diff --git a/apparmor.d/abstractions/app/firefox b/apparmor.d/abstractions/app/firefox index bd8b1462..578689aa 100644 --- a/apparmor.d/abstractions/app/firefox +++ b/apparmor.d/abstractions/app/firefox @@ -17,6 +17,7 @@ include include include + include include include include @@ -69,7 +70,6 @@ /usr/share/xul-ext/kwallet5/* r, /etc/@{name}/{,**} r, - /etc/cups/client.conf r, /etc/fstab r, /etc/mailcap r, /etc/mime.types r, @@ -81,7 +81,6 @@ /var/lib/nscd/services r, owner @{HOME}/ r, - owner @{HOME}/.cups/lpoptions r, owner @{config_dirs}/ rw, owner @{config_dirs}/** rwk, diff --git a/apparmor.d/abstractions/common/app b/apparmor.d/abstractions/common/app index ff3b0f7f..f563d803 100644 --- a/apparmor.d/abstractions/common/app +++ b/apparmor.d/abstractions/common/app @@ -15,6 +15,7 @@ include include include + include # include include include @@ -63,7 +64,6 @@ owner @{tmp}/** rmwk, owner /dev/shm/** rwlk -> /dev/shm/**, - @{run}/cups/cups.sock rw, # Allow access to cups printing socket. @{run}/havahi-daemon/socket rw, # Allow access to avahi-daemon socket. @{run}/host/{,**} r, @{run}/pcscd/pcscd.comm rw, # Allow access to pcscd socket. diff --git a/apparmor.d/groups/gnome/gnome-control-center b/apparmor.d/groups/gnome/gnome-control-center index fd2462ff..6abb6f1f 100644 --- a/apparmor.d/groups/gnome/gnome-control-center +++ b/apparmor.d/groups/gnome/gnome-control-center @@ -16,6 +16,7 @@ profile gnome-control-center @{exec_path} flags=(attach_disconnected) { include include include + include include include include @@ -93,7 +94,6 @@ profile gnome-control-center @{exec_path} flags=(attach_disconnected) { /usr/share/wallpapers/{,**} r, /usr/share/xml/iso-codes/{,**} r, - /etc/cups/client.conf r, /etc/machine-info r, /etc/rygel.conf r, /etc/security/pwquality.conf r, @@ -130,7 +130,6 @@ profile gnome-control-center @{exec_path} flags=(attach_disconnected) { owner @{tmp}/gdkpixbuf-xpm-tmp.@{rand6} rw, - @{run}/cups/cups.sock rw, @{run}/samba/ rw, @{run}/systemd/sessions/ r, @{run}/systemd/sessions/* r, diff --git a/apparmor.d/groups/gnome/gsd-print-notifications b/apparmor.d/groups/gnome/gsd-print-notifications index 6846ecaa..ad71bec7 100644 --- a/apparmor.d/groups/gnome/gsd-print-notifications +++ b/apparmor.d/groups/gnome/gsd-print-notifications @@ -13,6 +13,7 @@ profile gsd-print-notifications @{exec_path} flags=(attach_disconnected) { include include include + include include network inet stream, @@ -34,10 +35,6 @@ profile gsd-print-notifications @{exec_path} flags=(attach_disconnected) { @{exec_path} mr, @{lib}/gsd-printer rPx, - /etc/cups/client.conf r, - - @{run}/cups/cups.sock rw, - owner @{PROC}/@{pid}/cgroup r, owner @{PROC}/@{pid}/fd/ r, diff --git a/apparmor.d/groups/kde/plasmashell b/apparmor.d/groups/kde/plasmashell index 3c7b4eed..7464a984 100644 --- a/apparmor.d/groups/kde/plasmashell +++ b/apparmor.d/groups/kde/plasmashell @@ -16,6 +16,7 @@ profile plasmashell @{exec_path} flags=(mediate_deleted) { include include include + include include include include @@ -76,7 +77,6 @@ profile plasmashell @{exec_path} flags=(mediate_deleted) { /usr/share/wallpapers/{,**} r, /etc/appstream.conf r, - /etc/cups/client.conf r, /etc/fstab r, /etc/ksysguarddrc r, /etc/machine-id r,