mirrors/apparmor.d
1
0
Fork 0
mirror of https://github.com/roddhjav/apparmor.d.git synced 2025-01-12 07:17:13 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat(profile): improve snap & login bus.
Some checks are pending
Ubuntu / check (push) Waiting to run
Details
Ubuntu / build (default, ubuntu-22.04) (push) Blocked by required conditions
Details
Ubuntu / build (default, ubuntu-24.04) (push) Blocked by required conditions
Details
Ubuntu / build (full-system-policy, ubuntu-22.04) (push) Blocked by required conditions
Details
Ubuntu / build (full-system-policy, ubuntu-24.04) (push) Blocked by required conditions
Details
Ubuntu / tests (push) Blocked by required conditions
Details

Browse source
This commit is contained in:
Alexandre Pujol 2025-01-10 00:09:24 +01:00
parent bffb837ff3
commit 17520a94bf
Failed to generate hash of commit
3 changed files with 3 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
apparmor.d/abstractions/bus/org.freedesktop.login1
View file

@ -21,7 +21,7 @@
dbus receive bus=system path=/org/freedesktop/login1 dbus receive bus=system path=/org/freedesktop/login1
interface=org.freedesktop.login1.Manager interface=org.freedesktop.login1.Manager
member={SessionNew,SessionRemoved,UserNew,UserRemoved,PrepareFor*} member={SessionNew,SessionRemoved,UserNew,UserRemoved,SeatNew,PrepareFor*}
peer=(name="{@{busname},org.freedesktop.login1}", label=systemd-logind), peer=(name="{@{busname},org.freedesktop.login1}", label=systemd-logind),
dbus send bus=system path=/org/freedesktop/login1 dbus send bus=system path=/org/freedesktop/login1

1
apparmor.d/profiles-s-z/snap
View file

@ -73,6 +73,7 @@ profile snap @{exec_path} {
@{run}/mount/utab r, @{run}/mount/utab r,
@{run}/snapd.socket rw, @{run}/snapd.socket rw,
@{sys}/fs/cgroup/cgroup.controllers r,
@{sys}/kernel/security/apparmor/features/{,**} r, @{sys}/kernel/security/apparmor/features/{,**} r,
@{PROC}/@{pids}/cgroup r, @{PROC}/@{pids}/cgroup r,

1
apparmor.d/profiles-s-z/snapd
View file

@ -153,6 +153,7 @@ profile snapd @{exec_path} {
@{run}/systemd/private rw, @{run}/systemd/private rw,
@{sys}/fs/cgroup/{,*/} r, @{sys}/fs/cgroup/{,*/} r,
@{sys}/fs/cgroup/cgroup.controllers r,
@{sys}/fs/cgroup/system.slice/{,**/} r, @{sys}/fs/cgroup/system.slice/{,**/} r,
@{sys}/fs/cgroup/user.slice/ r, @{sys}/fs/cgroup/user.slice/ r,
@{sys}/fs/cgroup/user.slice/user-@{uid}.slice/{,**/} r, @{sys}/fs/cgroup/user.slice/user-@{uid}.slice/{,**/} r,