mirror of
https://github.com/roddhjav/apparmor.d.git
synced 2025-01-18 17:08:09 +01:00
feat(dbus): dbus rules cleanup (3)
This commit is contained in:
Alexandre Pujol
parent
cd391bae01
commit
d75fa9bbd5
47 changed files with 176 additions and 438 deletions
|
|
@ -2,6 +2,11 @@
|
||||||
# Copyright (C) 2022 Alexandre Pujol <alexandre@pujol.io>
|
# Copyright (C) 2022 Alexandre Pujol <alexandre@pujol.io>
|
||||||
# SPDX-License-Identifier: GPL-2.0-only
|
# SPDX-License-Identifier: GPL-2.0-only
|
||||||
|
|
||||||
|
dbus send bus=session path=/org/gtk/Settings
|
||||||
|
interface=org.freedesktop.DBus.Properties
|
||||||
|
member=GetAll
|
||||||
|
peer=(name=:*, label=gsd-xsettings),
|
||||||
|
|
||||||
/etc/gtk-{3,4}.0/settings.ini r,
|
/etc/gtk-{3,4}.0/settings.ini r,
|
||||||
|
|
||||||
owner @{user_config_dirs}/gtk-{3,4}.0/ rw,
|
owner @{user_config_dirs}/gtk-{3,4}.0/ rw,
|
||||||
|
|
|
||||||
|
|
@ -9,6 +9,7 @@ include <tunables/global>
|
||||||
@{exec_path} = @{bin}/ibus-daemon
|
@{exec_path} = @{bin}/ibus-daemon
|
||||||
profile ibus-daemon @{exec_path} flags=(attach_disconnected) {
|
profile ibus-daemon @{exec_path} flags=(attach_disconnected) {
|
||||||
include <abstractions/base>
|
include <abstractions/base>
|
||||||
|
include <abstractions/bus/vfs>
|
||||||
include <abstractions/dbus-session-strict>
|
include <abstractions/dbus-session-strict>
|
||||||
include <abstractions/ibus>
|
include <abstractions/ibus>
|
||||||
include <abstractions/nameservice-strict>
|
include <abstractions/nameservice-strict>
|
||||||
|
|
@ -24,11 +25,6 @@ profile ibus-daemon @{exec_path} flags=(attach_disconnected) {
|
||||||
interface=org.freedesktop.DBus.Peer
|
interface=org.freedesktop.DBus.Peer
|
||||||
peer=(name=org.freedesktop.portal.IBus), # all members, all peer's labels
|
peer=(name=org.freedesktop.portal.IBus), # all members, all peer's labels
|
||||||
|
|
||||||
dbus send bus=session path=/org/gtk/vfs/mounttracker
|
|
||||||
interface=org.gtk.vfs.MountTracker
|
|
||||||
member=ListMountableInfo
|
|
||||||
peer=(name=:*, label=gvfsd),
|
|
||||||
|
|
||||||
dbus receive bus=session
|
dbus receive bus=session
|
||||||
interface=org.freedesktop.DBus.Introspectable
|
interface=org.freedesktop.DBus.Introspectable
|
||||||
member=Introspect
|
member=Introspect
|
||||||
|
|
|
||||||
|
|
@ -28,18 +28,13 @@ profile ibus-extension-gtk3 @{exec_path} flags=(attach_disconnected) {
|
||||||
network inet6 stream,
|
network inet6 stream,
|
||||||
network netlink raw,
|
network netlink raw,
|
||||||
|
|
||||||
dbus send bus=session path=/org/gtk/Settings
|
dbus bind bus=session name=org.freedesktop.IBus.Panel.Extension.Gtk3,
|
||||||
interface=org.freedesktop.DBus.Properties
|
|
||||||
member=GetAll
|
|
||||||
peer=(name=:*, label=gsd-xsettings),
|
|
||||||
|
|
||||||
dbus receive bus=session
|
dbus receive bus=session
|
||||||
interface=org.freedesktop.DBus.Introspectable
|
interface=org.freedesktop.DBus.Introspectable
|
||||||
member=Introspect
|
member=Introspect
|
||||||
peer=(name=:*, label=gnome-shell),
|
peer=(name=:*, label=gnome-shell),
|
||||||
|
|
||||||
dbus bind bus=session name=org.freedesktop.IBus.Panel.Extension.Gtk3,
|
|
||||||
|
|
||||||
@{exec_path} mr,
|
@{exec_path} mr,
|
||||||
|
|
||||||
/usr/share/dconf/profile/gdm r,
|
/usr/share/dconf/profile/gdm r,
|
||||||
|
|
|
||||||
|
|
@ -38,6 +38,12 @@ profile pulseaudio @{exec_path} {
|
||||||
network bluetooth stream,
|
network bluetooth stream,
|
||||||
network bluetooth seqpacket,
|
network bluetooth seqpacket,
|
||||||
|
|
||||||
|
dbus bind bus=session name=org.freedesktop.ReserveDevice[0-9].Audio[0-9],
|
||||||
|
|
||||||
|
dbus bind bus=session name=org.PulseAudio[0-9],
|
||||||
|
|
||||||
|
dbus bind bus=session name=org.pulseaudio*,
|
||||||
|
|
||||||
dbus send bus=session path=/Client[0-9]*/EntryGroup[0-9]*
|
dbus send bus=session path=/Client[0-9]*/EntryGroup[0-9]*
|
||||||
interface=org.freedesktop.Avahi.EntryGroup
|
interface=org.freedesktop.Avahi.EntryGroup
|
||||||
member={GetState,AddService,AddServiceSubtype,Commit}
|
member={GetState,AddService,AddServiceSubtype,Commit}
|
||||||
|
|
@ -63,11 +69,6 @@ profile pulseaudio @{exec_path} {
|
||||||
member=Free
|
member=Free
|
||||||
peer=(name=org.freedesktop.Avahi),
|
peer=(name=org.freedesktop.Avahi),
|
||||||
|
|
||||||
dbus send bus=session path=/org/freedesktop/DBus
|
|
||||||
interface=org.freedesktop.DBus
|
|
||||||
member={RequestName,ReleaseName}
|
|
||||||
peer=(name=org.freedesktop.DBus),
|
|
||||||
|
|
||||||
dbus receive bus=session path=/org/freedesktop/DBus
|
dbus receive bus=session path=/org/freedesktop/DBus
|
||||||
interface=org.freedesktop.DBus
|
interface=org.freedesktop.DBus
|
||||||
member={Hello,RequestName,ReleaseName}
|
member={Hello,RequestName,ReleaseName}
|
||||||
|
|
@ -78,21 +79,6 @@ profile pulseaudio @{exec_path} {
|
||||||
member=Introspect
|
member=Introspect
|
||||||
peer=(name=:*, label=gnome-shell),
|
peer=(name=:*, label=gnome-shell),
|
||||||
|
|
||||||
dbus bind bus=session
|
|
||||||
name=org.freedesktop.ReserveDevice[0-9].Audio[0-9],
|
|
||||||
|
|
||||||
dbus bind bus=session
|
|
||||||
name=org.PulseAudio[0-9],
|
|
||||||
|
|
||||||
dbus bind bus=session
|
|
||||||
name=org.pulseaudio*,
|
|
||||||
|
|
||||||
dbus send bus=system
|
|
||||||
path=/org/freedesktop/DBus
|
|
||||||
interface=org.freedesktop.DBus
|
|
||||||
member={Hello,AddMatch,RemoveMatch}
|
|
||||||
peer=(name=org.freedesktop.DBus),
|
|
||||||
|
|
||||||
dbus send bus=system path=/org/freedesktop/RealtimeKit1
|
dbus send bus=system path=/org/freedesktop/RealtimeKit1
|
||||||
member={Get,MakeThreadHighPriority,MakeThreadRealtime}
|
member={Get,MakeThreadHighPriority,MakeThreadRealtime}
|
||||||
peer=(name=org.freedesktop.RealtimeKit1),
|
peer=(name=org.freedesktop.RealtimeKit1),
|
||||||
|
|
@ -118,19 +104,19 @@ profile pulseaudio @{exec_path} {
|
||||||
peer=(name=org.freedesktop.Avahi),
|
peer=(name=org.freedesktop.Avahi),
|
||||||
|
|
||||||
dbus send bus=system path=/
|
dbus send bus=system path=/
|
||||||
interface=org.freedesktop.hostname[0-9]
|
interface=org.freedesktop.hostname1
|
||||||
member=Get
|
member=Get
|
||||||
peer=(name=/org/freedesktop/hostname[0-9]),
|
peer=(name=/org/freedesktop/hostname1),
|
||||||
|
|
||||||
dbus send bus=system path=/org/freedesktop/hostname[0-9]
|
dbus send bus=system path=/org/freedesktop/hostname1
|
||||||
interface=org.freedesktop.DBus.Properties
|
interface=org.freedesktop.DBus.Properties
|
||||||
member=Get
|
member=Get
|
||||||
peer=(name=/org/freedesktop/hostname[0-9]),
|
peer=(name=/org/freedesktop/hostname1),
|
||||||
|
|
||||||
dbus send bus=system path=/org/freedesktop/hostname[0-9]
|
dbus send bus=system path=/org/freedesktop/hostname1
|
||||||
interface=org.freedesktop.DBus.Properties
|
interface=org.freedesktop.DBus.Properties
|
||||||
member=Get
|
member=Get
|
||||||
peer=(name=org.freedesktop.hostname[0-9]),
|
peer=(name=org.freedesktop.hostname1),
|
||||||
|
|
||||||
dbus receive bus=system path=/org/bluez/hci*/**
|
dbus receive bus=system path=/org/bluez/hci*/**
|
||||||
interface=org.freedesktop.DBus.Properties
|
interface=org.freedesktop.DBus.Properties
|
||||||
|
|
|
||||||
|
|
@ -10,6 +10,7 @@ include <tunables/global>
|
||||||
profile xdg-desktop-portal-gtk @{exec_path} {
|
profile xdg-desktop-portal-gtk @{exec_path} {
|
||||||
include <abstractions/base>
|
include <abstractions/base>
|
||||||
include <abstractions/bus/atspi>
|
include <abstractions/bus/atspi>
|
||||||
|
include <abstractions/bus/vfs>
|
||||||
include <abstractions/dbus-accessibility-strict>
|
include <abstractions/dbus-accessibility-strict>
|
||||||
include <abstractions/dbus-session-strict>
|
include <abstractions/dbus-session-strict>
|
||||||
include <abstractions/dbus-strict>
|
include <abstractions/dbus-strict>
|
||||||
|
|
@ -84,11 +85,6 @@ profile xdg-desktop-portal-gtk @{exec_path} {
|
||||||
member={RunningApplicationsChanged,WindowsChanged}
|
member={RunningApplicationsChanged,WindowsChanged}
|
||||||
peer=(name=:*, label=gnome-shell),
|
peer=(name=:*, label=gnome-shell),
|
||||||
|
|
||||||
dbus send bus=session path=/org/gtk/vfs/mounttracker
|
|
||||||
interface=org.gtk.vfs.MountTracker
|
|
||||||
member=ListMountableInfo
|
|
||||||
peer=(name=:*, label=gvfsd),
|
|
||||||
|
|
||||||
dbus send bus=session path=/org/gnome/ScreenSaver
|
dbus send bus=session path=/org/gnome/ScreenSaver
|
||||||
interface=org.freedesktop.DBus.Properties
|
interface=org.freedesktop.DBus.Properties
|
||||||
member=GetAll
|
member=GetAll
|
||||||
|
|
@ -119,9 +115,6 @@ profile xdg-desktop-portal-gtk @{exec_path} {
|
||||||
member=GetAll
|
member=GetAll
|
||||||
peer=(name=:*, label=gnome-shell),
|
peer=(name=:*, label=gnome-shell),
|
||||||
|
|
||||||
dbus bind bus=session
|
|
||||||
name=org.freedesktop.impl.portal.desktop.gtk,
|
|
||||||
|
|
||||||
@{exec_path} mr,
|
@{exec_path} mr,
|
||||||
|
|
||||||
/usr/share/X11/xkb/{,**} r,
|
/usr/share/X11/xkb/{,**} r,
|
||||||
|
|
|
||||||
|
|
@ -50,7 +50,7 @@ profile xorg @{exec_path} flags=(attach_disconnected) {
|
||||||
|
|
||||||
dbus receive bus=system path=/org/freedesktop/login1/session/*
|
dbus receive bus=system path=/org/freedesktop/login1/session/*
|
||||||
interface=org.freedesktop.login1.Session
|
interface=org.freedesktop.login1.Session
|
||||||
member=PauseDevice,
|
member=PauseDevice
|
||||||
peer=(name=org.freedesktop.login1, label=systemd-logind),
|
peer=(name=org.freedesktop.login1, label=systemd-logind),
|
||||||
|
|
||||||
@{exec_path} mrix,
|
@{exec_path} mrix,
|
||||||
|
|
|
||||||
|
|
@ -27,10 +27,10 @@ profile gdm-wayland-session @{exec_path} {
|
||||||
interface=org.gnome.DisplayManager.Manager
|
interface=org.gnome.DisplayManager.Manager
|
||||||
member=RegisterDisplay,
|
member=RegisterDisplay,
|
||||||
|
|
||||||
dbus send bus=session path=/org/freedesktop/systemd[0-9]*
|
dbus send bus=session path=/org/freedesktop/systemd1
|
||||||
interface=org.freedesktop.DBus.Properties
|
interface=org.freedesktop.DBus.Properties
|
||||||
member=Get
|
member=Get
|
||||||
peer=(name=org.freedesktop.systemd[0-9]*, label=unconfined),
|
peer=(name=org.freedesktop.systemd1, label=@{systemd}),
|
||||||
|
|
||||||
dbus receive bus=session
|
dbus receive bus=session
|
||||||
interface=org.freedesktop.DBus.Introspectable
|
interface=org.freedesktop.DBus.Introspectable
|
||||||
|
|
|
||||||
|
|
@ -18,10 +18,10 @@ profile gdm-x-session @{exec_path} flags=(attach_disconnected) {
|
||||||
signal (send) set=term peer=xorg,
|
signal (send) set=term peer=xorg,
|
||||||
signal (send) set=term peer=gnome-session-binary,
|
signal (send) set=term peer=gnome-session-binary,
|
||||||
|
|
||||||
dbus bus=session path=/org/freedesktop/systemd[0-9]*
|
dbus bus=session path=/org/freedesktop/systemd1
|
||||||
interface=org.freedesktop.DBus.Properties
|
interface=org.freedesktop.DBus.Properties
|
||||||
member=Get
|
member=Get
|
||||||
peer=(name=org.freedesktop.systemd[0-9]*),
|
peer=(name=org.freedesktop.systemd1),
|
||||||
|
|
||||||
dbus send bus=system path=/org/gnome/DisplayManager/Manager
|
dbus send bus=system path=/org/gnome/DisplayManager/Manager
|
||||||
interface=org.gnome.DisplayManager.Manager
|
interface=org.gnome.DisplayManager.Manager
|
||||||
|
|
|
||||||
|
|
@ -29,7 +29,7 @@ profile gnome-keyring-daemon @{exec_path} flags=(attach_disconnected) {
|
||||||
member=PropertiesChanged
|
member=PropertiesChanged
|
||||||
peer=(name=:*, label=systemd-logind),
|
peer=(name=:*, label=systemd-logind),
|
||||||
|
|
||||||
dbus send bus=system path=/org/freedesktop/login1
|
dbus send bus=system path=/org/freedesktop/login1
|
||||||
interface=org.freedesktop.login1.Manager
|
