diff --git a/apparmor.d/groups/akonadi/akonadi_akonotes_resource b/apparmor.d/groups/akonadi/akonadi_akonotes_resource index 8b9e434a..086c29a4 100644 --- a/apparmor.d/groups/akonadi/akonadi_akonotes_resource +++ b/apparmor.d/groups/akonadi/akonadi_akonotes_resource @@ -9,20 +9,12 @@ include @{exec_path} = @{bin}/akonadi_akonotes_resource profile akonadi_akonotes_resource @{exec_path} { include - include - include include + include include - include - include @{exec_path} mr, - /usr/share/hwdata/*.ids r, - - /etc/xdg/kdeglobals r, - /etc/xdg/kwinrc r, - owner @{user_cache_dirs}/icon-cache.kcache rw, owner @{user_config_dirs}/akonadi_akonotes_resource_[0-9]rc r, @@ -31,11 +23,6 @@ profile akonadi_akonotes_resource @{exec_path} { owner @{user_share_dirs}/notes/**/ r, - owner @{user_config_dirs}/kdedefaults/kdeglobals r, - owner @{user_config_dirs}/kdedefaults/kwinrc r, - owner @{user_config_dirs}/kdeglobals r, - owner @{user_config_dirs}/kwinrc r, - /dev/tty r, include if exists diff --git a/apparmor.d/groups/akonadi/akonadi_archivemail_agent b/apparmor.d/groups/akonadi/akonadi_archivemail_agent index 5d305062..aea424de 100644 --- a/apparmor.d/groups/akonadi/akonadi_archivemail_agent +++ b/apparmor.d/groups/akonadi/akonadi_archivemail_agent @@ -9,21 +9,15 @@ include @{exec_path} = @{bin}/akonadi_archivemail_agent profile akonadi_archivemail_agent @{exec_path} { include - include - include include + include include - include - include @{exec_path} mr, /usr/share/akonadi/plugins/serializer/{,*.desktop} r, - /usr/share/hwdata/*.ids r, /etc/machine-id r, - /etc/xdg/kdeglobals r, - /etc/xdg/kwinrc r, owner @{user_cache_dirs}/icon-cache.kcache rw, @@ -34,12 +28,8 @@ profile akonadi_archivemail_agent @{exec_path} { owner @{user_config_dirs}/emaildefaults r, owner @{user_config_dirs}/emailidentities.lock rwk, owner @{user_config_dirs}/emailidentities{,.@{rand6}} rwl -> @{user_config_dirs}/#@{int}, - owner @{user_config_dirs}/kdedefaults/kdeglobals r, - owner @{user_config_dirs}/kdedefaults/kwinrc r, - owner @{user_config_dirs}/kdeglobals r, owner @{user_config_dirs}/kmail2rc r, - owner @{user_config_dirs}/kwinrc r, - + owner @{user_share_dirs}/akonadi/file_db_data/{,**} r, /dev/tty r, diff --git a/apparmor.d/groups/akonadi/akonadi_birthdays_resource b/apparmor.d/groups/akonadi/akonadi_birthdays_resource index a4adaf45..14b354b7 100644 --- a/apparmor.d/groups/akonadi/akonadi_birthdays_resource +++ b/apparmor.d/groups/akonadi/akonadi_birthdays_resource @@ -9,32 +9,19 @@ include @{exec_path} = @{bin}/akonadi_birthdays_resource profile akonadi_birthdays_resource @{exec_path} { include - include - include include + include include - include - include @{exec_path} mr, /usr/share/akonadi/plugins/{,**} r, - /usr/share/hwdata/*.ids r, - /usr/share/icu/@{int}.