felipe/apparmor.d
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat(profiles): general update.

Browse source
This commit is contained in:
Alexandre Pujol 2023-02-11 19:03:01 +00:00
parent 2242c2185a
commit fbd5996531
No known key found for this signature in database
GPG key ID: C5469996F0DF68EC
14 changed files with 70 additions and 16 deletions
Download patch file Download diff file Expand all files Collapse all files

21
apparmor.d/profiles-s-z/steam
View file

@ -60,7 +60,7 @@ profile steam @{exec_path} {
/{usr/,}bin/ldd rix,
/{usr/,}bin/ln rix,
/{usr/,}bin/lsb_release rPx -> lsb_release,
/{usr/,}bin/lspci rPx,
/{usr/,}bin/lspci rCx -> lspci,
/{usr/,}bin/mkdir rix,
/{usr/,}bin/mv rix,
/{usr/,}bin/readlink rix,
@ -227,5 +227,24 @@ profile steam @{exec_path} {
audit deny /**.steam_exec_test.sh rw,
deny owner @{user_share_dirs}/gvfs-metadata/{,*} r,
profile lspci {
include <abstractions/base>
include <abstractions/consoles>
include <abstractions/nameservice-strict>
/{usr/,}bin/lspci mr,
owner @{HOME}/.steam/steam.pipe r,
@{sys}/bus/pci/devices/ r,
@{sys}/bus/pci/slots/ r,
@{sys}/bus/pci/slots/[0-9]*/address r,
@{sys}/devices/pci[0-9]*/** r,
owner /dev/shm/ValveIPCSHM_@{uid} rw,
include if exists <local/steam_lspci>
}
include if exists <local/steam>
}