interface=org.freedesktop.login1.Manager
|
||||||
member=GetSession
|
member=GetSession
|
||||||
peer=(name=org.freedesktop.login1),
|
peer=(name=org.freedesktop.login1),
|
||||||
|
|
|
||||||
|
|
@ -34,12 +34,14 @@ profile gnome-session-binary @{exec_path} flags=(attach_disconnected) {
|
||||||
signal (send) set=(term) peer=at-spi-bus-launcher,
|
signal (send) set=(term) peer=at-spi-bus-launcher,
|
||||||
signal (send) set=(term) peer=gsd-*,
|
signal (send) set=(term) peer=gsd-*,
|
||||||
|
|
||||||
|
dbus bind bus=session name=org.gnome.SessionManager,
|
||||||
|
|
||||||
dbus send bus=session path=/org/freedesktop/DBus
|
dbus send bus=session path=/org/freedesktop/DBus
|
||||||
interface=org.freedesktop.DBus
|
interface=org.freedesktop.DBus
|
||||||
member={RequestName,ReleaseName,UpdateActivationEnvironment,GetConnectionUnixUser,GetConnectionUnixProcessID}
|
member={ReleaseName,UpdateActivationEnvironment,GetConnectionUnixUser,GetConnectionUnixProcessID}
|
||||||
peer=(name=org.freedesktop.DBus label=dbus-daemon),
|
peer=(name=org.freedesktop.DBus label=dbus-daemon),
|
||||||
|
|
||||||
dbus send bus=system path=/org/freedesktop/login1
|
dbus send bus=system path=/org/freedesktop/login1
|
||||||
interface=org.freedesktop.login1.Manager
|
interface=org.freedesktop.login1.Manager
|
||||||
member={CanPowerOff,GetSession,PowerOff,Inhibit,Reboot}
|
member={CanPowerOff,GetSession,PowerOff,Inhibit,Reboot}
|
||||||
peer=(name=:*, label=systemd-logind),
|
peer=(name=:*, label=systemd-logind),
|
||||||
|
|
@ -92,16 +94,24 @@ profile gnome-session-binary @{exec_path} flags=(attach_disconnected) {
|
||||||
member={GetAll,PropertiesChanged}
|
member={GetAll,PropertiesChanged}
|
||||||
peer=(name="{org.freedesktop.DBus,:*}", label="{gsd-*,gnome-*,xdg-desktop-portal-*}"),
|
peer=(name="{org.freedesktop.DBus,:*}", label="{gsd-*,gnome-*,xdg-desktop-portal-*}"),
|
||||||
|
|
||||||
dbus send bus=session path=/org/freedesktop/systemd[0-9]*
|
dbus send bus=session path=/org/freedesktop/systemd1
|
||||||
interface=org.freedesktop.systemd[0-9]*.Manager
|
interface=org.freedesktop.systemd1.Manager
|
||||||
peer=(name=org.freedesktop.systemd[0-9]*, label=unconfined), # all members
|
peer=(name=org.freedesktop.systemd1, label=@{systemd}), # all members
|
||||||
|
|
||||||
dbus send bus=session path=/org/gnome/Mutter/IdleMonitor
|
dbus send bus=session path=/org/freedesktop/systemd1
|
||||||
|
interface=org.freedesktop.systemd1.Manager
|
||||||
|
peer=(name=:*, label=@{systemd}),
|
||||||
|
|
||||||
|
dbus send bus=session path=/org/freedesktop/systemd1
|
||||||
|
interface=org.freedesktop.DBus.Properties
|
||||||
|
peer=(name=:*, label=@{systemd}),
|
||||||
|
|
||||||
|
dbus send bus=session path=/org/gnome/Mutter/IdleMonitor
|
||||||
interface=org.freedesktop.DBus.ObjectManager
|
interface=org.freedesktop.DBus.ObjectManager
|
||||||
member=GetManagedObjects
|
member=GetManagedObjects
|
||||||
peer=(name=:*, label=gnome-shell),
|
peer=(name=:*, label=gnome-shell),
|
||||||
|
|
||||||
dbus send bus=session path=/org/gnome/Mutter/IdleMonitor/Core
|
dbus send bus=session path=/org/gnome/Mutter/IdleMonitor/Core
|
||||||
interface=org.gnome.Mutter.IdleMonitor
|
interface=org.gnome.Mutter.IdleMonitor
|
||||||
member={AddIdleWatch,AddUserActiveWatch,RemoveWatch}
|
member={AddIdleWatch,AddUserActiveWatch,RemoveWatch}
|
||||||
peer=(name=:*, label=gnome-shell),
|
peer=(name=:*, label=gnome-shell),
|
||||||
|
|
@ -126,9 +136,6 @@ profile gnome-session-binary @{exec_path} flags=(attach_disconnected) {
|
||||||
member=Introspect
|
member=Introspect
|
||||||
peer=(name=:*, label=gnome-shell),
|
peer=(name=:*, label=gnome-shell),
|
||||||
|
|
||||||
dbus bind bus=session
|
|
||||||
name=org.gnome.SessionManager,
|
|
||||||
|
|
||||||
@{exec_path} mr,
|
@{exec_path} mr,
|
||||||
|
|
||||||
@{bin}/{,z,ba,da}sh rix,
|
@{bin}/{,z,ba,da}sh rix,
|
||||||
|
|
|
||||||
|
|
@ -9,6 +9,7 @@ include <tunables/global>
|
||||||
@{exec_path} = @{lib}/gnome-terminal-server
|
@{exec_path} = @{lib}/gnome-terminal-server
|
||||||
profile gnome-terminal-server @{exec_path} {
|
profile gnome-terminal-server @{exec_path} {
|
||||||
include <abstractions/base>
|
include <abstractions/base>
|
||||||
|
include <abstractions/bus/atspi>
|
||||||
include <abstractions/consoles>
|
include <abstractions/consoles>
|
||||||
include <abstractions/dbus-session-strict>
|
include <abstractions/dbus-session-strict>
|
||||||
include <abstractions/dconf-write>
|
include <abstractions/dconf-write>
|
||||||
|
|
@ -20,8 +21,7 @@ profile gnome-terminal-server @{exec_path} {
|
||||||
signal (send) set=(term hup kill) peer=unconfined,
|
signal (send) set=(term hup kill) peer=unconfined,
|
||||||
ptrace (read) peer=unconfined,
|
ptrace (read) peer=unconfined,
|
||||||
|
|
||||||
dbus bind bus=session
|
dbus bind bus=session name=org.gnome.Terminal,
|
||||||
name=org.gnome.Terminal,
|
|
||||||
|
|
||||||
@{exec_path} mr,
|
@{exec_path} mr,
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -12,11 +12,6 @@ profile goa-identity-service @{exec_path} {
|
||||||
include <abstractions/authentication>
|
include <abstractions/authentication>
|
||||||
include <abstractions/dbus-session-strict>
|
include <abstractions/dbus-session-strict>
|
||||||
|
|
||||||
dbus send bus=session path=/org/freedesktop/DBus
|
|
||||||
interface=org.freedesktop.DBus
|
|
||||||
member={RequestName,ReleaseName}
|
|
||||||
peer=(name=org.freedesktop.DBus, label=dbus-daemon),
|
|
||||||
|
|
||||||
dbus receive bus=session path=/org/gnome/Identity
|
dbus receive bus=session path=/org/gnome/Identity
|
||||||
interface=org.freedesktop.DBus.ObjectManager
|
interface=org.freedesktop.DBus.ObjectManager
|
||||||
member=GetManagedObjects
|
member=GetManagedObjects
|
||||||
|
|
|
||||||
|
|
@ -14,12 +14,7 @@ profile gsd-a11y-settings @{exec_path} flags=(attach_disconnected) {
|
||||||
|
|
||||||
signal (receive) set=(term, hup) peer=gdm*,
|
signal (receive) set=(term, hup) peer=gdm*,
|
||||||
|
|
||||||
dbus send bus=session path=/org/freedesktop/DBus
|
dbus send bus=session path=/org/gnome/SessionManager
|
||||||
interface=org.freedesktop.DBus
|
|
||||||
member={RequestName,ReleaseName}
|
|
||||||
peer=(name=org.freedesktop.DBus, label=dbus-daemon),
|
|
||||||
|
|
||||||
dbus send bus=session path=/org/gnome/SessionManager
|
|
||||||
interface=org.gnome.SessionManager
|
interface=org.gnome.SessionManager
|
||||||
member=RegisterClient
|
member=RegisterClient
|
||||||
peer=(name=:*, label=gnome-session-binary),
|
peer=(name=:*, label=gnome-session-binary),
|
||||||
|
|
@ -34,7 +29,7 @@ profile gsd-a11y-settings @{exec_path} flags=(attach_disconnected) {
|
||||||
member={GetAll,PropertiesChanged}
|
member={GetAll,PropertiesChanged}
|
||||||
peer=(name=:*, label=gnome-session-binary),
|
peer=(name=:*, label=gnome-session-binary),
|
||||||
|
|
||||||
dbus send bus=session path=/org/gnome/SessionManager/Client[0-9]*
|
dbus send bus=session path=/org/gnome/SessionManager/Client[0-9]*
|
||||||
interface=org.gnome.SessionManager.ClientPrivate
|
interface=org.gnome.SessionManager.ClientPrivate
|
||||||
member=EndSessionResponse
|
member=EndSessionResponse
|
||||||
peer=(name=:*, label=gnome-session-binary),
|
peer=(name=:*, label=gnome-session-binary),
|
||||||
|
|
|
||||||
|
|
@ -22,10 +22,7 @@ profile gsd-color @{exec_path} flags=(attach_disconnected) {
|
||||||
|
|
||||||
signal (receive) set=(term, hup) peer=gdm*,
|
signal (receive) set=(term, hup) peer=gdm*,
|
||||||
|
|
||||||
dbus send bus=session path=/org/freedesktop/DBus
|
dbus bind bus=session name=org.gnome.SettingsDaemon.Color,
|
||||||
interface=org.freedesktop.DBus
|
|
||||||
member={RequestName,ReleaseName}
|
|
||||||
peer=(name=org.freedesktop.DBus, label=dbus-daemon),
|
|
||||||
|
|
||||||
dbus (send, receive) bus=system path=/org/freedesktop/ColorManager{,/devices/*}
|
dbus (send, receive) bus=system path=/org/freedesktop/ColorManager{,/devices/*}
|
||||||
interface=org.freedesktop.ColorManager*,
|
interface=org.freedesktop.ColorManager*,
|
||||||
|
|
@ -39,17 +36,12 @@ profile gsd-color @{exec_path} flags=(attach_disconnected) {
|
||||||
member=GetAll
|
member=GetAll
|
||||||
peer=(name=:*, label=gnome-shell),
|
peer=(name=:*, label=gnome-shell),
|
||||||
|
|
||||||
dbus send bus=session path=/org/gtk/Settings
|
|
||||||
interface=org.freedesktop.DBus.Properties
|
|
||||||
member=GetAll
|
|
||||||
peer=(name=:*, label=gsd-xsettings),
|
|
||||||
|
|
||||||
dbus (send, receive) bus=session path=/org/gnome/SessionManager{,/Client[0-9]*}
|
dbus (send, receive) bus=session path=/org/gnome/SessionManager{,/Client[0-9]*}
|
||||||
interface=org.freedesktop.DBus.Properties
|
interface=org.freedesktop.DBus.Properties
|
||||||
member={GetAll,PropertiesChanged}
|
member={GetAll,PropertiesChanged}
|
||||||
peer=(name=:*, label=gnome-session-binary),
|
peer=(name=:*, label=gnome-session-binary),
|
||||||
|
|
||||||
dbus send bus=session path=/org/gnome/SessionManager/Client[0-9]*
|
dbus send bus=session path=/org/gnome/SessionManager/Client[0-9]*
|
||||||
interface=org.gnome.SessionManager.ClientPrivate
|
interface=org.gnome.SessionManager.ClientPrivate
|
||||||
member=EndSessionResponse
|
member=EndSessionResponse
|
||||||
peer=(name=:*, label=gnome-session-binary),
|
peer=(name=:*, label=gnome-session-binary),
|
||||||
|
|
@ -59,7 +51,7 @@ profile gsd-color @{exec_path} flags=(attach_disconnected) {
|
||||||
member={CancelEndSession,QueryEndSession,EndSession,Stop}
|
member={CancelEndSession,QueryEndSession,EndSession,Stop}
|
||||||
peer=(name=:*, label=gnome-session-binary),
|
peer=(name=:*, label=gnome-session-binary),
|
||||||
|
|
||||||
dbus send bus=session path=/org/gnome/SessionManager
|
dbus send bus=session path=/org/gnome/SessionManager
|
||||||
interface=org.gnome.SessionManager
|
interface=org.gnome.SessionManager
|
||||||
member=RegisterClient
|
member=RegisterClient
|
||||||
peer=(name=:*, label=gnome-session-binary),
|
peer=(name=:*, label=gnome-session-binary),
|
||||||
|
|
@ -89,9 +81,6 @@ profile gsd-color @{exec_path} flags=(attach_disconnected) {
|
||||||
member=Introspect
|
member=Introspect
|
||||||
peer=(name=:*, label=gnome-shell),
|
peer=(name=:*, label=gnome-shell),
|
||||||
|
|
||||||
dbus bind bus=session
|
|
||||||
name=org.gnome.SettingsDaemon.Color,
|
|
||||||
|
|
||||||
@{exec_path} mr,
|
@{exec_path} mr,
|
||||||
|
|
||||||
/usr/share/dconf/profile/gdm r,
|
/usr/share/dconf/profile/gdm r,
|
||||||
|
|
|
||||||
|
|
@ -14,12 +14,7 @@ profile gsd-datetime @{exec_path} flags=(attach_disconnected) {
|
||||||
|
|
||||||
signal (receive) set=(term, hup) peer=gdm*,
|
signal (receive) set=(term, hup) peer=gdm*,
|
||||||
|
|
||||||
dbus send bus=session path=/org/freedesktop/DBus
|
dbus send bus=session path=/org/gnome/SessionManager
|
||||||
interface=org.freedesktop.DBus
|
|
||||||
member={RequestName,ReleaseName}
|
|
||||||
peer=(name=org.freedesktop.DBus, label=dbus-daemon),
|
|
||||||
|
|
||||||
dbus send bus=session path=/org/gnome/SessionManager
|
|
||||||
interface=org.gnome.SessionManager
|
interface=org.gnome.SessionManager
|
||||||
member=RegisterClient
|
member=RegisterClient
|
||||||
peer=(name=:*, label=gnome-session-binary),
|
peer=(name=:*, label=gnome-session-binary),
|
||||||
|
|
@ -34,7 +29,7 @@ profile gsd-datetime @{exec_path} flags=(attach_disconnected) {
|
||||||
member={GetAll,PropertiesChanged}
|
member={GetAll,PropertiesChanged}
|
||||||
peer=(name=:*, label=gnome-session-binary),
|
peer=(name=:*, label=gnome-session-binary),
|
||||||
|
|
||||||
dbus send bus=session path=/org/gnome/SessionManager/Client[0-9]*
|
dbus send bus=session path=/org/gnome/SessionManager/Client[0-9]*
|
||||||
