felipe/apparmor.d
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
apparmor.d/apparmor.d/profiles-s-z/thermald
Jeroen Rijken 465a31c638 General updates
2022-07-29 16:41:19 +01:00

66 lines
2.2 KiB
Text
Raw Blame History

# apparmor.d - Full set of apparmor profiles
# Copyright (C) 2015-2020 Mikhail Morfikov
# Copyright (C) 2022 Jeroen Rijken
# SPDX-License-Identifier: GPL-2.0-only
abi <abi/3.0>,
include <tunables/global>
@{exec_path} = /{usr/,}sbin/thermald
profile thermald @{exec_path} {
include <abstractions/base>
include <abstractions/dbus-strict>
capability sys_boot,
dbus (bind)
bus=system
name=org.freedesktop.thermald,
@{exec_path} mr,
owner @{run}/thermald/ rw,
owner @{run}/thermald/thd_preference.conf rw,
owner @{run}/thermald/thd_preference.conf.save w,
owner @{run}/thermald/thermald.pid rwk,
/etc/thermald/thermal-conf.xml r,
/etc/thermald/thermal-cpu-cdev-order.xml r,
@{sys}/class/hwmon/ r,
@{sys}/class/thermal/ r,
@{sys}/devices/platform/ r,
@{sys}/devices/system/cpu/present r,
@{sys}/devices/system/cpu/intel_pstate/max_perf_pct r,
@{sys}/devices/system/cpu/intel_pstate/status r,
@{sys}/devices/pci[0-9]*/**/drm/**/intel_backlight/max_brightness r,
@{sys}/devices/**/hwmon[0-9]*/name r,
@{sys}/devices/**/hwmon[0-9]*/temp[0-9]*_{max,crit} r,
@{sys}/devices/virtual/dmi/id/product_name r,
@{sys}/devices/virtual/dmi/id/product_uuid r,
@{sys}/devices/virtual/thermal/**/{type,temp} r,
@{sys}/devices/virtual/thermal/thermal_zone[0-9]*/ r,
@{sys}/devices/virtual/thermal/thermal_zone[0-9]*/trip_point_[0-9]*_temp rw,
@{sys}/devices/virtual/thermal/thermal_zone[0-9]*/trip_point_[0-9]*_type r,
@{sys}/devices/virtual/thermal/cooling_device[0-9]*/ r,
@{sys}/devices/virtual/thermal/cooling_device[0-9]*/cur_state rw,
@{sys}/devices/virtual/thermal/cooling_device[0-9]*/max_state r,
@{sys}/devices/virtual/powercap/intel-rapl/ r,
@{sys}/devices/virtual/powercap/intel-rapl/**/name r,
@{sys}/devices/virtual/powercap/intel-rapl/intel-rapl:[0-9]*/{,*} r,
@{sys}/devices/virtual/powercap/intel-rapl/intel-rapl:[0-9]*/constraint_*_time_window_us w,
@{sys}/devices/virtual/powercap/intel-rapl/intel-rapl:[0-9]*/constraint_*_power_limit_uw w,
@{sys}/devices/virtual/powercap/intel-rapl/intel-rapl:[0-9]*/enabled w,
@{sys}/devices/virtual/powercap/intel-rapl/intel-rapl:[0-9]*/intel-rapl:[0-9]*:[0-9]*/{,*} r,
include if exists <local/thermald>
}
Reference in a new issue View git blame Copy permalink