diff --git a/apparmor.d/groups/xfce/ristretto b/apparmor.d/groups/xfce/ristretto new file mode 100644 index 00000000..12ad443f --- /dev/null +++ b/apparmor.d/groups/xfce/ristretto @@ -0,0 +1,26 @@ +# apparmor.d - Full set of apparmor profiles +# Copyright (C) 2024 Alexandre Pujol +# SPDX-License-Identifier: GPL-2.0-only + +abi , + +include + +@{exec_path} = @{bin}/ristretto +profile ristretto @{exec_path} { + include + include + include + include + include + + @{exec_path} mr, + + @{open_path} rPx -> child-open-help, + + /usr/share/file/{,**} r, + + owner @{user_config_dirs}/ristretto/{,**} rw, + + include if exists +} \ No newline at end of file diff --git a/apparmor.d/groups/xfce/xfce-dict b/apparmor.d/groups/xfce/xfce-dict new file mode 100644 index 00000000..d91131fb --- /dev/null +++ b/apparmor.d/groups/xfce/xfce-dict @@ -0,0 +1,21 @@ +# apparmor.d - Full set of apparmor profiles +# Copyright (C) 2024 Alexandre Pujol +# SPDX-License-Identifier: GPL-2.0-only + +abi , + +include + +@{exec_path} = @{bin}/xfce4-dict +profile xfce-dict @{exec_path} { + include + include + + @{exec_path} mr, + + @{open_path} rPx -> child-open-help, + + owner @{user_config_dirs}/xfce4-dict/{,**} rw, + + include if exists +} \ No newline at end of file diff --git a/apparmor.d/groups/xfce/xfce-sensors b/apparmor.d/groups/xfce/xfce-sensors new file mode 100644 index 00000000..963a69f3 --- /dev/null +++ b/apparmor.d/groups/xfce/xfce-sensors @@ -0,0 +1,32 @@ +# apparmor.d - Full set of apparmor profiles +# Copyright (C) 2024 Alexandre Pujol +# SPDX-License-Identifier: GPL-2.0-only + +abi , + +include + +@{exec_path} = @{bin}/xfce4-sensors +profile xfce-sensors @{exec_path} { + include + include + + @{exec_path} mr, + + @{sys}/class/hwmon/ r, + @{sys}/class/power_supply/ r, + @{sys}/class/thermal/ r, + @{sys}/devices/@{pci}/i2c-@{int}/name r, + @{sys}/devices/**/hwmon@{int}/ r, + @{sys}/devices/**/hwmon@{int}/{name,temp*} r, + @{sys}/devices/**/hwmon@{int}/**/ r, + @{sys}/devices/**/hwmon@{int}/**/{name,temp*} r, + @{sys}/devices/**/hwmon/ r, + @{sys}/devices/**/hwmon/{name,temp*} r, + @{sys}/devices/**/hwmon/**/ r, + @{sys}/devices/**/hwmon/**/{name,temp*} r, + @{sys}/devices/**/power_supply/**/{uevent,type,online} r, + @{sys}/devices/virtual/thermal/thermal_zone@{int}/temp r, + + include if exists +} \ No newline at end of file