interface=org.gnome.SessionManager.ClientPrivate
|
interface=org.gnome.SessionManager.ClientPrivate
|
||||||
member=EndSessionResponse
|
member=EndSessionResponse
|
||||||
peer=(name=:*, label=gnome-session-binary),
|
peer=(name=:*, label=gnome-session-binary),
|
||||||
|
|
|
||||||
|
|
@ -12,11 +12,6 @@ profile gsd-disk-utility-notify @{exec_path} {
|
||||||
include <abstractions/dbus-session-strict>
|
include <abstractions/dbus-session-strict>
|
||||||
include <abstractions/dbus-strict>
|
include <abstractions/dbus-strict>
|
||||||
|
|
||||||
dbus send bus=session path=/org/freedesktop/DBus
|
|
||||||
interface=org.freedesktop.DBus
|
|
||||||
member={RequestName,ReleaseName}
|
|
||||||
peer=(name=org.freedesktop.DBus, label=dbus-daemon),
|
|
||||||
|
|
||||||
dbus receive bus=system path=/org/freedesktop/UDisks2{,/**}
|
dbus receive bus=system path=/org/freedesktop/UDisks2{,/**}
|
||||||
interface=org.freedesktop.DBus.{Properties,ObjectManager},
|
interface=org.freedesktop.DBus.{Properties,ObjectManager},
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -10,6 +10,7 @@ include <tunables/global>
|
||||||
profile gsd-housekeeping @{exec_path} flags=(attach_disconnected) {
|
profile gsd-housekeeping @{exec_path} flags=(attach_disconnected) {
|
||||||
include <abstractions/base>
|
include <abstractions/base>
|
||||||
include <abstractions/app-launcher-user>
|
include <abstractions/app-launcher-user>
|
||||||
|
include <abstractions/bus/vfs>
|
||||||
include <abstractions/dbus-session-strict>
|
include <abstractions/dbus-session-strict>
|
||||||
include <abstractions/dconf-write>
|
include <abstractions/dconf-write>
|
||||||
include <abstractions/thumbnails-cache-read>
|
include <abstractions/thumbnails-cache-read>
|
||||||
|
|
@ -17,10 +18,7 @@ profile gsd-housekeeping @{exec_path} flags=(attach_disconnected) {
|
||||||
signal (receive) set=(term, hup) peer=gdm*,
|
signal (receive) set=(term, hup) peer=gdm*,
|
||||||
signal (receive) set=(term, hup) peer=gnome*,
|
signal (receive) set=(term, hup) peer=gnome*,
|
||||||
|
|
||||||
dbus send bus=session path=/org/freedesktop/DBus
|
dbus bind bus=session name=org.gnome.SettingsDaemon.Housekeeping,
|
||||||
interface=org.freedesktop.DBus
|
|
||||||
member={RequestName,ReleaseName}
|
|
||||||
peer=(name=org.freedesktop.DBus, label=dbus-daemon),
|
|
||||||
|
|
||||||
dbus send bus=session path=/org/gnome/SessionManager
|
dbus send bus=session path=/org/gnome/SessionManager
|
||||||
interface=org.gnome.SessionManager
|
interface=org.gnome.SessionManager
|
||||||
|
|
@ -37,7 +35,7 @@ profile gsd-housekeeping @{exec_path} flags=(attach_disconnected) {
|
||||||
member={GetAll,PropertiesChanged}
|
member={GetAll,PropertiesChanged}
|
||||||
peer=(name=:*, label=gnome-session-binary),
|
peer=(name=:*, label=gnome-session-binary),
|
||||||
|
|
||||||
dbus send bus=session path=/org/gnome/SessionManager/Client[0-9]*
|
dbus send bus=session path=/org/gnome/SessionManager/Client[0-9]*
|
||||||
interface=org.gnome.SessionManager.ClientPrivate
|
interface=org.gnome.SessionManager.ClientPrivate
|
||||||
member=EndSessionResponse
|
member=EndSessionResponse
|
||||||
peer=(name=:*, label=gnome-session-binary),
|
peer=(name=:*, label=gnome-session-binary),
|
||||||
|
|
@ -52,14 +50,6 @@ profile gsd-housekeeping @{exec_path} flags=(attach_disconnected) {
|
||||||
member=Introspect
|
member=Introspect
|
||||||
peer=(name=:*, label=gnome-shell),
|
peer=(name=:*, label=gnome-shell),
|
||||||
|
|
||||||
dbus send bus=session path=/org/gtk/vfs/mounttracker
|
|
||||||
interface=org.gtk.vfs.MountTracker
|
|
||||||
member=ListMountableInfo
|
|
||||||
peer=(name=:*, label=gvfsd),
|
|
||||||
|
|
||||||
dbus bind bus=session
|
|
||||||
name=org.gnome.SettingsDaemon.Housekeeping,
|
|
||||||
|
|
||||||
@{exec_path} mr,
|
@{exec_path} mr,
|
||||||
|
|
||||||
/etc/fstab r,
|
/etc/fstab r,
|
||||||
|
|
|
||||||
|
|
@ -10,6 +10,7 @@ include <tunables/global>
|
||||||
profile gsd-keyboard @{exec_path} flags=(attach_disconnected) {
|
profile gsd-keyboard @{exec_path} flags=(attach_disconnected) {
|
||||||
include <abstractions/base>
|
include <abstractions/base>
|
||||||
include <abstractions/bus/atspi>
|
include <abstractions/bus/atspi>
|
||||||
|
include <abstractions/bus/vfs>
|
||||||
include <abstractions/dbus-accessibility-strict>
|
include <abstractions/dbus-accessibility-strict>
|
||||||
include <abstractions/dbus-session-strict>
|
include <abstractions/dbus-session-strict>
|
||||||
include <abstractions/dbus-strict>
|
include <abstractions/dbus-strict>
|
||||||
|
|
@ -22,26 +23,14 @@ profile gsd-keyboard @{exec_path} flags=(attach_disconnected) {
|
||||||
|
|
||||||
signal (receive) set=(term, hup) peer=gdm*,
|
signal (receive) set=(term, hup) peer=gdm*,
|
||||||
|
|
||||||
dbus send bus=session path=/org/freedesktop/DBus
|
dbus bind bus=session name=org.gnome.SettingsDaemon.Keyboard,
|
||||||
interface=org.freedesktop.DBus
|
|
||||||
member={RequestName,ReleaseName}
|
|
||||||
peer=(name=org.freedesktop.DBus, label=dbus-daemon),
|
|
||||||
|
|
||||||
dbus send bus=system path=/org/freedesktop/locale[0-9]
|
|
||||||
interface=org.freedesktop.DBus.Properties
|
|
||||||
member=GetAll,
|
|
||||||
|
|
||||||
dbus send bus=session path=/org/gtk/Settings
|
|
||||||
interface=org.freedesktop.DBus.Properties
|
|
||||||
member=GetAll
|
|
||||||
peer=(name=:*, label=gsd-xsettings),
|
|
||||||
|
|
||||||
dbus (send, receive) bus=session path=/org/gnome/SessionManager{,/Client[0-9]*}
|
dbus (send, receive) bus=session path=/org/gnome/SessionManager{,/Client[0-9]*}
|
||||||
interface=org.freedesktop.DBus.Properties
|
interface=org.freedesktop.DBus.Properties
|
||||||
member={GetAll,PropertiesChanged}
|
member={GetAll,PropertiesChanged}
|
||||||
peer=(name=:*, label=gnome-session-binary),
|
peer=(name=:*, label=gnome-session-binary),
|
||||||
|
|
||||||
dbus send bus=session path=/org/gnome/SessionManager/Client[0-9]*
|
dbus send bus=session path=/org/gnome/SessionManager/Client[0-9]*
|
||||||
interface=org.gnome.SessionManager.ClientPrivate
|
interface=org.gnome.SessionManager.ClientPrivate
|
||||||
member=EndSessionResponse
|
member=EndSessionResponse
|
||||||
peer=(name=:*, label=gnome-session-binary),
|
peer=(name=:*, label=gnome-session-binary),
|
||||||
|
|
@ -51,7 +40,7 @@ profile gsd-keyboard @{exec_path} flags=(attach_disconnected) {
|
||||||
member={CancelEndSession,QueryEndSession,EndSession,Stop}
|
member={CancelEndSession,QueryEndSession,EndSession,Stop}
|
||||||
peer=(name=:*, label=gnome-session-binary),
|
peer=(name=:*, label=gnome-session-binary),
|
||||||
|
|
||||||
dbus send bus=session path=/org/gnome/SessionManager
|
dbus send bus=session path=/org/gnome/SessionManager
|
||||||
interface=org.gnome.SessionManager
|
interface=org.gnome.SessionManager
|
||||||
member=RegisterClient
|
member=RegisterClient
|
||||||
peer=(name=:*, label=gnome-session-binary),
|
peer=(name=:*, label=gnome-session-binary),
|
||||||
|
|
@ -61,19 +50,16 @@ profile gsd-keyboard @{exec_path} flags=(attach_disconnected) {
|
||||||
member={ClientAdded,SessionRunning,ClientRemoved,InhibitorRemoved,InhibitorAdded}
|
member={ClientAdded,SessionRunning,ClientRemoved,InhibitorRemoved,InhibitorAdded}
|
||||||
peer=(name=:*, label=gnome-session-binary),
|
peer=(name=:*, label=gnome-session-binary),
|
||||||
|
|
||||||
dbus send bus=session path=/org/gtk/vfs/mounttracker
|
dbus send bus=system path=/org/freedesktop/locale1
|
||||||
interface=org.gtk.vfs.MountTracker
|
interface=org.freedesktop.DBus.Properties
|
||||||
member=ListMountableInfo
|
member=GetAll
|
||||||
peer=(name=:*, label=gvfsd),
|
peer=(name=:*, label=systemd-localed),
|
||||||
|
|
||||||
dbus receive bus=session
|
dbus receive bus=session
|
||||||
interface=org.freedesktop.DBus.Introspectable
|
interface=org.freedesktop.DBus.Introspectable
|
||||||
member=Introspect
|
member=Introspect
|
||||||
peer=(name=:*, label=gnome-shell),
|
peer=(name=:*, label=gnome-shell),
|
||||||
|
|
||||||
dbus bind bus=session
|
|
||||||
name=org.gnome.SettingsDaemon.Keyboard,
|
|
||||||
|
|
||||||
@{exec_path} mr,
|
@{exec_path} mr,
|
||||||
|
|
||||||
/usr/share/dconf/profile/gdm r,
|
/usr/share/dconf/profile/gdm r,
|
||||||
|
|
|
||||||
|
|
@ -26,20 +26,15 @@ profile gsd-media-keys @{exec_path} flags=(attach_disconnected) {
|
||||||
|
|
||||||
network netlink raw,
|
network netlink raw,
|
||||||
|
|
||||||
dbus send bus=session path=/org/freedesktop/DBus
|
|
||||||
interface=org.freedesktop.DBus
|
|
||||||
member={RequestName,ReleaseName}
|
|
||||||
peer=(name=org.freedesktop.DBus, label=dbus-daemon),
|
|
||||||
|
|
||||||
dbus send bus=system path=/org/freedesktop/login1
|
dbus send bus=system path=/org/freedesktop/login1
|
||||||
interface=org.freedesktop.DBus.Properties
|
interface=org.freedesktop.DBus.Properties
|
||||||
member=GetAll,
|
member=GetAll,
|
||||||
|
|
||||||
dbus send bus=system path=/org/freedesktop/login1
|
dbus send bus=system path=/org/freedesktop/login1
|
||||||
interface=org.freedesktop.login1.Manager
|
interface=org.freedesktop.login1.Manager
|
||||||
member=Inhibit,
|
member=Inhibit,
|
||||||
|
|
||||||
dbus send bus=system path=/org/freedesktop/login1
|
dbus send bus=system path=/org/freedesktop/login1
|
||||||
interface=org.freedesktop.login1.Manager
|
interface=org.freedesktop.login1.Manager
|
||||||
member=PowerOff,
|
member=PowerOff,
|
||||||
|
|
||||||
|
|
@ -52,7 +47,7 @@ profile gsd-media-keys @{exec_path} flags=(attach_disconnected) {
|
||||||
interface=org.freedesktop.DBus.Properties
|
interface=org.freedesktop.DBus.Properties
|
||||||
member=PropertiesChanged,
|
member=PropertiesChanged,
|
||||||
|
|
||||||
dbus send bus=system path=/org/freedesktop/hostname[0-9]
|
dbus send bus=system path=/org/freedesktop/hostname1
|
||||||
interface=org.freedesktop.DBus.Properties
|
interface=org.freedesktop.DBus.Properties
|
||||||
member=Get,
|
member=Get,
|
||||||
|
|
||||||
|
|
@ -65,7 +60,7 @@ profile gsd-media-keys @{exec_path} flags=(attach_disconnected) {
|
||||||
member={GetAll,PropertiesChanged}
|
member={GetAll,PropertiesChanged}
|
||||||
peer=(name=:*, label=gnome-session-binary),
|
peer=(name=:*, label=gnome-session-binary),
|
||||||
|
|
||||||
dbus send bus=session path=/org/gnome/SessionManager/Client[0-9]*
|
dbus send bus=session path=/org/gnome/SessionManager/Client[0-9]*
|
||||||
interface=org.gnome.SessionManager.ClientPrivate
|
interface=org.gnome.SessionManager.ClientPrivate
|
||||||
member=EndSessionResponse
|
member=EndSessionResponse
|
||||||
peer=(name=:*, label=gnome-session-binary),
|
peer=(name=:*, label=gnome-session-binary),
|
||||||
|
|
@ -75,7 +70,7 @@ profile gsd-media-keys @{exec_path} flags=(attach_disconnected) {
|
||||||
member={CancelEndSession,QueryEndSession,EndSession,Stop}
|
member={CancelEndSession,QueryEndSession,EndSession,Stop}
|
||||||
peer=(name=:*, label=gnome-session-binary),
|
peer=(name=:*, label=gnome-session-binary),
|
||||||
|
|
||||||
dbus send bus=session path=/org/gnome/SessionManager
|
dbus send bus=session path=/org/gnome/SessionManager
|
||||||
interface=org.gnome.SessionManager
|
interface=org.gnome.SessionManager
|
||||||
member=RegisterClient
|
member=RegisterClient
|
||||||
peer=(name=:*, label=gnome-session-binary),
|
peer=(name=:*, label=gnome-session-binary),
|
||||||
|
|
@ -85,7 +80,7 @@ profile gsd-media-keys @{exec_path} flags=(attach_disconnected) {
|
||||||
member={ClientAdded,SessionRunning,ClientRemoved,InhibitorRemoved,InhibitorAdded}
|
member={ClientAdded,SessionRunning,ClientRemoved,InhibitorRemoved,InhibitorAdded}
|
||||||
peer=(name=:*, label=gnome-session-binary),
|
peer=(name=:*, label=gnome-session-binary),
|
||||||
|
|
