feat(profile): replace old audio abstraction by the new stack.
This commit is contained in:
Alexandre Pujol
parent
b1235b0c52
commit
e4c0f683d2
62 changed files with 81 additions and 173 deletions
|
|
@ -9,7 +9,7 @@ include <tunables/global>
|
|||
@{exec_path} = @{bin}/gnome-control-center
|
||||
profile gnome-control-center @{exec_path} flags=(attach_disconnected) {
|
||||
include <abstractions/base>
|
||||
include <abstractions/audio>
|
||||
include <abstractions/audio-client>
|
||||
include <abstractions/bus-accessibility>
|
||||
include <abstractions/bus-session>
|
||||
include <abstractions/bus-system>
|
||||
|
|
@ -73,14 +73,12 @@ profile gnome-control-center @{exec_path} flags=(attach_disconnected) {
|
|||
/usr/share/gnome-shell/search-providers/{,**} r,
|
||||
/usr/share/gnome/gnome-version.xml r,
|
||||
/usr/share/language-tools/main-countries r,
|
||||
/usr/share/pipewire/client.conf r,
|
||||
/usr/share/thumbnailers/{,*} r,
|
||||
/usr/share/wallpapers/{,**} r,
|
||||
/usr/share/xml/iso-codes/{,**} r,
|
||||
|
||||
/etc/cups/client.conf r,
|
||||
/etc/machine-info r,
|
||||
/etc/pipewire/client.conf.d/{,**} r,
|
||||
/etc/rygel.conf r,
|
||||
/etc/security/pwquality.conf r,
|
||||
/etc/security/pwquality.conf.d/{,**} r,
|
||||
|
|
@ -113,7 +111,6 @@ profile gnome-control-center @{exec_path} flags=(attach_disconnected) {
|
|||
owner @{user_share_dirs}/gnome-remote-desktop/ w,
|
||||
owner @{user_share_dirs}/gnome-remote-desktop/rdp-tls.{crt,key}{,.@{rand6}} rw,
|
||||
owner @{user_share_dirs}/icc/{,edid-*} r,
|
||||
owner @{user_share_dirs}/sounds/__custom/{,*} rw,
|
||||
|
||||
owner /tmp/gdkpixbuf-xpm-tmp.@{rand6} rw,
|
||||
|
||||
|
|
@ -125,7 +122,6 @@ profile gnome-control-center @{exec_path} flags=(attach_disconnected) {
|
|||
owner @{run}/user/@{uid}/gnome-control-center-region-needs-restart w,
|
||||
owner @{run}/user/@{uid}/gnome-shell-disable-extensions w,
|
||||
owner @{run}/user/@{uid}/gvfsd/socket-@{rand8} rw,
|
||||
owner @{run}/user/@{uid}/pipewire-@{int} rw,
|
||||
|
||||
@{run}/udev/data/+dmi:* r,
|
||||
@{run}/udev/data/+input:input@{int} r, # for mouse, keyboard, touchpad
|
||||
|
|
|
|||
|
|
@ -9,6 +9,7 @@ include <tunables/global>
|
|||
@{exec_path} = /usr/share/gnome-shell/extensions/ding@rastersoft.com/{,app/}ding.js
|
||||
profile gnome-extension-ding @{exec_path} {
|
||||
include <abstractions/base>
|
||||
include <abstractions/audio-client>
|
||||
include <abstractions/bus-accessibility>
|
||||
include <abstractions/bus-session>
|
||||
include <abstractions/bus-system>
|
||||
|
|
@ -60,10 +61,6 @@ profile gnome-extension-ding @{exec_path} {
|
|||
|
||||
/usr/share/gnome-shell/extensions/ding@rastersoft.com/{,app/}* r,
|
||||
/usr/share/thumbnailers/{,*.thumbnailer} r,
|
||||
/usr/share/X11/{,**} r,
|
||||
|
||||
/etc/pulse/client.conf r,
|
||||
/etc/pulse/client.conf.d/{,*} r,
|
||||
|
||||
/var/lib/snapd/desktop/icons/{,**} r,
|
||||
|
||||
|
|
@ -72,13 +69,6 @@ profile gnome-extension-ding @{exec_path} {
|
|||
|
||||
owner @{user_share_dirs}/nautilus/scripts/ r,
|
||||
|
||||
owner @{user_config_dirs}/pulse/cookie rk,
|
||||
|
||||
/dev/shm/ r,
|
||||
|
||||
owner @{run}/user/@{uid}/pulse/ r,
|
||||
owner @{run}/user/@{uid}/pulse/native rw,
|
||||
|
||||
owner @{PROC}/@{pid}/mountinfo r,
|
||||
owner @{PROC}/@{pid}/mounts r,
|
||||
