From 8c935281fd059d9bb1d468865f381287f04f2d2d Mon Sep 17 00:00:00 2001 From: Alexandre Pujol Date: Sat, 3 Apr 2021 23:23:03 +0100 Subject: [PATCH] Evolution: allow access to osrelease & kernel cmd. Is it really needed? --- apparmor.d/groups/gnome/evolution-addressbook-factory | 3 +++ apparmor.d/groups/gnome/evolution-calendar-factory | 3 +++ apparmor.d/groups/gnome/evolution-source-registry | 3 +++ 3 files changed, 9 insertions(+) diff --git a/apparmor.d/groups/gnome/evolution-addressbook-factory b/apparmor.d/groups/gnome/evolution-addressbook-factory index e1b2e7f3..f38771b9 100644 --- a/apparmor.d/groups/gnome/evolution-addressbook-factory +++ b/apparmor.d/groups/gnome/evolution-addressbook-factory @@ -30,5 +30,8 @@ profile evolution-addressbook-factory @{exec_path} { owner @{run}/user/[0-9]*/dconf/ rw, owner @{run}/user/[0-9]*/dconf/user rw, + @{PROC}/sys/kernel/osrelease r, + @{PROC}/cmdline r, + include if exists } diff --git a/apparmor.d/groups/gnome/evolution-calendar-factory b/apparmor.d/groups/gnome/evolution-calendar-factory index 23ed5b79..53b425fa 100644 --- a/apparmor.d/groups/gnome/evolution-calendar-factory +++ b/apparmor.d/groups/gnome/evolution-calendar-factory @@ -32,5 +32,8 @@ profile evolution-calendar-factory @{exec_path} { owner @{run}/user/[0-9]*/dconf/ rw, owner @{run}/user/[0-9]*/dconf/user rw, + @{PROC}/sys/kernel/osrelease r, + @{PROC}/cmdline r, + include if exists } diff --git a/apparmor.d/groups/gnome/evolution-source-registry b/apparmor.d/groups/gnome/evolution-source-registry index 374cf6dc..dd9e07a3 100644 --- a/apparmor.d/groups/gnome/evolution-source-registry +++ b/apparmor.d/groups/gnome/evolution-source-registry @@ -31,5 +31,8 @@ profile evolution-source-registry @{exec_path} { owner @{run}/user/[0-9]*/dconf/ rw, owner @{run}/user/[0-9]*/dconf/user rw, + @{PROC}/sys/kernel/osrelease r, + @{PROC}/cmdline r, + include if exists }