||||||
dbus send bus=session path=/org/gnome/Shell
|
dbus send bus=session path=/org/gnome/Shell
|
||||||
interface=org.freedesktop.DBus.Properties
|
interface=org.freedesktop.DBus.Properties
|
||||||
member=GetAll
|
member=GetAll
|
||||||
peer=(name=:*, label=gnome-shell),
|
peer=(name=:*, label=gnome-shell),
|
||||||
|
|
@ -95,7 +90,7 @@ profile gsd-media-keys @{exec_path} flags=(attach_disconnected) {
|
||||||
member=GetAll
|
member=GetAll
|
||||||
peer=(name=:*, label=gnome-shell),
|
peer=(name=:*, label=gnome-shell),
|
||||||
|
|
||||||
dbus send bus=session path=/org/gnome/Shell
|
dbus send bus=session path=/org/gnome/Shell
|
||||||
interface=org.gnome.Shell
|
interface=org.gnome.Shell
|
||||||
member={GrabAccelerators,UngrabAccelerators}
|
member={GrabAccelerators,UngrabAccelerators}
|
||||||
peer=(name=:*, label=gnome-shell),
|
peer=(name=:*, label=gnome-shell),
|
||||||
|
|
@ -115,7 +110,7 @@ profile gsd-media-keys @{exec_path} flags=(attach_disconnected) {
|
||||||
member=ListNames
|
member=ListNames
|
||||||
peer=(name=org.freedesktop.DBus, label=dbus-daemon),
|
peer=(name=org.freedesktop.DBus, label=dbus-daemon),
|
||||||
|
|
||||||
dbus send bus=session path=/org/gnome/SettingsDaemon/Power
|
dbus send bus=session path=/org/gnome/SettingsDaemon/Power
|
||||||
interface=org.freedesktop.DBus.Properties
|
interface=org.freedesktop.DBus.Properties
|
||||||
member=GetAll
|
member=GetAll
|
||||||
peer=(name=:*, label=gsd-power),
|
peer=(name=:*, label=gsd-power),
|
||||||
|
|
@ -125,11 +120,6 @@ profile gsd-media-keys @{exec_path} flags=(attach_disconnected) {
|
||||||
member=PropertiesChanged
|
member=PropertiesChanged
|
||||||
peer=(name=:*, label=gsd-power),
|
peer=(name=:*, label=gsd-power),
|
||||||
|
|
||||||
dbus send bus=session path=/org/gtk/Settings
|
|
||||||
interface=org.freedesktop.DBus.Properties
|
|
||||||
member=GetAll
|
|
||||||
peer=(name=:*, label=gsd-xsettings),
|
|
||||||
|
|
||||||
dbus receive bus=session path=/org/gnome/Mutter/IdleMonitor/Core
|
dbus receive bus=session path=/org/gnome/Mutter/IdleMonitor/Core
|
||||||
interface=org.gnome.Mutter.IdleMonitor
|
interface=org.gnome.Mutter.IdleMonitor
|
||||||
member=WatchFired
|
member=WatchFired
|
||||||
|
|
|
||||||
|
|
@ -11,6 +11,7 @@ profile gsd-power @{exec_path} flags=(attach_disconnected) {
|
||||||
include <abstractions/base>
|
include <abstractions/base>
|
||||||
include <abstractions/audio>
|
include <abstractions/audio>
|
||||||
include <abstractions/bus/atspi>
|
include <abstractions/bus/atspi>
|
||||||
|
include <abstractions/bus/vfs>
|
||||||
include <abstractions/dbus-accessibility-strict>
|
include <abstractions/dbus-accessibility-strict>
|
||||||
include <abstractions/dbus-session-strict>
|
include <abstractions/dbus-session-strict>
|
||||||
include <abstractions/dbus-strict>
|
include <abstractions/dbus-strict>
|
||||||
|
|
@ -66,7 +67,7 @@ profile gsd-power @{exec_path} flags=(attach_disconnected) {
|
||||||
member={GetAll,PropertiesChanged}
|
member={GetAll,PropertiesChanged}
|
||||||
peer=(name=:*, label=gnome-session-binary),
|
peer=(name=:*, label=gnome-session-binary),
|
||||||
|
|
||||||
dbus send bus=session path=/org/gnome/SessionManager/Client[0-9]*
|
dbus send bus=session path=/org/gnome/SessionManager/Client[0-9]*
|
||||||
interface=org.gnome.SessionManager.ClientPrivate
|
interface=org.gnome.SessionManager.ClientPrivate
|
||||||
member=EndSessionResponse
|
member=EndSessionResponse
|
||||||
peer=(name=:*, label=gnome-session-binary),
|
peer=(name=:*, label=gnome-session-binary),
|
||||||
|
|
@ -76,7 +77,7 @@ profile gsd-power @{exec_path} flags=(attach_disconnected) {
|
||||||
member={CancelEndSession,QueryEndSession,EndSession,Stop}
|
member={CancelEndSession,QueryEndSession,EndSession,Stop}
|
||||||
peer=(name=:*, label=gnome-session-binary),
|
peer=(name=:*, label=gnome-session-binary),
|
||||||
|
|
||||||
dbus send bus=session path=/org/gnome/SessionManager
|
dbus send bus=session path=/org/gnome/SessionManager
|
||||||
interface=org.gnome.SessionManager
|
interface=org.gnome.SessionManager
|
||||||
member=RegisterClient
|
member=RegisterClient
|
||||||
peer=(name=:*, label=gnome-session-binary),
|
peer=(name=:*, label=gnome-session-binary),
|
||||||
|
|
@ -106,17 +107,12 @@ profile gsd-power @{exec_path} flags=(attach_disconnected) {
|
||||||
member={GetAll,PropertiesChanged,Set}
|
member={GetAll,PropertiesChanged,Set}
|
||||||
peer=(name="{org.freedesktop.DBus,:*}", label="{gsd-media-keys,gnome-shell}"),
|
peer=(name="{org.freedesktop.DBus,:*}", label="{gsd-media-keys,gnome-shell}"),
|
||||||
|
|
||||||
dbus send bus=session path=/org/gtk/Settings
|
|
||||||
interface=org.freedesktop.DBus.Properties
|
|
||||||
member=GetAll
|
|
||||||
peer=(name=:*, label=gsd-xsettings),
|
|
||||||
|
|
||||||
dbus send bus=session path=/org/gnome/Mutter/IdleMonitor
|
dbus send bus=session path=/org/gnome/Mutter/IdleMonitor
|
||||||
interface=org.freedesktop.DBus.ObjectManager
|
interface=org.freedesktop.DBus.ObjectManager
|
||||||
member=GetManagedObjects
|
member=GetManagedObjects
|
||||||
peer=(name=:*, label=gnome-shell),
|
peer=(name=:*, label=gnome-shell),
|
||||||
|
|
||||||
dbus send bus=session path=/org/gnome/Mutter/IdleMonitor/Core
|
dbus send bus=session path=/org/gnome/Mutter/IdleMonitor/Core
|
||||||
interface=org.gnome.Mutter.IdleMonitor
|
interface=org.gnome.Mutter.IdleMonitor
|
||||||
member={AddIdleWatch,AddUserActiveWatch,RemoveWatch}
|
member={AddIdleWatch,AddUserActiveWatch,RemoveWatch}
|
||||||
peer=(name=:*, label=gnome-shell),
|
peer=(name=:*, label=gnome-shell),
|
||||||
|
|
@ -126,11 +122,6 @@ profile gsd-power @{exec_path} flags=(attach_disconnected) {
|
||||||
member=WatchFired
|
member=WatchFired
|
||||||
peer=(name=:*, label=gnome-shell),
|
peer=(name=:*, label=gnome-shell),
|
||||||
|
|
||||||
dbus send bus=session path=/org/gtk/vfs/mounttracker
|
|
||||||
interface=org.gtk.vfs.MountTracker
|
|
||||||
member=ListMountableInfo
|
|
||||||
peer=(name=:*, label=gvfsd),
|
|
||||||
|
|
||||||
dbus receive bus=session path=/org/gnome/ScreenSaver
|
dbus receive bus=session path=/org/gnome/ScreenSaver
|
||||||
interface=org.gnome.ScreenSaver
|
interface=org.gnome.ScreenSaver
|
||||||
member=ActiveChanged
|
member=ActiveChanged
|
||||||
|
|
|
||||||
|
|
@ -19,20 +19,17 @@ profile gsd-print-notifications @{exec_path} flags=(attach_disconnected) {
|
||||||
signal (receive) set=(term, hup) peer=gdm*,
|
signal (receive) set=(term, hup) peer=gdm*,
|
||||||
signal (send) set=(hup) peer=gsd-printer,
|
signal (send) set=(hup) peer=gsd-printer,
|
||||||
|
|
||||||
dbus send bus=session path=/org/freedesktop/DBus
|
dbus bind bus=session name=org.gnome.SettingsDaemon.PrintNotifications,
|
||||||
interface=org.freedesktop.DBus
|
|
||||||
member={RequestName,ReleaseName}
|
|
||||||
peer=(name=org.freedesktop.DBus, label=dbus-daemon),
|
|
||||||
|
|
||||||
dbus (send,receive) bus=system path=/Client[0-9]*/ServiceBrowser[0-9]*
|
dbus (send,receive) bus=system path=/Client[0-9]*/ServiceBrowser[0-9]*
|
||||||
interface=org.freedesktop.Avahi.ServiceBrowser
|
interface=org.freedesktop.Avahi.ServiceBrowser
|
||||||
member={CacheExhausted,AllForNow,CacheExhausted,AllForNow,Free},
|
member={CacheExhausted,AllForNow,CacheExhausted,AllForNow,Free},
|
||||||
|
|
||||||
dbus send bus=system path=/
|
dbus send bus=system path=/
|
||||||
interface=org.freedesktop.DBus.Peer
|
interface=org.freedesktop.DBus.Peer
|
||||||
member=Ping,
|
member=Ping,
|
||||||
|
|
||||||
dbus send bus=system path=/
|
dbus send bus=system path=/
|
||||||
interface=org.freedesktop.Avahi.Server
|
interface=org.freedesktop.Avahi.Server
|
||||||
member={GetAPIVersion,GetState,ServiceBrowserNew},
|
member={GetAPIVersion,GetState,ServiceBrowserNew},
|
||||||
|
|
||||||
|
|
@ -48,7 +45,7 @@ profile gsd-print-notifications @{exec_path} flags=(attach_disconnected) {
|
||||||
member={GetAll,PropertiesChanged}
|
member={GetAll,PropertiesChanged}
|
||||||
peer=(name=:*, label=gnome-session-binary),
|
peer=(name=:*, label=gnome-session-binary),
|
||||||
|
|
||||||
dbus send bus=session path=/org/gnome/SessionManager/Client[0-9]*
|
dbus send bus=session path=/org/gnome/SessionManager/Client[0-9]*
|
||||||
interface=org.gnome.SessionManager.ClientPrivate
|
interface=org.gnome.SessionManager.ClientPrivate
|
||||||
member=EndSessionResponse
|
member=EndSessionResponse
|
||||||
peer=(name=:*, label=gnome-session-binary),
|
peer=(name=:*, label=gnome-session-binary),
|
||||||
|
|
@ -63,7 +60,7 @@ profile gsd-print-notifications @{exec_path} flags=(attach_disconnected) {
|
||||||
member={ClientAdded,SessionRunning,ClientRemoved,InhibitorRemoved,InhibitorAdded}
|
member={ClientAdded,SessionRunning,ClientRemoved,InhibitorRemoved,InhibitorAdded}
|
||||||
peer=(name=:*, label=gnome-session-binary),
|
peer=(name=:*, label=gnome-session-binary),
|
||||||
|
|
||||||
dbus send bus=session path=/org/gnome/SessionManager
|
dbus send bus=session path=/org/gnome/SessionManager
|
||||||
interface=org.gnome.SessionManager
|
interface=org.gnome.SessionManager
|
||||||
member=RegisterClient
|
member=RegisterClient
|
||||||
peer=(name=:*, label=gnome-session-binary),
|
peer=(name=:*, label=gnome-session-binary),
|
||||||
|
|
@ -73,9 +70,6 @@ profile gsd-print-notifications @{exec_path} flags=(attach_disconnected) {
|
||||||
member=Introspect
|
member=Introspect
|
||||||
peer=(name=:*, label=gnome-shell),
|
peer=(name=:*, label=gnome-shell),
|
||||||
|
|
||||||
dbus bind bus=session
|
|
||||||
name=org.gnome.SettingsDaemon.PrintNotifications,
|
|
||||||
|
|
||||||
@{exec_path} mr,
|
@{exec_path} mr,
|
||||||
@{lib}/gsd-printer rPx,
|
@{lib}/gsd-printer rPx,
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -35,7 +35,7 @@ profile gsd-printer @{exec_path} flags=(attach_disconnected) {
|
||||||
member=GetAll
|
member=GetAll
|
||||||
peer=(name=:*, label=gnome-session-binary),
|
peer=(name=:*, label=gnome-session-binary),
|
||||||
|
|
||||||
dbus send bus=session path=/org/gnome/SessionManager/Client[0-9]*
|
dbus send bus=session path=/org/gnome/SessionManager/Client[0-9]*
|
||||||
interface=org.gnome.SessionManager.ClientPrivate
|
interface=org.gnome.SessionManager.ClientPrivate
|
||||||
member=EndSessionResponse
|
member=EndSessionResponse
|
||||||
peer=(name=:*, label=gnome-session-binary),
|
peer=(name=:*, label=gnome-session-binary),
|
||||||
|
|
|
||||||
|
|
@ -16,11 +16,6 @@ profile gsd-rfkill @{exec_path} flags=(attach_disconnected) {
|
||||||
|
|
||||||
network netlink raw,
|
network netlink raw,
|
||||||
|
|
||||||
dbus send bus=session path=/org/freedesktop/DBus
|
|
||||||
interface=org.freedesktop.DBus
|
|
||||||
member={RequestName,ReleaseName}
|
|
||||||
peer=(name=org.freedesktop.DBus, label=dbus-daemon),
|
|
||||||
|
|
||||||
dbus send bus=system path=/org/freedesktop/hostname[0-9]
|
dbus send bus=system path=/org/freedesktop/hostname[0-9]
|
||||||
interface=org.freedesktop.DBus.Properties
|
interface=org.freedesktop.DBus.Properties
|
||||||
member=Get,
|
member=Get,
|
||||||
|
|
@ -33,6 +28,11 @@ profile gsd-rfkill @{exec_path} flags=(attach_disconnected) {
|
||||||
interface=org.freedesktop.DBus.ObjectManager
|
interface=org.freedesktop.DBus.ObjectManager
|
||||||
member=GetManagedObjects,
|
member=GetManagedObjects,
|
||||||
|
|
||||||
|
dbus send bus=session path=/org/gnome/SettingsDaemon/Rfkill
|
||||||
|
interface=org.freedesktop.DBus.Properties
|
||||||
|
member=PropertiesChanged
|
||||||
|
peer=(name=org.freedesktop.DBus, label=gsd-media-keys),
|
||||||
|
|
||||||
dbus receive bus=system path=/org/freedesktop/NetworkManager
|
dbus receive bus=system path=/org/freedesktop/NetworkManager
|
||||||
