From afb1831fc32c2d9bd536536c882ad241a604c85e Mon Sep 17 00:00:00 2001 From: Alexandre Pujol Date: Sun, 6 Oct 2024 15:58:53 +0100 Subject: [PATCH] chore(profile): remove jdownloader Note: this profile was for a locally installed program. --- apparmor.d/profiles-g-l/jdownloader | 128 ---------------------------- 1 file changed, 128 deletions(-) delete mode 100644 apparmor.d/profiles-g-l/jdownloader diff --git a/apparmor.d/profiles-g-l/jdownloader b/apparmor.d/profiles-g-l/jdownloader deleted file mode 100644 index 1220e9bb..00000000 --- a/apparmor.d/profiles-g-l/jdownloader +++ /dev/null @@ -1,128 +0,0 @@ -# apparmor.d - Full set of apparmor profiles -# Copyright (C) 2018-2021 Mikhail Morfikov -# Copyright (C) 2021-2024 Alexandre Pujol -# SPDX-License-Identifier: GPL-2.0-only - -abi , - -include - -@{JD_INSTALLDIR} = /home/*/jd2 - -@{exec_path} = @{JD_INSTALLDIR}/*JDownloader* -profile jdownloader @{exec_path} { - include - include - include - include - include - include - include - - @{exec_path} rix, - - @{bin}/basename rix, - @{bin}/dirname rix, - @{bin}/expr rix, - @{bin}/cut rix, - @{bin}/ls rix, - @{bin}/{,e}grep rix, - @{bin}/find rix, - @{bin}/sed rix, - @{bin}/chmod rix, - - @{bin}/ffmpeg rPx, - - # These are needed when the above tools are in some nonstandard locations - #@{bin}/which{,.debianutils} rix, - #/usr/ r, - #/usr/local/ r, - #@{bin}/ r, - #@{lib}/ r, - - deny /opt/ r, - - owner @{HOME}/ r, - owner @{JD_INSTALLDIR}/ rw, - owner @{JD_INSTALLDIR}/** rwk, - owner @{JD_INSTALLDIR}/jre/bin/java rix, - owner @{JD_INSTALLDIR}/jre/lib/*/jli/libjli.so mrw, - owner @{JD_INSTALLDIR}/jre/lib/*/server/libjvm.so mrw, - owner @{JD_INSTALLDIR}/jre/lib/*/*.so mrw, - owner @{JD_INSTALLDIR}/tmp/jna/jna@{int}.tmp mrw, - owner @{JD_INSTALLDIR}/tmp/7zip/SevenZipJBinding-*/lib7-Zip-JBinding.so mrw, - - owner @{HOME}/.oracle_jre_usage/@{hex}.timestamp rw, - owner @{HOME}/.java/.userPrefs/.user.lock.* rwk, - owner @{HOME}/.java/.userPrefs/com/install4j/installations/prefs.xml rw, - owner @{HOME}/.java/fonts/@{int}/ rw, - owner @{HOME}/.java/fonts/@{int}/fcinfo*.tmp rw, - owner @{HOME}/.java/fonts/@{int}/fcinfo-*.properties rw, - - owner @{HOME}/.install4j rw, - - owner @{tmp}/hsperfdata_@{user}/ rw, - owner @{tmp}/hsperfdata_@{user}/@{pid} rw, - # If the @{JD_INSTALLDIR}/tmp/ dir can't be accessed, the /tmp/ dir will be used instead - owner @{tmp}/SevenZipJBinding-*/ rw, - owner @{tmp}/SevenZipJBinding-*/lib7-Zip-JBinding.so mrw, - # For auto updates - owner @{tmp}/lastChanceSrc@{int}lch rw, - owner @{tmp}/lastChanceDst@{int}.jar rw, - owner @{tmp}/i4j_log_jd2_@{int}.log rw, - owner @{tmp}/install4jError@{int}.log rw, - - owner @{HOME}/.Xauthority r, - - # What's this for? - deny owner @{HOME}/.mozilla/firefox/ r, - deny owner @{HOME}/.mozilla/firefox/*.*/prefs.js r, - - owner @{PROC}/@{pid}/fd/ r, - deny @{PROC}/@{pid}/net/ipv6_route r, - deny @{PROC}/@{pid}/net/if_inet6 r, - owner @{PROC}/@{pid}/mountinfo r, - owner @{PROC}/@{pid}/mounts r, - deny owner @{PROC}/@{pid}/cmdline r, - deny @{PROC}/asound/version r, - - # For Reconnect -> Share Settings/Get Route - #@{bin}/netstat rix, - #@{bin}/route rix, - #@{bin}/ping rix, - #@{bin}/ip rix, - #@{PROC}/@{pid}/net/route r, - - # To open a web browser for CAPTCHA - @{bin}/xdg-open rCx -> open, - @{lib}/@{multiarch}/glib-@{version}/gio-launch-desktop rCx -> open, - - - profile open { - include - include - - @{bin}/xdg-open mr, - @{lib}/@{multiarch}/glib-@{version}/gio-launch-desktop mr, - - @{sh_path} rix, - @{bin}/{m,g,}awk rix, - @{bin}/readlink rix, - @{bin}/basename rix, - - owner @{HOME}/ r, - - owner @{run}/user/@{uid}/ r, - - # Allowed apps to open - @{lib}/firefox/firefox rPUx, - - # file_inherit - owner @{HOME}/.xsession-errors w, - - } - - include if exists -} - -# vim:syntax=apparmor