felipe/apparmor.d
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
apparmor.d/apparmor.d/abstractions/desktop
Alexandre Pujol 9db6bf4a35
feat(abs): add the themes abs. 
fix #860
2025-09-16 20:42:35 +02:00

88 lines
2.6 KiB
Text
Raw Blame History

# apparmor.d - Full set of apparmor profiles
# Copyright (C) 2023-2024 Alexandre Pujol <alexandre@pujol.io>
# SPDX-License-Identifier: GPL-2.0-only
# Unified minimal abstraction for all UI application regardless of the desktop environment.
# When supported in apparmor, condition will be used in this abstraction to filter
# resources specific for supported DE.
abi <abi/4.0>,
include <abstractions/accessibility>
include <abstractions/desktop-files>
include <abstractions/fonts>
include <abstractions/gschemas>
include <abstractions/gtk-strict>
include <abstractions/icons>
include <abstractions/mime>
include <abstractions/qt5>
include <abstractions/recently-used>
include <abstractions/themes>
include <abstractions/user-dirs>
include <abstractions/wayland>
include <abstractions/X-strict>
include <abstractions/xdg-desktop>
# if @{DE} == gnome
dbus receive bus=session
interface=org.freedesktop.DBus.Introspectable
member=Introspect
peer=(name=@{busname}, label=gnome-shell),
@{system_share_dirs}/gvfs/remote-volume-monitors/{,*} r,
/etc/gnome/* r,
/ r,
owner @{user_share_dirs}/gnome-shell/session.gvdb rw,
# else if @{DE} == kde
@{lib}/kde{,3,4}/*.so mr,
@{lib}/kde{,3,4}/plugins/*/ r,
@{lib}/kde{,3,4}/plugins/*/*.so mr,
/usr/share/knotifications{5,6}/*.notifyrc r,
/etc/xdg/baloofilerc r,
/etc/xdg/kcminputrc r,
/etc/xdg/kdeglobals r,
/etc/xdg/kwinrc r,
owner @{user_cache_dirs}/#@{int} rw,
owner @{user_cache_dirs}/icon-cache.kcache rw,
owner @{user_cache_dirs}/ksycoca{5,6}_??{_,-}* rwlk,
owner @{user_config_dirs}/baloofilerc r,
owner @{user_config_dirs}/dolphinrc r,
owner @{user_config_dirs}/kcminputrc r,
owner @{user_config_dirs}/kdedefaults/ r,
owner @{user_config_dirs}/kdedefaults/kcminputrc r,
owner @{user_config_dirs}/kdedefaults/kdeglobals r,
owner @{user_config_dirs}/kdedefaults/kwinrc r,
owner @{user_config_dirs}/kdeglobals r,
owner @{user_config_dirs}/kwinrc r,
owner @{user_config_dirs}/session/ rw,
owner @{user_config_dirs}/session/@{profile_name}* rwlk,
owner @{user_config_dirs}/session/#@{int} rw,
owner @{user_config_dirs}/trashrc r,
# else if @{DE} == xfce
/usr/share/xfce{,4}/ r,
owner @{user_config_dirs}/xfce4/help{,ers}.rc rw,
owner @{user_config_dirs}/xfce4/help{,ers}.rc.@{int}.tmp rw,
# end
/usr/share/desktop-base/{,**} r,
/usr/share/hwdata/*.ids r, # FIXME: a bit too wide
/usr/share/icu/@{int}.@{int}/*.dat r,
include if exists <abstractions/desktop.d>
# vim:syntax=apparmor
Reference in a new issue View git blame Copy permalink