interface=org.freedesktop.NetworkManager
|
interface=org.freedesktop.NetworkManager
|
||||||
member={CheckPermissions,StateChanged},
|
member={CheckPermissions,StateChanged},
|
||||||
|
|
@ -46,7 +46,7 @@ profile gsd-rfkill @{exec_path} flags=(attach_disconnected) {
|
||||||
member={GetAll,PropertiesChanged}
|
member={GetAll,PropertiesChanged}
|
||||||
peer=(name=:*, label=gnome-session-binary),
|
peer=(name=:*, label=gnome-session-binary),
|
||||||
|
|
||||||
dbus send bus=session path=/org/gnome/SessionManager/Client[0-9]*
|
dbus send bus=session path=/org/gnome/SessionManager/Client[0-9]*
|
||||||
interface=org.gnome.SessionManager.ClientPrivate
|
interface=org.gnome.SessionManager.ClientPrivate
|
||||||
member=EndSessionResponse
|
member=EndSessionResponse
|
||||||
peer=(name=:*, label=gnome-session-binary),
|
peer=(name=:*, label=gnome-session-binary),
|
||||||
|
|
@ -56,7 +56,7 @@ profile gsd-rfkill @{exec_path} flags=(attach_disconnected) {
|
||||||
member={CancelEndSession,QueryEndSession,EndSession,Stop}
|
member={CancelEndSession,QueryEndSession,EndSession,Stop}
|
||||||
peer=(name=:*, label=gnome-session-binary),
|
peer=(name=:*, label=gnome-session-binary),
|
||||||
|
|
||||||
dbus send bus=session path=/org/gnome/SessionManager
|
dbus send bus=session path=/org/gnome/SessionManager
|
||||||
interface=org.gnome.SessionManager
|
interface=org.gnome.SessionManager
|
||||||
member=RegisterClient
|
member=RegisterClient
|
||||||
peer=(name=:*, label=gnome-session-binary),
|
peer=(name=:*, label=gnome-session-binary),
|
||||||
|
|
|
||||||
|
|
@ -13,17 +13,12 @@ profile gsd-screensaver-proxy @{exec_path} flags=(attach_disconnected) {
|
||||||
|
|
||||||
signal (receive) set=(term, hup) peer=gdm*,
|
signal (receive) set=(term, hup) peer=gdm*,
|
||||||
|
|
||||||
dbus send bus=session path=/org/freedesktop/DBus
|
|
||||||
interface=org.freedesktop.DBus
|
|
||||||
member={RequestName,ReleaseName}
|
|
||||||
peer=(name=org.freedesktop.DBus, label=dbus-daemon),
|
|
||||||
|
|
||||||
dbus (send, receive) bus=session path=/org/gnome/SessionManager{,/Client[0-9]*}
|
dbus (send, receive) bus=session path=/org/gnome/SessionManager{,/Client[0-9]*}
|
||||||
interface=org.freedesktop.DBus.Properties
|
interface=org.freedesktop.DBus.Properties
|
||||||
member={GetAll,PropertiesChanged}
|
member={GetAll,PropertiesChanged}
|
||||||
peer=(name=:*, label=gnome-session-binary),
|
peer=(name=:*, label=gnome-session-binary),
|
||||||
|
|
||||||
dbus send bus=session path=/org/gnome/SessionManager/Client[0-9]*
|
dbus send bus=session path=/org/gnome/SessionManager/Client[0-9]*
|
||||||
interface=org.gnome.SessionManager.ClientPrivate
|
interface=org.gnome.SessionManager.ClientPrivate
|
||||||
member=EndSessionResponse
|
member=EndSessionResponse
|
||||||
peer=(name=:*, label=gnome-session-binary),
|
peer=(name=:*, label=gnome-session-binary),
|
||||||
|
|
@ -33,7 +28,7 @@ profile gsd-screensaver-proxy @{exec_path} flags=(attach_disconnected) {
|
||||||
member={CancelEndSession,QueryEndSession,EndSession,Stop}
|
member={CancelEndSession,QueryEndSession,EndSession,Stop}
|
||||||
peer=(name=:*, label=gnome-session-binary),
|
peer=(name=:*, label=gnome-session-binary),
|
||||||
|
|
||||||
dbus send bus=session path=/org/gnome/SessionManager
|
dbus send bus=session path=/org/gnome/SessionManager
|
||||||
interface=org.gnome.SessionManager
|
interface=org.gnome.SessionManager
|
||||||
member=RegisterClient
|
member=RegisterClient
|
||||||
peer=(name=:*, label=gnome-session-binary),
|
peer=(name=:*, label=gnome-session-binary),
|
||||||
|
|
|
||||||
|
|
@ -9,19 +9,14 @@ include <tunables/global>
|
||||||
@{exec_path} = @{lib}/gsd-sharing
|
@{exec_path} = @{lib}/gsd-sharing
|
||||||
profile gsd-sharing @{exec_path} flags=(attach_disconnected) {
|
profile gsd-sharing @{exec_path} flags=(attach_disconnected) {
|
||||||
include <abstractions/base>
|
include <abstractions/base>
|
||||||
include <abstractions/dbus-network-manager-strict>
|
include <abstractions/bus/network-manager>
|
||||||
include <abstractions/dbus-session-strict>
|
include <abstractions/dbus-session-strict>
|
||||||
include <abstractions/dbus-strict>
|
include <abstractions/dbus-strict>
|
||||||
include <abstractions/dconf-write>
|
include <abstractions/dconf-write>
|
||||||
|
|
||||||
signal (receive) set=(term, hup) peer=gdm*,
|
signal (receive) set=(term, hup) peer=gdm*,
|
||||||
|
|
||||||
dbus send bus=session path=/org/freedesktop/DBus
|
dbus send bus=system path=/org/freedesktop
|
||||||
interface=org.freedesktop.DBus
|
|
||||||
member={RequestName,ReleaseName}
|
|
||||||
peer=(name=org.freedesktop.DBus, label=dbus-daemon),
|
|
||||||
|
|
||||||
dbus send bus=system path=/org/freedesktop
|
|
||||||
interface=org.freedesktop.DBus.ObjectManager
|
interface=org.freedesktop.DBus.ObjectManager
|
||||||
member=GetManagedObjects
|
member=GetManagedObjects
|
||||||
peer=(name=:*, label=NetworkManager),
|
peer=(name=:*, label=NetworkManager),
|
||||||
|
|
@ -36,7 +31,7 @@ profile gsd-sharing @{exec_path} flags=(attach_disconnected) {
|
||||||
member=StateChanged
|
member=StateChanged
|
||||||
peer=(name=:*, label=NetworkManager),
|
peer=(name=:*, label=NetworkManager),
|
||||||
|
|
||||||
dbus send bus=system path=/org/freedesktop/NetworkManager/Settings/[0-9]*
|
dbus send bus=system path=/org/freedesktop/NetworkManager/Settings/[0-9]*
|
||||||
interface=org.freedesktop.NetworkManager.Settings.Connection
|
interface=org.freedesktop.NetworkManager.Settings.Connection
|
||||||
member=GetSettings
|
member=GetSettings
|
||||||
peer=(name=:*, label=NetworkManager),
|
peer=(name=:*, label=NetworkManager),
|
||||||
|
|
@ -51,7 +46,7 @@ profile gsd-sharing @{exec_path} flags=(attach_disconnected) {
|
||||||
member=PropertiesChanged
|
member=PropertiesChanged
|
||||||
peer=(name=:*, label=NetworkManager),
|
peer=(name=:*, label=NetworkManager),
|
||||||
|
|
||||||
dbus send bus=system path=/org/freedesktop/NetworkManager
|
dbus send bus=system path=/org/freedesktop/NetworkManager
|
||||||
interface=org.freedesktop.NetworkManager
|
interface=org.freedesktop.NetworkManager
|
||||||
member=GetPermissions
|
member=GetPermissions
|
||||||
peer=(name=:*, label=NetworkManager),
|
peer=(name=:*, label=NetworkManager),
|
||||||
|
|
@ -61,7 +56,7 @@ profile gsd-sharing @{exec_path} flags=(attach_disconnected) {
|
||||||
member=CheckPermissions
|
member=CheckPermissions
|
||||||
peer=(name=:*, label=NetworkManager),
|
peer=(name=:*, label=NetworkManager),
|
||||||
|
|
||||||
dbus send bus=session path=/org/gnome/SessionManager
|
dbus send bus=session path=/org/gnome/SessionManager
|
||||||
interface=org.gnome.SessionManager
|
interface=org.gnome.SessionManager
|
||||||
member=RegisterClient
|
member=RegisterClient
|
||||||
peer=(name=:*, label=gnome-session-binary),
|
peer=(name=:*, label=gnome-session-binary),
|
||||||
|
|
@ -76,7 +71,7 @@ profile gsd-sharing @{exec_path} flags=(attach_disconnected) {
|
||||||
member={GetAll,PropertiesChanged}
|
member={GetAll,PropertiesChanged}
|
||||||
peer=(name=:*, label=gnome-session-binary),
|
peer=(name=:*, label=gnome-session-binary),
|
||||||
|
|
||||||
dbus send bus=session path=/org/gnome/SessionManager/Client[0-9]*
|
dbus send bus=session path=/org/gnome/SessionManager/Client[0-9]*
|
||||||
interface=org.gnome.SessionManager.ClientPrivate
|
interface=org.gnome.SessionManager.ClientPrivate
|
||||||
member=EndSessionResponse
|
member=EndSessionResponse
|
||||||
peer=(name=:*, label=gnome-session-binary),
|
peer=(name=:*, label=gnome-session-binary),
|
||||||
|
|
|
||||||
|
|
@ -16,12 +16,7 @@ profile gsd-smartcard @{exec_path} flags=(attach_disconnected) {
|
||||||
|
|
||||||
signal (receive) set=(term, hup) peer=gdm*,
|
signal (receive) set=(term, hup) peer=gdm*,
|
||||||
|
|
||||||
dbus send bus=session path=/org/freedesktop/DBus
|
dbus send bus=session path=/org/gnome/SessionManager
|
||||||
interface=org.freedesktop.DBus
|
|
||||||
member={RequestName,ReleaseName}
|
|
||||||
peer=(name=org.freedesktop.DBus, label=dbus-daemon),
|
|
||||||
|
|
||||||
dbus send bus=session path=/org/gnome/SessionManager
|
|
||||||
interface=org.gnome.SessionManager
|
interface=org.gnome.SessionManager
|
||||||
member=RegisterClient
|
member=RegisterClient
|
||||||
peer=(name=:*, label=gnome-session-binary),
|
peer=(name=:*, label=gnome-session-binary),
|
||||||
|
|
@ -36,7 +31,7 @@ profile gsd-smartcard @{exec_path} flags=(attach_disconnected) {
|
||||||
member={GetAll,PropertiesChanged}
|
member={GetAll,PropertiesChanged}
|
||||||
peer=(name=:*, label=gnome-session-binary),
|
peer=(name=:*, label=gnome-session-binary),
|
||||||
|
|
||||||
dbus send bus=session path=/org/gnome/SessionManager/Client[0-9]*
|
dbus send bus=session path=/org/gnome/SessionManager/Client[0-9]*
|
||||||
interface=org.gnome.SessionManager.ClientPrivate
|
interface=org.gnome.SessionManager.ClientPrivate
|
||||||
member=EndSessionResponse
|
member=EndSessionResponse
|
||||||
peer=(name=:*, label=gnome-session-binary),
|
peer=(name=:*, label=gnome-session-binary),
|
||||||
|
|
|
||||||
|
|
@ -15,12 +15,7 @@ profile gsd-sound @{exec_path} flags=(attach_disconnected) {
|
||||||
|
|
||||||
signal (receive) set=(term, hup) peer=gdm*,
|
signal (receive) set=(term, hup) peer=gdm*,
|
||||||
|
|
||||||
dbus send bus=session path=/org/freedesktop/DBus
|
dbus send bus=session path=/org/gnome/SessionManager
|
||||||
interface=org.freedesktop.DBus
|
|
||||||
member={RequestName,ReleaseName}
|
|
||||||
peer=(name=org.freedesktop.DBus, label=dbus-daemon),
|
|
||||||
|
|
||||||
dbus send bus=session path=/org/gnome/SessionManager
|
|
||||||
interface=org.gnome.SessionManager
|
interface=org.gnome.SessionManager
|
||||||
member=RegisterClient
|
member=RegisterClient
|
||||||
peer=(name=:*, label=gnome-session-binary),
|
peer=(name=:*, label=gnome-session-binary),
|
||||||
|
|
@ -35,7 +30,7 @@ profile gsd-sound @{exec_path} flags=(attach_disconnected) {
|
||||||
member={GetAll,PropertiesChanged}
|
member={GetAll,PropertiesChanged}
|
||||||
peer=(name=:*, label=gnome-session-binary),
|
peer=(name=:*, label=gnome-session-binary),
|
||||||
|
|
||||||
dbus send bus=session path=/org/gnome/SessionManager/Client[0-9]*
|
dbus send bus=session path=/org/gnome/SessionManager/Client[0-9]*
|
||||||
interface=org.gnome.SessionManager.ClientPrivate
|
interface=org.gnome.SessionManager.ClientPrivate
|
||||||
member=EndSessionResponse
|
member=EndSessionResponse
|
||||||
peer=(name=:*, label=gnome-session-binary),
|
peer=(name=:*, label=gnome-session-binary),
|
||||||
|
|
|
||||||
|
|
@ -10,6 +10,7 @@ include <tunables/global>
|
||||||
profile gsd-wacom @{exec_path} flags=(attach_disconnected) {
|
profile gsd-wacom @{exec_path} flags=(attach_disconnected) {
|
||||||
include <abstractions/base>
|
include <abstractions/base>
|
||||||
include <abstractions/bus/atspi>
|
include <abstractions/bus/atspi>
|
||||||
|
include <abstractions/bus/vfs>
|
||||||
include <abstractions/dbus-accessibility-strict>
|
include <abstractions/dbus-accessibility-strict>
|
||||||
include <abstractions/dbus-session-strict>
|
include <abstractions/dbus-session-strict>
|
||||||
include <abstractions/dconf-write>
|
include <abstractions/dconf-write>
|
||||||
|
|
@ -21,27 +22,24 @@ profile gsd-wacom @{exec_path} flags=(attach_disconnected) {
|
||||||
|
|
||||||
signal (receive) set=(term, hup) peer=gdm*,
|
signal (receive) set=(term, hup) peer=gdm*,
|
||||||
|
|
||||||
dbus send bus=session path=/org/freedesktop/DBus
|
dbus bind bus=session name=org.gnome.SettingsDaemon.Wacom,
|
||||||
interface=org.freedesktop.DBus
|
|
||||||
member={RequestName,ReleaseName}
|
|
||||||
peer=(name=org.freedesktop.DBus, label=dbus-daemon),
