feat(profiles-s-z): vim syntax support

Add vim modeline instructing the editor to use the syntax plugin provided by apparmor.

Continuation of #379, #380, #381, #390 to keep the diff list relatively short.
This commit is contained in:
REmerald 2024-06-15 17:36:23 +03:00 committed by Alex
parent c1d531525a
commit da3717991e
194 changed files with 435 additions and 47 deletions

View file

@ -43,4 +43,6 @@ profile YACReader @{exec_path} flags=(attach_disconnected,mediate_deleted) {
owner @{PROC}/@{pid}/mountinfo r, owner @{PROC}/@{pid}/mountinfo r,
include if exists <local/YACReader> include if exists <local/YACReader>
} }
# vim:syntax=apparmor

View file

@ -46,4 +46,6 @@ profile YACReaderLibrary @{exec_path} flags=(attach_disconnected,mediate_deleted
owner @{PROC}/@{pid}/cmdline r, owner @{PROC}/@{pid}/cmdline r,
include if exists <local/YACReaderLibrary> include if exists <local/YACReaderLibrary>
} }
# vim:syntax=apparmor

View file

@ -69,4 +69,6 @@ profile s3fs @{exec_path} {
} }
include if exists <local/s3fs> include if exists <local/s3fs>
} }
# vim:syntax=apparmor

View file

@ -31,3 +31,5 @@ profile sanoid @{exec_path} flags=(complain) {
include if exists <local/sanoid> include if exists <local/sanoid>
} }
# vim:syntax=apparmor

View file

@ -39,4 +39,6 @@ profile sbctl @{exec_path} {
deny network inet6 stream, deny network inet6 stream,
include if exists <local/sbctl> include if exists <local/sbctl>
} }
# vim:syntax=apparmor

View file

@ -38,3 +38,5 @@ profile scrcpy @{exec_path} {
include if exists <local/scrcpy> include if exists <local/scrcpy>
} }
# vim:syntax=apparmor

View file

@ -29,3 +29,5 @@ profile scrot @{exec_path} {
include if exists <local/scrot> include if exists <local/scrot>
} }
# vim:syntax=apparmor

View file

@ -21,4 +21,6 @@ profile sdcv @{exec_path} {
owner @{user_cache_dirs}/sdcv/{,**} rwk, owner @{user_cache_dirs}/sdcv/{,**} rwk,
include if exists <local/sdcv> include if exists <local/sdcv>
} }
# vim:syntax=apparmor

View file

@ -31,3 +31,5 @@ profile secure-time-sync @{exec_path} flags=(attach_disconnected) {
include if exists <local/secure-time-sync> include if exists <local/secure-time-sync>
} }
# vim:syntax=apparmor

View file

@ -45,3 +45,5 @@ profile sensors @{exec_path} {
include if exists <local/sensors> include if exists <local/sensors>
} }
# vim:syntax=apparmor

View file

@ -68,3 +68,5 @@ profile sensors-detect @{exec_path} {
include if exists <local/sensors-detect> include if exists <local/sensors-detect>
} }
# vim:syntax=apparmor

View file

@ -19,3 +19,5 @@ profile setpci @{exec_path} flags=(complain) {
include if exists <local/setpci> include if exists <local/setpci>
} }
# vim:syntax=apparmor

View file

@ -18,4 +18,6 @@ profile setvtrgb @{exec_path} {
/dev/tty@{int} rw, /dev/tty@{int} rw,
include if exists <local/setvtrgb> include if exists <local/setvtrgb>
} }
# vim:syntax=apparmor

View file

@ -34,3 +34,5 @@ profile sfdisk @{exec_path} {
include if exists <local/sfdisk> include if exists <local/sfdisk>
} }
# vim:syntax=apparmor

View file

@ -25,3 +25,5 @@ profile sgdisk @{exec_path} {
include if exists <local/sgdisk> include if exists <local/sgdisk>
} }
# vim:syntax=apparmor

View file

@ -35,3 +35,5 @@ profile sing-box @{exec_path} {
include if exists <local/sing-box> include if exists <local/sing-box>
} }
# vim:syntax=apparmor

View file

@ -41,4 +41,6 @@ profile slirp4netns @{exec_path} flags=(attach_disconnected) {
/dev/net/tun rw, /dev/net/tun rw,
include if exists <local/slirp4netns> include if exists <local/slirp4netns>
} }
# vim:syntax=apparmor

View file

@ -27,3 +27,5 @@ profile smartctl @{exec_path} {
include if exists <local/smartctl> include if exists <local/smartctl>
} }
# vim:syntax=apparmor

