feat(profile): update some dbus rules.

This commit is contained in:
Alexandre Pujol 2024-09-26 20:29:33 +01:00
parent fbb0d62aee
commit 3f13aa77bf
No known key found for this signature in database
GPG Key ID: C5469996F0DF68EC
10 changed files with 14 additions and 50 deletions

View File

@ -7,9 +7,9 @@
member=GetManagedObjects
peer=(name="{@{busname},org.freedesktop.NetworkManager}", label=NetworkManager),
dbus send bus=system path=/org/freedesktop/NetworkManager
dbus send bus=system path=/org/freedesktop/NetworkManager{,/**}
interface=org.freedesktop.DBus.Properties
member=GetAll
member={Get,GetAll}
peer=(name="{@{busname},org.freedesktop.NetworkManager}", label=NetworkManager),
dbus send bus=system path=/org/freedesktop/NetworkManager
@ -27,16 +27,6 @@
member=GetSettings
peer=(name="{@{busname},org.freedesktop.NetworkManager}", label=NetworkManager),
dbus send bus=system path=/org/freedesktop/NetworkManager/ActiveConnection/@{int}
interface=org.freedesktop.DBus.Properties
member=GetAll
peer=(name="{@{busname},org.freedesktop.NetworkManager}", label=NetworkManager),
dbus send bus=system path=/org/freedesktop/NetworkManager/Devices/@{int}
interface=org.freedesktop.DBus.Properties
member=GetAll
peer=(name="{@{busname},org.freedesktop.NetworkManager}", label=NetworkManager),
dbus send bus=system path=/org/freedesktop/NetworkManager
interface=org.freedesktop.DBus.Introspectable
member=Introspect

View File

@ -26,7 +26,7 @@
member={Get,GetAll}
peer=(name="{@{busname},org.freedesktop.UPower}", label=upowerd),
dbus send bus=system path=/org/freedesktop/UPower/devices/*
dbus send bus=system path=/org/freedesktop/UPower{,/**}
interface=org.freedesktop.DBus.Introspectable
member=Introspect
peer=(name="{@{busname},org.freedesktop.UPower}", label=upowerd),

View File

@ -29,7 +29,7 @@ profile dbus-session flags=(attach_disconnected) {
signal (send) set=(term hup kill) peer=dconf-service,
signal (send) set=(term hup kill) peer=xdg-*,
#aa:dbus own bus=session name=org.freedesktop.DBus
#aa:dbus own bus=session name=org.freedesktop.DBus path=/{,org/freedesktop/DBus}
@{exec_path} mrix,

View File

@ -73,8 +73,9 @@ profile gnome-shell @{exec_path} flags=(attach_disconnected,mediate_deleted) {
#aa:dbus own bus=session name=org.gnome.Mutter
#aa:dbus own bus=session name=org.gnome.Shell
#aa:dbus own bus=session name=com.canonical.Unity path=/com/canonical/{U,u}nity
#aa:dbus own bus=session name=com.canonical.{U,u}nity
#aa:dbus own bus=session name=com.rastersoft.dingextension
#aa:dbus own bus=session name=org.ayatana.NotificationItem
#aa:dbus own bus=session name=org.gtk.Actions path=/**
#aa:dbus own bus=session name=org.gtk.MountOperationHandler
#aa:dbus own bus=session name=org.gtk.Notifications
@ -133,11 +134,6 @@ profile gnome-shell @{exec_path} flags=(attach_disconnected,mediate_deleted) {
member=Embed
peer=(name=org.a11y.atspi.Registry),
dbus send bus=session path=/org/ayatana/NotificationItem/*
interface=org.freedesktop.DBus.Properties
member={Get,GetAll}
peer=(name=:*, label=update-notifier),
dbus receive bus=session path=/org/freedesktop/systemd1
interface=org.freedesktop.systemd1.Manager
member=JobRemoved