|
|
||||||
|
|
||||||
dbus (send, receive) bus=session path=/org/gnome/SessionManager{,/Client[0-9]*}
|
dbus (send, receive) bus=session path=/org/gnome/SessionManager{,/Client@{int}}
|
||||||
interface=org.freedesktop.DBus.Properties
|
interface=org.freedesktop.DBus.Properties
|
||||||
member={GetAll,PropertiesChanged}
|
member={GetAll,PropertiesChanged}
|
||||||
peer=(name=:*, label=gnome-session-binary),
|
peer=(name=:*, label=gnome-session-binary),
|
||||||
|
|
||||||
dbus send bus=session path=/org/gnome/SessionManager/Client[0-9]*
|
dbus send bus=session path=/org/gnome/SessionManager/Client@{int}
|
||||||
interface=org.gnome.SessionManager.ClientPrivate
|
interface=org.gnome.SessionManager.ClientPrivate
|
||||||
member=EndSessionResponse
|
member=EndSessionResponse
|
||||||
peer=(name=:*, label=gnome-session-binary),
|
peer=(name=:*, label=gnome-session-binary),
|
||||||
|
|
||||||
dbus receive bus=session path=/org/gnome/SessionManager/Client[0-9]*
|
dbus receive bus=session path=/org/gnome/SessionManager/Client@{int}
|
||||||
interface=org.gnome.SessionManager.ClientPrivate
|
interface=org.gnome.SessionManager.ClientPrivate
|
||||||
member={CancelEndSession,QueryEndSession,EndSession,Stop}
|
member={CancelEndSession,QueryEndSession,EndSession,Stop}
|
||||||
peer=(name=:*, label=gnome-session-binary),
|
peer=(name=:*, label=gnome-session-binary),
|
||||||
|
|
||||||
dbus send bus=session path=/org/gnome/SessionManager
|
dbus send bus=session path=/org/gnome/SessionManager
|
||||||
interface=org.gnome.SessionManager
|
interface=org.gnome.SessionManager
|
||||||
member=RegisterClient
|
member=RegisterClient
|
||||||
peer=(name=:*, label=gnome-session-binary),
|
peer=(name=:*, label=gnome-session-binary),
|
||||||
|
|
@ -51,24 +49,16 @@ profile gsd-wacom @{exec_path} flags=(attach_disconnected) {
|
||||||
member={ClientAdded,SessionRunning,ClientRemoved,InhibitorRemoved,InhibitorAdded}
|
member={ClientAdded,SessionRunning,ClientRemoved,InhibitorRemoved,InhibitorAdded}
|
||||||
peer=(name=:*, label=gnome-session-binary),
|
peer=(name=:*, label=gnome-session-binary),
|
||||||
|
|
||||||
|
dbus receive bus=session path=/org/gnome/SettingsDaemon/Wacom
|
||||||
|
interface=org.freedesktop.DBus.Properties
|
||||||
|
member=GetAll
|
||||||
|
peer=(name=:*, label=gnome-shell),
|
||||||
|
|
||||||
dbus receive bus=session
|
dbus receive bus=session
|
||||||
interface=org.freedesktop.DBus.Introspectable
|
interface=org.freedesktop.DBus.Introspectable
|
||||||
member=Introspect
|
member=Introspect
|
||||||
peer=(name=:*, label=gnome-shell),
|
peer=(name=:*, label=gnome-shell),
|
||||||
|
|
||||||
dbus send bus=session path=/org/gtk/Settings
|
|
||||||
interface=org.freedesktop.DBus.Properties
|
|
||||||
member=GetAll
|
|
||||||
peer=(name=:*, label=gsd-xsettings),
|
|
||||||
|
|
||||||
dbus send bus=session path=/org/gtk/vfs/mounttracker
|
|
||||||
interface=org.gtk.vfs.MountTracker
|
|
||||||
member=ListMountableInfo
|
|
||||||
peer=(name=:*, label=gvfsd),
|
|
||||||
|
|
||||||
dbus bind bus=session
|
|
||||||
name=org.gnome.SettingsDaemon.Wacom,
|
|
||||||
|
|
||||||
@{exec_path} mr,
|
@{exec_path} mr,
|
||||||
|
|
||||||
/usr/share/dconf/profile/gdm r,
|
/usr/share/dconf/profile/gdm r,
|
||||||
|
|
|
||||||
|
|
@ -29,22 +29,14 @@ profile gsd-xsettings @{exec_path} {
|
||||||
network inet6 dgram,
|
network inet6 dgram,
|
||||||
network netlink raw,
|
network netlink raw,
|
||||||
|
|
||||||
dbus send bus=session path=/org/freedesktop/DBus
|
dbus bind bus=session name=org.gtk.Settings,
|
||||||
interface=org.freedesktop.DBus
|
|
||||||
member={RequestName,ReleaseName,GetId}
|
|
||||||
peer=(name=org.freedesktop.DBus, label=dbus-daemon),
|
|
||||||
|
|
||||||
dbus (send,receive) bus=system path=/org/freedesktop/Accounts/User[0-9]*
|
dbus bind bus=session name=org.gnome.SettingsDaemon.XSettings,
|
||||||
interface=org.freedesktop.Accounts.User
|
|
||||||
member={SetInputSources,Changed,GetAll},
|
|
||||||
|
|
||||||
dbus (send,receive) bus=system path=/org/freedesktop/Accounts{,/User[0-9]*}
|
dbus receive bus=session path=/org/gtk/Settings
|
||||||
interface=org.freedesktop.DBus.Properties
|
interface=org.freedesktop.DBus.Properties
|
||||||
member={GetAll,PropertiesChanged},
|
member=GetAll
|
||||||
|
peer=(name=:*), # many peer's labels
|
||||||
dbus send bus=system path=/org/freedesktop/Accounts
|
|
||||||
interface=org.freedesktop.Accounts
|
|
||||||
member=FindUserByName,
|
|
||||||
|
|
||||||
dbus receive bus=system path=/org/freedesktop/Accounts
|
dbus receive bus=system path=/org/freedesktop/Accounts
|
||||||
interface=org.freedesktop.Accounts
|
interface=org.freedesktop.Accounts
|
||||||
|
|
@ -56,12 +48,12 @@ profile gsd-xsettings @{exec_path} {
|
||||||
member={ClientAdded,ClientRemoved,SessionRunning}
|
member={ClientAdded,ClientRemoved,SessionRunning}
|
||||||
peer=(name=:*, label=gnome-session-binary),
|
peer=(name=:*, label=gnome-session-binary),
|
||||||
|
|
||||||
dbus send bus=session path=/org/gnome/SessionManager/Client[0-9]*
|
dbus send bus=session path=/org/gnome/SessionManager/Client@{int}
|
||||||
interface=org.gnome.SessionManager.ClientPrivate
|
interface=org.gnome.SessionManager.ClientPrivate
|
||||||
member=EndSessionResponse
|
member=EndSessionResponse
|
||||||
peer=(name=:*, label=gnome-session-binary),
|
peer=(name=:*, label=gnome-session-binary),
|
||||||
|
|
||||||
dbus receive bus=session path=/org/gnome/SessionManager/Client[0-9]*
|
dbus receive bus=session path=/org/gnome/SessionManager/Client@{int}
|
||||||
interface=org.gnome.SessionManager.ClientPrivate
|
interface=org.gnome.SessionManager.ClientPrivate
|
||||||
member={EndSession,QueryEndSession,CancelEndSession,Stop}
|
member={EndSession,QueryEndSession,CancelEndSession,Stop}
|
||||||
peer=(name=:*, label=gnome-session-binary),
|
peer=(name=:*, label=gnome-session-binary),
|
||||||
|
|
@ -71,11 +63,6 @@ profile gsd-xsettings @{exec_path} {
|
||||||
member=GetAll
|
member=GetAll
|
||||||
peer=(name=:*, label=gnome-session-binary),
|
peer=(name=:*, label=gnome-session-binary),
|
||||||
|
|
||||||
dbus receive bus=session path=/org/gtk/Settings
|
|
||||||
interface=org.freedesktop.DBus.Properties
|
|
||||||
member=GetAll
|
|
||||||
peer=(name=:*), # many peer's labels
|
|
||||||
|
|
||||||
dbus send bus=session path=/org/gnome/Mutter/DisplayConfig
|
dbus send bus=session path=/org/gnome/Mutter/DisplayConfig
|
||||||
interface=org.gnome.Mutter.DisplayConfig
|
interface=org.gnome.Mutter.DisplayConfig
|
||||||
member=GetCurrentState
|
member=GetCurrentState
|
||||||
|
|
@ -86,11 +73,15 @@ profile gsd-xsettings @{exec_path} {
|
||||||
member=Get
|
member=Get
|
||||||
peer=(name=org.gnome.Shell.Introspect, label=gnome-shell),
|
peer=(name=org.gnome.Shell.Introspect, label=gnome-shell),
|
||||||
|
|
||||||
dbus bind bus=session
|
dbus send bus=session path=/org/gtk/vfs/mounttracker
|
||||||
name=org.gtk.Settings,
|
interface=org.gtk.vfs.MountTracker
|
||||||
|
member=ListMountableInfo
|
||||||
|
peer=(name=:*, label=gvfsd),
|
||||||
|
|
||||||
dbus bind bus=session
|
dbus receive bus=session
|
||||||
name=org.gnome.SettingsDaemon.XSettings,
|
interface=org.freedesktop.DBus.Introspectable
|
||||||
|
member=Introspect
|
||||||
|
peer=(name=:*, label=gnome-shell),
|
||||||
|
|
||||||
@{exec_path} mr,
|
@{exec_path} mr,
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -26,32 +26,16 @@ profile tracker-extract @{exec_path} flags=(attach_disconnected) {
|
||||||
|
|
||||||
signal (receive) set=(term) peer=gdm,
|
signal (receive) set=(term) peer=gdm,
|
||||||
|
|
||||||
dbus send bus=session path=/org/freedesktop/DBus
|
dbus bind bus=session name=org.freedesktop.Tracker3.Miner.Extract,
|
||||||
interface=org.freedesktop.DBus
|
dbus send bus=session path=/org/freedesktop/Tracker3/Miner/**
|
||||||
member={RequestName,ReleaseName}
|
|
||||||
peer=(name=org.freedesktop.DBus, label=dbus-daemon),
|
|
||||||
|
|
||||||
dbus send bus=session path=/org/freedesktop/Tracker3/Endpoint
|
|
||||||
interface=org.freedesktop.DBus.Peer
|
|
||||||
member=Ping
|
|
||||||
peer=(name=org.freedesktop.Tracker3.Miner.Files),
|
|
||||||
|
|
||||||
dbus send bus=session path=/org/freedesktop/Tracker3/Endpoint
|
|
||||||
interface=org.freedesktop.Tracker3.Endpoint
|
|
||||||
peer=(name=org.freedesktop.Tracker3.Miner.Files, label=tracker-miner), # all members
|
|
||||||
|
|
||||||
dbus receive bus=session path=/org/freedesktop/Tracker3/Endpoint
|
|
||||||
interface=org.freedesktop.Tracker3.Endpoint
|
|
||||||
peer=(name=:*, label=tracker-miner), # all members
|
|
||||||
|
|
||||||
dbus send bus=session path=/org/freedesktop/Tracker3/Miner/**
|
|
||||||
interface=org.freedesktop.Tracker3.Miner
|
interface=org.freedesktop.Tracker3.Miner
|
||||||
peer=(name=org.freedesktop.DBus, label=tracker-miner), # all members
|
peer=(name=org.freedesktop.DBus, label=tracker-miner),
|
||||||
|
dbus send bus=session path=/org/freedesktop/Tracker3/**
|
||||||
dbus send bus=session path=/org/gtk/vfs/mounttracker
|
interface=org.freedesktop.DBus.Properties
|
||||||
interface=org.gtk.vfs.MountTracker
|
peer=(name=org.freedesktop.Tracker3.*), # all members
|
||||||
member=ListMountable*
|
dbus receive bus=session path=/org/freedesktop/Tracker3/**
|
||||||
peer=(name=:*, label=gvfsd),
|
interface=org.freedesktop.Tracker3.*
|
||||||
|
peer=(name=:*), # all members
|
||||||
|
|
||||||
dbus send bus=session path=/org/gtk/Private/RemoteVolumeMonitor
|
dbus send bus=session path=/org/gtk/Private/RemoteVolumeMonitor
|
||||||
interface=org.gtk.Private.RemoteVolumeMonitor
|
interface=org.gtk.Private.RemoteVolumeMonitor
|
||||||
|
|
@ -63,6 +47,10 @@ profile tracker-extract @{exec_path} flags=(attach_disconnected) {
|
||||||
member=Introspect
|
member=Introspect
|
||||||
peer=(name=:*, label=gnome-shell),
|
peer=(name=:*, label=gnome-shell),
|
||||||
|
|
||||||
|
dbus send bus=session path=/org/gtk/vfs/mounttracker
|
||||||
|
interface=org.gtk.vfs.MountTracker
|
||||||
|
member=ListMount*
|
||||||
|
peer=(name=:*, label=gvfsd),
|
||||||
dbus receive bus=session path=/org/gtk/vfs/mounttracker
|
dbus receive bus=session path=/org/gtk/vfs/mounttracker
|
||||||
interface=org.gtk.vfs.MountTracker
|
interface=org.gtk.vfs.MountTracker
|
||||||
member={Mounted,ListMounts2}
|
member={Mounted,ListMounts2}
|
||||||
|
|
@ -78,8 +66,6 @@ profile tracker-extract @{exec_path} flags=(attach_disconnected) {
|
||||||
member={GetTreeFromDevice,Remove}
|
member={GetTreeFromDevice,Remove}
|
||||||
peer=(name=:*, label=gvfsd-metadata),
|
peer=(name=:*, label=gvfsd-metadata),
|
||||||
|
|
||||||
dbus bind bus=session name=org.freedesktop.Tracker3.Miner.Extract,
|
|
||||||
|
|
||||||
@{exec_path} mr,
|
@{exec_path} mr,
|
||||||
|
|
||||||
/usr/share/dconf/profile/gdm r,
|
/usr/share/dconf/profile/gdm r,
|
||||||
|
|
|
||||||
|
|
@ -9,7 +9,7 @@ include <tunables/global>
|
||||||
@{exec_path} = @{lib}/tracker-miner-fs-{,control-}3
|
@{exec_path} = @{lib}/tracker-miner-fs-{,control-}3
|
||||||
profile tracker-miner @{exec_path} flags=(attach_disconnected) {
|
profile tracker-miner @{exec_path} flags=(attach_disconnected) {
|
||||||
include <abstractions/base>
|
include <abstractions/base>
|
||||||
include <abstractions/dbus-gtk>
|
include <abstractions/bus/vfs>
|
||||||
include <abstractions/dbus-session-strict>
|
include <abstractions/dbus-session-strict>
|
||||||
include <abstractions/dbus-strict>
|
include <abstractions/dbus-strict>
|
||||||
include <abstractions/dconf-write>
|
include <abstractions/dconf-write>
|
||||||
|
|
@ -23,10 +23,15 @@ profile tracker-miner @{exec_path} flags=(attach_disconnected) {
|
||||||
signal (receive) set=(term, kill) peer=gdm,
