mirrors/apparmor.d
1
0
Fork 0
mirror of https://github.com/roddhjav/apparmor.d.git synced 2025-01-29 22:35:15 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

feat(profile): replace former regex by the new @{user} variable.

Browse source
This commit is contained in:
Alexandre Pujol 2024-05-15 17:22:20 +01:00
parent 407c71b133
commit ad960d477b
Failed to generate hash of commit
10 changed files with 11 additions and 11 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
apparmor.d/abstractions/app/sudo
View file

@ -47,8 +47,8 @@
owner @{HOME}/.sudo_as_admin_successful rw,
@{run}/faillock/{,*} rwk,
@{run}/faillock/ rw,
@{run}/faillock/@{user} rwk,
owner @{run}/sudo/ rw,
owner @{run}/sudo/ts/ rw,
owner @{run}/sudo/ts/@{uid} rwk,

2
apparmor.d/groups/display-manager/lightdm
View file

@ -71,7 +71,7 @@ profile lightdm @{exec_path} flags=(attach_disconnected) {
owner @{HOME}/.dmrc r,
@{run}/faillock/ rw,
@{run}/faillock/user rwk,
@{run}/faillock/@{user} rwk,
@{run}/lightdm.pid rw,
@{run}/lightdm/{,**} rw,
owner @{run}/systemd/sessions/*.ref rw,

2
apparmor.d/groups/freedesktop/polkit-agent-helper
View file

@ -44,7 +44,7 @@ profile polkit-agent-helper @{exec_path} {
owner @{HOME}/.xsession-errors w,
@{run}/faillock/[a-zA-z0-9]* rwk,
@{run}/faillock/@{user} rwk,
@{PROC}/1/cgroup r,
owner @{PROC}/@{pid}/cgroup r,

2
apparmor.d/groups/gnome/gdm-session-worker
View file

@ -104,7 +104,7 @@ profile gdm-session-worker @{exec_path} flags=(attach_disconnected) {
owner @{run}/gdm{3,}/dbus/dbus-@{rand8} w,
@{run}/cockpit/active.motd r,
@{run}/faillock/[a-zA-z0-9]* rwk,
@{run}/faillock/@{user} rwk,
@{run}/motd.d/{,*} r,
@{run}/systemd/sessions/* r,
@{run}/systemd/sessions/*.ref rw,

2
apparmor.d/groups/kde/kscreenlocker_greet
View file

@ -92,7 +92,7 @@ profile kscreenlocker_greet @{exec_path} {
owner @{tmp}/*-cover-*.{jpg,png} r,
@{run}/faillock/[a-zA-z0-9]* rwk,
@{run}/faillock/@{user} rwk,
@{sys}/devices/system/node/ r,
@{sys}/devices/system/node/node@{int}/meminfo r,

2
apparmor.d/groups/kde/sddm
View file

@ -172,7 +172,7 @@ profile sddm @{exec_path} flags=(attach_disconnected,mediate_deleted) {
owner @{tmp}/#@{int} rw,
owner @{tmp}/sddm-auth* rw,
@{run}/faillock/[a-zA-z0-9]* rwk,
@{run}/faillock/@{user} rwk,
@{run}/sddm.pid rw,
@{run}/sddm/\{@{uuid}\} rw,
@{run}/sddm/#@{int} rw,

2
apparmor.d/groups/ssh/sshd
View file

@ -91,7 +91,7 @@ profile sshd @{exec_path} flags=(attach_disconnected) {
owner @{HOME}/@{XDG_SSH_DIR}/authorized_keys{,.*} r,
owner @{user_cache_dirs}/{,motd*} rw,
@{run}/faillock/[a-zA-z0-9]* rwk,
@{run}/faillock/@{user} rwk,
@{run}/motd.d/{,*} r,
@{run}/motd.dynamic rw,
@{run}/motd.dynamic.new rw,

2
apparmor.d/groups/virt/cockpit-session
View file

@ -36,7 +36,7 @@ profile cockpit-session @{exec_path} flags=(attach_disconnected) {
/etc/motd.d/ r,
/etc/shells r,
@{run}/faillock/[a-zA-z0-9]* rwk,
@{run}/faillock/@{user} rwk,
@{run}/systemd/sessions/*.ref rw,
@{run}/utmp rwk,
@{run}/motd.d/{,*} r,

2
apparmor.d/groups/whonix/pam-info
View file

@ -22,7 +22,7 @@ profile pam-info @{exec_path} {
/etc/pam.d/* r,
@{run}/faillock/user rwk,
@{run}/faillock/@{user} rwk,
owner /dev/tty rw,

2
apparmor.d/profiles-g-l/login
View file

@ -60,7 +60,7 @@ profile login @{exec_path} flags=(attach_disconnected) {
@{run}/motd.d/{,*} r,
@{run}/dbus/system_bus_socket rw,
@{run}/faillock/* rwk,
@{run}/faillock/@{user} rwk,
@{run}/motd.dynamic{,.new} rw,
@{run}/systemd/sessions/*.ref rw,