mirrors/apparmor.d
1
0
Fork 0
mirror of https://github.com/roddhjav/apparmor.d.git synced 2024-11-15 16:03:51 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

kded5, plasmashell, startplasma and sddm updates (#197)

Browse Source 
* Update kded5

* Update startplasma

* Update plasmashell

* Update sddm
This commit is contained in:
curiosityseeker 2023-08-23 14:54:28 +02:00 committed by GitHub
parent 96b8f96137
commit 80b2124807
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 24 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
apparmor.d/groups/kde/kded5
View File

@ -77,13 +77,16 @@ profile kded5 @{exec_path} {
owner @{user_config_dirs}/gtk-{3,4}.0/{,**} rwl, owner @{user_config_dirs}/gtk-{3,4}.0/{,**} rwl,
owner @{user_config_dirs}/gtk-{3,4}/settings.ini.lock rk, owner @{user_config_dirs}/gtk-{3,4}/settings.ini.lock rk,
owner @{user_config_dirs}/kcminputrc r, owner @{user_config_dirs}/kcminputrc r,
owner @{user_config_dirs}/kconf_updaterc r, owner @{user_config_dirs}/kconf_updaterc rw,
owner @{user_config_dirs}/kconf_updaterc.lock rwk,
owner @{user_config_dirs}/kcookiejarrc r, owner @{user_config_dirs}/kcookiejarrc r,
owner @{user_config_dirs}/kdebugrc r, owner @{user_config_dirs}/kdebugrc r,
owner @{user_config_dirs}/kded5rc.lock rwk, owner @{user_config_dirs}/kded5rc.lock rwk,
owner @{user_config_dirs}/kded5rc{,.@{rand6}} rwl -> @{user_config_dirs}/#@{int}, owner @{user_config_dirs}/kded5rc{,.@{rand6}} rwl -> @{user_config_dirs}/#@{int},
owner @{user_config_dirs}/kdedefaults/{,**} r, owner @{user_config_dirs}/kdedefaults/{,**} r,
owner @{user_config_dirs}/kdeglobals r, owner @{user_config_dirs}/kdeglobals r,
owner @{user_config_dirs}/khotkeysrc{,.@{rand6}} rw,
owner @{user_config_dirs}/khotkeysrc.@{rand6} l -> @{user_config_dirs}/#@{int},
owner @{user_config_dirs}/khotkeysrc.lock rwk, owner @{user_config_dirs}/khotkeysrc.lock rwk,
owner @{user_config_dirs}/kioslaverc{,.@{rand6}} rwl -> @{user_config_dirs}/#@{int}, owner @{user_config_dirs}/kioslaverc{,.@{rand6}} rwl -> @{user_config_dirs}/#@{int},
owner @{user_config_dirs}/ktimezonedrc r, owner @{user_config_dirs}/ktimezonedrc r,
@ -132,6 +135,8 @@ profile kded5 @{exec_path} {
include <abstractions/base> include <abstractions/base>
include <abstractions/consoles> include <abstractions/consoles>
capability sys_ptrace,
ptrace (read), ptrace (read),
@{bin}/pgrep mr, @{bin}/pgrep mr,

3
apparmor.d/groups/kde/plasmashell
View File

@ -25,6 +25,7 @@ profile plasmashell @{exec_path} flags=(mediate_deleted) {
include <abstractions/nameservice-strict> include <abstractions/nameservice-strict>
include <abstractions/qt5-shader-cache> include <abstractions/qt5-shader-cache>
include <abstractions/qt5> include <abstractions/qt5>
include <abstractions/recent-documents-write>
include <abstractions/thumbnails-cache-read> include <abstractions/thumbnails-cache-read>
include <abstractions/vulkan> include <abstractions/vulkan>
include <abstractions/X-strict> include <abstractions/X-strict>
@ -102,7 +103,7 @@ profile plasmashell @{exec_path} flags=(mediate_deleted) {
owner @{user_cache_dirs}/ksycoca5_* rl, owner @{user_cache_dirs}/ksycoca5_* rl,
owner @{user_cache_dirs}/org.kde.dirmodel-qml.kcache rw, owner @{user_cache_dirs}/org.kde.dirmodel-qml.kcache rw,
owner @{user_cache_dirs}/plasma_theme_*.kcache rw, owner @{user_cache_dirs}/plasma_theme_*.kcache rw,
owner @{user_cache_dirs}/plasma-svgelements.{,@{rand6}} rwlk -> @{user_cache_dirs}/#@{int}, owner @{user_cache_dirs}/plasma-svgelements{,.@{rand6}} rwlk -> @{user_cache_dirs}/#@{int},
owner @{user_cache_dirs}/plasma-svgelements.lock rwk, owner @{user_cache_dirs}/plasma-svgelements.lock rwk,
owner @{user_cache_dirs}/plasmashell/qmlcache/{,**} rwl, owner @{user_cache_dirs}/plasmashell/qmlcache/{,**} rwl,
owner @{user_cache_dirs}/bookmarksrunner/ rw, owner @{user_cache_dirs}/bookmarksrunner/ rw,

