# apparmor.d - Full set of apparmor profiles # Copyright (C) 2021 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only abi , include @{exec_path} = @{lib}/xdg-desktop-portal-gnome profile xdg-desktop-portal-gnome @{exec_path} { include include include include include include include include include include include include include include include include dbus send bus=session path=/org/freedesktop/DBus interface=org.freedesktop.DBus member={RequestName,ReleaseName} peer=(name=org.freedesktop.DBus, label=dbus-daemon), dbus send bus=system path=/org/freedesktop/Accounts/User[0-9]* interface=org.freedesktop.DBus.Properties member=GetAll, dbus receive bus=system path=/org/freedesktop/Accounts/User[0-9]* interface=org.freedesktop.DBus.Properties member=PropertiesChanged, dbus receive bus=system path=/org/freedesktop/Accounts/User[0-9]* interface=org.freedesktop.Accounts.User member=Changed, dbus send bus=session path=/org/gnome/Shell/Screenshot interface=org.freedesktop.DBus.Properties member=GetAll peer=(name=:*, label=gnome-shell), dbus send bus=session path=/org/gnome/Shell/Introspect interface=org.freedesktop.DBus.Properties member=GetAll peer=(name=:*, label=gnome-shell), dbus send bus=session path=/org/gnome/Shell/Introspect interface=org.gnome.Shell.Introspect member=GetRunningApplications peer=(name=:*, label=gnome-shell), dbus receive bus=session path=/org/gnome/Shell/Introspect interface=org.gnome.Shell.Introspect member={RunningApplicationsChanged,WindowsChanged} peer=(name=:*, label=gnome-shell), dbus send bus=session path=/org/freedesktop/portal/desktop interface=org.freedesktop.impl.portal.Background member=RunningApplicationsChanged peer=(name=org.freedesktop.DBus, label=xdg-desktop-portal), dbus receive bus=session path=/org/freedesktop/portal/desktop interface=org.freedesktop.impl.portal.Background member=GetAppState peer=(name=:*, label=xdg-desktop-portal), dbus send bus=session path=/org/freedesktop/portal/desktop interface=org.freedesktop.impl.portal.Settings member=SettingChanged peer=(name=org.freedesktop.DBus, label=xdg-desktop-portal), dbus receive bus=session path=/org/freedesktop/portal/desktop interface=org.freedesktop.DBus.Properties member=GetAll peer=(name=:*, label=xdg-desktop-portal), dbus send bus=session path=/org/gnome/Mutter/DisplayConfig interface=org.gnome.Mutter.DisplayConfig member=GetCurrentState peer=(name=:*, label=gnome-shell), dbus receive bus=session path=/org/gnome/Mutter/DisplayConfig interface=org.gnome.Mutter.DisplayConfig member=GetCurrentState peer=(name=:*, label=gsd-xsettings), dbus send bus=session path=/org/gnome/Mutter/DisplayConfig interface=org.freedesktop.DBus.Properties member=GetAll peer=(name=:*, label=gnome-shell), dbus send bus=session path=/org/gnome/Mutter/ScreenCast interface=org.freedesktop.DBus.Properties member=GetAll peer=(name=:*, label=gnome-shell), dbus send bus=session path=/org/gnome/Mutter/RemoteDesktop interface=org.freedesktop.DBus.Properties member=GetAll peer=(name=:*, label=gnome-shell), dbus receive bus=session path=/ interface=org.freedesktop.DBus.Introspectable member=Introspect peer=(name=:*, label=gnome-shell), dbus bind bus=session name=org.freedesktop.impl.portal.desktop.gnome, @{exec_path} mr, /usr/share/X11/xkb/{,**} r, /var/cache/gio-[0-9]*.[0-9]*/gnome-mimeapps.list r, /var/lib/snapd/desktop/icons/{,**} r, owner @{HOME}/*/{,**} rw, owner @{user_share_dirs}/ r, owner @{run}/user/@{uid}/gdm/Xauthority r, @{run}/mount/utab r, owner @{PROC}/@{pid}/ r, owner @{PROC}/@{pid}/mountinfo r, owner @{PROC}/@{pid}/task/@{tid}/ r, owner @{PROC}/@{pid}/task/@{tid}/status r, include if exists }