mirror of
https://github.com/roddhjav/apparmor.d.git
synced 2024-11-15 07:54:17 +01:00
feat(profile): replace some path with the new desktop variables.
This commit is contained in:
parent
77945674a5
commit
04b9e60072
@ -45,8 +45,8 @@ profile dbus-accessibility @{exec_path} flags=(attach_disconnected) {
|
||||
/etc/machine-id r,
|
||||
/var/lib/dbus/machine-id r,
|
||||
|
||||
owner /var/lib/gdm{3,}/.config/dconf/user r,
|
||||
owner /var/lib/gdm{3,}/greeter-dconf-defaults r,
|
||||
owner @{DESKTOP_HOME}/greeter-dconf-defaults r,
|
||||
owner @{desktop_config_dirs}/dconf/user r,
|
||||
|
||||
@{run}/systemd/users/@{uid} r,
|
||||
owner @{run}/user/@{uid}/gdm/Xauthority r,
|
||||
|
@ -45,10 +45,10 @@ profile dbus-system flags=(attach_disconnected) {
|
||||
/etc/machine-id r,
|
||||
/var/lib/dbus/machine-id r,
|
||||
|
||||
@{desktop_share_dirs}/icc/ r,
|
||||
@{desktop_share_dirs}/icc/edid-@{md5}.icc r,
|
||||
@{user_share_dirs}/icc/ r,
|
||||
@{user_share_dirs}/icc/edid-@{md5}.icc r,
|
||||
/var/lib/gdm{,3}/.local/share/icc/ r,
|
||||
/var/lib/gdm{,3}/.local/share/icc/edid-@{md5}.icc r,
|
||||
|
||||
@{run}/systemd/users/@{int} r,
|
||||
@{run}/systemd/sessions/*.ref rw,
|
||||
|
@ -32,14 +32,14 @@ profile ibus-dconf @{exec_path} flags=(attach_disconnected) {
|
||||
/etc/dconf/db/ibus r,
|
||||
/etc/dconf/profile/ibus r,
|
||||
|
||||
/var/lib/gdm{3,}/.cache/dconf/ w,
|
||||
/var/lib/gdm{3,}/.cache/dconf/user rw,
|
||||
/var/lib/gdm{3,}/.cache/ibus/dbus-@{rand8} rw,
|
||||
/var/lib/gdm{3,}/.config/dconf/ w,
|
||||
/var/lib/gdm{3,}/.config/dconf/user rw,
|
||||
/var/lib/gdm{3,}/.config/ibus/bus/ r,
|
||||
/var/lib/gdm{3,}/.config/ibus/bus/@{md5}-unix-{,wayland-}@{int} r,
|
||||
/var/lib/gdm{3,}/greeter-dconf-defaults r,
|
||||
owner @{desktop_cache_dirs}/dconf/ w,
|
||||
owner @{desktop_cache_dirs}/dconf/user rw,
|
||||
owner @{desktop_cache_dirs}/ibus/dbus-@{rand8} rw,
|
||||
owner @{desktop_config_dirs}/dconf/ w,
|
||||
owner @{desktop_config_dirs}/dconf/user rw,
|
||||
owner @{desktop_config_dirs}/ibus/bus/ r,
|
||||
owner @{desktop_config_dirs}/ibus/bus/@{md5}-unix-{,wayland-}@{int} r,
|
||||
owner @{DESKTOP_HOME}/greeter-dconf-defaults r,
|
||||
|
||||
owner @{user_cache_dirs}/ibus/dbus-@{rand8} rw,
|
||||
|
||||
|
@ -20,8 +20,9 @@ profile ibus-engine-simple @{exec_path} flags=(attach_disconnected) {
|
||||
/etc/machine-id r,
|
||||
/var/lib/dbus/machine-id r,
|
||||
|
||||
/var/lib/gdm{3,}/.config/ibus/bus/ r,
|
||||
/var/lib/gdm{3,}/.config/ibus/bus/@{md5}-unix-{,wayland-}@{int} r,
|
||||
owner @{desktop_cache_dirs}/ibus/dbus-@{rand8} rw,
|
||||
owner @{desktop_config_dirs}/ibus/bus/ r,
|
||||
owner @{desktop_config_dirs}/ibus/bus/@{md5}-unix-{,wayland-}@{int} r,
|
||||
|
||||
owner /dev/tty@{int} rw,
|
||||
|
||||
|
@ -38,6 +38,8 @@ profile colord @{exec_path} flags=(attach_disconnected) {
|
||||
/usr/share/mime/mime.cache r,
|
||||
/usr/share/snmp/mibs/{,*} r,
