diff --git a/apparmor.d/groups/_full/default b/apparmor.d/groups/_full/default index 733d227c..b6689cb1 100644 --- a/apparmor.d/groups/_full/default +++ b/apparmor.d/groups/_full/default @@ -45,9 +45,7 @@ profile default @{exec_path} flags=(attach_disconnected,mediate_deleted) { @{coreutils_path} rix, @{shells_path} rix, - @{bin}/less rPx -> child-pager, - @{bin}/more rPx -> child-pager, - @{bin}/pager rPx -> child-pager, + @{pager_path} rPx -> child-pager, # @{open_path} rPx -> child-open, diff --git a/apparmor.d/groups/apt/apt b/apparmor.d/groups/apt/apt index 38bd8f3e..9907ae02 100644 --- a/apparmor.d/groups/apt/apt +++ b/apparmor.d/groups/apt/apt @@ -99,11 +99,10 @@ profile apt @{exec_path} flags=(attach_disconnected) { /usr/share/language-tools/language-options rPx, # For editing the sources.list file - @{bin}/sensible-editor rCx -> editor, - @{bin}/vim.* rCx -> editor, + @{editor_path} rCx -> editor, # For changelogs - @{bin}/sensible-pager rCx -> pager, + @{pager_path} rCx -> pager, #aa:only whonix @{lib}/uwt/uwtwrapper rix, @@ -168,8 +167,7 @@ profile apt @{exec_path} flags=(attach_disconnected) { @{bin}/ r, @{sh_path} rix, - @{bin}/less rix, - @{bin}/sensible-pager mr, + @{pager_path} rmix, @{bin}/which{,.debianutils} rix, /root/ r, # For shell pwd diff --git a/apparmor.d/groups/apt/apt-listchanges b/apparmor.d/groups/apt/apt-listchanges index 8613f228..fbabcd98 100644 --- a/apparmor.d/groups/apt/apt-listchanges +++ b/apparmor.d/groups/apt/apt-listchanges @@ -28,7 +28,7 @@ profile apt-listchanges @{exec_path} { # shared object file): ignored. @{bin}/dpkg-deb rpx, # - @{bin}/sensible-pager rCx -> pager, + @{pager_path} rCx -> pager, # Send results using email @{bin}/exim4 rPx, @@ -83,12 +83,11 @@ profile apt-listchanges @{exec_path} { capability dac_read_search, #capability sys_tty_config, - @{bin}/sensible-pager mr, + @{pager_path} mrix, @{bin}/ r, @{sh_path} rix, @{bin}/which{,.debianutils} rix, - @{bin}/less rix, owner @{HOME}/.less* rw, @@ -98,6 +97,7 @@ profile apt-listchanges @{exec_path} { /tmp/ r, owner @{tmp}/apt-listchanges-tmp*.txt r, + include if exists } include if exists diff --git a/apparmor.d/groups/apt/aptitude b/apparmor.d/groups/apt/aptitude index 12bd0efb..7b36e4ab 100644 --- a/apparmor.d/groups/apt/aptitude +++ b/apparmor.d/groups/apt/aptitude @@ -105,7 +105,7 @@ profile aptitude @{exec_path} flags=(complain) { owner @{user_cache_dirs}/aptitude/ rw, owner @{user_cache_dirs}/aptitude/metadata-download{,-journal} rw, owner @{user_cache_dirs}/aptitude/metadata-download rwk, - @{bin}/sensible-pager rCx -> pager, + @{pager_path} rCx -> pager, # For aptitude-run-state-bundle owner @{tmp}/aptitudebug.