@{int}/*.dat r, - - /etc/xdg/kdeglobals r, - /etc/xdg/kwinrc r, owner @{user_cache_dirs}/icon-cache.kcache rw, owner @{user_config_dirs}/akonadi/ rw, owner @{user_config_dirs}/akonadi/** rwlk -> @{user_config_dirs}/akonadi/**, - owner @{user_config_dirs}/kdedefaults/kdeglobals r, - owner @{user_config_dirs}/kdedefaults/kwinrc r, - owner @{user_config_dirs}/kdeglobals r, - owner @{user_config_dirs}/kwinrc r, - /dev/tty r, include if exists diff --git a/apparmor.d/groups/akonadi/akonadi_contacts_resource b/apparmor.d/groups/akonadi/akonadi_contacts_resource index 9646d1ca..c90d09a4 100644 --- a/apparmor.d/groups/akonadi/akonadi_contacts_resource +++ b/apparmor.d/groups/akonadi/akonadi_contacts_resource @@ -9,21 +9,13 @@ include @{exec_path} = @{bin}/akonadi_contacts_resource profile akonadi_contacts_resource @{exec_path} { include - include - include include + include include - include - include @{exec_path} mr, /usr/share/akonadi/plugins/serializer/{,*.desktop} r, - /usr/share/hwdata/*.ids r, - /usr/share/icu/@{int}.@{int}/*.dat r, - - /etc/xdg/kdeglobals r, - /etc/xdg/kwinrc r, owner @{user_cache_dirs}/icon-cache.kcache rw, @@ -31,11 +23,6 @@ profile akonadi_contacts_resource @{exec_path} { owner @{user_config_dirs}/akonadi/ rw, owner @{user_config_dirs}/akonadi/** rwlk -> @{user_config_dirs}/akonadi/**, - owner @{user_config_dirs}/kdedefaults/kdeglobals r, - owner @{user_config_dirs}/kdedefaults/kwinrc r, - owner @{user_config_dirs}/kdeglobals r, - owner @{user_config_dirs}/kwinrc r, - owner @{user_share_dirs}/contacts/ r, owner @{user_share_dirs}/contacts/*.vcf w, diff --git a/apparmor.d/groups/akonadi/akonadi_control b/apparmor.d/groups/akonadi/akonadi_control index 444fb519..f52c3e14 100644 --- a/apparmor.d/groups/akonadi/akonadi_control +++ b/apparmor.d/groups/akonadi/akonadi_control @@ -9,12 +9,9 @@ include @{exec_path} = @{bin}/akonadi_control profile akonadi_control @{exec_path} { include - include - include include + include include - include - include @{exec_path} mr, @@ -22,11 +19,7 @@ profile akonadi_control @{exec_path} { @{bin}/akonadiserver rPx, /usr/share/akonadi/{,**} r, - /usr/share/hwdata/*.ids r, - /usr/share/icu/@{int}.@{int}/*.dat r, - /etc/xdg/kdeglobals r, - /etc/xdg/kwinrc r, /etc/machine-id r, owner @{user_cache_dirs}/icon-cache.kcache rw, @@ -34,8 +27,6 @@ profile akonadi_control @{exec_path} { owner @{user_config_dirs}/akonadi/ rw, owner @{user_config_dirs}/akonadi/** rwlk -> @{user_config_dirs}/akonadi/**, - owner @{user_config_dirs}/kdedefaults/kdeglobals r, - owner @{user_config_dirs}/kdeglobals r, owner @{user_config_dirs}/libaccounts-glib/accounts.db{,-shm,-wal} rwk, owner @{user_share_dirs}/akonadi/{,**} rwl, diff --git a/apparmor.d/groups/akonadi/akonadi_followupreminder_agent b/apparmor.d/groups/akonadi/akonadi_followupreminder_agent index 4c13bcbe..9af94de7 100644 --- a/apparmor.d/groups/akonadi/akonadi_followupreminder_agent +++ b/apparmor.d/groups/akonadi/akonadi_followupreminder_agent @@ -9,12 +9,9 @@ include @{exec_path} = @{bin}/akonadi_followupreminder_agent profile akonadi_followupreminder_agent @{exec_path} { include - include - include include + include include - include - include network inet dgram, network inet6 dgram, @@ -22,21 +19,11 @@ profile akonadi_followupreminder_agent @{exec_path} { @{exec_path} mr, - /usr/share/hwdata/*.ids r, - /usr/share/icu/@{int}.