View file

@ -53,3 +53,5 @@ profile smartd @{exec_path} {
include if exists <local/smartd> include if exists <local/smartd>
} }
# vim:syntax=apparmor

View file

@ -15,4 +15,6 @@ profile smbspool @{exec_path} {
/etc/papersize r, /etc/papersize r,
include if exists <local/smbspool> include if exists <local/smbspool>
} }
# vim:syntax=apparmor

View file

@ -87,3 +87,5 @@ profile smplayer @{exec_path} {
include if exists <local/smplayer> include if exists <local/smplayer>
} }
# vim:syntax=apparmor

View file

@ -102,3 +102,5 @@ profile smtube @{exec_path} {
include if exists <local/smtube> include if exists <local/smtube>
} }
# vim:syntax=apparmor

View file

@ -111,3 +111,5 @@ profile snap @{exec_path} {
include if exists <local/snap> include if exists <local/snap>
} }
# vim:syntax=apparmor

View file

@ -13,4 +13,6 @@ profile snap-bootstrap @{exec_path} {
@{exec_path} mr, @{exec_path} mr,
include if exists <local/snap-bootstrap> include if exists <local/snap-bootstrap>
} }
# vim:syntax=apparmor

View file

@ -20,4 +20,6 @@ profile snap-device-helper @{exec_path} {
@{sys}/fs/bpf/snap/ w, @{sys}/fs/bpf/snap/ w,
include if exists <local/snap-device-helper> include if exists <local/snap-device-helper>
} }
# vim:syntax=apparmor

View file

@ -30,4 +30,6 @@ profile snap-discard-ns @{exec_path} {
@{run}/snapd/ns/* rw, @{run}/snapd/ns/* rw,
include if exists <local/snap-discard-ns> include if exists <local/snap-discard-ns>
} }
# vim:syntax=apparmor

View file

@ -31,4 +31,6 @@ profile snap-failure @{exec_path} {
} }
include if exists <local/snap-failure> include if exists <local/snap-failure>
} }
# vim:syntax=apparmor

View file

@ -13,4 +13,6 @@ profile snap-repair @{exec_path} {
@{exec_path} mr, @{exec_path} mr,
include if exists <local/snap-repair> include if exists <local/snap-repair>
} }
# vim:syntax=apparmor

View file

@ -27,4 +27,6 @@ profile snap-seccomp @{exec_path} {
deny @{user_share_dirs}/gvfs-metadata/* r, deny @{user_share_dirs}/gvfs-metadata/* r,
include if exists <local/snap-seccomp> include if exists <local/snap-seccomp>
} }
# vim:syntax=apparmor

View file

@ -54,4 +54,6 @@ profile snap-update-ns @{exec_path} {
@{PROC}/version r, @{PROC}/version r,
include if exists <local/snap-update-ns> include if exists <local/snap-update-ns>
} }
# vim:syntax=apparmor

View file

@ -180,4 +180,6 @@ profile snapd @{exec_path} {
} }
include if exists <local/snapd> include if exists <local/snapd>
} }
# vim:syntax=apparmor

View file

@ -21,4 +21,6 @@ profile snapd-aa-prompt-listener @{exec_path} {
@{PROC}/cmdline r, @{PROC}/cmdline r,
include if exists <local/snapd-aa-prompt-listener> include if exists <local/snapd-aa-prompt-listener>
} }
# vim:syntax=apparmor

View file

@ -19,4 +19,6 @@ profile snapd-aa-prompt-ui @{exec_path} {
@{PROC}/cmdline r, @{PROC}/cmdline r,
include if exists <local/snapd-aa-prompt-ui> include if exists <local/snapd-aa-prompt-ui>
} }
# vim:syntax=apparmor

View file

@ -27,4 +27,6 @@ profile snapd-apparmor @{exec_path} {
@{PROC}/cmdline r, @{PROC}/cmdline r,
include if exists <local/snapd-apparmor> include if exists <local/snapd-apparmor>
} }
# vim:syntax=apparmor

View file

@ -13,4 +13,6 @@ profile snapd-core-fixup @{exec_path} {
@{exec_path} mr, @{exec_path} mr,
include if exists <local/snapd-core-fixup> include if exists <local/snapd-core-fixup>
} }
# vim:syntax=apparmor

View file

@ -16,3 +16,5 @@ profile spacefm-auth @{exec_path} {
include if exists <local/spacefm-auth> include if exists <local/spacefm-auth>
} }
# vim:syntax=apparmor

