mirror of
https://github.com/roddhjav/apparmor.d.git
synced 2025-01-26 04:48:27 +01:00
aMule, a file sharing program; not all executables (#546)
* aMule, a file sharing program; not all executables * ABI 4; document directories; amule//shell was deleted
This commit is contained in:
beroal
GitHub
parent
ce3813133f
commit
a5cafe26ea
7 changed files with 154 additions and 0 deletions
|
|
@ -26,6 +26,7 @@
|
|||
@{text_editors_path} rPUx,
|
||||
|
||||
# Others
|
||||
@{bin}/amule rPx,
|
||||
@{bin}/blueman-tray rPx,
|
||||
@{bin}/discord{,-ptb} rPx,
|
||||
@{bin}/draw.io rPUx,
|
||||
|
|
|
|||
21
apparmor.d/profiles-a-f/alc
Normal file
21
apparmor.d/profiles-a-f/alc
Normal file
|
|
@ -0,0 +1,21 @@
|
|||
# apparmor.d - Full set of apparmor profiles
|
||||
# Copyright (C) 2024 Roman Beslik <me@beroal.in.ua>
|
||||
# SPDX-License-Identifier: GPL-2.0-only
|
||||
|
||||
abi <abi/4.0>,
|
||||
|
||||
include <tunables/global>
|
||||
|
||||
@{exec_path} = @{bin}/alc
|
||||
profile alc @{exec_path} {
|
||||
include <abstractions/base>
|
||||
include <abstractions/dconf-write>
|
||||
include <abstractions/gnome-strict>
|
||||
|
||||
@{exec_path} mr,
|
||||
@{user_torrents_dirs}/{,**} rw,
|
||||
|
||||
include if exists <local/alc>
|
||||
}
|
||||
|
||||
# vim:syntax=apparmor
|
||||
20
apparmor.d/profiles-a-f/alcc
Normal file
20
apparmor.d/profiles-a-f/alcc
Normal file
|
|
@ -0,0 +1,20 @@
|
|||
# apparmor.d - Full set of apparmor profiles
|
||||
# Copyright (C) 2024 Roman Beslik <me@beroal.in.ua>
|
||||
# SPDX-License-Identifier: GPL-2.0-only
|
||||
|
||||
abi <abi/4.0>,
|
||||
|
||||
include <tunables/global>
|
||||
|
||||
@{exec_path} = @{bin}/alcc
|
||||
profile alcc @{exec_path} {
|
||||
include <abstractions/base>
|
||||
include <abstractions/consoles>
|
||||
|
||||
@{exec_path} mr,
|
||||
@{user_torrents_dirs}/{,**} r,
|
||||
|
||||
include if exists <local/alcc>
|
||||
}
|
||||
|
||||
# vim:syntax=apparmor
|
||||
39
apparmor.d/profiles-a-f/amule
Normal file
39
apparmor.d/profiles-a-f/amule
Normal file
|
|
@ -0,0 +1,39 @@
|
|||
# apparmor.d - Full set of apparmor profiles
|
||||
# Copyright (C) 2024 Roman Beslik <me@beroal.in.ua>
|
||||
# SPDX-License-Identifier: GPL-2.0-only
|
||||
|
||||
abi <abi/4.0>,
|
||||
|
||||
include <tunables/global>
|
||||
|
||||
@{exec_path} = @{bin}/amule
|
||||
profile amule @{exec_path} {
|
||||
include <abstractions/base>
|
||||
include <abstractions/dconf-write>
|
||||
include <abstractions/gnome-strict>
|
||||
include <abstractions/nameservice-strict>
|
||||
|
||||
network inet dgram,
|
||||
network inet stream,
|
||||
network inet6 dgram,
|
||||
network inet6 stream,
|
||||
network netlink raw,
|
||||
|
||||
|
||||
# Previewing files isn't allowed
|
||||
# because aMule opens viewers directly instead of via `xdg-open`.
|
||||
# If aMule uses `xdg-open` in your time,
|
||||
# uncomment the following line to allow previewing files.
|
