diff --git a/apparmor.d/abstractions/app/editor b/apparmor.d/abstractions/app/editor index 023696e3..d6e346f3 100644 --- a/apparmor.d/abstractions/app/editor +++ b/apparmor.d/abstractions/app/editor @@ -4,6 +4,7 @@ # SPDX-License-Identifier: GPL-2.0-only include + include @{sh_path} rix, @{bin}/nvim mrix, diff --git a/apparmor.d/abstractions/app/pgrep b/apparmor.d/abstractions/app/pgrep index 4bab7538..aaf14d85 100644 --- a/apparmor.d/abstractions/app/pgrep +++ b/apparmor.d/abstractions/app/pgrep @@ -2,7 +2,7 @@ # Copyright (C) 2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only -# Minimal set of rules for pgrep. +# Minimal set of rules for pgrep/pkill. include diff --git a/apparmor.d/abstractions/freedesktop.org.d/complete b/apparmor.d/abstractions/freedesktop.org.d/complete index ed4f067a..4724c694 100644 --- a/apparmor.d/abstractions/freedesktop.org.d/complete +++ b/apparmor.d/abstractions/freedesktop.org.d/complete @@ -13,6 +13,8 @@ @{system_share_dirs}/ r, @{system_share_dirs}/mime/ r, + /opt/*/**.{desktop,png} r, + /etc/gnome/defaults.list r, /etc/xfce4/defaults.list r, diff --git a/apparmor.d/groups/gnome/gnome-shell b/apparmor.d/groups/gnome/gnome-shell index 6950304f..29ced8dd 100644 --- a/apparmor.d/groups/gnome/gnome-shell +++ b/apparmor.d/groups/gnome/gnome-shell @@ -195,7 +195,6 @@ profile gnome-shell @{exec_path} flags=(attach_disconnected,mediate_deleted) { /usr/share/gnome-shell/extensions/*/** rPUx, /opt/**/share/icons/{,**} r, - /opt/*/**/*.png r, /snap/*/@{uid}/**.png r, /usr/share/{,zoneinfo-}icu/{,**} r, /usr/share/**.{png,jpg,svg} r, diff --git a/apparmor.d/profiles-a-f/aa-enforce b/apparmor.d/profiles-a-f/aa-enforce index 2028e713..84ba22fb 100644 --- a/apparmor.d/profiles-a-f/aa-enforce +++ b/apparmor.d/profiles-a-f/aa-enforce @@ -6,7 +6,7 @@ abi , include -@{exec_path} = @{bin}/aa-enforce @{bin}/aa-complain +@{exec_path} = @{bin}/aa-enforce @{bin}/aa-complain @{bin}/aa-audit profile aa-enforce @{exec_path} { include include