mirrors/apparmor.d
1
0
Fork 0
mirror of https://github.com/roddhjav/apparmor.d.git synced 2024-11-14 23:43:56 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

feat(abs): cleanup abstraction completion.

Browse Source 
Most of this is already upstreamed.
This commit is contained in:
Alexandre Pujol 2023-03-23 17:33:35 +00:00
parent 0dfce498c8
commit c5098007a5
No known key found for this signature in database
GPG Key ID: C5469996F0DF68EC
7 changed files with 10 additions and 44 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
apparmor.d/abstractions/base.d/complete
View File

@ -3,8 +3,9 @@
# Copyright (C) 2021-2022 Alexandre Pujol <alexandre@pujol.io>
# SPDX-License-Identifier: GPL-2.0-only
/etc/writable/localtime r,
/usr/share/locale/ r,
/usr/share/locale/ r,
@{etc_rw}/localtime r,
# Allow to receive some signals
signal (receive) peer=htop,

5
apparmor.d/abstractions/gtk.d/complete
View File

@ -4,11 +4,6 @@
abi <abi/3.0>,
/usr/share/gtk-{3,4}.0/ r,
/usr/share/gtk-{3,4}.0/settings.ini r,
/etc/gtk-{3,4}.0/ r,
/etc/gtk-{3,4}.0/*.conf r,
/etc/gtk-{3,4}.0/settings.ini r,
owner @{user_config_dirs}/gtk-{3,4}.0/ rw,

3
apparmor.d/abstractions/mesa.d/complete
View File

@ -9,6 +9,3 @@
/var/lib/gdm/.cache/mesa_shader_cache/[a-f0-9][a-f0-9]/ rw,
/var/lib/gdm/.cache/mesa_shader_cache/[a-f0-9][a-f0-9]/@{hex} rw,
/var/lib/gdm/.cache/mesa_shader_cache/[a-f0-9][a-f0-9]/@{hex}.tmp rwk,
@{sys}/devices/pci[0-9]*/**/revision r,
@{sys}/devices/pci[0-9]*/**/config r,

7
apparmor.d/abstractions/nvidia.d/complete
View File

@ -2,11 +2,8 @@
# Copyright (C) 2022 Alexandre Pujol <alexandre@pujol.io>
# SPDX-License-Identifier: GPL-2.0-only
owner @{user_cache_dirs}/nvidia/ w,
owner @{user_cache_dirs}/nvidia/GLCache/ rw,
owner @{user_cache_dirs}/nvidia/GLCache/** rwk,
owner @{HOME}/.nv/nvidia-application-profiles-rc r,
owner @{HOME}/.nv/nvidia-application-profiles* r,
/etc/nvidia/nvidia-application-profiles-rc r,
/etc/nvidia/nvidia-application-profiles* r,
unix (send, receive) type=dgram peer=(addr="@var/run/nvidia-xdriver-*"),

13
apparmor.d/abstractions/python.d/complete
View File

@ -4,12 +4,9 @@
# SPDX-License-Identifier: GPL-2.0-only
/{usr/,}bin/ r,
/{usr/,}bin/python{2.[4-7],3,3.[0-9],3.1[0-9]} r,
/{usr/,}bin/python{2.[4-7],3,3.[0-9]*} r,
/usr/local/lib{,32,64}/python{2.[4-7],3,3.[0-9]*}/{site,dist}-packages/{,**/} r,
owner @{user_lib_dirs}/python{2.[4-7],3,3.[0-9]*}/**.{pyc,so} mr,
owner @{user_lib_dirs}/python{2.[4-7],3,3.[0-9]*}/**.{egg,py,pth} r,
owner @{user_lib_dirs}/python{2.[4-7],3,3.[0-9]*}/{site,dist}-packages/ r,
owner @{user_lib_dirs}/python{2.[4-7],3,3.[0-9]*}/{site,dist}-packages/**/ r,
owner @{user_lib_dirs}/python{2.[4-7],3,3.[0-9],3.1[0-9]}/**.{pyc,so} mr,
owner @{user_lib_dirs}/python{2.[4-7],3,3.[0-9],3.1[0-9]}/**.{egg,py,pth} r,
owner @{user_lib_dirs}/python{2.[4-7],3,3.[0-9],3.1[0-9]}/{site,dist}-packages/ r,
owner @{user_lib_dirs}/python{2.[4-7],3,3.[0-9],3.1[0-9]}/{site,dist}-packages/**/ r,

13
apparmor.d/abstractions/ssl_certs.d/complete
View File

@ -1,13 +0,0 @@
# apparmor.d - Full set of apparmor profiles
# Copyright (C) 2021 Alexandre Pujol <alexandre@pujol.io>
# SPDX-License-Identifier: GPL-2.0-only
/etc/ca-certificates/{,**} r,
/etc/{,libre}ssl/ r,
/etc/{,libre}ssl/cert.pem r,
/etc/{,libre}ssl/certs/{,**} r,
/etc/pki/trust/{,*} r,
/etc/pki/trust/anchors/{,**} r,
/usr/share/ca-certificates/{,**} r,
/usr/local/share/ca-certificates/{,**} r,
/var/lib/ca-certificates/{,**} r,

8
apparmor.d/abstractions/wayland.d/complete
View File

@ -1,8 +0,0 @@
# apparmor.d - Full set of apparmor profiles
# Copyright (C) 2020-2022 Mikhail Morfikov
# Copyright (C) 2021-2022 Alexandre Pujol <alexandre@pujol.io>
# SPDX-License-Identifier: GPL-2.0-only
owner @{run}/user/@{uid}/wayland-[0-9]* rw,
@{run}/user/@{uid}/{mesa,mutter,sdl,wayland-cursor,weston,xwayland}-shared-* rw,
owner /dev/shm/wlroots-* rw,