*/ r, @@ -171,20 +171,19 @@ profile aptitude @{exec_path} flags=(complain) { include include - @{bin}/ r, - @{bin}/sensible-pager mr, - @{sh_path} rix, + @{bin}/ r, + @{editor_path} mrix, + @{sh_path} rix, @{bin}/which{,.debianutils} rix, - @{bin}/less rix, owner @{HOME}/.less* rw, - owner @{tmp}/aptitude-*.@{pid}:*/aptitude-download-* rw, # For shell pwd /root/ r, + include if exists } include if exists diff --git a/apparmor.d/groups/apt/dpkg b/apparmor.d/groups/apt/dpkg index b8e57783..c22ba0ae 100644 --- a/apparmor.d/groups/apt/dpkg +++ b/apparmor.d/groups/apt/dpkg @@ -34,10 +34,7 @@ profile dpkg @{exec_path} { @{lib}/needrestart/dpkg-status rPx, /usr/share/debian-security-support/check-support-status.hook rPx, - @{bin}/pager rPx -> child-pager, - @{bin}/less rPx -> child-pager, - @{bin}/more rPx -> child-pager, - @{bin}/diff rPx -> child-pager, + @{pager_path} rPx -> child-pager, # Package maintainer's scripts # Move it to a child profile once more transitions will be available diff --git a/apparmor.d/groups/apt/dpkg-query b/apparmor.d/groups/apt/dpkg-query index f8150cc3..9a5512c2 100644 --- a/apparmor.d/groups/apt/dpkg-query +++ b/apparmor.d/groups/apt/dpkg-query @@ -16,9 +16,7 @@ profile dpkg-query @{exec_path} { @{sh_path} rix, - @{bin}/pager rPx -> child-pager, - @{bin}/less rPx -> child-pager, - @{bin}/more rPx -> child-pager, + @{pager_path} rPx -> child-pager, /var/lib/dpkg/** r, diff --git a/apparmor.d/groups/apt/reportbug b/apparmor.d/groups/apt/reportbug index e7b8e1d2..1571298a 100644 --- a/apparmor.d/groups/apt/reportbug +++ b/apparmor.d/groups/apt/reportbug @@ -47,10 +47,8 @@ profile reportbug @{exec_path} { @{bin}/dlocate rPx, @{bin}/dpkg rPx -> child-dpkg, @{bin}/dpkg-query rpx, - @{bin}/less rPx -> child-pager, @{bin}/lsb_release rPx -> lsb_release, - @{bin}/more rPx -> child-pager, - @{bin}/pager rPx -> child-pager, + @{pager_path} rPx -> child-pager, @{bin}/systemctl rCx -> systemctl, @{lib}/firefox/firefox rPUx, # App allowed to open /usr/share/bug/* rPUx, diff --git a/apparmor.d/groups/cron/crontab b/apparmor.d/groups/cron/crontab index c5aaf554..2743173f 100644 --- a/apparmor.d/groups/cron/crontab +++ b/apparmor.d/groups/cron/crontab @@ -22,11 +22,7 @@ profile crontab @{exec_path} { @{exec_path} mr, @{sh_path} rix, - - # When editing the crontab file - @{bin}/sensible-editor rCx -> editor, - @{bin}/vim.* rCx -> editor, - @{bin}/nvim rCx -> editor, + @{editor_path} rCx -> editor, /etc/cron.{allow,deny} r, /etc/environment r, diff --git a/apparmor.d/groups/network/nmcli b/apparmor.d/groups/network/nmcli index 2345d9d2..6c9a1320 100644 --- a/apparmor.d/groups/network/nmcli +++ b/apparmor.d/groups/network/nmcli @@ -15,9 +15,7 @@ profile nmcli @{exec_path} { @{exec_path} mr, - @{bin}/less rPx -> child-pager, - @{bin}/more rPx -> child-pager, - @{bin}/pager rPx -> child-pager, + @{pager_path} rPx -> child-pager, owner @{HOME}/.nm-vpngate/*.ovpn r, owner @{HOME}/.cert/nm-openvpn/*.pem rw, diff --git a/apparmor.d/groups/pacman/pacman b/apparmor.d/groups/pacman/pacman index ab08d1f1..6ab0802b 100644 --- a/apparmor.d/groups/pacman/pacman +++ b/apparmor.d/groups/pacman/pacman @@ -196,10 +196,7 @@ profile pacman @{exec_path} flags=(attach_disconnected) { signal send set=cont peer=child-pager, - @{bin}/pager rPx -> child-pager, - @{bin}/less rPx -> child-pager, - @{bin}/more rPx -> child-pager, - @{bin}/diff rPx -> child-pager, + @{pager_path} rPx -> child-pager, /etc/machine-id r, diff --git a/apparmor.d/groups/systemd/bootctl b/apparmor.d/groups/systemd/bootctl index 2bd8c4c7..4a5d4d83 100644 --- a/apparmor.d/groups/systemd/bootctl +++ b/apparmor.d/groups/systemd/bootctl @@ -22,9 +22,7 @@ profile bootctl @{exec_path} { @{exec_path} mr, - @{bin}/less rPx -> child-pager, - @{bin}/more rPx -> child-pager, - @{bin}/pager rPx -> child-pager, + @{pager_path} rPx -> child-pager, /{boot,efi}/ r, /{boot,efi}/EFI/{,**} r, diff --git a/apparmor.d/groups/systemd/busctl b/apparmor.d/groups/systemd/busctl index baf89561..64396608 100644 --- a/apparmor.d/groups/systemd/busctl +++ b/apparmor.d/groups/systemd/busctl @@ -37,9 +37,7 @@ profile busctl @{exec_path} { @{exec_path} mr, - @{bin}/less rPx -> child-pager, - @{bin}/more rPx -> child-pager, - @{bin}/pager rPx -> child-pager, + @{pager_path} rPx -> child-pager, @{PROC}/@{pid}/cgroup r, @{PROC}/@{pid}/comm r, diff --git a/apparmor.d/groups/systemd/coredumpctl b/apparmor.d/groups/systemd/coredumpctl index 7c4149be..b291c049 100644 --- a/apparmor.d/groups/systemd/coredumpctl +++ b/apparmor.d/groups/systemd/coredumpctl @@ -22,9 +22,7 @@ profile coredumpctl @{exec_path} flags=(complain) { @{bin}/gdb rCx -> gdb, - @{bin}/less rPx -> child-pager, - @{bin}/more rPx -> child-pager, - @{bin}/pager rPx -> child-pager, + @{pager_path} rPx -> child-pager, /var/lib/dbus/machine-id r, /etc/machine-id r, diff --git a/apparmor.d/groups/systemd/journalctl b/apparmor.d/groups/systemd/journalctl index 4b5f1181..79af6567 100644 --- a/apparmor.d/groups/systemd/journalctl +++ b/apparmor.d/groups/systemd/journalctl @@ -25,9 +25,7 @@ profile journalctl @{exec_path} flags=(attach_disconnected) { @{exec_path} mr, - @{bin}/less rPx -> child-pager, - @{bin}/more rPx -> child-pager, - @{bin}/pager rPx -> child-pager, + @{pager_path} rPx -> child-pager, /var/lib/dbus/machine-id r, /etc/machine-id r, diff --git a/apparmor.d/groups/systemd/localectl b/apparmor.d/groups/systemd/localectl index 46f67b32..3ab09cfc 100644 --- a/apparmor.d/groups/systemd/localectl +++ b/apparmor.d/groups/systemd/localectl @@ -15,9 +15,7 @@ profile localectl @{exec_path} { @{exec_path} mr, - @{bin}/less rPx -> child-pager, - @{bin}/more rPx -> child-pager, - @{bin}/pager rPx -> child-pager, + @{pager_path} rPx -> child-pager, /usr/share/kbd/keymaps/{,**} r, diff --git a/apparmor.d/groups/systemd/loginctl b/apparmor.d/groups/systemd/loginctl index 345957e3..b5228f22 100644 --- a/apparmor.d/groups/systemd/loginctl +++ b/apparmor.d/groups/systemd/loginctl @@ -19,9 +19,7 @@ profile loginctl @{exec_path} { @{exec_path} mr, - @{bin}/less rPx -> child-pager, - @{bin}/more rPx -> child-pager, - @{bin}/pager rPx -> child-pager, + @{pager_path} rPx -> child-pager, include if exists } diff --git a/apparmor.d/groups/systemd/networkctl b/apparmor.d/groups/systemd/networkctl index 4c841e97..ae188df5 100644 --- a/apparmor.d/groups/systemd/networkctl +++ b/apparmor.d/groups/systemd/networkctl @@ -35,9 +35,7 @@ profile networkctl @{exec_path} flags=(attach_disconnected) { @{exec_path} mr, - @{bin}/less rPx -> child-pager, - @{bin}/more rPx -> child-pager, - @{bin}/pager rPx -> child-pager, + @{pager_path} rPx -> child-pager, /etc/udev/hwdb.bin r, /var/lib/dbus/machine-id r, diff --git a/apparmor.d/groups/systemd/systemd-analyze b/apparmor.d/groups/systemd/systemd-analyze index deb22cbc..0c3b38d6 100644 --- a/apparmor.d/groups/systemd/systemd-analyze +++ b/apparmor.d/groups/systemd/systemd-analyze @@ -28,9 +28,7 @@ profile systemd-analyze @{exec_path} { @{lib}/systemd/system-environment-generators/* rix, - @{bin}/pager rPx -> child-pager, - @{bin}/less rPx -> child-pager, - @{bin}/more rPx -> child-pager, + @{pager_path} rPx -> child-pager, @{bin}/man rPx, /usr/ r, diff --git a/apparmor.d/groups/systemd/systemd-cgls b/apparmor.d/groups/systemd/systemd-cgls index ed725433..e58fec01 100644 --- a/apparmor.d/groups/systemd/systemd-cgls +++ b/apparmor.d/groups/systemd/systemd-cgls @@ -14,9 +14,7 @@ profile systemd-cgls @{exec_path} { @{exec_path} mr, - @{bin}/less rPx -> child-pager, - @{bin}/more rPx -> child-pager, - @{bin}/pager rPx -> child-pager, + @{pager_path} rPx -> child-pager, @{sys}/fs/cgroup/{,**} r, diff --git a/apparmor.d/groups/systemd/systemd-cgtop b/apparmor.d/groups/systemd/systemd-cgtop index 9ae69cd6..cd0f1e41 100644 --- a/apparmor.d/groups/systemd/systemd-cgtop +++ b/apparmor.d/groups/systemd/systemd-cgtop @@ -14,9 +14,7 @@ profile systemd-cgtop @{exec_path} { @{exec_path} mr, - @{bin}/less rPx -> child-pager, - @{bin}/more rPx -> child-pager, - @{bin}/pager rPx -> child-pager, + @{pager_path} rPx -> child-pager, @{sys}/fs/cgroup/{,**} r, diff --git a/apparmor.d/groups/systemd/systemd-dissect b/apparmor.d/groups/systemd/systemd-dissect index 991a787d..cd3ba97c 100644 --- a/apparmor.d/groups/systemd/systemd-dissect +++ b/apparmor.d/groups/systemd/systemd-dissect @@ -25,9 +25,7 @@ profile systemd-dissect @{exec_path} flags=(attach_disconnected) { @{exec_path} mr, @{bin}/fsck rPx, - @{bin}/less rPx -> child-pager, - @{bin}/more