diff --git a/apparmor.d/groups/kde/kded5 b/apparmor.d/groups/kde/kded5 index 1ac553a0..82f9415f 100644 --- a/apparmor.d/groups/kde/kded5 +++ b/apparmor.d/groups/kde/kded5 @@ -30,7 +30,7 @@ profile kded5 @{exec_path} { @{exec_path} mr, - @{libexec}/kf5/kconf_update rix, # TODO: rPx ? + @{libexec}/kf5/kconf_update rPx, @{libexec}/utempter/utempter rix, # TODO: rPx ? /{usr/,}bin/pgrep rCx -> pgrep, /{usr/,}bin/setxkbmap rix, @@ -63,9 +63,7 @@ profile kded5 @{exec_path} { owner @{user_config_dirs}/kcminputrc r, owner @{user_config_dirs}/kconf_updaterc r, owner @{user_config_dirs}/kded5rc r, - owner @{user_config_dirs}/kdedefaults/kcminputrc r, - owner @{user_config_dirs}/kdedefaults/kdeglobals r, - owner @{user_config_dirs}/kdedefaults/kwinrc r, + owner @{user_config_dirs}/kdedefaults/{,**} r, owner @{user_config_dirs}/kdeglobals r, owner @{user_config_dirs}/khotkeysrc.lock rwk, owner @{user_config_dirs}/khotkeysrc* rwl, diff --git a/apparmor.d/groups/kde/kscreenlocker-greet b/apparmor.d/groups/kde/kscreenlocker-greet index af6aa16d..86359fc3 100644 --- a/apparmor.d/groups/kde/kscreenlocker-greet +++ b/apparmor.d/groups/kde/kscreenlocker-greet @@ -24,7 +24,7 @@ profile kscreenlocker-greet @{exec_path} { network netlink raw, signal (send) peer=kcheckpass, - signal (receive) set=usr1 peer=ksmserver, + signal (receive) set=(usr1, term) peer=ksmserver, @{exec_path} mr, diff --git a/apparmor.d/groups/kde/ksmserver b/apparmor.d/groups/kde/ksmserver index 439c0872..e7a30aba 100644 --- a/apparmor.d/groups/kde/ksmserver +++ b/apparmor.d/groups/kde/ksmserver @@ -17,6 +17,8 @@ profile ksmserver @{exec_path} flags=(attach_disconnected,mediate_deleted) { include include + signal (send) set=term peer=kscreenlocker-greet, + @{exec_path} mr, /{usr/,}bin/rm rix,