17
apparmor.d/groups/kde/sddm
View File

@ -47,16 +47,19 @@ profile sddm @{exec_path} flags=(attach_disconnected,mediate_deleted) {
@{lib}/@{multiarch}/sddm/sddm-helper rix, @{lib}/@{multiarch}/sddm/sddm-helper rix,
@{lib}/plasma-dbus-run-session-if-needed rix, @{lib}/plasma-dbus-run-session-if-needed rix,
@{lib}/sddm/sddm-helper rix, @{lib}/sddm/sddm-helper rix,
@{lib}/sddm/sddm-helper-start-wayland rix,
@{bin}/{,ba,da}sh rix, @{bin}/{,ba,da}sh rix,
@{bin}/cat rix, @{bin}/cat rix,
@{bin}/checkproc rix, @{bin}/checkproc rix,
@{bin}/pidof rix, @{bin}/disable-paste rix,
@{bin}/tr rix, @{bin}/pidof rix,
@{bin}/tty rix, @{bin}/tr rix,
@{bin}/tty rix,
@{bin}/xdm r, @{bin}/xdm r,
@{bin}/xmodmap rix, @{bin}/xmodmap rix,
@{bin}/kwin_wayland rPUx,
@{bin}/sddm-greeter rPx, @{bin}/sddm-greeter rPx,
@{bin}/Xorg rPx, @{bin}/Xorg rPx,
/etc/sddm/Xsession rPx, /etc/sddm/Xsession rPx,

8
apparmor.d/groups/kde/startplasma
View File

@ -13,6 +13,8 @@ profile startplasma @{exec_path} {
include <abstractions/qt5> include <abstractions/qt5>
include <abstractions/X-strict> include <abstractions/X-strict>
signal (receive) set=(term) peer=sddm,
@{exec_path} mr, @{exec_path} mr,
@{bin}/kapplymousetheme rPUx, @{bin}/kapplymousetheme rPUx,
@ -39,7 +41,7 @@ profile startplasma @{exec_path} {
owner @{user_cache_dirs}/ rw, owner @{user_cache_dirs}/ rw,
owner @{user_cache_dirs}/#@{int} rw, owner @{user_cache_dirs}/#@{int} rw,
owner @{user_cache_dirs}/kcrash-metadata/ rw, owner @{user_cache_dirs}/kcrash-metadata/ rw,
owner @{user_cache_dirs}/ksycoca5_* rwkl, owner @{user_cache_dirs}/ksycoca5* rwkl -> @{user_cache_dirs}/#@{int},
owner @{user_cache_dirs}/plasma-svgelements rw, owner @{user_cache_dirs}/plasma-svgelements rw,
owner @{user_config_dirs}/#@{int} rw, owner @{user_config_dirs}/#@{int} rw,
@ -52,10 +54,11 @@ profile startplasma @{exec_path} {
owner @{user_config_dirs}/ksplashrc r, owner @{user_config_dirs}/ksplashrc r,
owner @{user_config_dirs}/kwinkdeglobalsrc.lock rwk, owner @{user_config_dirs}/kwinkdeglobalsrc.lock rwk,
owner @{user_config_dirs}/menus/ r, owner @{user_config_dirs}/menus/ r,
owner @{user_config_dirs}/menus/applications-merged/ r, owner @{user_config_dirs}/menus/applications-merged/{,*.menu} r,
owner @{user_config_dirs}/plasma-localerc rwl, owner @{user_config_dirs}/plasma-localerc rwl,
owner @{user_config_dirs}/plasma-localerc.lock rwk, owner @{user_config_dirs}/plasma-localerc.lock rwk,
owner @{user_config_dirs}/plasma-workspace/env/ r, owner @{user_config_dirs}/plasma-workspace/env/ r,
owner @{user_config_dirs}/startkderc r,
owner @{user_config_dirs}/Trolltech.conf rwl, owner @{user_config_dirs}/Trolltech.conf rwl,
owner @{user_config_dirs}/Trolltech.conf.lock rwk, owner @{user_config_dirs}/Trolltech.conf.lock rwk,
owner @{user_share_dirs}/kservices5/{,**} r, owner @{user_share_dirs}/kservices5/{,**} r,
@ -72,6 +75,7 @@ profile startplasma @{exec_path} {
@{PROC}/sys/kernel/random/boot_id r, @{PROC}/sys/kernel/random/boot_id r,
/dev/tty r, /dev/tty r,
/dev/tty@{int} rw,
include if exists <local/startplasma> include if exists <local/startplasma>
} }