mirror of
https://github.com/roddhjav/apparmor.d.git
synced 2024-11-15 07:54:17 +01:00
Fix xdg user dirs (#186)
* Rename XDG_*_HOME to XDG_*_DIR for consistent naming * tunables/xdg-user-dirs.d/apparmor.d now includes 'apparmor.d.d' subfolder to permit user override
This commit is contained in:
parent
e821470d0d
commit
cc8210a1bd
@ -162,7 +162,7 @@ profile xdg-desktop-portal-gtk @{exec_path} {
|
||||
owner @{HOME}/ r,
|
||||
owner @{HOME}/.* r,
|
||||
owner @{HOME}/.icons/{,**} r,
|
||||
owner @{HOME}/@{XDG_DATA_HOME}/ r,
|
||||
owner @{HOME}/@{XDG_DATA_DIR}/ r,
|
||||
|
||||
owner /tmp/runtime-*/xauth_?????? r,
|
||||
owner /tmp/xauth_?????? r,
|
||||
|
@ -46,7 +46,7 @@ profile xdg-permission-store @{exec_path} flags=(attach_disconnected) {
|
||||
|
||||
@{exec_path} mr,
|
||||
|
||||
@{HOME}/@{XDG_DATA_HOME}/flatpak/db/gnome rw,
|
||||
@{HOME}/@{XDG_DATA_DIR}/flatpak/db/gnome rw,
|
||||
|
||||
owner @{user_share_dirs}/flatpak/ w,
|
||||
owner @{user_share_dirs}/flatpak/db/ rw,
|
||||
|
@ -104,10 +104,10 @@ profile man_filter {
|
||||
# there's no harm in allowing wide read access here since the worst it can
|
||||
# do is feed data to the invoking man process.
|
||||
/usr/** r,
|
||||
owner @{HOME}/@{XDG_DATA_HOME}/** r,
|
||||
owner @{HOME}/@{XDG_DATA_DIR}/** r,
|
||||
owner @{user_projects_dirs}/** r,
|
||||
owner @{user_cache_dirs}/** r,
|
||||
owner @{MOUNTS}/*/@{XDG_DATA_HOME}/** r,
|
||||
owner @{MOUNTS}/*/@{XDG_DATA_DIR}/** r,
|
||||
|
||||
/var/cache/man/** w,
|
||||
|
||||
|
@ -30,7 +30,7 @@ profile syncthing @{exec_path} {
|
||||
/usr/share/mime/globs2 r,
|
||||
|
||||
owner @{HOME}/ r,
|
||||
owner @{HOME}/@{XDG_DATA_HOME}/syncthing/{,**} rwk,
|
||||
owner @{HOME}/@{XDG_DATA_DIR}/syncthing/{,**} rwk,
|
||||
owner @{user_config_dirs}/syncthing/{,**} rwk,
|
||||
|
||||
/home/ r,
|
||||
|
@ -31,19 +31,19 @@
|
||||
@{XDG_PASSWORD_STORE_DIR}=".password-store"
|
||||
|
||||
# Definition of local user configuration directories
|
||||
@{XDG_CACHE_HOME}=".cache"
|
||||
@{XDG_CONFIG_HOME}=".config"
|
||||
@{XDG_DATA_HOME}=".local/share"
|
||||
@{XDG_STATE_HOME}=".local/state"
|
||||
@{XDG_BIN_HOME}=".local/bin"
|
||||
@{XDG_LIB_HOME}=".local/lib"
|
||||
@{XDG_CACHE_DIR}=".cache"
|
||||
@{XDG_CONFIG_DIR}=".config"
|
||||
@{XDG_DATA_DIR}=".local/share"
|
||||
@{XDG_STATE_DIR}=".local/state"
|
||||
@{XDG_BIN_DIR}=".local/bin"
|
||||
@{XDG_LIB_DIR}=".local/lib"
|
||||
|
||||
# Full path of the user configuration directories
|
||||
@{user_cache_dirs}=@{HOME}/@{XDG_CACHE_HOME}
|
||||
@{user_config_dirs}=@{HOME}/@{XDG_CONFIG_HOME}
|
||||
@{user_state_dirs}=@{HOME}/@{XDG_STATE_HOME}
|
||||
@{user_bin_dirs}=@{HOME}/@{XDG_BIN_HOME}
|
||||
@{user_lib_dirs}=@{HOME}/@{XDG_LIB_HOME}