|
signal (receive) set=(term, kill) peer=gdm,
|
||||||
signal (receive) set=(hup) peer=gdm-session-worker,
|
signal (receive) set=(hup) peer=gdm-session-worker,
|
||||||
|
|
||||||
dbus send bus=session path=/org/freedesktop/DBus
|
dbus bind bus=session name=org.freedesktop.Tracker3.Miner.Files{,.Control},
|
||||||
interface=org.freedesktop.DBus
|
|
||||||
member={RequestName,ReleaseName}
|
dbus (send, receive) bus=session path=/org/freedesktop/Tracker3/**
|
||||||
peer=(name=org.freedesktop.DBus, label=dbus-daemon),
|
interface=org.freedesktop.Tracker3.*
|
||||||
|
peer=(name=:*), # all members
|
||||||
|
|
||||||
|
dbus receive bus=session path=/org/freedesktop/Tracker3/**
|
||||||
|
interface=org.freedesktop.DBus.{Peer,Properties}
|
||||||
|
peer=(name=:*, label=tracker-extract),
|
||||||
|
|
||||||
dbus send bus=system path=/org/freedesktop/UPower{,/devices/DisplayDevice}
|
dbus send bus=system path=/org/freedesktop/UPower{,/devices/DisplayDevice}
|
||||||
interface=org.freedesktop.DBus.Properties
|
interface=org.freedesktop.DBus.Properties
|
||||||
|
|
@ -42,29 +47,11 @@ profile tracker-miner @{exec_path} flags=(attach_disconnected) {
|
||||||
member={List,IsSupported}
|
member={List,IsSupported}
|
||||||
peer=(name=:*, label=gvfs-*-volume-monitor),
|
peer=(name=:*, label=gvfs-*-volume-monitor),
|
||||||
|
|
||||||
dbus receive bus=session path=/org/freedesktop/Tracker3/Endpoint
|
|
||||||
interface=org.freedesktop.DBus.Peer
|
|
||||||
peer=(name=:*),
|
|
||||||
|
|
||||||
dbus send bus=session path=/org/freedesktop/Tracker3/Endpoint
|
|
||||||
interface=org.freedesktop.Tracker3.Endpoint
|
|
||||||
peer=(name=org.freedesktop.DBus), # all members
|
|
||||||
|
|
||||||
dbus receive bus=session path=/org/freedesktop/Tracker3/Endpoint
|
|
||||||
interface=org.freedesktop.Tracker3.Endpoint
|
|
||||||
peer=(name=:*), # all members
|
|
||||||
|
|
||||||
dbus receive bus=session path=/org/freedesktop/Tracker3/Miner/**
|
|
||||||
interface=org.freedesktop.Tracker3.Miner
|
|
||||||
peer=(name=:*), # all members
|
|
||||||
|
|
||||||
dbus receive bus=session
|
dbus receive bus=session
|
||||||
interface=org.freedesktop.DBus.Introspectable
|
interface=org.freedesktop.DBus.Introspectable
|
||||||
member=Introspect
|
member=Introspect
|
||||||
peer=(name=:*, label=gnome-shell),
|
peer=(name=:*, label=gnome-shell),
|
||||||
|
|
||||||
dbus bind bus=session name=org.freedesktop.Tracker3.Miner.*,
|
|
||||||
|
|
||||||
@{exec_path} mr,
|
@{exec_path} mr,
|
||||||
|
|
||||||
/usr/share/dconf/profile/gdm r,
|
/usr/share/dconf/profile/gdm r,
|
||||||
|
|
|
||||||
|
|
@ -12,24 +12,16 @@ profile gvfs-afc-volume-monitor @{exec_path} {
|
||||||
include <abstractions/base>
|
include <abstractions/base>
|
||||||
include <abstractions/dbus-session-strict>
|
include <abstractions/dbus-session-strict>
|
||||||
|
|
||||||
dbus send bus=session path=/org/freedesktop/DBus
|
dbus bind bus=session name=org.gtk.vfs.AfcVolumeMonitor,
|
||||||
interface=org.freedesktop.DBus
|
|
||||||
member={RequestName,ReleaseName}
|
|
||||||
peer=(name=org.freedesktop.DBus, label=dbus-daemon),
|
|
||||||
|
|
||||||
dbus receive bus=session path=/org/gtk/Private/RemoteVolumeMonitor
|
dbus receive bus=session path=/org/gtk/Private/RemoteVolumeMonitor
|
||||||
interface=org.gtk.Private.RemoteVolumeMonitor
|
interface=org.gtk.Private.RemoteVolumeMonitor
|
||||||
member={List,IsSupported}
|
peer=(name=:*),
|
||||||
peer=(name=:*, label="{gnome-shell,gnome-control-center,gnome-extension-ding,nautilus,tracker-*,unconfined}"),
|
|
||||||
|
|
||||||
dbus receive bus=session
|
dbus receive bus=session
|
||||||
interface=org.freedesktop.DBus.Introspectable
|
interface=org.freedesktop.DBus.Introspectable
|
||||||
member=Introspect
|
member=Introspect
|
||||||
peer=(name=:*, label=gnome-shell),
|
peer=(name=:*, label=gnome-shell),
|
||||||
|
|
||||||
dbus bind bus=session
|
|
||||||
name=org.gtk.vfs.AfcVolumeMonitor,
|
|
||||||
|
|
||||||
@{exec_path} mr,
|
@{exec_path} mr,
|
||||||
|
|
||||||
include if exists <local/gvfs-afc-volume-monitor>
|
include if exists <local/gvfs-afc-volume-monitor>
|
||||||
|
|
|
||||||
|
|
@ -15,10 +15,7 @@ profile gvfs-mtp-volume-monitor @{exec_path} {
|
||||||
|
|
||||||
network netlink raw,
|
network netlink raw,
|
||||||
|
|
||||||
dbus send bus=session path=/org/freedesktop/DBus
|
dbus bind bus=session name=org.gtk.vfs.MTPVolumeMonitor,
|
||||||
interface=org.freedesktop.DBus
|
|
||||||
member={RequestName,ReleaseName}
|
|
||||||
peer=(name=org.freedesktop.DBus, label=dbus-daemon),
|
|
||||||
|
|
||||||
dbus receive bus=session path=/org/gtk/Private/RemoteVolumeMonitor
|
dbus receive bus=session path=/org/gtk/Private/RemoteVolumeMonitor
|
||||||
interface=org.gtk.Private.RemoteVolumeMonitor
|
interface=org.gtk.Private.RemoteVolumeMonitor
|
||||||
|
|
@ -30,9 +27,6 @@ profile gvfs-mtp-volume-monitor @{exec_path} {
|
||||||
member=Introspect
|
member=Introspect
|
||||||
peer=(name=:*, label=gnome-shell),
|
peer=(name=:*, label=gnome-shell),
|
||||||
|
|
||||||
dbus bind bus=session
|
|
||||||
name=org.gtk.vfs.MTPVolumeMonitor,
|
|
||||||
|
|
||||||
@{exec_path} mr,
|
@{exec_path} mr,
|
||||||
|
|
||||||
include if exists <local/gvfs-mtp-volume-monitor>
|
include if exists <local/gvfs-mtp-volume-monitor>
|
||||||
|
|
|
||||||
|
|
@ -10,18 +10,13 @@ include <tunables/global>
|
||||||
@{exec_path} = @{lib}/{,gvfs/}gvfsd
|
@{exec_path} = @{lib}/{,gvfs/}gvfsd
|
||||||
profile gvfsd @{exec_path} {
|
profile gvfsd @{exec_path} {
|
||||||
include <abstractions/base>
|
include <abstractions/base>
|
||||||
include <abstractions/dbus-gtk>
|
|
||||||
include <abstractions/dbus-session-strict>
|
include <abstractions/dbus-session-strict>
|
||||||
|
|
||||||
dbus send bus=session path=/org/freedesktop/DBus
|
dbus bind bus=session name=org.gtk.vfs.Daemon,
|
||||||
interface=org.freedesktop.DBus
|
|
||||||
member={RequestName,ReleaseName}
|
|
||||||
peer=(name=org.freedesktop.DBus, label=dbus-daemon),
|
|
||||||
|
|
||||||
dbus send bus=session path=/org/gtk/vfs/mounttracker
|
dbus send bus=session path=/org/gtk/vfs/mounttracker
|
||||||
interface=org.gtk.vfs.MountTracker
|
interface=org.gtk.vfs.MountTracker
|
||||||
member=Mounted
|
peer=(name=org.freedesktop.DBus),
|
||||||
peer=(name=org.freedesktop.DBus, label="{gvfsd-*,gnome-*,tracker-miner}"),
|
|
||||||
|
|
||||||
dbus receive bus=session path=/org/gtk/vfs/mounttracker
|
dbus receive bus=session path=/org/gtk/vfs/mounttracker
|
||||||
interface=org.gtk.vfs.MountTracker
|
interface=org.gtk.vfs.MountTracker
|
||||||
|
|
@ -47,9 +42,6 @@ profile gvfsd @{exec_path} {
|
||||||
member=Introspect
|
member=Introspect
|
||||||
peer=(name=:*, label=gnome-shell),
|
peer=(name=:*, label=gnome-shell),
|
||||||
|
|
||||||
dbus bind bus=session
|
|
||||||
name=org.gtk.vfs.Daemon,
|
|
||||||
|
|
||||||
@{exec_path} mr,
|
@{exec_path} mr,
|
||||||
|
|
||||||
@{bin}/{,ba,da}sh rix,
|
@{bin}/{,ba,da}sh rix,
|
||||||
|
|
|
||||||
|
|
@ -10,6 +10,7 @@ include <tunables/global>
|
||||||
@{exec_path} = @{lib}/{,gvfs/}gvfsd-dnssd
|
@{exec_path} = @{lib}/{,gvfs/}gvfsd-dnssd
|
||||||
profile gvfsd-dnssd @{exec_path} {
|
profile gvfsd-dnssd @{exec_path} {
|
||||||
include <abstractions/base>
|
include <abstractions/base>
|
||||||
|
include <abstractions/bus/vfs>
|
||||||
include <abstractions/dbus-session-strict>
|
include <abstractions/dbus-session-strict>
|
||||||
include <abstractions/dbus-strict>
|
include <abstractions/dbus-strict>
|
||||||
|
|
||||||
|
|
@ -36,11 +37,6 @@ profile gvfsd-dnssd @{exec_path} {
|
||||||
member=Mount
|
member=Mount
|
||||||
peer=(name=:*, label=gvfsd),
|
peer=(name=:*, label=gvfsd),
|
||||||
|
|
||||||
dbus send bus=session path=/org/gtk/vfs/mounttracker
|
|
||||||
interface=org.gtk.vfs.MountTracker
|
|
||||||
member=RegisterMount
|
|
||||||
peer=(name=:*, label=gvfsd),
|
|
||||||
|
|
||||||
dbus send bus=session path=/org/gtk/gvfs/exec_spaw/[0-9]*
|
dbus send bus=session path=/org/gtk/gvfs/exec_spaw/[0-9]*
|
||||||
interface=org.gtk.vfs.Spawner
|
interface=org.gtk.vfs.Spawner
|
||||||
member=Spawned
|
member=Spawned
|
||||||
|
|
|
||||||
|
|
@ -10,17 +10,13 @@ include <tunables/global>
|
||||||
@{exec_path} = @{lib}/{,gvfs/}gvfsd-fuse
|
@{exec_path} = @{lib}/{,gvfs/}gvfsd-fuse
|
||||||
profile gvfsd-fuse @{exec_path} {
|
profile gvfsd-fuse @{exec_path} {
|
||||||
include <abstractions/base>
|
include <abstractions/base>
|
||||||
include <abstractions/dbus-gtk>
|
include <abstractions/bus/vfs>
|
||||||
include <abstractions/dbus-session-strict>
|
include <abstractions/dbus-session-strict>
|
||||||
|
|
||||||
unix (send,receive) type=stream addr=none peer=(label=gvfsd-fuse//fusermount),
|
unix (send,receive) type=stream addr=none peer=(label=gvfsd-fuse//fusermount),
|
||||||
|
|
||||||
mount fstype={fuse,fuse.*} -> @{run}/user/@{uid}/gvfs/,
|
mount fstype={fuse,fuse.*} -> @{run}/user/@{uid}/gvfs/,
|
||||||
|
|
||||||
dbus send bus=session path=/org/gtk/vfs/mounttracker
|
|
||||||
interface=org.gtk.vfs.MountTracker
|
|
||||||
peer=(name=:*, label=gvfsd), # all members
|
|
||||||
|
|
||||||
dbus receive bus=session path=/org/gtk/vfs/mounttracker
|
dbus receive bus=session path=/org/gtk/vfs/mounttracker
|
||||||
interface=org.gtk.vfs.MountTracker
|
interface=org.gtk.vfs.MountTracker
|
||||||
member=Mounted
|
member=Mounted
|
||||||
|
|
|
||||||
|
|
@ -10,7 +10,6 @@ include <tunables/global>
|
||||||
@{exec_path} = @{lib}/{,gvfs/}gvfsd-metadata
|
@{exec_path} = @{lib}/{,gvfs/}gvfsd-metadata
|
||||||
profile gvfsd-metadata @{exec_path} {
|
profile gvfsd-metadata @{exec_path} {
|
||||||
include <abstractions/base>
|
include <abstractions/base>
|
||||||
include <abstractions/dbus-gtk>
|
|
||||||
include <abstractions/dbus-session-strict>
|
include <abstractions/dbus-session-strict>
|
||||||
include <abstractions/disks-read>
|
include <abstractions/disks-read>
|
||||||
|
|
||||||
|
|
@ -18,32 +17,24 @@ profile gvfsd-metadata @{exec_path} {
|
||||||
|
|
||||||
signal (receive) set=(usr1) peer=pacman,
|
signal (receive) set=(usr1) peer=pacman,
|
||||||
|
|
||||||
dbus bus=session path=/org/freedesktop/DBus
|
dbus bind bus=session name=org.gtk.vfs.Metadata,
|
||||||
interface=org.freedesktop.DBus
|
|
||||||
member={RequestName,ReleaseName}
|
|
||||||
peer=(name=org.freedesktop.DBus, label=dbus-daemon),
|
|
||||||
|
|
||||||
dbus receive bus=session
|
|
||||||
interface=org.freedesktop.DBus.Introspectable
|
|
||||||
member=Introspect
|
|
||||||
peer=(name=:*, label=gnome-shell),
|
|
||||||
|
|
||||||
dbus receive bus=session path=/org/gtk/vfs/metadata
|
dbus receive bus=session path=/org/gtk/vfs/metadata
|
||||||
interface=org.freedesktop.DBus.Properties
|
interface=org.freedesktop.DBus.Properties
|
||||||
member=GetAll
|
member=GetAll
|
||||||
peer=(name=:*, label=gnome-extension-ding),
|
peer=(name=:*, label=gnome-extension-ding),
|
||||||
|
|
||||||
dbus send bus=session path=/org/gtk/vfs/metadata
|
dbus send bus=session path=/org/gtk/vfs/metadata
|
||||||
interface=org.gtk.vfs.Metadata
|
interface=org.gtk.vfs.Metadata
|
||||||
member=AttributeChanged
|
member=AttributeChanged
|
||||||
peer=(name=org.freedesktop.DBus, label=gnome-extension-ding),
|
peer=(name=org.freedesktop.DBus, label=gnome-extension-ding),
|
||||||
|
|
||||||
dbus receive bus=session path=/org/gtk/vfs/metadata
|
dbus receive bus=session path=/org/gtk/vfs/metadata
|
||||||
interface=org.gtk.vfs.Metadata
|
interface=org.gtk.vfs.Metadata
|
||||||
member={GetTreeFromDevice,Remove}
|
member={GetTreeFromDevice,Remove}
|
||||||
peer=(name=:*, label=gnome-shell),
|
peer=(name=:*, label=gnome-shell),
|
||||||
|
|
||||||
dbus bind bus=session name=org.gtk.vfs.Metadata,
|
dbus receive bus=session