@{int}/*.dat r, - - /etc/xdg/kdeglobals r, - /etc/xdg/kwinrc r, - owner @{user_cache_dirs}/icon-cache.kcache rw, owner @{user_config_dirs}/akonadi_followupreminder_agentrc r, owner @{user_config_dirs}/akonadi/ rw, owner @{user_config_dirs}/akonadi/** rwlk -> @{user_config_dirs}/akonadi/**, - owner @{user_config_dirs}/kdedefaults/kdeglobals r, - owner @{user_config_dirs}/kdedefaults/kwinrc r, - owner @{user_config_dirs}/kdeglobals r, - owner @{user_config_dirs}/kwinrc r, /dev/tty r, diff --git a/apparmor.d/groups/akonadi/akonadi_ical_resource b/apparmor.d/groups/akonadi/akonadi_ical_resource index fea2fb59..d8d87dcf 100644 --- a/apparmor.d/groups/akonadi/akonadi_ical_resource +++ b/apparmor.d/groups/akonadi/akonadi_ical_resource @@ -10,25 +10,18 @@ include profile akonadi_ical_resource @{exec_path} { include include + include include - include - include @{exec_path} mr, - /usr/share/hwdata/*.ids r, - /usr/share/icons/{,**} r, - /usr/share/mime/{,**} r, - owner @{user_cache_dirs}/akonadi_ical_resource_[0-9]/{,*} rwl, owner @{user_cache_dirs}/icon-cache.kcache rw, + owner @{user_config_dirs}/akonadi_ical_resource_[0-9]rc rwl, owner @{user_config_dirs}/akonadi/ rw, owner @{user_config_dirs}/akonadi/** rwlk -> @{user_config_dirs}/akonadi/**, - owner @{user_config_dirs}/kdedefaults/kdeglobals r, - owner @{user_config_dirs}/kdedefaults/kwinrc r, - owner @{user_config_dirs}/kdeglobals r, - owner @{user_config_dirs}/kwinrc r, + owner @{user_share_dirs}/apps/korganizer/{,**} rw, /dev/tty r, diff --git a/apparmor.d/groups/akonadi/akonadi_indexing_agent b/apparmor.d/groups/akonadi/akonadi_indexing_agent index 9a5cc32f..e2e60c67 100644 --- a/apparmor.d/groups/akonadi/akonadi_indexing_agent +++ b/apparmor.d/groups/akonadi/akonadi_indexing_agent @@ -9,12 +9,9 @@ include @{exec_path} = @{bin}/akonadi_indexing_agent profile akonadi_indexing_agent @{exec_path} { include - include - include include + include include - include - include @{exec_path} mr, @@ -22,12 +19,8 @@ profile akonadi_indexing_agent @{exec_path} { /usr/share/akonadi/plugins/serializer/ r, /usr/share/akonadi/plugins/serializer/*.desktop r, - /usr/share/hwdata/*.ids r, - /usr/share/icu/@{int}.@{int}/*.dat r, /etc/machine-id r, - /etc/xdg/kdeglobals r, - /etc/xdg/kwinrc r, owner @{user_cache_dirs}/icon-cache.kcache rw, @@ -37,10 +30,6 @@ profile akonadi_indexing_agent @{exec_path} { owner @{user_config_dirs}/akonadi_indexing_agentrc.lock rwk, owner @{user_config_dirs}/akonadi/ rw, owner @{user_config_dirs}/akonadi/** rwlk -> @{user_config_dirs}/akonadi/**, - owner @{user_config_dirs}/kdedefaults/kdeglobals r, - owner @{user_config_dirs}/kdedefaults/kwinrc r, - owner @{user_config_dirs}/kdeglobals r, - owner @{user_config_dirs}/kwinrc r, owner @{user_share_dirs}/akonadi/ rw, owner @{user_share_dirs}/akonadi/** rwlk -> @{user_share_dirs}/akonadi/**, diff --git a/apparmor.d/groups/akonadi/akonadi_maildir_resource b/apparmor.d/groups/akonadi/akonadi_maildir_resource index a04ee16b..a534c7aa 100644 --- a/apparmor.d/groups/akonadi/akonadi_maildir_resource +++ b/apparmor.d/groups/akonadi/akonadi_maildir_resource @@ -9,31 +9,19 @@ include @{exec_path} = @{bin}/akonadi_maildir_resource profile akonadi_maildir_resource @{exec_path} { include - include - include include + include include - include - include @{exec_path} mr, /usr/share/akonadi/plugins/serializer/{,*.desktop} r, - /usr/share/hwdata/*.ids r, - /usr/share/icu/@{int}.