From 9f3be7a96d5d88b9501ce4036a81c1596294eb77 Mon Sep 17 00:00:00 2001 From: Alexandre Pujol Date: Fri, 15 Mar 2024 15:55:46 +0000 Subject: [PATCH] feat(abs): small improvements. --- apparmor.d/abstractions/audio-client | 4 ++-- .../abstractions/bus/org.freedesktop.UPower | 21 +++++++++---------- apparmor.d/abstractions/gstreamer | 5 +++-- apparmor.d/abstractions/sudo | 1 + 4 files changed, 16 insertions(+), 15 deletions(-) diff --git a/apparmor.d/abstractions/audio-client b/apparmor.d/abstractions/audio-client index 460efc5a..9be59537 100644 --- a/apparmor.d/abstractions/audio-client +++ b/apparmor.d/abstractions/audio-client @@ -27,12 +27,12 @@ owner @{HOME}/.libao r, owner @{HOME}/.esd_auth r, - @{user_cache_dirs}/event-sound-cache.@{md5}.@{multiarch} rwk, # libcanberra + owner @{user_cache_dirs}/event-sound-cache.tdb.@{md5}.@{multiarch} rwk, # libcanberra owner @{user_config_dirs}/pulse/ rw, owner @{user_config_dirs}/pulse/client.conf r, owner @{user_config_dirs}/pulse/client.conf.d/{,*.conf} r, - owner @{user_config_dirs}/pulse/cookie rk, + owner @{user_config_dirs}/pulse/cookie rwk, owner @{user_share_dirs}/openal/hrtf/{,**} r, owner @{user_share_dirs}/sounds/__custom/index.theme r, diff --git a/apparmor.d/abstractions/bus/org.freedesktop.UPower b/apparmor.d/abstractions/bus/org.freedesktop.UPower index 99ce9953..372fce27 100644 --- a/apparmor.d/abstractions/bus/org.freedesktop.UPower +++ b/apparmor.d/abstractions/bus/org.freedesktop.UPower @@ -7,20 +7,19 @@ member=EnumerateDevices peer=(name="{:*,org.freedesktop.UPower}", label=upowerd), - dbus send bus=system path=/org/freedesktop/UPower - interface=org.freedesktop.DBus.Properties - member=GetAll - peer=(name=:*, label=upowerd), - - dbus send bus=system path=/org/freedesktop/UPower - interface=org.freedesktop.DBus.Properties - member={Get,GetDisplayDevice} - peer=(name=org.freedesktop.UPower, label=upowerd), - - dbus send bus=system path=/org/freedesktop/UPower/devices/* + dbus send bus=system path=/org/freedesktop/UPower{,/**} interface=org.freedesktop.DBus.Properties member={Get,GetAll} peer=(name=:*, label=upowerd), + dbus send bus=system path=/org/freedesktop/UPower{,/**} + interface=org.freedesktop.DBus.Properties + member={Get,GetAll} + peer=(name=org.freedesktop.UPower, label=upowerd), + + dbus send bus=system path=/org/freedesktop/UPower + interface=org.freedesktop.DBus.Properties + member=GetDisplayDevice + peer=(name=org.freedesktop.UPower, label=upowerd), dbus send bus=system path=/org/freedesktop/UPower/devices/* interface=org.freedesktop.DBus.Introspectable diff --git a/apparmor.d/abstractions/gstreamer b/apparmor.d/abstractions/gstreamer index 07a1c863..87bf1c1b 100644 --- a/apparmor.d/abstractions/gstreamer +++ b/apparmor.d/abstractions/gstreamer @@ -8,8 +8,9 @@ @{lib}/frei0r-@{int}/*.so mr, # FIXME: not compatible with FSP mode due conflicting x modifiers - @{lib}/@{multiarch}/gstreamer-1.0/gst-plugin-scanner mrix, - @{lib}/gstreamer-1.0/gst-plugin-scanner mrix, + @{lib}/@{multiarch}/gstreamer1.0/gstreamer-1.0/gst-plugin-scanner rix, + @{lib}/@{multiarch}/gstreamer-1.0/gst-plugin-scanner rix, + @{lib}/gstreamer-1.0/gst-plugin-scanner rix, /etc/openni2/OpenNI.ini r, diff --git a/apparmor.d/abstractions/sudo b/apparmor.d/abstractions/sudo index e7e5f658..435c0a9a 100644 --- a/apparmor.d/abstractions/sudo +++ b/apparmor.d/abstractions/sudo @@ -29,6 +29,7 @@ / r, + @{PROC}/@{pid}/limits r, @{PROC}/@{pid}/loginuid r, @{PROC}/@{pid}/stat r, @{PROC}/sys/kernel/cap_last_cap r,