View File

@ -35,11 +35,6 @@ profile nautilus @{exec_path} flags=(attach_disconnected) {
#aa:dbus talk bus=session name=org.gtk.vfs label="gvfsd{,-*}"
#aa:dbus talk bus=session name=org.gtk.Notifications label=gnome-shell
dbus send bus=session path=/org/freedesktop/DBus
interface=org.freedesktop.DBus.Properties
member={GetAll,ListActivatableNames}
peer=(name=org.freedesktop.DBus, label=dbus-session),
dbus (send, receive) bus=session path=/org/gtk/Application/CommandLine
interface=org.gtk.private.CommandLine
member=Print

View File

@ -9,10 +9,14 @@ include <tunables/global>
@{exec_path} = @{bin}/yelp @{bin}/gnome-help
profile yelp @{exec_path} {
include <abstractions/base>
include <abstractions/bus-accessibility>
include <abstractions/bus/org.a11y>
include <abstractions/common/gnome>
network netlink raw,
#aa:dbus own bus=session name=org.gnome.Yelp
@{exec_path} mr,
@{lib}/{,@{multiarch}/}webkit{2,}gtk-*/WebKitNetworkProcess rix,

View File

@ -16,6 +16,7 @@ profile gvfsd-dnssd @{exec_path} {
include <abstractions/bus/org.gtk.vfs.MountTracker>
#aa:dbus own bus=session name=org.gtk.vfs.mountpoint_dnssd
#aa:dbus talk bus=session name=org.gtk.vfs.MountTracker label=gvfsd
dbus receive bus=session path=/org/gtk/vfs/Daemon
interface=org.gtk.vfs.Daemon

View File

@ -19,6 +19,7 @@ profile update-manager @{exec_path} flags=(attach_disconnected) {
include <abstractions/bus/org.freedesktop.NetworkManager>
include <abstractions/bus/org.freedesktop.portal.Desktop>
include <abstractions/bus/org.freedesktop.UPower>
include <abstractions/bus/org.gtk.vfs.MountTracker>
include <abstractions/consoles>
include <abstractions/dconf-write>
include <abstractions/gnome-strict>

View File

@ -25,24 +25,7 @@ profile update-notifier @{exec_path} {
unix (bind) type=stream addr=@@{hex16}/bus/systemd/bus-api-user,
#aa:dbus talk bus=system name=org.debian.apt label=apt
dbus receive bus=session path=/org/ayatana/NotificationItem/software_update_available
interface=org.freedesktop.DBus.Properties
member={Get,GetAll}
peer=(name=:*, label=gnome-shell),
dbus receive bus=session path=/org/ayatana/NotificationItem/livepatch{,/Menu}
interface=org.freedesktop.DBus.Properties
member=={Get,GetAll}
peer=(name=:*, label=gnome-shell),
dbus receive bus=session path=/org/ayatana/NotificationItem/livepatch/Menu
interface=com.canonical.dbusmenu
member={AboutToShow,GetGroupProperties,GetLayout}
peer=(name=:*, label=gnome-shell),
dbus send bus=session path=/org/ayatana/NotificationItem/*
interface=org.kde.StatusNotifierItem
peer=(name=org.freedesktop.DBus, label=gnome-shell),
#aa:dbus talk bus=session name=org.ayatana.NotificationItem label=gnome-shell
@{exec_path} mr,

View File

@ -26,13 +26,7 @@ profile atril @{exec_path} {
network netlink raw,
dbus send bus=session path=/org/mate/atril/{,**}
peer=(name=org.freedesktop.DBus, label=atrild), # all interfaces and members
dbus send bus=session path=/org/mate/atril/Daemon
interface=org.mate.atril.Daemon
member={RegisterDocument,UnregisterDocument}
peer=(name=org.mate.atril.Daemon), # no peer's labels
#aa:dbus talk bus=session name=org.mate.atril.Daemon label=atrild
@{exec_path} mr,