rPx -> child-pager, - @{bin}/pager rPx -> child-pager, + @{pager_path} rPx -> child-pager, # Location of file system OS images @{user_build_dirs}/{,**} r, diff --git a/apparmor.d/groups/systemd/systemd-mount b/apparmor.d/groups/systemd/systemd-mount index 4db3dcac..a86bf152 100644 --- a/apparmor.d/groups/systemd/systemd-mount +++ b/apparmor.d/groups/systemd/systemd-mount @@ -13,9 +13,7 @@ profile systemd-mount @{exec_path} { @{exec_path} mr, - @{bin}/less rPx -> child-pager, - @{bin}/more rPx -> child-pager, - @{bin}/pager rPx -> child-pager, + @{pager_path} rPx -> child-pager, @{sys}/bus/ r, @{sys}/class/ r, diff --git a/apparmor.d/groups/systemd/systemd-udevd b/apparmor.d/groups/systemd/systemd-udevd index fa096a35..5c170920 100644 --- a/apparmor.d/groups/systemd/systemd-udevd +++ b/apparmor.d/groups/systemd/systemd-udevd @@ -37,6 +37,7 @@ profile systemd-udevd @{exec_path} flags=(attach_disconnected,complain) { @{sh_path} rix, @{coreutils_path} rix, + @{pager_path} rPx -> child-pager, @{bin}/*-print-pci-ids rix, @{bin}/alsactl rPUx, @{bin}/ddcutil rPx, @@ -44,16 +45,13 @@ profile systemd-udevd @{exec_path} flags=(attach_disconnected,complain) { @{bin}/ethtool rix, @{bin}/issue-generator rPx, @{bin}/kmod rPx, - @{bin}/less rPx -> child-pager, @{bin}/logger rix, @{bin}/ls rix, @{bin}/lvm rPx, @{bin}/mknod rix, - @{bin}/more rPx -> child-pager, @{bin}/multipath rPx, @{bin}/nfsrahead rix, @{bin}/nvidia-modprobe rPx -> child-modprobe-nvidia, - @{bin}/pager rPx -> child-pager, @{bin}/perl rix, @{bin}/setfacl rix, @{bin}/sg_inq rix, diff --git a/apparmor.d/groups/systemd/userdbctl b/apparmor.d/groups/systemd/userdbctl index 159d1442..279560e9 100644 --- a/apparmor.d/groups/systemd/userdbctl +++ b/apparmor.d/groups/systemd/userdbctl @@ -16,9 +16,7 @@ profile userdbctl @{exec_path} { @{exec_path} mr, - @{bin}/less rPx -> child-pager, - @{bin}/more rPx -> child-pager, - @{bin}/pager rPx -> child-pager, + @{pager_path} rPx -> child-pager, /etc/shadow r, /etc/gshadow r, diff --git a/apparmor.d/profiles-a-f/dmesg b/apparmor.d/profiles-a-f/dmesg index 819cd234..f2d0c766 100644 --- a/apparmor.d/profiles-a-f/dmesg +++ b/apparmor.d/profiles-a-f/dmesg @@ -18,9 +18,7 @@ profile dmesg @{exec_path} { @{exec_path} mr, @{sh_path} rix, - @{bin}/less rPx -> child-pager, - @{bin}/more rPx -> child-pager, - @{bin}/pager rPx -> child-pager, + @{pager_path} rPx -> child-pager, /usr/share/terminfo/** r, diff --git a/apparmor.d/profiles-g-l/git b/apparmor.d/profiles-g-l/git index 47450b8e..8a2ffb79 100644 --- a/apparmor.d/profiles-g-l/git +++ b/apparmor.d/profiles-g-l/git @@ -62,9 +62,7 @@ profile git @{exec_path} flags=(attach_disconnected) { @{bin}/wc rix, @{bin}/whoami rix, - @{bin}/pager rPx -> child-pager, - @{bin}/less rPx -> child-pager, - @{bin}/more rPx -> child-pager, + @{pager_path} rPx -> child-pager, @{bin}/man rPx, @{bin}/meld rPUx, @@ -74,10 +72,8 @@ profile git @{exec_path} flags=(attach_disconnected) { @{bin}/gpg{,2} rCx -> gpg, @{bin}/ssh rCx -> ssh, - @{bin}/sensible-editor rCx -> editor, - @{bin}/vim rCx -> editor, - @{bin}/vim.