owner @{PROC}/@{pid}/stat r,
|
||||
|
|
|
|||
|
|
@ -12,6 +12,7 @@ include <tunables/global>
|
|||
@{exec_path} = @{share_dirs}/service/daemon.js
|
||||
profile gnome-extension-gsconnect @{exec_path} {
|
||||
include <abstractions/base>
|
||||
include <abstractions/audio-client>
|
||||
include <abstractions/bus-accessibility>
|
||||
include <abstractions/bus-session>
|
||||
include <abstractions/bus-system>
|
||||
|
|
@ -49,8 +50,6 @@ profile gnome-extension-gsconnect @{exec_path} {
|
|||
@{share_dirs}/{,**} r,
|
||||
@{share_dirs}/gsconnect-preferences rix,
|
||||
|
||||
/usr/share/X11/{,**} r,
|
||||
|
||||
/etc/machine-id r,
|
||||
|
||||
owner @{user_cache_dirs}/gsconnect/{,**} rw,
|
||||
|
|
@ -60,13 +59,10 @@ profile gnome-extension-gsconnect @{exec_path} {
|
|||
owner @{user_config_dirs}/gsconnect/{,**} rw,
|
||||
owner @{user_config_dirs}/mimeapps.list w,
|
||||
owner @{user_config_dirs}/mimeapps.list.@{rand6} rw,
|
||||
owner @{user_config_dirs}/pulse/client.conf r,
|
||||
owner @{user_config_dirs}/pulse/cookie rk,
|
||||
|
||||
owner @{user_share_dirs}/ r,
|
||||
|
||||
owner @{run}/user/@{uid}/gsconnect/ w,
|
||||
owner @{run}/user/@{uid}/pulse/ r,
|
||||
|
||||
@{sys}/devices/virtual/dmi/id/chassis_type r,
|
||||
|
||||
|
|
|
|||
|
|
@ -9,7 +9,7 @@ include <tunables/global>
|
|||
@{exec_path} = @{bin}/gnome-music
|
||||
profile gnome-music @{exec_path} flags=(attach_disconnected) {
|
||||
include <abstractions/base>
|
||||
include <abstractions/audio>
|
||||
include <abstractions/audio-client>
|
||||
include <abstractions/dconf-write>
|
||||
include <abstractions/gnome-strict>
|
||||
include <abstractions/graphics>
|
||||
|
|
|
|||
|
|
@ -10,7 +10,7 @@ include <tunables/global>
|
|||
profile gnome-shell @{exec_path} flags=(attach_disconnected,mediate_deleted) {
|
||||
include <abstractions/base>
|
||||
include <abstractions/app-launcher-user>
|
||||
include <abstractions/audio>
|
||||
include <abstractions/audio-client>
|
||||
include <abstractions/bus-accessibility>
|
||||
include <abstractions/bus-session>
|
||||
include <abstractions/bus-system>
|
||||
|
|
@ -234,20 +234,18 @@ profile gnome-shell @{exec_path} flags=(attach_disconnected,mediate_deleted) {
|
|||
/usr/share/libinput*/{,**/}[0-9][0-9]-*.quirks r,
|
||||
/usr/share/libinput*/libinput/ r,
|
||||
/usr/share/libwacom/{,*.stylus,*.tablet} r,
|
||||
/usr/share/pipewire/client.conf r,
|
||||
/usr/share/wallpapers/** r,
|
||||
/usr/share/wayland-sessions/{,*.desktop} r,
|
||||
/usr/share/xml/iso-codes/{,**} r,
|
||||
|
||||
/.flatpak-info r,
|
||||
/etc/fstab r,
|
||||
/etc/pipewire/client.conf.d/{,**} r,
|
||||
/etc/timezone r,
|
||||
/etc/udev/hwdb.bin r,
|
||||
/etc/xdg/menus/gnome-applications.menu r,
|
||||
|
||||
/var/lib/gdm{3,}/.cache/ w,
|
||||
/var/lib/gdm{3,}/.cache/event-sound-cache.tdb.@{md5}.x86_64-pc-linux-gnu rwk,
|
||||
/var/lib/gdm{3,}/.cache/event-sound-cache.tdb.@{md5}.@{multiarch} rwk,
|
||||
/var/lib/gdm{3,}/.cache/fontconfig/{,*} rwl,
|
||||
/var/lib/gdm{3,}/.cache/gstreamer-@{int}/ rw,
|
||||
/var/lib/gdm{3,}/.cache/gstreamer-@{int}/registry.*.bin{,.tmp@{rand6}} rw,
|
||||
|
|
@ -290,7 +288,6 @@ profile gnome-shell @{exec_path} flags=(attach_disconnected,mediate_deleted) {
|
|||
owner @{user_config_dirs}/background r,
|
||||
owner @{user_config_dirs}/ibus/ w,
|
||||