@{int}/*.dat r, - - /etc/xdg/kdeglobals r, - /etc/xdg/kwinrc r, owner @{user_cache_dirs}/icon-cache.kcache rw, owner @{user_config_dirs}/akonadi_maildir_resource_[0-9]rc r, owner @{user_config_dirs}/akonadi/ rw, owner @{user_config_dirs}/akonadi/** rwlk -> @{user_config_dirs}/akonadi/**, - owner @{user_config_dirs}/kdedefaults/kdeglobals r, - owner @{user_config_dirs}/kdedefaults/kwinrc r, - owner @{user_config_dirs}/kdeglobals r, - owner @{user_config_dirs}/kwinrc r, owner @{user_share_dirs}/akonadi_maildir_resource_[0-9]/{,**} rw, owner @{user_share_dirs}/akonadi/{,**} rwk, diff --git a/apparmor.d/groups/akonadi/akonadi_maildispatcher_agent b/apparmor.d/groups/akonadi/akonadi_maildispatcher_agent index cc19a136..e81a1c3e 100644 --- a/apparmor.d/groups/akonadi/akonadi_maildispatcher_agent +++ b/apparmor.d/groups/akonadi/akonadi_maildispatcher_agent @@ -9,13 +9,10 @@ include @{exec_path} = @{bin}/akonadi_maildispatcher_agent profile akonadi_maildispatcher_agent @{exec_path} { include - include - include include + include include - include include - include network inet dgram, network inet6 dgram, @@ -27,12 +24,8 @@ profile akonadi_maildispatcher_agent @{exec_path} { @{exec_path} mr, /usr/share/akonadi/plugins/{,**} r, - /usr/share/hwdata/*.ids r, - /usr/share/icu/@{int}.@{int}/*.dat r, /usr/share/knotifications{5,6}/akonadi_maildispatcher_agent.notifyrc r, - /etc/xdg/kdeglobals r, - /etc/xdg/kwinrc r, /etc/machine-id r, owner @{user_cache_dirs}/icon-cache.kcache rw, @@ -40,11 +33,7 @@ profile akonadi_maildispatcher_agent @{exec_path} { owner @{user_config_dirs}/akonadi_maildispatcher_agent.notifyrc r, owner @{user_config_dirs}/akonadi/ rw, owner @{user_config_dirs}/akonadi/** rwlk -> @{user_config_dirs}/akonadi/**, - owner @{user_config_dirs}/kdedefaults/kdeglobals r, - owner @{user_config_dirs}/kdedefaults/kwinrc r, - owner @{user_config_dirs}/kdeglobals r, owner @{user_config_dirs}/ksslcertificatemanager r, - owner @{user_config_dirs}/kwinrc r, owner @{user_config_dirs}/mailtransports r, owner @{user_config_dirs}/specialmailcollectionsrc r, diff --git a/apparmor.d/groups/akonadi/akonadi_mailfilter_agent b/apparmor.d/groups/akonadi/akonadi_mailfilter_agent index 8d8c3034..03fb464a 100644 --- a/apparmor.d/groups/akonadi/akonadi_mailfilter_agent +++ b/apparmor.d/groups/akonadi/akonadi_mailfilter_agent @@ -9,12 +9,9 @@ include @{exec_path} = @{bin}/akonadi_mailfilter_agent profile akonadi_mailfilter_agent @{exec_path} { include - include - include include + include include - include - include ptrace (read) peer=akonadi_archivemail_agent, @@ -23,12 +20,7 @@ profile akonadi_mailfilter_agent @{exec_path} { /usr/share/akonadi/plugins/serializer/ r, /usr/share/akonadi/plugins/serializer/*.desktop r, - /usr/share/hwdata/*.ids r, - /usr/share/icu/@{int}.@{int}/*.dat r, - /etc/machine-id r, - /etc/xdg/kdeglobals r, - /etc/xdg/kwinrc r, owner @{user_cache_dirs}/icon-cache.kcache rw, @@ -43,11 +35,7 @@ profile akonadi_mailfilter_agent @{exec_path} { owner @{user_config_dirs}/emailidentities.lock rwk, owner @{user_config_dirs}/emailidentities* rwl, - owner @{user_config_dirs}/kdedefaults/kdeglobals r, - owner @{user_config_dirs}/kdedefaults/kwinrc r, - owner @{user_config_dirs}/kdeglobals r, owner @{user_config_dirs}/kmail2rc r, - owner @{user_config_dirs}/kwinrc r, owner @{tmp}/#@{int} rw, owner @{tmp}/akonadi_mailfilter_agent.* rwl, diff --git a/apparmor.d/groups/akonadi/akonadi_mailmerge_agent b/apparmor.d/groups/akonadi/akonadi_mailmerge_agent index fd901214..f10a8ea1 100644 --- a/apparmor.d/groups/akonadi/akonadi_mailmerge_agent +++ b/apparmor.d/groups/akonadi/akonadi_mailmerge_agent @@ -9,12 +9,9 @@ include @{exec_path} = @{bin}/akonadi_mailmerge_agent profile akonadi_mailmerge_agent @{exec_path} { include - include - include include + include include - include - include network inet dgram, network inet6 dgram, @@ -23,22 +20,11 @@ profile akonadi_mailmerge_agent @{exec_path} { @{exec_path} mr, - /usr/share/hwdata/*.ids r, - /usr/share/icu/@{int}.@{int}/*.dat r, - - /etc/xdg/kdeglobals r, - /etc/xdg/kwinrc r, - owner @{user_cache_dirs}/icon-cache.kcache rw, owner @{user_config_dirs}/akonadi/ rw, owner @{user_config_dirs}/akonadi/** rwlk -> @{user_config_dirs}/akonadi/**, - owner @{user_config_dirs}/kdedefaults/kdeglobals r, - owner @{user_config_dirs}/kdedefaults/kwinrc r, - owner @{user_config_dirs}/kdeglobals r, - owner @{user_config_dirs}/kwinrc r, - /dev/tty r, include if exists diff --git a/apparmor.d/groups/akonadi/akonadi_migration_agent b/apparmor.d/groups/akonadi/akonadi_migration_agent index 832e5760..7200357f 100644 --- a/apparmor.d/groups/akonadi/akonadi_migration_agent +++ b/apparmor.d/groups/akonadi/akonadi_migration_agent @@ -9,30 +9,17 @@ include @{exec_path} = @{bin}/akonadi_migration_agent profile akonadi_migration_agent @{exec_path} { include - include - include include + include include - include - include @{exec_path} mr, - /usr/share/hwdata/*.ids r, - /usr/share/icu/@{int}.@{int}/*.dat r, - - /etc/xdg/kdeglobals r, - /etc/xdg/kwinrc r, - owner @{user_cache_dirs}/icon-cache.kcache rw, owner @{user_config_dirs}/akonadi-migrationrc r, owner @{user_config_dirs}/akonadi/ rw, owner @{user_config_dirs}/akonadi/** rwlk -> @{user_config_dirs}/akonadi/**, - owner @{user_config_dirs}/kdedefaults/kdeglobals r, - owner @{user_config_dirs}/kdedefaults/kwinrc r, - owner @{user_config_dirs}/kdeglobals r, - owner @{user_config_dirs}/kwinrc r, owner @{user_share_dirs}/akonadi_migration_agent/{,**} rw, diff --git a/apparmor.d/groups/akonadi/akonadi_newmailnotifier_agent b/apparmor.d/groups/akonadi/akonadi_newmailnotifier_agent index b5a0d757..cb98b328 100644 --- a/apparmor.d/groups/akonadi/akonadi_newmailnotifier_agent +++ b/apparmor.d/groups/akonadi/akonadi_newmailnotifier_agent @@ -29,7 +29,6 @@ profile akonadi_newmailnotifier_agent @{exec_path} { owner @{user_config_dirs}/emaildefaults r, owner @{user_config_dirs}/emailidentities.lock rwk, owner @{user_config_dirs}/emailidentities* rwl, - owner @{user_config_dirs}/kdeglobals r, owner @{user_config_dirs}/kmail2rc r, owner @{user_config_dirs}/specialmailcollectionsrc r, diff --git a/apparmor.d/groups/akonadi/akonadi_notes_agent b/apparmor.d/groups/akonadi/akonadi_notes_agent index d2c1fe05..791f90d0 100644 --- a/apparmor.d/groups/akonadi/akonadi_notes_agent +++ b/apparmor.d/groups/akonadi/akonadi_notes_agent @@ -9,12 +9,9 @@ include @{exec_path} = @{bin}/akonadi_notes_agent profile akonadi_notes_agent @{exec_path} { include - include - include include + include include - include - include network inet dgram, network inet6 dgram, @@ -23,21 +20,11 @@ profile akonadi_notes_agent @{exec_path} { @{exec_path} mr, - /usr/share/hwdata/*.ids r, - /usr/share/icu/@{int}.@{int}/*.dat r, - - /etc/xdg/kdeglobals r, - /etc/xdg/kwinrc r, - owner @{user_cache_dirs}/icon-cache.kcache rw, owner @{user_config_dirs}/akonadi_*_agentrc r, owner @{user_config_dirs}/akonadi/ rw, owner @{user_config_dirs}/akonadi/** rwlk -> @{user_config_dirs}/akonadi/**, - owner @{user_config_dirs}/kdedefaults/kdeglobals r, - owner @{user_config_dirs}/kdedefaults/kwinrc r, - owner @{user_config_dirs}/kdeglobals r, - owner @{user_config_dirs}/kwinrc r, /dev/tty r, diff --git a/apparmor.d/groups/akonadi/akonadi_sendlater_agent b/apparmor.d/groups/akonadi/akonadi_sendlater_agent index f640ca86..6062b485 100644 --- a/apparmor.d/groups/akonadi/akonadi_sendlater_agent +++ b/apparmor.d/groups/akonadi/akonadi_sendlater_agent @@ -9,12 +9,9 @@ include @{exec_path} = @{bin}/akonadi_sendlater_agent profile akonadi_sendlater_agent @{exec_path} { include - include - include include + include include - include - include network inet dgram, network inet6 dgram, @@ -23,23 +20,12 @@ profile akonadi_sendlater_agent @{exec_path} { @{exec_path} mr, - /usr/share/hwdata/*.ids r, - /usr/share/icu/@{int}.@{int}/*.dat r, - - /etc/xdg/kdeglobals r, - /etc/xdg/kwinrc r, - owner @{user_cache_dirs}/icon-cache.kcache rw, owner @{user_config_dirs}/akonadi_sendlater_agentrc r, owner @{user_config_dirs}/akonadi/ rw, owner @{user_config_dirs}/akonadi/** rwlk -> @{user_config_dirs}/akonadi/**, - owner @{user_config_dirs}/kdedefaults/kdeglobals r, - owner @{user_config_dirs}/kdedefaults/kwinrc r, - owner @{user_config_dirs}/kdeglobals r, - owner @{user_config_dirs}/kwinrc r, - /dev/tty r, include if exists diff --git a/apparmor.d/groups/akonadi/akonadi_unifiedmailbox_agent b/apparmor.d/groups/akonadi/akonadi_unifiedmailbox_agent index cc0807a6..94c63a06 100644 --- a/apparmor.d/groups/akonadi/akonadi_unifiedmailbox_agent +++ b/apparmor.d/groups/akonadi/akonadi_unifiedmailbox_agent @@ -9,30 +9,17 @@ include @{exec_path} = @{bin}/akonadi_unifiedmailbox_agent profile akonadi_unifiedmailbox_agent @{exec_path} { include - include - include include + include include - include - include @{exec_path} mr, - /usr/share/hwdata/*.ids r, - /usr/share/icu/@{int}.@{int}/*.dat r, - - /etc/xdg/kdeglobals r, - /etc/xdg/kwinrc r, - owner @{user_cache_dirs}/icon-cache.kcache rw, owner @{user_config_dirs}/akonadi_unifiedmailbox_agentrc r, owner @{user_config_dirs}/akonadi/ rw, owner @{user_config_dirs}/akonadi/** rwlk -> @{user_config_dirs}/akonadi/**, - owner @{user_config_dirs}/kdedefaults/kdeglobals r, - owner @{user_config_dirs}/kdedefaults/kwinrc r, - owner @{user_config_dirs}/kdeglobals r, - owner @{user_config_dirs}/kwinrc r, /dev/tty r,