mirrors/apparmor.d
1
0
Fork 0
mirror of https://github.com/roddhjav/apparmor.d.git synced 2024-11-15 07:54:17 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

feat(profile): some dbus rule improvment.

Browse Source
This commit is contained in:
Alexandre Pujol 2024-03-15 23:56:23 +00:00
parent 1b8b52962b
commit 66aa230b90
No known key found for this signature in database
GPG Key ID: C5469996F0DF68EC
5 changed files with 14 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
apparmor.d/abstractions/bus/com.canonical.Unity.LauncherEntry
View File

@ -9,4 +9,14 @@
member=Update member=Update
peer=(name=org.freedesktop.DBus, label=gnome-shell), peer=(name=org.freedesktop.DBus, label=gnome-shell),
dbus receive bus=session path=/com/canonical/unity/launcherentry/@{int}
interface=com.canonical.dbusmenu
member={GetLayout,GetGroupProperties}
peer=(name=:*, label=gnome-shell),
dbus receive bus=session path=/com/canonical/unity/launcherentry/@{int}
interface=org.freedesktop.DBus.Properties
member=GetAll
peer=(name=:*, label=gnome-shell),
include if exists <abstractions/bus/com.canonical.Unity.LauncherEntry.d> include if exists <abstractions/bus/com.canonical.Unity.LauncherEntry.d>

2
apparmor.d/groups/gvfs/gvfs-goa-volume-monitor
View File

@ -12,7 +12,7 @@ profile gvfs-goa-volume-monitor @{exec_path} {
include <abstractions/base> include <abstractions/base>
include <abstractions/bus-session> include <abstractions/bus-session>
# dbus: own bus=session name=org.gtk.vfs.GoaVolumeMonitor # dbus: own bus=session name=org.gtk.vfs.GoaVolumeMonitor interface=org.gtk.Private.RemoteVolumeMonitor path=/org/gtk/Private/RemoteVolumeMonitor
dbus receive bus=session dbus receive bus=session
interface=org.freedesktop.DBus.Introspectable interface=org.freedesktop.DBus.Introspectable

2
apparmor.d/groups/gvfs/gvfs-gphoto2-volume-monitor
View File

@ -16,7 +16,7 @@ profile gvfs-gphoto2-volume-monitor @{exec_path} {
network netlink raw, network netlink raw,
# dbus: own bus=session name=org.gtk.vfs.GPhoto2VolumeMonitor # dbus: own bus=session name=org.gtk.vfs.GPhoto2VolumeMonitor interface=org.gtk.Private.RemoteVolumeMonitor path=/org/gtk/Private/RemoteVolumeMonitor
dbus receive bus=session dbus receive bus=session
interface=org.freedesktop.DBus.Introspectable interface=org.freedesktop.DBus.Introspectable

2
apparmor.d/groups/gvfs/gvfs-mtp-volume-monitor
View File

@ -15,7 +15,7 @@ profile gvfs-mtp-volume-monitor @{exec_path} {
network netlink raw, network netlink raw,
# dbus: own bus=session name=org.gtk.vfs.MTPVolumeMonitor # dbus: own bus=session name=org.gtk.vfs.MTPVolumeMonitor interface=org.gtk.Private.RemoteVolumeMonitor path=/org/gtk/Private/RemoteVolumeMonitor
dbus receive bus=session dbus receive bus=session
interface=org.freedesktop.DBus.Introspectable interface=org.freedesktop.DBus.Introspectable

4
apparmor.d/groups/gvfs/gvfs-udisks2-volume-monitor
View File

@ -30,8 +30,7 @@ profile gvfs-udisks2-volume-monitor @{exec_path} flags=(attach_disconnected) {
ptrace (read), ptrace (read),
# dbus: own bus=session name=org.gtk.vfs.UDisks2VolumeMonitor # dbus: own bus=session name=org.gtk.vfs.UDisks2VolumeMonitor interface=org.gtk.Private.RemoteVolumeMonitor path=/org/gtk/Private/RemoteVolumeMonitor
# dbus: talk bus=system name=org.freedesktop.UDisks2 label=udisksd # dbus: talk bus=system name=org.freedesktop.UDisks2 label=udisksd
dbus receive bus=session dbus receive bus=session
@ -50,7 +49,6 @@ profile gvfs-udisks2-volume-monitor @{exec_path} flags=(attach_disconnected) {
/ r, / r,
/etc/fstab r, /etc/fstab r,
/etc/machine-id r,
# Mount points # Mount points
@{MOUNTS}/**/ r, @{MOUNTS}/**/ r,