @@ func TestAppArmorProfileFile_Integration(t *testing.T) { }, }}, }, - want: util.MustReadFile(intData.Join("profiles-a-f/aa-status")), + want: mustReadProfileFile(intData.Join("profiles-a-f/aa-status")), }, } for _, tt := range tests {