|
||||
@{user_cache_dirs}=@{HOME}/@{XDG_CACHE_DIR}
|
||||
@{user_config_dirs}=@{HOME}/@{XDG_CONFIG_DIR}
|
||||
@{user_state_dirs}=@{HOME}/@{XDG_STATE_DIR}
|
||||
@{user_bin_dirs}=@{HOME}/@{XDG_BIN_DIR}
|
||||
@{user_lib_dirs}=@{HOME}/@{XDG_LIB_DIR}
|
||||
|
||||
# User build directories and output
|
||||
@{user_build_dirs}="/tmp/"
|
||||
|
@ -20,3 +20,5 @@
|
||||
@{user_templates_dirs}=@{HOME}/@{XDG_TEMPLATES_DIR} @{MOUNTS}/@{XDG_TEMPLATES_DIR}
|
||||
@{user_videos_dirs}=@{HOME}/@{XDG_VIDEOS_DIR} @{MOUNTS}/@{XDG_VIDEOS_DIR}
|
||||
@{user_vm_shares}=@{HOME}/@{XDG_VM_SHARES_DIR} @{MOUNTS}/@{XDG_VM_SHARES_DIR}
|
||||
|
||||
include if exists <tunnables/xdg-user-dirs.d/apparmor.d.d>
|
||||
|
@ -32,23 +32,23 @@ title: Variables References
|
||||
| SSH | `@{XDG_SSH_DIR}` | `.ssh` |
|
||||
| GPG | `@{XDG_GPG_DIR}` | `.gnupg` |
|
||||
| Passwords | `@{XDG_PASSWORD_STORE_DIR}` | `.password-store` |
|
||||
| Cache | ` @{XDG_CACHE_HOME}` | `.cache` |
|
||||
| Config | `@{XDG_CONFIG_HOME}` | `.config` |
|
||||
| Data | `@{XDG_DATA_HOME}` | `.local/share` |
|
||||
| State | `@{XDG_STATE_HOME}` | `.local/state` |
|
||||
| Bin | `@{XDG_BIN_HOME}` | `.local/bin` |
|
||||
| Lib | `@{XDG_LIB_HOME}` | `.local/lib` |
|
||||
| Cache | ` @{XDG_CACHE_DIR}` | `.cache` |
|
||||
| Config | `@{XDG_CONFIG_DIR}` | `.config` |
|
||||
| Data | `@{XDG_DATA_DIR}` | `.local/share` |
|
||||
| State | `@{XDG_STATE_DIR}` | `.local/state` |
|
||||
| Bin | `@{XDG_BIN_DIR}` | `.local/bin` |
|
||||
| Lib | `@{XDG_LIB_DIR}` | `.local/lib` |
|
||||
|
||||
### Full configuration path
|
||||
|
||||
| Description | Name | Value |
|
||||
|-------------|:----:|---------|
|
||||
| Cache | `@{user_cache_dirs}` | `@{HOME}/@{XDG_CACHE_HOME}` |
|
||||
| Config | `@{user_config_dirs}` | `@{HOME}/@{XDG_CONFIG_HOME}` |
|
||||
| Share | `@{user_share_dirs}` | ` @{HOME}/@{XDG_DATA_HOME}` |
|
||||
| State | `@{user_state_dirs}` | ` @{HOME}/@{XDG_STATE_HOME}` |
|
||||
| Bin | `@{user_bin_dirs}` | `@{HOME}/@{XDG_BIN_HOME}` |
|
||||
| Lib | `@{user_lib_dirs}` | `@{HOME}/@{XDG_LIB_HOME}` |
|
||||
| Cache | `@{user_cache_dirs}` | `@{HOME}/@{XDG_CACHE_DIR}` |
|
||||
| Config | `@{user_config_dirs}` | `@{HOME}/@{XDG_CONFIG_DIR}` |
|
||||
| Share | `@{user_share_dirs}` | ` @{HOME}/@{XDG_DATA_DIR}` |
|
||||
| State | `@{user_state_dirs}` | ` @{HOME}/@{XDG_STATE_DIR}` |
|
||||
| Bin | `@{user_bin_dirs}` | `@{HOME}/@{XDG_BIN_DIR}` |
|
||||
| Lib | `@{user_lib_dirs}` | `@{HOME}/@{XDG_LIB_DIR}` |
|
||||
| Build | `@{user_build_dirs}` | `/tmp/` |
|
||||
| Tmp | `@{user_tmp_dirs}` | `@{run}/user/@{uid} /tmp/` |
|
||||
| Packages | `@{user_pkg_dirs}` | `/tmp/pkg/` |
|
||||
|
Loading…
Reference in New Issue
Block a user