owner @{user_config_dirs}/monitors.xml{,~} rwl,
|
||||
owner @{user_config_dirs}/pulse/ rw,
|
||||
owner @{user_config_dirs}/tiling-assistant/{,**} rw,
|
||||
|
||||
owner @{user_share_dirs}/backgrounds/{,**} rw,
|
||||
|
|
@ -299,7 +296,6 @@ profile gnome-shell @{exec_path} flags=(attach_disconnected,mediate_deleted) {
|
|||
owner @{user_share_dirs}/gnome-shell/extensions/{,**} r,
|
||||
owner @{user_share_dirs}/gvfs-metadata/{,*} r,
|
||||
owner @{user_share_dirs}/icc/{,*} rw,
|
||||
owner @{user_share_dirs}/sounds/__custom/index.theme r,
|
||||
|
||||
owner @{user_cache_dirs}/evolution/addressbook/*/PHOTO-*.JPEG r,
|
||||
owner @{user_cache_dirs}/gnome-boxes/*.png r,
|
||||
|
|
@ -314,7 +310,6 @@ profile gnome-shell @{exec_path} flags=(attach_disconnected,mediate_deleted) {
|
|||
owner @{run}/user/@{uid}/gvfsd/socket-@{rand8} rw,
|
||||
owner @{run}/user/@{uid}/snap.snap*/wayland-cursor-shared-* rw,
|
||||
owner @{run}/user/@{uid}/systemd/notify rw,
|
||||
owner @{run}/user/@{uid}/pipewire-@{int} rw,
|
||||
|
||||
owner /dev/shm/.org.chromium.Chromium.* rw,
|
||||
owner /dev/shm/wayland.mozilla.ipc.@{int} rw,
|
||||
|
|
|
|||
|
|
@ -9,6 +9,7 @@ include <tunables/global>
|
|||
@{exec_path} = @{lib}/gnome-terminal-server
|
||||
profile gnome-terminal-server @{exec_path} {
|
||||
include <abstractions/base>
|
||||
include <abstractions/audio-client>
|
||||
include <abstractions/bus-accessibility>
|
||||
include <abstractions/bus-session>
|
||||
include <abstractions/bus/org.a11y>
|
||||
|
|
@ -48,24 +49,15 @@ profile gnome-terminal-server @{exec_path} {
|
|||
@{open_path} rPx -> child-open,
|
||||
|
||||
/usr/share/icu/@{int}.@{int}/*.dat r,
|
||||
/usr/share/sounds/{,**} r,
|
||||
|
||||
/etc/pulse/client.conf r,
|
||||
/etc/pulse/client.conf.d/{,**} r,
|
||||
/etc/shells r,
|
||||
|
||||
/var/lib/flatpak/exports/share/icons/{,**} r,
|
||||
/var/lib/snapd/desktop/icons/{,**} r,
|
||||
|
||||
owner @{user_cache_dirs}/event-sound-cache.tdb.@{md5}.@{multiarch} rwk,
|
||||
|
||||
owner @{user_config_dirs}/*xdg-terminals.list* rw,
|
||||
owner @{user_config_dirs}/ibus/bus/ r,
|
||||
owner @{user_config_dirs}/ibus/bus/@{md5}-unix-{,wayland-}@{int} r,
|
||||
owner @{user_config_dirs}/pulse/cookie rk,
|
||||
|
||||
owner @{run}/user/@{uid}/pulse/ r,
|
||||
owner @{run}/user/@{uid}/pulse/native rw,
|
||||
|
||||
owner /tmp/#@{int} rw,
|
||||
|
||||
|
|
@ -73,7 +65,6 @@ profile gnome-terminal-server @{exec_path} {
|
|||
@{PROC}/@{pids}/cgroup r,
|
||||
|
||||
/dev/ptmx rw,
|
||||
/dev/shm/ r,
|
||||
|
||||
include if exists <local/gnome-terminal-server>
|
||||
}
|
||||
|
|
|
|||
|
|
@ -9,7 +9,7 @@ include <tunables/global>
|
|||
@{exec_path} = @{bin}/gnome-tweaks
|
||||
profile gnome-tweaks @{exec_path} {
|
||||
include <abstractions/base>
|
||||
include <abstractions/audio>
|
||||
include <abstractions/audio-client>
|
||||
include <abstractions/dconf-write>
|
||||
include <abstractions/gnome-strict>
|
||||
include <abstractions/python>
|
||||
|
|
@ -35,7 +35,6 @@ profile gnome-tweaks @{exec_path} {
|
|||
owner @{user_share_dirs}/backgrounds/{,**} r,
|
||||
owner @{user_share_dirs}/gnome-shell/extensions/**/schemas/* r,
|
||||
owner @{user_share_dirs}/recently-used.xbel* rw,
|
||||
owner @{user_share_dirs}/sounds/{,**} r,
|
||||
|
||||
owner @{PROC}/@{pid}/fd/ r,
|
||||
|
||||
|
|
|
|||
|
|
