mirror of
https://github.com/roddhjav/apparmor.d.git
synced 2024-11-14 23:43:56 +01:00
feat(profile): update some dbus rules.
This commit is contained in:
parent
fbb0d62aee
commit
3f13aa77bf
@ -7,9 +7,9 @@
|
||||
member=GetManagedObjects
|
||||
peer=(name="{@{busname},org.freedesktop.NetworkManager}", label=NetworkManager),
|
||||
|
||||
dbus send bus=system path=/org/freedesktop/NetworkManager
|
||||
dbus send bus=system path=/org/freedesktop/NetworkManager{,/**}
|
||||
interface=org.freedesktop.DBus.Properties
|
||||
member=GetAll
|
||||
member={Get,GetAll}
|
||||
peer=(name="{@{busname},org.freedesktop.NetworkManager}", label=NetworkManager),
|
||||
|
||||
dbus send bus=system path=/org/freedesktop/NetworkManager
|
||||
@ -27,16 +27,6 @@
|
||||
member=GetSettings
|
||||
peer=(name="{@{busname},org.freedesktop.NetworkManager}", label=NetworkManager),
|
||||
|
||||
dbus send bus=system path=/org/freedesktop/NetworkManager/ActiveConnection/@{int}
|
||||
interface=org.freedesktop.DBus.Properties
|
||||
member=GetAll
|
||||
peer=(name="{@{busname},org.freedesktop.NetworkManager}", label=NetworkManager),
|
||||
|
||||
dbus send bus=system path=/org/freedesktop/NetworkManager/Devices/@{int}
|
||||
interface=org.freedesktop.DBus.Properties
|
||||
member=GetAll
|
||||
peer=(name="{@{busname},org.freedesktop.NetworkManager}", label=NetworkManager),
|
||||
|
||||
dbus send bus=system path=/org/freedesktop/NetworkManager
|
||||
interface=org.freedesktop.DBus.Introspectable
|
||||
member=Introspect
|
||||
|
@ -26,7 +26,7 @@
|
||||
member={Get,GetAll}
|
||||
peer=(name="{@{busname},org.freedesktop.UPower}", label=upowerd),
|
||||
|
||||
dbus send bus=system path=/org/freedesktop/UPower/devices/*
|
||||
dbus send bus=system path=/org/freedesktop/UPower{,/**}
|
||||
interface=org.freedesktop.DBus.Introspectable
|
||||
member=Introspect
|
||||
peer=(name="{@{busname},org.freedesktop.UPower}", label=upowerd),
|
||||
|
@ -29,7 +29,7 @@ profile dbus-session flags=(attach_disconnected) {
|
||||
signal (send) set=(term hup kill) peer=dconf-service,
|
||||
signal (send) set=(term hup kill) peer=xdg-*,
|
||||
|
||||
#aa:dbus own bus=session name=org.freedesktop.DBus
|
||||
#aa:dbus own bus=session name=org.freedesktop.DBus path=/{,org/freedesktop/DBus}
|
||||
|
||||
@{exec_path} mrix,
|
||||
|
||||
|
@ -73,8 +73,9 @@ profile gnome-shell @{exec_path} flags=(attach_disconnected,mediate_deleted) {
|
||||
#aa:dbus own bus=session name=org.gnome.Mutter
|
||||
#aa:dbus own bus=session name=org.gnome.Shell
|
||||
|
||||
#aa:dbus own bus=session name=com.canonical.Unity path=/com/canonical/{U,u}nity
|
||||
#aa:dbus own bus=session name=com.canonical.{U,u}nity
|
||||
#aa:dbus own bus=session name=com.rastersoft.dingextension
|
||||
#aa:dbus own bus=session name=org.ayatana.NotificationItem
|
||||
#aa:dbus own bus=session name=org.gtk.Actions path=/**
|
||||
#aa:dbus own bus=session name=org.gtk.MountOperationHandler
|
||||
#aa:dbus own bus=session name=org.gtk.Notifications
|
||||
@ -133,11 +134,6 @@ profile gnome-shell @{exec_path} flags=(attach_disconnected,mediate_deleted) {
|
||||
member=Embed
|
||||
peer=(name=org.a11y.atspi.Registry),
|
||||
|
||||
dbus send bus=session path=/org/ayatana/NotificationItem/*
|
||||
interface=org.freedesktop.DBus.Properties
|
||||
member={Get,GetAll}
|
||||
peer=(name=:*, label=update-notifier),
|
||||
|
||||
dbus receive bus=session path=/org/freedesktop/systemd1
|
||||
interface=org.freedesktop.systemd1.Manager
|
||||
member=JobRemoved
|
||||
|
@ -35,11 +35,6 @@ profile nautilus @{exec_path} flags=(attach_disconnected) {
|
||||
