mirrors/apparmor.d
1
0
Fork 0
mirror of https://github.com/roddhjav/apparmor.d.git synced 2025-01-19 01:18:16 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

fix(profile): gpg key generation.

Browse source
This commit is contained in:
Alexandre Pujol 2024-08-28 18:59:51 +01:00
parent 72d8d14480
commit 09aef5131e
Failed to generate hash of commit
2 changed files with 12 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
apparmor.d/groups/gpg/gpg
View file

@ -28,6 +28,8 @@ profile gpg @{exec_path} {
@{bin}/gpgsm rPx, @{bin}/gpgsm rPx,
@{lib}/{,gnupg/}scdaemon rPx, @{lib}/{,gnupg/}scdaemon rPx,
/usr/share/terminfo/** r,
/etc/inputrc r, /etc/inputrc r,
owner @{HOME}/@{XDG_GPG_DIR}/ rw, owner @{HOME}/@{XDG_GPG_DIR}/ rw,

20
apparmor.d/groups/gpg/gpg-agent
View file

@ -24,37 +24,37 @@ profile gpg-agent @{exec_path} {
/usr/share/gnupg/* r, /usr/share/gnupg/* r,
owner @{HOME}/@{XDG_GPG_DIR}/ rw, owner @{HOME}/@{XDG_GPG_DIR}/ rw,
owner @{HOME}/@{XDG_GPG_DIR}/gpg-agent.conf r, owner @{HOME}/@{XDG_GPG_DIR}/*.conf r,
owner @{HOME}/@{XDG_GPG_DIR}/private-keys-v1.d/ rw, owner @{HOME}/@{XDG_GPG_DIR}/private-keys-v1.d/ rw,
owner @{HOME}/@{XDG_GPG_DIR}/private-keys-v1.d/@{hex}.key rw, owner @{HOME}/@{XDG_GPG_DIR}/private-keys-v1.d/@{hex}.key{,.tmp} rw,
owner @{HOME}/@{XDG_GPG_DIR}/{,d.*/}S.gpg-agent{,.ssh,.browser,.extra} rw, owner @{HOME}/@{XDG_GPG_DIR}/{,d.*/}S.gpg-agent{,.ssh,.browser,.extra} rw,
owner @{HOME}/@{XDG_GPG_DIR}/sshcontrol r, owner @{HOME}/@{XDG_GPG_DIR}/sshcontrol r,
owner @{MOUNTS}/{,/*}/@{XDG_GPG_DIR}/ rw, owner @{MOUNTS}/{,/*}/@{XDG_GPG_DIR}/ rw,
owner @{MOUNTS}/{,/*}/@{XDG_GPG_DIR}/gpg-agent.conf r, owner @{MOUNTS}/{,/*}/@{XDG_GPG_DIR}/*.conf r,
owner @{MOUNTS}/{,/*}/@{XDG_GPG_DIR}/private-keys-v1.d/ rw, owner @{MOUNTS}/{,/*}/@{XDG_GPG_DIR}/private-keys-v1.d/ rw,
owner @{MOUNTS}/{,/*}/@{XDG_GPG_DIR}/private-keys-v1.d/@{hex}.key rw, owner @{MOUNTS}/{,/*}/@{XDG_GPG_DIR}/private-keys-v1.d/@{hex}.key{,.tmp} rw,
owner @{MOUNTS}/{,/*}/@{XDG_GPG_DIR}/{,d.*/}S.gpg-agent{,.ssh,.browser,.extra} rw, owner @{MOUNTS}/{,/*}/@{XDG_GPG_DIR}/{,d.*/}S.gpg-agent{,.ssh,.browser,.extra} rw,
owner @{MOUNTS}/{,/*}/@{XDG_GPG_DIR}/sshcontrol r, owner @{MOUNTS}/{,/*}/@{XDG_GPG_DIR}/sshcontrol r,
owner @{user_projects_dirs}/**/{.,}gnupg/ rw, owner @{user_projects_dirs}/**/{.,}gnupg/ rw,
owner @{user_projects_dirs}/**/{.,}gnupg/gpg-agent.conf r, owner @{user_projects_dirs}/**/{.,}gnupg/*.conf r,
owner @{user_projects_dirs}/**/{.,}gnupg/private-keys-v1.d/ rw, owner @{user_projects_dirs}/**/{.,}gnupg/private-keys-v1.d/ rw,
owner @{user_projects_dirs}/**/{.,}gnupg/private-keys-v1.d/@{hex}.key rw, owner @{user_projects_dirs}/**/{.,}gnupg/private-keys-v1.d/@{hex}.key{,.tmp} rw,
owner @{user_projects_dirs}/**/{.,}gnupg/{,d.*/}S.gpg-agent{,.ssh,.browser,.extra} rw, owner @{user_projects_dirs}/**/{.,}gnupg/{,d.*/}S.gpg-agent{,.ssh,.browser,.extra} rw,
owner @{user_projects_dirs}/**/{.,}gnupg/sshcontrol r, owner @{user_projects_dirs}/**/{.,}gnupg/sshcontrol r,
owner @{run}/user/@{uid}/gnupg/ rw, owner @{run}/user/@{uid}/gnupg/ rw,
owner @{run}/user/@{uid}/gnupg/gpg-agent.conf r, owner @{run}/user/@{uid}/gnupg/*.conf r,
owner @{run}/user/@{uid}/gnupg/private-keys-v1.d/ rw, owner @{run}/user/@{uid}/gnupg/private-keys-v1.d/ rw,
owner @{run}/user/@{uid}/gnupg/private-keys-v1.d/@{hex}.key rw, owner @{run}/user/@{uid}/gnupg/private-keys-v1.d/@{hex}.key{,.tmp} rw,
owner @{run}/user/@{uid}/gnupg/{,d.*/}S.gpg-agent{,.ssh,.browser,.extra} rw, owner @{run}/user/@{uid}/gnupg/{,d.*/}S.gpg-agent{,.ssh,.browser,.extra} rw,
owner @{run}/user/@{uid}/gnupg/sshcontrol r, owner @{run}/user/@{uid}/gnupg/sshcontrol r,
owner @{user_tmp_dirs}/**/{.,}gnupg/ rw, owner @{user_tmp_dirs}/**/{.,}gnupg/ rw,
owner @{user_tmp_dirs}/**/{.,}gnupg/gpg-agent.conf r, owner @{user_tmp_dirs}/**/{.,}gnupg/*.conf r,
owner @{user_tmp_dirs}/**/{.,}gnupg/private-keys-v1.d/ rw, owner @{user_tmp_dirs}/**/{.,}gnupg/private-keys-v1.d/ rw,
owner @{user_tmp_dirs}/**/{.,}gnupg/private-keys-v1.d/@{hex}.key rw, owner @{user_tmp_dirs}/**/{.,}gnupg/private-keys-v1.d/@{hex}.key{,.tmp} rw,
owner @{user_tmp_dirs}/**/{.,}gnupg/{,d.*/}S.gpg-agent{,.ssh,.browser,.extra} rw, owner @{user_tmp_dirs}/**/{.,}gnupg/{,d.*/}S.gpg-agent{,.ssh,.browser,.extra} rw,
owner @{user_tmp_dirs}/**/{.,}gnupg/sshcontrol r, owner @{user_tmp_dirs}/**/{.,}gnupg/sshcontrol r,