felipe/apparmor.d
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat(profile): general update.

Browse source
This commit is contained in:
Alexandre Pujol 2024-07-06 23:46:06 +01:00
parent 8b2434c0a5
commit d480156e09
No known key found for this signature in database
GPG key ID: C5469996F0DF68EC
20 changed files with 64 additions and 33 deletions
Download patch file Download diff file Expand all files Collapse all files

3
apparmor.d/profiles-a-f/aa-enforce
View file

@ -29,6 +29,9 @@ profile aa-enforce @{exec_path} {
owner /snap/core@{int}/@{int}/etc/apparmor.d/{,**} rw,
owner /var/lib/snapd/apparmor/{,**} rw,
/tmp/@{rand8} rw,
/tmp/apparmor-bugreport-@{rand8}.txt rw,
owner @{PROC}/@{pid}/fd r,
include if exists <local/aa-enforce>

1
apparmor.d/profiles-a-f/agetty
View file

@ -34,6 +34,7 @@ profile agetty @{exec_path} {
/etc/os-release r,
/usr/etc/login.defs r,
@{run}/credentials/serial-getty@ttyS@{int}.service/ r,
owner @{run}/agetty.reload rw,
/dev/tty@{int} rw,

6
apparmor.d/profiles-a-f/flatpak
View file

@ -70,7 +70,7 @@ profile flatpak @{exec_path} flags=(attach_disconnected,mediate_deleted,complain
/tmp/#@{int} rw,
owner /dev/shm/flatpak*/{,**} rw,
owner @{tmp}/ostree-gpg-*/{,**} rw,
owner @{tmp}/ostree-gpg-@{rand6}/{,**} rw,
@{run}/.userns r,
@{run}/user/@{uid}/.dbus-proxy/ w,
@ -107,8 +107,8 @@ profile flatpak @{exec_path} flags=(attach_disconnected,mediate_deleted,complain
@{HOME}/@{XDG_GPG_DIR}/*.conf r,
owner @{tmp}/ostree-gpg-*/ rw,
owner @{tmp}/ostree-gpg-*/** rwkl -> /tmp/ostree-gpg-*/**,
owner @{tmp}/ostree-gpg-@{rand6}/ rw,
owner @{tmp}/ostree-gpg-@{rand6}/** rwkl -> /tmp/ostree-gpg-@{rand6}/**,
include if exists <local/flatpak_gpg>
}

8
apparmor.d/profiles-a-f/flatpak-system-helper
View file

@ -44,8 +44,8 @@ profile flatpak-system-helper @{exec_path} {
/var/tmp/flatpak-cache-*/{,**} rw,
owner /{var/,}tmp/#@{int} rw,
owner /{var/,}tmp/ostree-gpg-*/ rw,
owner @{tmp}/ostree-gpg-*/** rwkl -> /tmp/ostree-gpg-*/**,
owner /{var/,}tmp/ostree-gpg-@{rand6}/ rw,
owner @{tmp}/ostree-gpg-@{rand6}/** rwkl -> /tmp/ostree-gpg-@{rand6}/**,
@{PROC}/@{pid}/stat r,
owner @{PROC}/@{pid}/fd/ r,
@ -62,8 +62,8 @@ profile flatpak-system-helper @{exec_path} {
@{lib}/{,gnupg/}scdaemon rix,
@{bin}/gpg-agent rix,
owner @{tmp}/ostree-gpg-*/ r,
owner @{tmp}/ostree-gpg-*/** rwkl -> /tmp/ostree-gpg-*/**,
owner @{tmp}/ostree-gpg-@{rand6}/ r,
owner @{tmp}/ostree-gpg-@{rand6}/** rwkl -> /tmp/ostree-gpg-@{rand6}/**,
owner @{PROC}/@{pid}/fd/ r,
owner @{PROC}/@{pid}/task/@{tid}/comm rw,