|
||||||
|
interface=org.freedesktop.DBus.Introspectable
|
||||||
|
member=Introspect
|
||||||
|
peer=(name=:*, label=gnome-shell),
|
||||||
|
|
||||||
@{exec_path} mr,
|
@{exec_path} mr,
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -10,6 +10,7 @@ include <tunables/global>
|
||||||
@{exec_path} = @{lib}/{,gvfs/}gvfsd-smb-browse
|
@{exec_path} = @{lib}/{,gvfs/}gvfsd-smb-browse
|
||||||
profile gvfsd-smb-browse @{exec_path} {
|
profile gvfsd-smb-browse @{exec_path} {
|
||||||
include <abstractions/base>
|
include <abstractions/base>
|
||||||
|
include <abstractions/bus/vfs>
|
||||||
include <abstractions/dbus-session-strict>
|
include <abstractions/dbus-session-strict>
|
||||||
include <abstractions/dconf-write>
|
include <abstractions/dconf-write>
|
||||||
include <abstractions/nameservice-strict>
|
include <abstractions/nameservice-strict>
|
||||||
|
|
@ -20,15 +21,7 @@ profile gvfsd-smb-browse @{exec_path} {
|
||||||
network inet dgram,
|
network inet dgram,
|
||||||
network inet6 dgram,
|
network inet6 dgram,
|
||||||
|
|
||||||
dbus send bus=session path=/org/freedesktop/DBus
|
dbus bind bus=session name=org.gtk.vfs.mountpoint_smb_browse,
|
||||||
interface=org.freedesktop.DBus
|
|
||||||
member={RequestName,ReleaseName}
|
|
||||||
peer=(name=org.freedesktop.DBus, label=dbus-daemon),
|
|
||||||
|
|
||||||
dbus send bus=session path=/org/gtk/vfs/mounttracker
|
|
||||||
interface=org.gtk.vfs.MountTracker
|
|
||||||
member=ListMounts2
|
|
||||||
peer=(name=:*, label=gvfsd),
|
|
||||||
|
|
||||||
dbus receive bus=session path=/org/gtk/vfs/mounttracker
|
dbus receive bus=session path=/org/gtk/vfs/mounttracker
|
||||||
interface=org.gtk.vfs.MountTracker
|
interface=org.gtk.vfs.MountTracker
|
||||||
|
|
@ -45,9 +38,6 @@ profile gvfsd-smb-browse @{exec_path} {
|
||||||
member=Spawned
|
member=Spawned
|
||||||
peer=(name=:*, label=gvfsd),
|
peer=(name=:*, label=gvfsd),
|
||||||
|
|
||||||
dbus bind bus=session
|
|
||||||
name=org.gtk.vfs.mountpoint_smb_browse,
|
|
||||||
|
|
||||||
@{exec_path} mr,
|
@{exec_path} mr,
|
||||||
|
|
||||||
/usr/share/glib-2.0/schemas/gschemas.compiled r,
|
/usr/share/glib-2.0/schemas/gschemas.compiled r,
|
||||||
|
|
|
||||||
|
|
@ -41,11 +41,6 @@ profile gvfsd-trash @{exec_path} {
|
||||||
member=RegisterMount
|
member=RegisterMount
|
||||||
peer=(name=:*, label=gvfsd),
|
peer=(name=:*, label=gvfsd),
|
||||||
|
|
||||||
dbus send bus=session path=/org/freedesktop/DBus
|
|
||||||
interface=org.freedesktop.DBus
|
|
||||||
member=RequestName
|
|
||||||
peer=(name=org.freedesktop.DBus, label=dbus-daemon),
|
|
||||||
|
|
||||||
dbus receive bus=session
|
dbus receive bus=session
|
||||||
interface=org.freedesktop.DBus.Introspectable
|
interface=org.freedesktop.DBus.Introspectable
|
||||||
member=Introspect
|
member=Introspect
|
||||||
|
|
|
||||||
|
|
@ -37,8 +37,11 @@ profile NetworkManager @{exec_path} flags=(attach_disconnected) {
|
||||||
|
|
||||||
signal (send) set=(term) peer=dnsmasq,
|
signal (send) set=(term) peer=dnsmasq,
|
||||||
|
|
||||||
|
dbus bind bus=system name=org.freedesktop.NetworkManager,
|
||||||
|
|
||||||
dbus (send,receive) bus=system path=/org/freedesktop/NetworkManager{,/**}
|
dbus (send,receive) bus=system path=/org/freedesktop/NetworkManager{,/**}
|
||||||
interface=org.freedesktop.{DBus.Properties,DBus.Introspectable,NetworkManager*},
|
interface=org.freedesktop.{DBus.Properties,DBus.Introspectable,NetworkManager*}
|
||||||
|
peer=(name=:*),
|
||||||
|
|
||||||
dbus (send,receive) bus=system path=/org/freedesktop/PolicyKit1/Authority
|
dbus (send,receive) bus=system path=/org/freedesktop/PolicyKit1/Authority
|
||||||
interface=org.freedesktop.PolicyKit1.Authority
|
interface=org.freedesktop.PolicyKit1.Authority
|
||||||
|
|
@ -93,8 +96,6 @@ profile NetworkManager @{exec_path} flags=(attach_disconnected) {
|
||||||
interface=org.freedesktop.DBus.Properties
|
interface=org.freedesktop.DBus.Properties
|
||||||
peer=(name=:*),
|
peer=(name=:*),
|
||||||
|
|
||||||
dbus bind bus=system name=org.freedesktop.NetworkManager,
|
|
||||||
|
|
||||||
@{exec_path} mr,
|
@{exec_path} mr,
|
||||||
|
|
||||||
@{bin}/{,ba,da}sh rix,
|
@{bin}/{,ba,da}sh rix,
|
||||||
|
|
|
||||||
|
|
@ -20,15 +20,10 @@ profile nm-dispatcher @{exec_path} flags=(attach_disconnected) {
|
||||||
|
|
||||||
ptrace (read) peer=unconfined,
|
ptrace (read) peer=unconfined,
|
||||||
|
|
||||||
dbus send bus=system path=/org/freedesktop/DBus
|
dbus bind bus=system name=org.freedesktop.nm_dispatcher,
|
||||||
interface=org.freedesktop.DBus
|
|
||||||
member={RequestName,ReleaseName},
|
|
||||||
|
|
||||||
dbus receive bus=system path=/org/freedesktop/nm_dispatcher
|
dbus receive bus=system path=/org/freedesktop/nm_dispatcher
|
||||||
interface=org.freedesktop.nm_dispatcher,
|
interface=org.freedesktop.nm_dispatcher
|
||||||
|
peer=(name=:*),
|
||||||
dbus bind bus=system
|
|
||||||
name=org.freedesktop.nm_dispatcher,
|
|
||||||
|
|
||||||
@{exec_path} mr,
|
@{exec_path} mr,
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -28,11 +28,6 @@ profile update-notifier @{exec_path} {
|
||||||
interface={com.canonical.dbusmenu,org.freedesktop.DBus.Properties}
|
interface={com.canonical.dbusmenu,org.freedesktop.DBus.Properties}
|
||||||
peer=(name=:*, label=gnome-shell),
|
peer=(name=:*, label=gnome-shell),
|
||||||
|
|
||||||
dbus send bus=session path=/org/gtk/Settings
|
|
||||||
interface=org.freedesktop.DBus.Properties
|
|
||||||
member=GetAll
|
|
||||||
peer=(name=:*, label=gsd-xsettings),
|
|
||||||
|
|
||||||
dbus send bus=session path=/StatusNotifierWatcher
|
dbus send bus=session path=/StatusNotifierWatcher
|
||||||
interface=org.kde.StatusNotifierWatcher
|
interface=org.kde.StatusNotifierWatcher
|
||||||
member=RegisterStatusNotifierItem
|
member=RegisterStatusNotifierItem
|
||||||
|
|
|
||||||
|
|
@ -11,6 +11,7 @@ include <tunables/global>
|
||||||
profile atril @{exec_path} {
|
profile atril @{exec_path} {
|
||||||
include <abstractions/base>
|
include <abstractions/base>
|
||||||
include <abstractions/bus/atspi>
|
include <abstractions/bus/atspi>
|
||||||
|
include <abstractions/bus/vfs>
|
||||||
include <abstractions/dbus-accessibility-strict>
|
include <abstractions/dbus-accessibility-strict>
|
||||||
include <abstractions/dbus-session-strict>
|
include <abstractions/dbus-session-strict>
|
||||||
include <abstractions/dconf-write>
|
include <abstractions/dconf-write>
|
||||||
|
|
@ -25,11 +26,6 @@ profile atril @{exec_path} {
|
||||||
|
|
||||||
network netlink raw,
|
network netlink raw,
|
||||||
|
|
||||||
dbus send bus=session path=/org/gtk/vfs/mounttracker
|
|
||||||
interface=org.gtk.vfs.MountTracker
|
|
||||||
member=ListMountableInfo
|
|
||||||
peer=(name=:*),
|
|
||||||
|
|
||||||
dbus send bus=session path=/org/mate/atril/{,**}
|
dbus send bus=session path=/org/mate/atril/{,**}
|
||||||
peer=(name=org.freedesktop.DBus, label=atrild), # all interfaces and members
|
peer=(name=org.freedesktop.DBus, label=atrild), # all interfaces and members
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -11,17 +11,11 @@ profile atrild @{exec_path} {
|
||||||
include <abstractions/base>
|
include <abstractions/base>
|
||||||
include <abstractions/dbus-session-strict>
|
include <abstractions/dbus-session-strict>
|
||||||
|
|
||||||
dbus send bus=session path=/org/freedesktop/DBus
|
dbus bind bus=session name=org.mate.atril.Daemon,
|
||||||
interface=org.freedesktop.DBus
|
|
||||||
member={RequestName,ReleaseName}
|
|
||||||
peer=(name=org.freedesktop.DBus, label=dbus-daemon),
|
|
||||||
|
|
||||||
dbus (send, receive) bus=session path=/org/mate/atril/**
|
dbus (send, receive) bus=session path=/org/mate/atril/**
|
||||||
peer=(name="{:*,org.freedesktop.DBus}", label=atril), # all interfaces and members
|
peer=(name="{:*,org.freedesktop.DBus}", label=atril), # all interfaces and members
|
||||||
|
|
||||||
dbus bind bus=session
|
|
||||||
name=org.mate.atril.Daemon,
|
|
||||||
|
|
||||||
@{exec_path} mr,
|
@{exec_path} mr,
|
||||||
|
|
||||||
include if exists <local/atrild>
|
include if exists <local/atrild>
|
||||||
|
|
|
||||||
|
|
@ -11,6 +11,7 @@ include <tunables/global>
|
||||||
profile engrampa @{exec_path} {
|
profile engrampa @{exec_path} {
|
||||||
include <abstractions/base>
|
include <abstractions/base>
|
||||||
include <abstractions/bus/atspi>
|
include <abstractions/bus/atspi>
|
||||||
|
include <abstractions/bus/vfs>
|
||||||
include <abstractions/dbus-accessibility-strict>
|
include <abstractions/dbus-accessibility-strict>
|
||||||
include <abstractions/dbus-session-strict>
|
include <abstractions/dbus-session-strict>
|
||||||
include <abstractions/dconf-write>
|
include <abstractions/dconf-write>
|
||||||
|
|
@ -34,21 +35,6 @@ profile engrampa @{exec_path} {
|
||||||
member={IsSupported,List}
|
member={IsSupported,List}
|
||||||
peer=(name=:*),
|
peer=(name=:*),
|
||||||
|
|
||||||
dbus send bus=session path=/org/gtk/vfs/mounttracker
|
|
||||||
interface=org.gtk.vfs.MountTracker
|
|
||||||
member={ListMounts2,LookupMount}
|
|
||||||
peer=(name=:*),
|
|
||||||
|
|
||||||
dbus receive bus=session path=/org/gtk/vfs/mounttracker
|
|
||||||
interface=org.gtk.vfs.MountTracker
|
|
||||||
member=Mounted
|
|
||||||
peer=(name=:*),
|
|
||||||
|
|
||||||
dbus send bus=session path=/org/gtk/vfs/Daemon
|
|
||||||
interface=org.gtk.vfs.Daemon
|
|
||||||
member=GetConnection
|
|
||||||
peer=(name=:*),
|
|
||||||
|
|
||||||
dbus receive bus=session path=/org/gtk/Application/anonymous
|
dbus receive bus=session path=/org/gtk/Application/anonymous
|
||||||
interface=org.freedesktop.DBus.Properties
|
interface=org.freedesktop.DBus.Properties
|
||||||
member=GetAll
|
member=GetAll
|
||||||
|
|
|
||||||
|
|
@ -25,11 +25,6 @@ profile evince @{exec_path} {
|
||||||
deny network inet,
|
deny network inet,
|
||||||
deny network inet6,
|
deny network inet6,
|
||||||
|
|
||||||
dbus send bus=session path=/org/freedesktop/DBus
|
|
||||||
interface=org.freedesktop.DBus
|
|
||||||
member={RequestName,ReleaseName}
|
|
||||||
peer=(name=org.freedesktop.DBus),
|
|
||||||
|
|
||||||
dbus send bus=session path=/org/gtk/vfs/metadata
|
dbus send bus=session path=/org/gtk/vfs/metadata
|
||||||
interface=org.gtk.vfs.Metadata
|
interface=org.gtk.vfs.Metadata
|
||||||
member={Set,GetTreeFromDevice}
|
member={Set,GetTreeFromDevice}
|
||||||
|
|
|
||||||
|
|
@ -18,22 +18,16 @@ profile fprintd @{exec_path} flags=(attach_disconnected) {
|
||||||
|
|
||||||
network netlink raw,
|
network netlink raw,
|
||||||
|
|
||||||
|
dbus bind bus=system name=net.reactivated.Fprint,
|
||||||
dbus receive bus=system path=/net/reactivated/Fprint/Manager
|
dbus receive bus=system path=/net/reactivated/Fprint/Manager
|
||||||
interface={org.freedesktop.DBus.Properties,net.reactivated.Fprint.Manager},
|
interface={org.freedesktop.DBus.Properties,net.reactivated.Fprint.Manager}
|
||||||
|
peer=(name=:*),
|
||||||
dbus send bus=system path=/org/freedesktop/DBus
|
|
||||||
interface=org.freedesktop.DBus
|
|
||||||
member={RequestName,ReleaseName}
|
|
||||||
peer=(name=org.freedesktop.DBus),
|
|
||||||
|
|
||||||
dbus send bus=system path=/org/freedesktop/login1
|
dbus send bus=system path=/org/freedesktop/login1
|
||||||
interface=org.freedesktop.login1.Manager
|
interface=org.freedesktop.login1.Manager
|
||||||
member=Inhibit
|
member=Inhibit
|
||||||
peer=(name=org.freedesktop.login1),
|
peer=(name=org.freedesktop.login1),
|
||||||
|
|
||||||
dbus bind bus=system
|
|
||||||
name=net.reactivated.Fprint,
|
|
||||||
|
|
||||||
@{exec_path} mr,
|
@{exec_path} mr,
|
||||||
|
|
||||||
/etc/fprintd.conf r,
|
/etc/fprintd.conf r,
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue