# apparmor.d - Full set of apparmor profiles # Copyright (C) 2024 Alexandre Pujol # Copyright (C) 2024 Besanon # SPDX-License-Identifier: GPL-2.0-only abi , include @{exec_path} = @{bin}/lxqt-panel profile lxqt-panel @{exec_path} { include include include include include include include network inet dgram, network inet6 dgram, network inet stream, network inet6 stream, network netlink raw, network packet dgram, @{exec_path} mr, @{open_path} rix, @{bin}/nm-applet rPx, @{bin}/nm-connection-editor rPx, @{bin}/ControlPanel rPx, @{lib}/lxqt-panel/*.so mr, # LXQT-Plugins @{lib}/lxqt-config/*.so mr, # LXQT-Plugins /usr/share/desktop-directories/{,**} r, /usr/share/lxqt/{,**} r, /etc/fstab r, /etc/udev/udev.conf r, /etc/machine-id r, /etc/xdg/lxqt-qtxdg.conf r, /etc/xdg/menus/**.menu r, /etc/xdg/menus/applications-merged/ r, /etc/xdg/ui/uistandards.rc r, /var/lib/dbus/machine-id r, owner @{HOME}/Desktop/*.desktop rw, owner @{HOME}/Desktop/#@{int} rw, owner @{HOME}/Desktop/*.desktop l -> @{HOME}/Desktop/#@{int}, owner @{user_config_dirs}/menus/*.menu rw, owner @{user_config_dirs}/menus/applications-merged/ r, owner @{user_config_dirs}/share/desktop-directories/*.directory r, owner @{user_config_dirs}/share/gvfs-metadata/{,*} r, owner @{user_config_dirs}/lxqt/#@{int} rw, owner @{user_config_dirs}/lxqt/panel.conf rw, owner @{user_config_dirs}/lxqt/panel.conf.lock rwk, owner @{user_config_dirs}/lxqt/panel.conf.@{rand6} rw, owner @{user_config_dirs}/lxqt/panel.conf.@{rand6} l -> @{user_config_dirs}/lxqt/#@{int}, owner @{user_config_dirs}/pulse/{,**} rwk, @{run}/udev/data/* r, @{sys}/class/i2c-adapter/ r, @{sys}/devices/system/cpu/cpufreq/policy@{int}/scaling_{cur,min,max}_freq r, @{PROC}/@{pid}/fd/ r, @{PROC}/@{pid}/net/dev r, owner @{PROC}/@{pid}/mounts r, /dev/tty rw, /dev/tty@{int} rw, /dev/pts/@{int} rw, /dev/snd/controlC@{int} rw, include if exists } # vim:syntax=apparmor