|
||||
|
||||
@{system_share_dirs}/mime/mime.cache r,
|
||||
|
||||
owner /var/lib/colord/.cache/ rw,
|
||||
owner /var/lib/colord/.cache/** rw,
|
||||
owner /var/lib/colord/{mapping,storage}.db{,-journal} rwk,
|
||||
@ -47,10 +49,7 @@ profile colord @{exec_path} flags=(attach_disconnected) {
|
||||
owner /var/lib/snmp/mibs/{iana,ietf}/ r,
|
||||
owner /var/lib/snmp/mibs/{iana,ietf}/[A-Z]* r,
|
||||
|
||||
/var/lib/gdm{3,}/.local/share/icc/edid-*.icc r,
|
||||
/var/lib/flatpak/exports/share/mime/mime.cache r,
|
||||
@{system_share_dirs}/mime/mime.cache r,
|
||||
|
||||
@{desktop_share_dirs}/icc/edid-*.icc r,
|
||||
@{user_share_dirs}/icc/edid-*.icc r,
|
||||
|
||||
@{run}/systemd/journal/socket rw,
|
||||
|
@ -16,29 +16,17 @@ profile xdg-user-dirs-update @{exec_path} {
|
||||
/etc/xdg/user-dirs.conf r,
|
||||
/etc/xdg/user-dirs.defaults r,
|
||||
|
||||
/var/lib/gdm{3,}/.config/ rw,
|
||||
/var/lib/gdm{3,}/.config/user-dirs.dirs{,*} rw,
|
||||
/var/lib/gdm{3,}/.config/user-dirs.locale rw,
|
||||
/var/lib/gdm{3,}/@{XDG_DESKTOP_DIR}/ rw,
|
||||
/var/lib/gdm{3,}/@{XDG_DOCUMENTS_DIR}/ rw,
|
||||
/var/lib/gdm{3,}/@{XDG_DOWNLOAD_DIR}/ rw,
|
||||
/var/lib/gdm{3,}/@{XDG_MUSIC_DIR}/ rw,
|
||||
/var/lib/gdm{3,}/@{XDG_PICTURES_DIR}/ rw,
|
||||
/var/lib/gdm{3,}/@{XDG_PUBLICSHARE_DIR}/ rw,
|
||||
/var/lib/gdm{3,}/@{XDG_TEMPLATES_DIR}/ rw,
|
||||
/var/lib/gdm{3,}/@{XDG_VIDEOS_DIR}/ rw,
|
||||
|
||||
/var/lib/sddm/.config/ rw,
|
||||
/var/lib/sddm/.config/user-dirs.dirs{,*} rw,
|
||||
/var/lib/sddm/.config/user-dirs.locale rw,
|
||||
/var/lib/sddm/@{XDG_DESKTOP_DIR}/ rw,
|
||||
/var/lib/sddm/@{XDG_DOCUMENTS_DIR}/ rw,
|
||||
/var/lib/sddm/@{XDG_DOWNLOAD_DIR}/ rw,
|
||||
/var/lib/sddm/@{XDG_MUSIC_DIR}/ rw,
|
||||
/var/lib/sddm/@{XDG_PICTURES_DIR}/ rw,
|
||||
/var/lib/sddm/@{XDG_PUBLICSHARE_DIR}/ rw,
|
||||
/var/lib/sddm/@{XDG_TEMPLATES_DIR}/ rw,
|
||||
/var/lib/sddm/@{XDG_VIDEOS_DIR}/ rw,
|
||||
owner @{desktop_config_dirs}/ rw,
|
||||
owner @{desktop_config_dirs}/user-dirs.dirs{,*} rw,
|
||||
owner @{desktop_config_dirs}/user-dirs.locale rw,
|
||||
owner @{DESKTOP_HOME}/@{XDG_DESKTOP_DIR}/ rw,
|
||||
owner @{DESKTOP_HOME}/@{XDG_DOCUMENTS_DIR}/ rw,
|
||||
owner @{DESKTOP_HOME}/@{XDG_DOWNLOAD_DIR}/ rw,
|
||||
owner @{DESKTOP_HOME}/@{XDG_MUSIC_DIR}/ rw,
|
||||
owner @{DESKTOP_HOME}/@{XDG_PICTURES_DIR}/ rw,
|
||||
owner @{DESKTOP_HOME}/@{XDG_PUBLICSHARE_DIR}/ rw,
|
||||
owner @{DESKTOP_HOME}/@{XDG_TEMPLATES_DIR}/ rw,
|
||||
owner @{DESKTOP_HOME}/@{XDG_VIDEOS_DIR}/ rw,
|
||||
|
||||
owner @{HOME}/@{XDG_DESKTOP_DIR}/ w,
|
||||
owner @{HOME}/@{XDG_DOCUMENTS_DIR}/ w,
|
||||
|
@ -26,7 +26,7 @@ profile gvfsd-metadata @{exec_path} {
|
||||
|
||||
@{exec_path} mr,
|
||||
|
||||
/var/lib/gdm{3,}/.local/share/gvfs-metadata/{,*} rw,
|
||||
owner @{gdm_share_dirs}/gvfs-metadata/{,*} rw,
|
||||
|
||||
owner @{HOME}/.local/ w,
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user