@ -9,7 +9,7 @@ include <tunables/global>
|
|||
@{exec_path} = @{lib}/gsd-media-keys
|
||||
profile gsd-media-keys @{exec_path} flags=(attach_disconnected) {
|
||||
include <abstractions/base>
|
||||
include <abstractions/audio>
|
||||
include <abstractions/audio-client>
|
||||
include <abstractions/bus-accessibility>
|
||||
include <abstractions/bus-session>
|
||||
include <abstractions/bus-system>
|
||||
|
|
@ -95,15 +95,12 @@ profile gsd-media-keys @{exec_path} flags=(attach_disconnected) {
|
|||
/usr/share/sounds/freedesktop/stereo/*.oga r,
|
||||
|
||||
/var/lib/gdm{3,}/.config/dconf/user r,
|
||||
/var/lib/gdm{3,}/greeter-dconf-defaults r,
|
||||
/var/lib/gdm{3,}/.config/pulse/client.conf r,
|
||||
/var/lib/gdm{3,}/.config/pulse/cookie rk,
|
||||
/var/lib/gdm{3,}/greeter-dconf-defaults r,
|
||||
|
||||
/var/lib/flatpak/exports/share/applications/{,mimeinfo.cache} r,
|
||||
|
||||
owner @{user_config_dirs}/pulse/ rw,
|
||||
|
||||
owner @{user_share_dirs}/event-sound-cache.tdb.* rwk,
|
||||
owner @{user_share_dirs}/recently-used.xbel{,.*} rw,
|
||||
|
||||
@{run}/systemd/inhibit/[0-9]*.ref rw,
|
||||
|
|
|
|||
|
|
@ -9,7 +9,7 @@ include <tunables/global>
|
|||
@{exec_path} = @{lib}/gsd-power
|
||||
profile gsd-power @{exec_path} flags=(attach_disconnected) {
|
||||
include <abstractions/base>
|
||||
include <abstractions/audio>
|
||||
include <abstractions/audio-client>
|
||||
include <abstractions/bus-accessibility>
|
||||
include <abstractions/bus-session>
|
||||
include <abstractions/bus-system>
|
||||
|
|
@ -53,7 +53,7 @@ profile gsd-power @{exec_path} flags=(attach_disconnected) {
|
|||
|
||||
/var/lib/gdm{3,}/.config/pulse/ rw,
|
||||
/var/lib/gdm{3,}/.config/pulse/cookie rwk,
|
||||
/var/lib/gdm{3,}/.cache/event-sound-cache.tdb.* rwk,
|
||||
/var/lib/gdm{3,}/.cache/event-sound-cache.tdb.@{md5}.@{multiarch} rwk,
|
||||
/var/lib/gdm{3,}/.config/dconf/user r,
|
||||
/var/lib/gdm{3,}/.config/pulse/client.conf r,
|
||||
/var/lib/gdm{3,}/greeter-dconf-defaults r,
|
||||
|
|
|
|||
|
|
@ -9,7 +9,7 @@ include <tunables/global>
|
|||
@{exec_path} = @{lib}/gsd-sound
|
||||
profile gsd-sound @{exec_path} flags=(attach_disconnected) {
|
||||
include <abstractions/base>
|
||||
include <abstractions/audio>
|
||||
include <abstractions/audio-client>
|
||||
include <abstractions/bus-session>
|
||||
include <abstractions/bus/org.gnome.SessionManager>
|
||||
include <abstractions/bus/org.gtk.vfs.MountTracker>
|
||||
|
|
|
|||
|
|
@ -9,6 +9,7 @@ include <tunables/global>
|
|||
@{exec_path} = @{lib}/org.gnome.NautilusPreviewer
|
||||
profile org.gnome.NautilusPreviewer @{exec_path} {
|
||||
include <abstractions/base>
|
||||
include <abstractions/audio-client>
|
||||
include <abstractions/dconf-write>
|
||||
include <abstractions/deny-sensitive-home>
|
||||
include <abstractions/gnome-strict>
|
||||
|
|
@ -37,8 +38,6 @@ profile org.gnome.NautilusPreviewer @{exec_path} {
|
|||
owner @{MOUNTS}/{,**} r,
|
||||
owner @{HOME}/{,**} r,
|
||||
|
||||
owner @{user_config_dirs}/pulse/cookie rk,
|
||||
|
||||
@{run}/udev/data/c@{dynamic}:@{int} r, # For dynamic assignment range 234 to 254, 384 to 511
|
||||
|
||||
@{sys}/fs/cgroup/user.slice/user-@{uid}.slice/user@@{uid}.service/app.slice/*org.gnome.NautilusPreviewer.slice/*/memory.* r,
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue