mirrors/apparmor.d
1
0
Fork 0
mirror of https://github.com/roddhjav/apparmor.d.git synced 2024-11-15 16:03:51 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

Fix support for Qt5CT and Qt6CT in profiles-m-r

Browse Source 
This fix the next apps/binaries

*megasync
*merkaator
*mkvtoolnix-gui
*pinentry-qt
*psi
*psi-plus
*qnapi
*qpdfview
*qtox
*quiterss
*rpi-imager
This commit is contained in:
Jose Maldonado aka Yukiteru 2024-04-25 23:04:32 -04:00 committed by Alex
parent 917a754206
commit 7ed52e44cd
11 changed files with 10 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
apparmor.d/profiles-m-r/megasync
View File

@ -19,6 +19,7 @@ profile megasync @{exec_path} {
include <abstractions/dri-enumerate> include <abstractions/dri-enumerate>
include <abstractions/mesa> include <abstractions/mesa>
include <abstractions/nameservice-strict> include <abstractions/nameservice-strict>
include <abstractions/qt5>
include <abstractions/qt5-compose-cache-write> include <abstractions/qt5-compose-cache-write>
include <abstractions/qt5-settings-write> include <abstractions/qt5-settings-write>
include <abstractions/user-download-strict> include <abstractions/user-download-strict>
@ -46,10 +47,6 @@ profile megasync @{exec_path} {
owner "@{user_share_dirs}/data/Mega Limited/" rw, owner "@{user_share_dirs}/data/Mega Limited/" rw,
owner "@{user_share_dirs}/data/Mega Limited/**" rwkl -> "@{user_share_dirs}/data/Mega Limited/MEGAsync/#@{int}", owner "@{user_share_dirs}/data/Mega Limited/**" rwkl -> "@{user_share_dirs}/data/Mega Limited/MEGAsync/#@{int}",
# To configure Qt5 settings (theme, font, icons, etc.) under DE/WM without Qt integration
owner @{user_config_dirs}/qt5ct/{,**} r,
/usr/share/qt5ct/** r,
owner @{user_config_dirs}/QtProject.conf r, owner @{user_config_dirs}/QtProject.conf r,
# Sync folder # Sync folder

5
apparmor.d/profiles-m-r/merkaartor
View File

@ -17,6 +17,7 @@ profile merkaartor @{exec_path} {
include <abstractions/mesa> include <abstractions/mesa>
include <abstractions/dri-common> include <abstractions/dri-common>
include <abstractions/dri-enumerate> include <abstractions/dri-enumerate>
include <abstractions/qt5>
include <abstractions/qt5-settings-write> include <abstractions/qt5-settings-write>
include <abstractions/nameservice-strict> include <abstractions/nameservice-strict>
include <abstractions/ssl_certs> include <abstractions/ssl_certs>
@ -44,10 +45,6 @@ profile merkaartor @{exec_path} {
/var/lib/dbus/machine-id r, /var/lib/dbus/machine-id r,
/etc/machine-id r, /etc/machine-id r,
# To configure Qt5 settings (theme, font, icons, etc.) under DE/WM without Qt integration
owner @{user_config_dirs}/qt5ct/{,**} r,
/usr/share/qt5ct/** r,
/usr/share/hwdata/pnp.ids r, /usr/share/hwdata/pnp.ids r,
deny owner @{PROC}/@{pid}/cmdline r, deny owner @{PROC}/@{pid}/cmdline r,

4
apparmor.d/profiles-m-r/mkvtoolnix-gui
View File

@ -17,6 +17,7 @@ profile mkvtoolnix-gui @{exec_path} {
include <abstractions/gtk> include <abstractions/gtk>
include <abstractions/mesa> include <abstractions/mesa>
include <abstractions/nameservice-strict> include <abstractions/nameservice-strict>
include <abstractions/qt5>
include <abstractions/qt5-compose-cache-write> include <abstractions/qt5-compose-cache-write>
include <abstractions/qt5-settings-write> include <abstractions/qt5-settings-write>
include <abstractions/ssl_certs> include <abstractions/ssl_certs>
@ -30,7 +31,6 @@ profile mkvtoolnix-gui @{exec_path} {
@{bin}/mkvmerge rPx, @{bin}/mkvmerge rPx,
@{bin}/mediainfo-gui rPx, @{bin}/mediainfo-gui rPx,
/usr/share/qt5ct/** r,
/usr/share/hwdata/pnp.ids r, /usr/share/hwdata/pnp.ids r,
/etc/fstab r, /etc/fstab r,
@ -50,8 +50,6 @@ profile mkvtoolnix-gui @{exec_path} {
owner @{user_cache_dirs}/bunkus.org/mkvtoolnix-gui/**/ rw, owner @{user_cache_dirs}/bunkus.org/mkvtoolnix-gui/**/ rw,
owner @{user_cache_dirs}/bunkus.org/mkvtoolnix-gui/**/@{hex} rw, owner @{user_cache_dirs}/bunkus.org/mkvtoolnix-gui/**/@{hex} rw,
owner @{user_config_dirs}/qt5ct/{,**} r,
owner /tmp/#@{int} rw, owner /tmp/#@{int} rw,
owner /tmp/MKVToolNix-GUI-MuxConfig-* rwl -> /tmp/#@{int}, owner /tmp/MKVToolNix-GUI-MuxConfig-* rwl -> /tmp/#@{int},
owner /tmp/MKVToolNix-process-*.json rwl -> /tmp/#@{int}, owner /tmp/MKVToolNix-process-*.json rwl -> /tmp/#@{int},

2
apparmor.d/profiles-m-r/pinentry-qt
View File

@ -26,7 +26,6 @@ profile pinentry-qt @{exec_path} {
/usr/share/hwdata/pnp.ids r, /usr/share/hwdata/pnp.ids r,
/usr/share/icu/@{int}.@{int}/*.dat r, /usr/share/icu/@{int}.@{int}/*.dat r,
/usr/share/qt5ct/** r,
/var/lib/dbus/machine-id r, /var/lib/dbus/machine-id r,
/etc/machine-id r, /etc/machine-id r,
@ -38,7 +37,6 @@ profile pinentry-qt @{exec_path} {
owner @{user_config_dirs}/kdeglobals r, owner @{user_config_dirs}/kdeglobals r,
owner @{user_config_dirs}/kwinrc r, owner @{user_config_dirs}/kwinrc r,
owner @{user_config_dirs}/qt5ct/{,**} r,
owner /tmp/xauth_@{rand6} r, owner /tmp/xauth_@{rand6} r,
owner /dev/shm/#@{int} rw, owner /dev/shm/#@{int} rw,

3
apparmor.d/profiles-m-r/psi
View File

@ -19,6 +19,7 @@ profile psi @{exec_path} {
include <abstractions/gtk> include <abstractions/gtk>
include <abstractions/mesa> include <abstractions/mesa>
include <abstractions/nameservice-strict> include <abstractions/nameservice-strict>
include <abstractions/qt5>
include <abstractions/qt5-compose-cache-write> include <abstractions/qt5-compose-cache-write>
include <abstractions/qt5-settings-write> include <abstractions/qt5-settings-write>
include <abstractions/ssl_certs> include <abstractions/ssl_certs>
@ -44,7 +45,6 @@ profile psi @{exec_path} {
/usr/share/hwdata/pnp.ids r, /usr/share/hwdata/pnp.ids r,
/usr/share/psi/{,**} r, /usr/share/psi/{,**} r,
/usr/share/qt5ct/** r,
/etc/debian_version r, /etc/debian_version r,
/etc/fstab r, /etc/fstab r,
@ -60,7 +60,6 @@ profile psi @{exec_path} {
owner @{user_config_dirs}/autostart/psi.desktop rw, owner @{user_config_dirs}/autostart/psi.desktop rw,
owner @{user_config_dirs}/psi/ rw, owner @{user_config_dirs}/psi/ rw,
owner @{user_config_dirs}/psi/** rwkl -> @{user_config_dirs}/psi/#@{int}, owner @{user_config_dirs}/psi/** rwkl -> @{user_config_dirs}/psi/#@{int},
owner @{user_config_dirs}/qt5ct/{,**} r,
owner @{user_share_dirs}/psi/ rw, owner @{user_share_dirs}/psi/ rw,
owner @{user_share_dirs}/psi/** rwk, owner @{user_share_dirs}/psi/** rwk,

