mirrors/apparmor.d
1
0
Fork 0
mirror of https://github.com/roddhjav/apparmor.d.git synced 2025-01-19 01:18:16 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat(profile): ensure plasma support new dbus stack.

Browse source
This commit is contained in:
Alexandre Pujol 2024-03-16 21:28:54 +00:00
parent 9be9b442a9
commit 30d8e16ffc
Failed to generate hash of commit
1 changed files with 10 additions and 31 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

41
apparmor.d/groups/kde/sddm
View file

@ -20,7 +20,6 @@ profile sddm @{exec_path} flags=(attach_disconnected,mediate_deleted) {
include <abstractions/graphics> include <abstractions/graphics>
include <abstractions/kde-strict> include <abstractions/kde-strict>
include <abstractions/nameservice-strict> include <abstractions/nameservice-strict>
include <abstractions/qt5>
include <abstractions/wutmp> include <abstractions/wutmp>
capability audit_write, capability audit_write,
@ -77,30 +76,25 @@ profile sddm @{exec_path} flags=(attach_disconnected,mediate_deleted) {
@{bin}/pidof rix, @{bin}/pidof rix,
@{bin}/tr rix, @{bin}/tr rix,
@{bin}/tty rix, @{bin}/tty rix,
@{bin}/xdm r, @{bin}/xdm r,
@{bin}/xmodmap rix, @{bin}/xmodmap rix,
@{bin}/unix_chkpwd rPx,
@{bin}/dbus-run-session rix, @{bin}/dbus-run-session rPx -> dbus-session,
@{bin}/kwin_wayland rPx, @{bin}/flatpak rPx,
@{bin}/sddm-greeter{,-qt6} rPx,
@{bin}/Xorg rPx,
/etc/sddm/Xsession rPx,
@{bin}/flatpak rPx,
@{bin}/sway rPUx,
@{bin}/xauth rCx -> xauth,
@{bin}/xsetroot rPx,
@{bin}/dbus-update-activation-environment rCx -> dbus,
@{bin}/gnome-keyring-daemon rPx, @{bin}/gnome-keyring-daemon rPx,
@{bin}/kwalletd{5,6} rPx, @{bin}/kwalletd{5,6} rPx,
@{bin}/kwin_wayland rPx,
@{bin}/sddm-greeter{,-qt6} rPx,
@{bin}/startplasma-wayland rPx, @{bin}/startplasma-wayland rPx,
@{bin}/startplasma-x11 rPx, @{bin}/startplasma-x11 rPx,
@{bin}/sway rPUx,
@{bin}/systemctl rCx -> systemctl, @{bin}/systemctl rCx -> systemctl,
@{bin}/unix_chkpwd rPx, @{bin}/xauth rCx -> xauth,
@{bin}/Xorg rPx,
@{bin}/xrdb rPx, @{bin}/xrdb rPx,
@{bin}/xset rPx, @{bin}/xset rPx,
@{bin}/xsetroot rPx,
@{etc_ro}/sddm/Xsession rPx,
@{etc_ro}/X11/xdm/Xsession rPx, @{etc_ro}/X11/xdm/Xsession rPx,
/usr/etc/X11/xdm/Xsetup rix, /usr/etc/X11/xdm/Xsetup rix,
@ -110,7 +104,6 @@ profile sddm @{exec_path} flags=(attach_disconnected,mediate_deleted) {
/usr/share/sddm/scripts/Xstop rix, /usr/share/sddm/scripts/Xstop rix,
/usr/share/desktop-base/softwaves-theme/login/*.svg r, /usr/share/desktop-base/softwaves-theme/login/*.svg r,
/usr/share/icu/@{int}.@{int}/*.dat r,
/usr/share/plasma/desktoptheme/** r, /usr/share/plasma/desktoptheme/** r,
/usr/share/sddm/faces/.*.icon r, /usr/share/sddm/faces/.*.icon r,
/usr/share/sddm/themes/** r, /usr/share/sddm/themes/** r,
@ -148,7 +141,6 @@ profile sddm @{exec_path} flags=(attach_disconnected,mediate_deleted) {
owner @{user_config_dirs}/menus/{,**} r, owner @{user_config_dirs}/menus/{,**} r,
owner @{user_config_dirs}/startkderc r, owner @{user_config_dirs}/startkderc r,
owner @{user_share_dirs}/ w,
owner @{user_share_dirs}/kwalletd/ rw, owner @{user_share_dirs}/kwalletd/ rw,
owner @{user_share_dirs}/kwalletd/kdewallet.salt rw, owner @{user_share_dirs}/kwalletd/kdewallet.salt rw,
owner @{user_share_dirs}/sddm/ w, owner @{user_share_dirs}/sddm/ w,
@ -173,9 +165,6 @@ profile sddm @{exec_path} flags=(attach_disconnected,mediate_deleted) {
owner @{run}/user/@{uid}/#@{int} rw, owner @{run}/user/@{uid}/#@{int} rw,
owner @{run}/user/@{uid}/kwallet5.socket rw, owner @{run}/user/@{uid}/kwallet5.socket rw,
@{sys}/devices/system/node/ r,
@{sys}/devices/system/node/node@{int}/meminfo r,
@{PROC}/ r, @{PROC}/ r,
@{PROC}/uptime r, @{PROC}/uptime r,
@{PROC}/@{pids}/cmdline r, @{PROC}/@{pids}/cmdline r,
@ -216,15 +205,5 @@ profile sddm @{exec_path} flags=(attach_disconnected,mediate_deleted) {
include if exists <local/sddm_xauth> include if exists <local/sddm_xauth>
} }
profile dbus {
include <abstractions/base>
@{bin}/dbus-update-activation-environment mr,
owner @{user_share_dirs}/sddm/xorg-session.log w,
include if exists <local/sddm_dbus>
}
include if exists <local/sddm> include if exists <local/sddm>
} }