mirrors/apparmor.d
1
0
Fork 0
mirror of https://github.com/roddhjav/apparmor.d.git synced 2024-11-15 16:03:51 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

fix: remove irssi and pidgin as they are present in other sources.

Browse Source
This commit is contained in:
Alexandre Pujol 2022-04-07 21:02:02 +01:00
parent 26cb8f6b86
commit 40fdd3da5e
No known key found for this signature in database
GPG Key ID: C5469996F0DF68EC
2 changed files with 0 additions and 139 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

53
apparmor.d/profiles-s-z/usr.bin.irssi
View File

@ -1,53 +0,0 @@
# Author: Jamie Strandboge
# For use with irssi within screen
include <tunables/global>
/usr/bin/irssi flags=(complain) {
include <abstractions/base>
include <abstractions/nameservice>
include <abstractions/perl>
include <abstractions/ssl_certs>
/usr/share/irssi/themes/*.theme r,
/usr/share/irssi/help/* r,
# Enable system wide scripts
/usr/share/irssi/scripts/* r,
/usr/share/ca-certificates/** r,
@{PROC}/uptime r,
/{usr/,}bin/dash ix,
# for screen_away
include <abstractions/wutmp>
/usr/bin/screen ix,
owner /{,var/}run/screen/** r,
owner /{,var/}run/screen/S-[a-zA-Z0-9]*/[0-9]* w,
@{PROC}/[0-9]*/stat r,
# for /uptime
/usr/bin/gawk ix,
/usr/bin/expr ix,
/{usr/,}bin/date ix,
# for /calc
/usr/bin/bc ix,
/{usr/,}bin/which ixr,
# config files, etc
/etc/irssi.conf r,
owner @{HOME}/.irssi/ r,
owner @{HOME}/.irssi/** r,
owner @{HOME}/.irssi/away.log wk,
owner @{HOME}/.irssi/config{,.autosave} wk,
owner @{HOME}/.irssi/*.theme wk,
# http://www.irssi.org/documentation/startup states that ~/irclogs is the
# default location for logs. Also allow the common configuration of logging
# inside the .irssi directory.
owner @{HOME}/{.irssi/,}irclogs/ r,
owner @{HOME}/{.irssi/,}irclogs/** rwk,
# for fnotify
owner @{HOME}/.irssi/fnotify rwk,
include if exists <local/usr.bin.irssi>
}

86
apparmor.d/profiles-s-z/usr.bin.pidgin
View File

@ -1,86 +0,0 @@
# vim:syntax=apparmor
include <tunables/global>
/usr/bin/pidgin {
include <abstractions/audio>
include <abstractions/base>
include <abstractions/bash>
include <abstractions/dbus-session>
include <abstractions/dbus-strict>
include <abstractions/dconf>
include <abstractions/enchant>
include <abstractions/gnome>
include <abstractions/gstreamer>
include <abstractions/ibus>
include <abstractions/nameservice>
include <abstractions/private-files-strict>
include <abstractions/ssl_certs>
include <abstractions/ubuntu-browsers>
include <abstractions/ubuntu-helpers>
include <abstractions/user-download>
dbus receive
bus=system
path=/org/freedesktop/NetworkManager
interface=org.freedesktop.NetworkManager
member={CheckPermissions,DeviceAdded,DeviceRemoved,StateChanged,PropertiesChanged}
peer=(label=unconfined),
dbus send
bus=system
path=/org/freedesktop/NetworkManager
interface=org.freedesktop.NetworkManager
member=state
peer=(label=unconfined),
deny ptrace,
deny capability sys_ptrace,
deny @{user_share_dirs}/applications/wine/ r,
owner @{HOME}/.purple/ rw,
owner @{HOME}/.purple/** rwk,
owner @{HOME}/.purple/plugins/*.so m,
owner @{user_config_dirs}/indicators/ rw,
owner @{user_config_dirs}/indicators/** rw,
owner @{user_share_dirs}/applications/ r,
# Uncomment the two following lines if you want to allow Pidgin to update
# any DConf setting:
# owner @{HOME}/.{cache,config}/dconf/user rw,
# owner /{,var/}run/user/@{uid}/dconf/user rwk,
/{usr/,}bin/dash rix,
/{usr/,}bin/which rix,
# NB: the preferred browser and proxy settings must be configured
# in the GNOME preferences: this profile does not allow running
# the corresponding external configuration applications.
/usr/bin/gconftool-2 rPix,
/usr/bin/gnome-open rmix,
/usr/bin/gsettings rix,
/usr/bin/gvfs-open rmix,
/usr/bin/pidgin r,
/usr/bin/xdg-open rmix,
/etc/purple/prefs.xml r,
/usr/lib/frei0r-1/*.so rm,
/usr/lib/@{multiarch}/libvisual-*/**.so rm,
/usr/lib/pidgin/*.so rm,
/usr/lib/purple*/*.so rm,
# pidgin-blinklight plugin
/usr/lib/pidgin-blinklight/blinklight-fixperm rPix,
@{PROC}/acpi/ibm/light rwk,
/usr/share/purple/ca-certs/ r,
/usr/share/purple/ca-certs/** r,
/usr/share/tcltk/** r,
/usr/share/themes/ r,
owner @{PROC}/@{pid}/auxv r,
owner @{PROC}/@{pid}/fd/ r,
include if exists <local/usr.bin.pidgin>
}