diff --git a/apparmor.d/groups/gvfs/gvfsd-fuse b/apparmor.d/groups/gvfs/gvfsd-fuse index 0094e54b..b4883535 100644 --- a/apparmor.d/groups/gvfs/gvfsd-fuse +++ b/apparmor.d/groups/gvfs/gvfsd-fuse @@ -17,6 +17,8 @@ profile gvfsd-fuse @{exec_path} { mount fstype={fuse,fuse.*} -> @{run}/user/[0-9]*/gvfs/, + @{PROC}/sys/fs/pipe-max-size r, + /dev/fuse rw, include if exists diff --git a/apparmor.d/groups/gvfs/gvfsd-metadata b/apparmor.d/groups/gvfs/gvfsd-metadata index b727142d..eb8a9e46 100644 --- a/apparmor.d/groups/gvfs/gvfsd-metadata +++ b/apparmor.d/groups/gvfs/gvfsd-metadata @@ -16,8 +16,8 @@ profile gvfsd-metadata @{exec_path} { @{exec_path} mr, - owner @{user_share_dirs}/gvfs-metadata/ rw, - owner @{user_share_dirs}/gvfs-metadata/** rw, + owner @{HOME}/.local/share/gvfs-metadata/ rw, + owner @{HOME}/.local/share/gvfs-metadata/** rw, include if exists } diff --git a/apparmor.d/groups/gvfs/gvfsd-network b/apparmor.d/groups/gvfs/gvfsd-network index a501165d..328dc671 100644 --- a/apparmor.d/groups/gvfs/gvfsd-network +++ b/apparmor.d/groups/gvfs/gvfsd-network @@ -1,5 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021 Mikhail Morfikov +# 2021 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only abi , @@ -13,5 +14,8 @@ profile gvfsd-network @{exec_path} { @{exec_path} mr, + owner @{run}/user/[0-9]*/gvfsd/ rw, + owner @{run}/user/[0-9]*/gvfsd/socket-[a-zA-z0-9]* rw, + include if exists } diff --git a/apparmor.d/groups/gvfs/gvfsd-trash b/apparmor.d/groups/gvfs/gvfsd-trash index 8eaaca3f..37783436 100644 --- a/apparmor.d/groups/gvfs/gvfsd-trash +++ b/apparmor.d/groups/gvfs/gvfsd-trash @@ -1,5 +1,6 @@ # apparmor.d - Full set of apparmor profiles # Copyright (C) 2021 Mikhail Morfikov +# 2021 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only abi , @@ -25,5 +26,8 @@ profile gvfsd-trash @{exec_path} { @{run}/mount/utab r, + owner @{run}/user/[0-9]*/gvfsd/ rw, + owner @{run}/user/[0-9]*/gvfsd/socket-[a-zA-z0-9]* rw, + include if exists }