# apparmor.d - Full set of apparmor profiles # Copyright (C) 2021 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only abi , include @{exec_path} = @{libexec}/gdm-wayland-session profile gdm-wayland-session @{exec_path} { include include include include include include include include signal (receive) set=term peer=gdm{,-session-worker}, signal (send) set=(term) peer=dbus-run-session, signal (send) set=(term) peer=dbus-daemon, signal (send) set=(term) peer=gnome-session-binary, dbus send bus=system path=/org/gnome/DisplayManager/Manager interface=org.gnome.DisplayManager.Manager member=RegisterDisplay, @{exec_path} mr, /{usr/,}bin/{,ba,da}sh rix, /{usr/,}bin/env rix, /{usr/,}bin/gettext rix, /{usr/,}bin/gnome-session rix, /{usr/,}bin/grep rix, /{usr/,}bin/gsettings rix, /{usr/,}bin/head rix, /{usr/,}bin/locale rix, /{usr/,}bin/locale-check rix, /{usr/,}bin/qmake rix, /{usr/,}bin/sed rix, /{usr/,}bin/sort rix, /{usr/,}bin/tty rix, /{usr/,}bin/zsh rix, /{usr/,}bin/dbus-daemon rPx, /{usr/,}bin/dbus-run-session rPx, /{usr/,}bin/dpkg-query rpx, /{usr/,}bin/flatpak rPUx, @{libexec}/gnome-session-binary rPx, /{usr/,}bin/gettext.sh r, /usr/share/im-config/{,**} r, /etc/default/im-config r, /etc/gdm{3,}/custom.conf r, /etc/shells r, /etc/X11/xinit/xinputrc r, /etc/X11/Xsession.d/*im-config_launch r, /usr/share/gdm/gdm.schemas r, /usr/share/glib-2.0/schemas/gschemas.compiled r, @{run}/gdm{3,}/custom.conf r, owner @{PROC}/@{pid}/fd/ r, owner @{PROC}/@{pid}/loginuid r, /dev/tty[0-9]* rw, include if exists }