From d224aa4e6ab114482e292b9fa6f7ea4e9978fb01 Mon Sep 17 00:00:00 2001 From: Alexandre Pujol Date: Mon, 24 Apr 2023 12:27:05 +0100 Subject: [PATCH] feat: various mount related fixes. See #152 --- apparmor.d/groups/gnome/gnome-shell-hotplug-sniffer | 4 ++-- apparmor.d/groups/gvfs/gvfs-udisks2-volume-monitor | 4 ++-- apparmor.d/profiles-m-r/mount | 12 ++++++------ 3 files changed, 10 insertions(+), 10 deletions(-) diff --git a/apparmor.d/groups/gnome/gnome-shell-hotplug-sniffer b/apparmor.d/groups/gnome/gnome-shell-hotplug-sniffer index 94abd03f..c86e1047 100644 --- a/apparmor.d/groups/gnome/gnome-shell-hotplug-sniffer +++ b/apparmor.d/groups/gnome/gnome-shell-hotplug-sniffer @@ -14,8 +14,8 @@ profile gnome-shell-hotplug-sniffer @{exec_path} { /usr/share/mime/mime.cache r, - owner @{MOUNTS}/**/ r, - owner @{MOUNTS}/** r, + @{MOUNTS}/**/ r, + @{MOUNTS}/** r, include if exists } diff --git a/apparmor.d/groups/gvfs/gvfs-udisks2-volume-monitor b/apparmor.d/groups/gvfs/gvfs-udisks2-volume-monitor index d690dfbd..aff5b79a 100644 --- a/apparmor.d/groups/gvfs/gvfs-udisks2-volume-monitor +++ b/apparmor.d/groups/gvfs/gvfs-udisks2-volume-monitor @@ -69,8 +69,8 @@ profile gvfs-udisks2-volume-monitor @{exec_path} flags=(attach_disconnected) { /etc/machine-id r, # Mount points - owner @{MOUNTS}/**/ r, - owner @{HOME}/**/ r, + @{MOUNTS}/**/ r, + @{HOME}/**/ r, @{run}/mount/utab r, @{run}/systemd/inhibit/*.ref r, diff --git a/apparmor.d/profiles-m-r/mount b/apparmor.d/profiles-m-r/mount index 91fd7056..4fae0680 100644 --- a/apparmor.d/profiles-m-r/mount +++ b/apparmor.d/profiles-m-r/mount @@ -43,12 +43,12 @@ profile mount @{exec_path} { /var/lib/snapd/snaps/*.snap r, # Mount points - @{HOME}/ r, - @{HOME}/*/ r, - @{HOME}/*/*/ r, - @{MOUNTS}/ r, - @{MOUNTS}/*/ r, - @{MOUNTS}/*/*/ r, + @{HOME}/ rw, + @{HOME}/*/ rw, + @{HOME}/*/*/ rw, + @{MOUNTS}/ rw, + @{MOUNTS}/*/ rw, + @{MOUNTS}/*/*/ rw, /media/cdrom[0-9]/ r, # Mount iso/img files