From c6c4920598ea6d06c1f855eff76e6f261c946f10 Mon Sep 17 00:00:00 2001 From: Alexandre Pujol Date: Thu, 26 Sep 2024 20:36:14 +0100 Subject: [PATCH] feat(profile): newer gnome want to read /. --- apparmor.d/groups/gnome/gnome-system-monitor | 4 ++++ apparmor.d/profiles-a-f/fractal | 2 ++ 2 files changed, 6 insertions(+) diff --git a/apparmor.d/groups/gnome/gnome-system-monitor b/apparmor.d/groups/gnome/gnome-system-monitor index 4d0a5dd5..730ea1ff 100644 --- a/apparmor.d/groups/gnome/gnome-system-monitor +++ b/apparmor.d/groups/gnome/gnome-system-monitor @@ -38,6 +38,8 @@ profile gnome-system-monitor @{exec_path} flags=(attach_disconnected) { /usr/share/gnome-system-monitor/{,**} r, /usr/share/firefox-esr/browser/chrome/icons/default/*.png r, + / r, + owner @{tmp}/gdkpixbuf-xpm-tmp.@{rand6} rw, owner @{run}/user/@{uid}/doc/ rw, @@ -76,6 +78,8 @@ profile gnome-system-monitor @{exec_path} flags=(attach_disconnected) { @{PROC}/diskstats r, @{PROC}/vmstat r, + owner @{PROC}/@{pid}/task/@{tid}/comm rw, + deny owner @{user_share_dirs}/gvfs-metadata/{,*} r, /dev/tty rw, diff --git a/apparmor.d/profiles-a-f/fractal b/apparmor.d/profiles-a-f/fractal index c7df958f..54abde9d 100644 --- a/apparmor.d/profiles-a-f/fractal +++ b/apparmor.d/profiles-a-f/fractal @@ -25,6 +25,8 @@ profile fractal @{exec_path} flags=(attach_disconnected) { /usr/share/xml/iso-codes/{,**} r, + / r, + owner @{tmp}/.@{rand6} rw, owner @{tmp}/.goutputstream-@{rand6} rw, owner @{tmp}/@{rand6} rw,