3
apparmor.d/profiles-m-r/psi-plus
View File

@ -19,6 +19,7 @@ profile psi-plus @{exec_path} {
include <abstractions/gtk> include <abstractions/gtk>
include <abstractions/mesa> include <abstractions/mesa>
include <abstractions/nameservice-strict> include <abstractions/nameservice-strict>
include <abstractions/qt5>
include <abstractions/qt5-compose-cache-write> include <abstractions/qt5-compose-cache-write>
include <abstractions/qt5-settings-write> include <abstractions/qt5-settings-write>
include <abstractions/ssl_certs> include <abstractions/ssl_certs>
@ -44,7 +45,6 @@ profile psi-plus @{exec_path} {
/usr/share/hwdata/pnp.ids r, /usr/share/hwdata/pnp.ids r,
/usr/share/psi-plus/{,**} r, /usr/share/psi-plus/{,**} r,
/usr/share/qt5ct/** r,
/etc/debian_version r, /etc/debian_version r,
/etc/fstab r, /etc/fstab r,
@ -58,7 +58,6 @@ profile psi-plus @{exec_path} {
owner @{user_config_dirs}/autostart/psi-plus.desktop rw, owner @{user_config_dirs}/autostart/psi-plus.desktop rw,
owner @{user_config_dirs}/psi+/ rw, owner @{user_config_dirs}/psi+/ rw,
owner @{user_config_dirs}/psi+/** rwkl -> @{user_config_dirs}/psi+/#@{int}, owner @{user_config_dirs}/psi+/** rwkl -> @{user_config_dirs}/psi+/#@{int},
owner @{user_config_dirs}/qt5ct/{,**} r,
owner @{user_share_dirs}/psi+/ rw, owner @{user_share_dirs}/psi+/ rw,
owner @{user_share_dirs}/psi+/** rwk, owner @{user_share_dirs}/psi+/** rwk,

3
apparmor.d/profiles-m-r/qnapi
View File

@ -17,6 +17,7 @@ profile qnapi @{exec_path} {
include <abstractions/gtk> include <abstractions/gtk>
include <abstractions/mesa> include <abstractions/mesa>
include <abstractions/nameservice-strict> include <abstractions/nameservice-strict>
include <abstractions/qt5>
include <abstractions/qt5-compose-cache-write> include <abstractions/qt5-compose-cache-write>
include <abstractions/qt5-settings-write> include <abstractions/qt5-settings-write>
include <abstractions/user-download-strict> include <abstractions/user-download-strict>
@ -42,7 +43,6 @@ profile qnapi @{exec_path} {
@{bin}/xdg-open rCx -> open, @{bin}/xdg-open rCx -> open,
@{lib}/firefox/firefox rPx, @{lib}/firefox/firefox rPx,
/usr/share/qt5ct/** r,
/usr/share/hwdata/pnp.ids r, /usr/share/hwdata/pnp.ids r,
/etc/fstab r, /etc/fstab r,
@ -60,7 +60,6 @@ profile qnapi @{exec_path} {
owner @{user_config_dirs}/qnapi.ini.* rwl -> @{user_config_dirs}/#@{int}, owner @{user_config_dirs}/qnapi.ini.* rwl -> @{user_config_dirs}/#@{int},
owner @{user_config_dirs}/qnapi.ini.mlXXXY rwl -> @{user_config_dirs}/#@{int}, owner @{user_config_dirs}/qnapi.ini.mlXXXY rwl -> @{user_config_dirs}/#@{int},
owner @{user_config_dirs}/qt5ct/{,**} r,
owner @{user_cache_dirs}/ rw, owner @{user_cache_dirs}/ rw,
/tmp/ r, /tmp/ r,

4
apparmor.d/profiles-m-r/qpdfview
View File

@ -17,6 +17,7 @@ profile qpdfview @{exec_path} {
include <abstractions/gtk> include <abstractions/gtk>
include <abstractions/mesa> include <abstractions/mesa>
include <abstractions/nameservice-strict> include <abstractions/nameservice-strict>
include <abstractions/qt5>
include <abstractions/qt5-compose-cache-write> include <abstractions/qt5-compose-cache-write>
include <abstractions/qt5-settings-write> include <abstractions/qt5-settings-write>
include <abstractions/thumbnails-cache-read> include <abstractions/thumbnails-cache-read>
@ -35,7 +36,6 @@ profile qpdfview @{exec_path} {
/usr/share/hwdata/pnp.ids r, /usr/share/hwdata/pnp.ids r,
/usr/share/poppler/** r, /usr/share/poppler/** r,
/usr/share/qt5ct/** r,
/usr/share/djvu/** r, /usr/share/djvu/** r,
/etc/fstab r, /etc/fstab r,
@ -55,8 +55,6 @@ profile qpdfview @{exec_path} {
owner @{user_share_dirs}/qpdfview/ rw, owner @{user_share_dirs}/qpdfview/ rw,
owner @{user_share_dirs}/qpdfview/** rwk, owner @{user_share_dirs}/qpdfview/** rwk,
owner @{user_config_dirs}/qt5ct/{,**} r,
owner /dev/shm/#@{int} rw, owner /dev/shm/#@{int} rw,
owner /tmp/@{hex} rw, owner /tmp/@{hex} rw,
owner /tmp/#@{int} rw, owner /tmp/#@{int} rw,

6
apparmor.d/profiles-m-r/qtox
View File

@ -16,6 +16,7 @@ profile qtox @{exec_path} {
include <abstractions/fontconfig-cache-read> include <abstractions/fontconfig-cache-read>
include <abstractions/graphics> include <abstractions/graphics>
include <abstractions/nameservice-strict> include <abstractions/nameservice-strict>
include <abstractions/qt5>
include <abstractions/qt5-settings-write> include <abstractions/qt5-settings-write>
include <abstractions/user-download-strict> include <abstractions/user-download-strict>
@ -29,8 +30,6 @@ profile qtox @{exec_path} {
@{open_path} rPx -> child-open, @{open_path} rPx -> child-open,
/usr/share/qt5ct/** r,
/var/lib/dbus/machine-id r, /var/lib/dbus/machine-id r,
/etc/machine-id r, /etc/machine-id r,
@ -50,9 +49,6 @@ profile qtox @{exec_path} {
owner @{user_share_dirs}/qTox/ rw, owner @{user_share_dirs}/qTox/ rw,
owner @{user_share_dirs}/qTox/** rw, owner @{user_share_dirs}/qTox/** rw,
# To configure Qt5 settings (theme, font, icons, etc.) under DE/WM without Qt integration
owner @{user_config_dirs}/qt5ct/{,**} r,
owner @{PROC}/@{pid}/cmdline r, owner @{PROC}/@{pid}/cmdline r,
@{PROC}/sys/kernel/core_pattern r, # for KCrash::initialize() @{PROC}/sys/kernel/core_pattern r, # for KCrash::initialize()

5
apparmor.d/profiles-m-r/quiterss
View File

@ -15,6 +15,7 @@ profile quiterss @{exec_path} {
include <abstractions/fonts> include <abstractions/fonts>
include <abstractions/fontconfig-cache-read> include <abstractions/fontconfig-cache-read>
include <abstractions/freedesktop.org> include <abstractions/freedesktop.org>
include <abstractions/qt5>
include <abstractions/qt5-settings-write> include <abstractions/qt5-settings-write>
include <abstractions/qt5-compose-cache-write> include <abstractions/qt5-compose-cache-write>
include <abstractions/mesa> include <abstractions/mesa>
@ -37,10 +38,6 @@ profile quiterss @{exec_path} {
@{bin}/xdg-open rCx -> open, @{bin}/xdg-open rCx -> open,
# To configure Qt5 settings (theme, font, icons, etc.) under DE/WM without Qt integration
owner @{user_config_dirs}/qt5ct/{,**} r,
/usr/share/qt5ct/** r,
/usr/share/quiterss/** r, /usr/share/quiterss/** r,
owner @{user_config_dirs}/QuiteRss/ rw, owner @{user_config_dirs}/QuiteRss/ rw,
owner @{user_config_dirs}/QuiteRss/** rwkl -> @{user_config_dirs}/QuiteRss/**, owner @{user_config_dirs}/QuiteRss/** rwkl -> @{user_config_dirs}/QuiteRss/**,

3
apparmor.d/profiles-m-r/rpi-imager
View File

@ -21,6 +21,7 @@ profile rpi-imager @{exec_path} {
include <abstractions/mesa> include <abstractions/mesa>
include <abstractions/nameservice-strict> include <abstractions/nameservice-strict>
include <abstractions/opencl> include <abstractions/opencl>
include <abstractions/qt5>
include <abstractions/qt5-shader-cache> include <abstractions/qt5-shader-cache>
include <abstractions/ssl_certs> include <abstractions/ssl_certs>
include <abstractions/user-download-strict> include <abstractions/user-download-strict>
@ -43,7 +44,6 @@ profile rpi-imager @{exec_path} {
/etc/fstab r, /etc/fstab r,
/etc/X11/cursors/*.theme r, /etc/X11/cursors/*.theme r,
/usr/share/hwdata/pnp.ids r, /usr/share/hwdata/pnp.ids r,
/usr/share/qt5ct/** r,
/usr/share/X11/xkb/{,**} r, /usr/share/X11/xkb/{,**} r,
/etc/machine-id r, /etc/machine-id r,
@ -53,7 +53,6 @@ profile rpi-imager @{exec_path} {
owner "@{user_cache_dirs}/Raspberry Pi/**" rwl -> "@{user_cache_dirs}/Raspberry Pi/**", owner "@{user_cache_dirs}/Raspberry Pi/**" rwl -> "@{user_cache_dirs}/Raspberry Pi/**",
owner "@{user_config_dirs}/Raspberry Pi/{,**}" rw, owner "@{user_config_dirs}/Raspberry Pi/{,**}" rw,
owner @{user_cache_dirs}/ rw, owner @{user_cache_dirs}/ rw,
owner @{user_config_dirs}/qt5ct/{,**} r,
owner @{user_config_dirs}/QtProject.conf r, owner @{user_config_dirs}/QtProject.conf r,
owner @{PROC}/@{pid}/cmdline r, owner @{PROC}/@{pid}/cmdline r,