* rCx -> editor, - + @{editor_path} rCx -> editor, + /usr/share/git{,-core}/{,**} r, /usr/share/libalternatives/{,**} r, /usr/share/terminfo/** r, diff --git a/apparmor.d/profiles-g-l/gpo b/apparmor.d/profiles-g-l/gpo index 97c89a43..411d078b 100644 --- a/apparmor.d/profiles-g-l/gpo +++ b/apparmor.d/profiles-g-l/gpo @@ -27,9 +27,7 @@ profile gpo @{exec_path} { @{bin}/ r, @{sh_path} rix, @{bin}/uname rix, - @{bin}/pager rPx -> child-pager, - @{bin}/less rPx -> child-pager, - @{bin}/more rPx -> child-pager, + @{pager_path} rPx -> child-pager, /etc/inputrc r, diff --git a/apparmor.d/profiles-m-r/mutt b/apparmor.d/profiles-m-r/mutt index 1ed63e68..9d01e226 100644 --- a/apparmor.d/profiles-m-r/mutt +++ b/apparmor.d/profiles-m-r/mutt @@ -37,13 +37,8 @@ profile mutt @{exec_path} { @{bin}/w3m rCx -> html-renderer, @{bin}/lynx rCx -> html-renderer, - @{bin}/vim rCx -> editor, - @{bin}/vim.* rCx -> editor, - @{bin}/sensible-editor rCx -> editor, - - @{bin}/less rCx -> pager, - @{bin}/more rCx -> pager, - @{bin}/pager rCx -> pager, + @{editor_path} rCx -> editor, + @{pager_path} rCx -> pager, @{bin}/gpg{2,} rCx -> gpg, @{bin}/gpgconf rCx -> gpg, @@ -118,9 +113,7 @@ profile mutt @{exec_path} { include include - @{bin}/less mr, - @{bin}/more mr, - @{bin}/pager mr, + @{pager_path} mr, /usr/share/terminfo/** r, /usr/share/file/misc/magic.mgc r, diff --git a/apparmor.d/profiles-m-r/pass b/apparmor.d/profiles-m-r/pass index 5bd85192..3796dfbc 100644 --- a/apparmor.d/profiles-m-r/pass +++ b/apparmor.d/profiles-m-r/pass @@ -46,7 +46,7 @@ profile pass @{exec_path} { @{bin}/gpg{2,} rCx -> gpg, @{bin}/pkill rCx -> pkill, @{bin}/qdbus rCx -> qdbus, - @{bin}/vim{,.*} rCx -> editor, + @{editor_path} rCx -> editor, @{lib}/git{,-core}/git rCx -> git, @{bin}/wl-{copy,paste} rPx, @{bin}/xclip rPx, @@ -112,10 +112,7 @@ profile pass @{exec_path} { @{bin}/git* mrix, @{lib}/git{,-core}/git* mrix, - @{bin}/pager rPx -> child-pager, - @{bin}/less rPx -> child-pager, - @{bin}/more rPx -> child-pager, - + @{pager_path} rPx -> child-pager, @{bin}/gpg{2,} rPx -> pass//gpg, /usr/share/git{,-core}/{,**} r, diff --git a/apparmor.d/profiles-s-z/task b/apparmor.d/profiles-s-z/task index bd7f276a..87b9be2d 100644 --- a/apparmor.d/profiles-s-z/task +++ b/apparmor.d/profiles-s-z/task @@ -23,10 +23,7 @@ profile task @{exec_path} { @{exec_path} mr, @{sh_path} rix, - - @{bin}/vim rCx -> editor, - @{bin}/vim.