||||
# @{open_path} rPx -> child-open,
|
||||
|
||||
@{exec_path} mr,
|
||||
@{bin}/uname rPx,
|
||||
@{sh_path} rix,
|
||||
@{system_share_dirs}/amule/{,**} r,
|
||||
owner @{HOME}/.aMule/{,**} rwk,
|
||||
@{user_torrents_dirs}/{,**} rw,
|
||||
|
||||
include if exists <local/amule>
|
||||
}
|
||||
|
||||
# vim:syntax=apparmor
|
||||
25
apparmor.d/profiles-a-f/cas
Normal file
25
apparmor.d/profiles-a-f/cas
Normal file
|
|
@ -0,0 +1,25 @@
|
|||
# apparmor.d - Full set of apparmor profiles
|
||||
# Copyright (C) 2024 Roman Beslik <me@beroal.in.ua>
|
||||
# SPDX-License-Identifier: GPL-2.0-only
|
||||
|
||||
abi <abi/4.0>,
|
||||
|
||||
include <tunables/global>
|
||||
|
||||
@{exec_path} = @{bin}/cas
|
||||
profile cas @{exec_path} {
|
||||
include <abstractions/base>
|
||||
include <abstractions/consoles>
|
||||
|
||||
@{exec_path} mr,
|
||||
|
||||
@{system_share_dirs}/cas/{,**} r,
|
||||
|
||||
owner @{HOME}/.aMule/aMule-online-sign.html w,
|
||||
owner @{HOME}/.aMule/amulesig.dat r,
|
||||
owner @{HOME}/.aMule/casrc rw,
|
||||
|
||||
include if exists <local/cas>
|
||||
}
|
||||
|
||||
# vim:syntax=apparmor
|
||||
22
apparmor.d/profiles-a-f/ed2k
Normal file
22
apparmor.d/profiles-a-f/ed2k
Normal file
|
|
@ -0,0 +1,22 @@
|
|||
# apparmor.d - Full set of apparmor profiles
|
||||
# Copyright (C) 2024 Roman Beslik <me@beroal.in.ua>
|
||||
# SPDX-License-Identifier: GPL-2.0-only
|
||||
|
||||
abi <abi/4.0>,
|
||||
|
||||
include <tunables/global>
|
||||
|
||||
@{exec_path} = @{bin}/ed2k
|
||||
profile ed2k @{exec_path} {
|
||||
include <abstractions/base>
|
||||
include <abstractions/consoles>
|
||||
|
||||
@{exec_path} mr,
|
||||
|
||||
owner @{HOME}/.aMule/ED2KLinks w,
|
||||
owner @{HOME}/.aMule/ED2KLinks_lock wk,
|
||||
|
||||
include if exists <local/ed2k>
|
||||
}
|
||||
|
||||
# vim:syntax=apparmor
|
||||
26
apparmor.d/profiles-a-f/fileview
Normal file
26
apparmor.d/profiles-a-f/fileview
Normal file
|
|
@ -0,0 +1,26 @@
|
|||
# apparmor.d - Full set of apparmor profiles
|
||||
# Copyright (C) 2024 Roman Beslik <me@beroal.in.ua>
|
||||
# SPDX-License-Identifier: GPL-2.0-only
|
||||
|
||||
abi <abi/4.0>,
|
||||
|
||||
include <tunables/global>
|
||||
|
||||
@{exec_path} = @{bin}/fileview
|
||||
profile fileview @{exec_path} {
|
||||
include <abstractions/base>
|
||||
include <abstractions/consoles>
|
||||
|
||||
@{exec_path} mr,
|
||||
|
||||
# This program parses aMule internal data files like "server.met".
|
||||
# The paths to these files are given as arguments.
|
||||
# The following directories are those that users likely want to read.
|
||||
# However, this program is usable without the permissions below.
|
||||
owner @{HOME}/.aMule/{,**} r,
|
||||
@{user_torrents_dirs}/{,**} r,
|
||||
|
||||
include if exists <local/fileview>
|
||||
}
|
||||
|
||||
# vim:syntax=apparmor
|
||||
Loading…
Reference in a new issue