diff --git a/apparmor.d/groups/kde/dolphin b/apparmor.d/groups/kde/dolphin index c99127f3..83370adf 100644 --- a/apparmor.d/groups/kde/dolphin +++ b/apparmor.d/groups/kde/dolphin @@ -35,8 +35,9 @@ profile dolphin @{exec_path} { /usr/share/mime/ r, /etc/fstab r, - /etc/xdg/arkrc r, /etc/machine-id r, + /etc/xdg/arkrc r, + /etc/xdg/dolphinrc r, # Full access to user's data / r, diff --git a/apparmor.d/groups/kde/plasmashell b/apparmor.d/groups/kde/plasmashell index e5d3e44c..f4040635 100644 --- a/apparmor.d/groups/kde/plasmashell +++ b/apparmor.d/groups/kde/plasmashell @@ -39,6 +39,7 @@ profile plasmashell @{exec_path} flags=(mediate_deleted) { ptrace (read) peer=akonadi*, ptrace (read) peer=kalendarac, ptrace (read) peer=kded5, + ptrace (read) peer=kwin_x11, ptrace (read) peer=libreoffice*, ptrace (read) peer=pinentry-qt, diff --git a/apparmor.d/profiles-a-f/aa-enforce b/apparmor.d/profiles-a-f/aa-enforce index 60850517..07222cf2 100644 --- a/apparmor.d/profiles-a-f/aa-enforce +++ b/apparmor.d/profiles-a-f/aa-enforce @@ -24,7 +24,7 @@ profile aa-enforce @{exec_path} { /etc/apparmor/logprof.conf r, /etc/apparmor.d/{,**} rw, - /etc/inputrc r, + @{etc_ro}/inputrc r, owner /snap/core@{int}/@{int}/etc/apparmor.d/{,**} rw, owner /var/lib/snapd/apparmor/{,**} rw, diff --git a/apparmor.d/profiles-g-l/git b/apparmor.d/profiles-g-l/git index 13b173be..7e8323cd 100644 --- a/apparmor.d/profiles-g-l/git +++ b/apparmor.d/profiles-g-l/git @@ -80,6 +80,7 @@ profile git @{exec_path} { /usr/share/git{,-core}/{,**} r, /usr/share/terminfo/x/xterm-256color r, + /etc/gitconfig r, /etc/mailname r, owner @{user_projects_dirs}/ rw, diff --git a/apparmor.d/profiles-g-l/host b/apparmor.d/profiles-g-l/host index 124b29d2..b1cb71c2 100644 --- a/apparmor.d/profiles-g-l/host +++ b/apparmor.d/profiles-g-l/host @@ -13,6 +13,8 @@ profile host @{exec_path} { include include + capability ipc_lock, + network inet dgram, network inet6 dgram, network inet stream,