* rCx -> editor, - @{bin}/sensible-editor rCx -> editor, + @{editor_path} rCx -> editor, /usr/share/{doc/,}task{warrior,}/** r, diff --git a/apparmor.d/profiles-s-z/udisksctl b/apparmor.d/profiles-s-z/udisksctl index a05cede9..63e8b7c7 100644 --- a/apparmor.d/profiles-s-z/udisksctl +++ b/apparmor.d/profiles-s-z/udisksctl @@ -15,9 +15,7 @@ profile udisksctl @{exec_path} { @{sh_path} rix, - @{bin}/pager rPx -> child-pager, - @{bin}/less rPx -> child-pager, - @{bin}/more rPx -> child-pager, + @{pager_path} rPx -> child-pager, /dev/tty rw, diff --git a/apparmor.d/profiles-s-z/vipw-vigr b/apparmor.d/profiles-s-z/vipw-vigr index 835267c2..5b42ab82 100644 --- a/apparmor.d/profiles-s-z/vipw-vigr +++ b/apparmor.d/profiles-s-z/vipw-vigr @@ -16,9 +16,7 @@ profile vipw-vigr @{exec_path} { @{exec_path} mr, @{sh_path} rix, - - @{bin}/sensible-editor rCx -> editor, - @{bin}/vim.* rCx -> editor, + @{editor_path} rCx -> editor, /etc/login.defs r, diff --git a/apparmor.d/tunables/multiarch.d/paths b/apparmor.d/tunables/multiarch.d/paths index 35bf0c58..83aec3ce 100644 --- a/apparmor.d/tunables/multiarch.d/paths +++ b/apparmor.d/tunables/multiarch.d/paths @@ -34,10 +34,16 @@ @{emails_path} = @{thunderbird_path} @{bin}/@{emails_names} # Open -@{open_path} = @{bin}/exo-open @{bin}/xdg-open @{bin}/gio @{bin}/kde-open -@{open_path} += @{bin}/gio-launch-desktop @{lib}/gio-launch-desktop +@{open_path} = @{bin}/@{open_names} +@{open_path} += @{lib}/gio-launch-desktop @{open_path} += @{lib}/@{multiarch}/glib-@{version}/gio-launch-desktop +# Editor +@{editor_path} = @{bin}/@{editor_names} + +# Pager +@{pager_path} = @{bin}/@{pager_names} + # File explorers @{file_explorers_path} = @{bin}/@{file_explorers_names} diff --git a/apparmor.d/tunables/multiarch.d/programs b/apparmor.d/tunables/multiarch.d/programs index 9c0c4d30..8dd2f237 100644 --- a/apparmor.d/tunables/multiarch.d/programs +++ b/apparmor.d/tunables/multiarch.d/programs @@ -28,6 +28,15 @@ # Python interpreters @{python_name} = python{,3,3.[0-9],3.1[0-9]} +# Open +@{open_names} = exo-open xdg-open gio kde-open gio-launch-desktop + +# Editor +@{editor_names} = sensible-editor vim{,.*} nvim nano + +# Pager +@{pager_names} = sensible-pager pager less more + # Browsers @{brave_name} = brave{,-beta,-dev,-bin} diff --git a/docs/install.md b/docs/install.md index 5afac9c7..5d84331c 100644 --- a/docs/install.md +++ b/docs/install.md @@ -148,9 +148,7 @@ The following desktop environments are supported: @{bin}/wl-{copy,paste} rPx, @{bin}/xclip rPx, @{bin}/python3.@{int} rPx -> pass-import, # pass-import - @{bin}/pager rPx -> child-pager, - @{bin}/less rPx -> child-pager, - @{bin}/more rPx -> child-pager, + @{pager_path} rPx -> child-pager, '.build/apparmor.d/pass' -> '/etc/apparmor.d/pass' ``` So, you can install the additional profiles `wl-copy`, `xclip`, `pass-import`, and `child-pager` if desired.