#aa:dbus talk bus=session name=org.gtk.vfs label="gvfsd{,-*}"
|
||||
#aa:dbus talk bus=session name=org.gtk.Notifications label=gnome-shell
|
||||
|
||||
dbus send bus=session path=/org/freedesktop/DBus
|
||||
interface=org.freedesktop.DBus.Properties
|
||||
member={GetAll,ListActivatableNames}
|
||||
peer=(name=org.freedesktop.DBus, label=dbus-session),
|
||||
|
||||
dbus (send, receive) bus=session path=/org/gtk/Application/CommandLine
|
||||
interface=org.gtk.private.CommandLine
|
||||
member=Print
|
||||
|
@ -9,10 +9,14 @@ include <tunables/global>
|
||||
@{exec_path} = @{bin}/yelp @{bin}/gnome-help
|
||||
profile yelp @{exec_path} {
|
||||
include <abstractions/base>
|
||||
include <abstractions/bus-accessibility>
|
||||
include <abstractions/bus/org.a11y>
|
||||
include <abstractions/common/gnome>
|
||||
|
||||
network netlink raw,
|
||||
|
||||
#aa:dbus own bus=session name=org.gnome.Yelp
|
||||
|
||||
@{exec_path} mr,
|
||||
|
||||
@{lib}/{,@{multiarch}/}webkit{2,}gtk-*/WebKitNetworkProcess rix,
|
||||
|
@ -16,6 +16,7 @@ profile gvfsd-dnssd @{exec_path} {
|
||||
include <abstractions/bus/org.gtk.vfs.MountTracker>
|
||||
|
||||
#aa:dbus own bus=session name=org.gtk.vfs.mountpoint_dnssd
|
||||
#aa:dbus talk bus=session name=org.gtk.vfs.MountTracker label=gvfsd
|
||||
|
||||
dbus receive bus=session path=/org/gtk/vfs/Daemon
|
||||
interface=org.gtk.vfs.Daemon
|
||||
|
@ -19,6 +19,7 @@ profile update-manager @{exec_path} flags=(attach_disconnected) {
|
||||
include <abstractions/bus/org.freedesktop.NetworkManager>
|
||||
include <abstractions/bus/org.freedesktop.portal.Desktop>
|
||||
include <abstractions/bus/org.freedesktop.UPower>
|
||||
include <abstractions/bus/org.gtk.vfs.MountTracker>
|
||||
include <abstractions/consoles>
|
||||
include <abstractions/dconf-write>
|
||||
include <abstractions/gnome-strict>
|
||||
|
@ -25,24 +25,7 @@ profile update-notifier @{exec_path} {
|
||||
unix (bind) type=stream addr=@@{hex16}/bus/systemd/bus-api-user,
|
||||
|
||||
#aa:dbus talk bus=system name=org.debian.apt label=apt
|
||||
|
||||
dbus receive bus=session path=/org/ayatana/NotificationItem/software_update_available
|
||||
interface=org.freedesktop.DBus.Properties
|
||||
member={Get,GetAll}
|
||||
peer=(name=:*, label=gnome-shell),
|
||||
|
||||
dbus receive bus=session path=/org/ayatana/NotificationItem/livepatch{,/Menu}
|
||||
interface=org.freedesktop.DBus.Properties
|
||||
member=={Get,GetAll}
|
||||
peer=(name=:*, label=gnome-shell),
|
||||
dbus receive bus=session path=/org/ayatana/NotificationItem/livepatch/Menu
|
||||
interface=com.canonical.dbusmenu
|
||||
member={AboutToShow,GetGroupProperties,GetLayout}
|
||||
peer=(name=:*, label=gnome-shell),
|
||||
|
||||
dbus send bus=session path=/org/ayatana/NotificationItem/*
|
||||
interface=org.kde.StatusNotifierItem
|
||||
peer=(name=org.freedesktop.DBus, label=gnome-shell),
|
||||
#aa:dbus talk bus=session name=org.ayatana.NotificationItem label=gnome-shell
|
||||
|
||||
@{exec_path} mr,
|
||||
|
||||
|
@ -26,13 +26,7 @@ profile atril @{exec_path} {
|
||||
|
||||
network netlink raw,
|
||||
|
||||
dbus send bus=session path=/org/mate/atril/{,**}
|
||||
peer=(name=org.freedesktop.DBus, label=atrild), # all interfaces and members
|
||||
|
||||
dbus send bus=session path=/org/mate/atril/Daemon
|
||||
interface=org.mate.atril.Daemon
|
||||
member={RegisterDocument,UnregisterDocument}
|
||||
peer=(name=org.mate.atril.Daemon), # no peer's labels
|
||||
#aa:dbus talk bus=session name=org.mate.atril.Daemon label=atrild
|
||||
|
||||
@{exec_path} mr,
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user