View file

@ -187,3 +187,5 @@ profile spectre-meltdown-checker @{exec_path} {
include if exists <local/spectre-meltdown-checker> include if exists <local/spectre-meltdown-checker>
} }
# vim:syntax=apparmor

View file

@ -34,3 +34,5 @@ profile speedtest @{exec_path} {
include if exists <local/speedtest> include if exists <local/speedtest>
} }
# vim:syntax=apparmor

View file

@ -23,4 +23,6 @@ profile spice-client-glib-usb-acl-helper @{exec_path} {
@{PROC}/sys/kernel/cap_last_cap r, @{PROC}/sys/kernel/cap_last_cap r,
include if exists <local/spice-client-glib-usb-acl-helper> include if exists <local/spice-client-glib-usb-acl-helper>
} }
# vim:syntax=apparmor

View file

@ -47,3 +47,5 @@ profile spice-vdagent @{exec_path} flags=(attach_disconnected) {
include if exists <local/spice-vdagent> include if exists <local/spice-vdagent>
} }
# vim:syntax=apparmor

View file

@ -30,3 +30,5 @@ profile spice-vdagentd @{exec_path} flags=(attach_disconnected) {
include if exists <local/spice-vdagentd> include if exists <local/spice-vdagentd>
} }
# vim:syntax=apparmor

View file

@ -56,3 +56,5 @@ profile spotify @{exec_path} {
include if exists <local/spotify> include if exists <local/spotify>
} }
# vim:syntax=apparmor

View file

@ -45,3 +45,5 @@ profile ss @{exec_path} {
include if exists <local/ss> include if exists <local/ss>
} }
# vim:syntax=apparmor

View file

@ -29,3 +29,5 @@ profile sslocal @{exec_path} {
include if exists <local/sslocal> include if exists <local/sslocal>
} }
# vim:syntax=apparmor

View file

@ -29,3 +29,5 @@ profile ssmanager @{exec_path} {
include if exists <local/ssmanager> include if exists <local/ssmanager>
} }
# vim:syntax=apparmor

View file

@ -28,3 +28,5 @@ profile ssserver @{exec_path} {
include if exists <local/ssserver> include if exists <local/ssserver>
} }
# vim:syntax=apparmor

View file

@ -16,3 +16,5 @@ profile ssservice @{exec_path} {
include if exists <local/ssservice> include if exists <local/ssservice>
} }
# vim:syntax=apparmor

View file

@ -24,3 +24,5 @@ profile ssurl @{exec_path} {
include if exists <local/ssurl> include if exists <local/ssurl>
} }
# vim:syntax=apparmor

View file

@ -24,4 +24,6 @@ profile start-pulseaudio-x11 @{exec_path} {
/dev/tty rw, /dev/tty rw,
include if exists <local/start-pulseaudio-x11> include if exists <local/start-pulseaudio-x11>
} }
# vim:syntax=apparmor

View file

@ -47,3 +47,5 @@ profile startx @{exec_path} flags=(attach_disconnected) {
include if exists <local/startx> include if exists <local/startx>
} }
# vim:syntax=apparmor

View file

@ -418,3 +418,5 @@ profile steam @{exec_path} flags=(attach_disconnected,mediate_deleted) {
include if exists <local/steam> include if exists <local/steam>
} }
# vim:syntax=apparmor

View file

@ -49,3 +49,5 @@ profile steam-fossilize @{exec_path} flags=(attach_disconnected) {
include if exists <local/steam-fossilize> include if exists <local/steam-fossilize>
} }
# vim:syntax=apparmor

View file

@ -35,4 +35,6 @@ profile steam-game-native @{exec_path} flags=(attach_disconnected) {
@{lib_dirs}/** mr, @{lib_dirs}/** mr,
include if exists <local/steam-game-native> include if exists <local/steam-game-native>
} }
# vim:syntax=apparmor

View file

@ -106,4 +106,6 @@ profile steam-game-proton @{exec_path} flags=(attach_disconnected) {
@{PROC}/sys/net/core/bpf_jit_enable r, @{PROC}/sys/net/core/bpf_jit_enable r,
include if exists <local/steam-game-proton> include if exists <local/steam-game-proton>
} }
# vim:syntax=apparmor

View file

@ -69,3 +69,5 @@ profile steam-gameoverlayui @{exec_path} flags=(attach_disconnected) {
include if exists <local/steam-gameoverlayui> include if exists <local/steam-gameoverlayui>
} }
# vim:syntax=apparmor

View file

@ -43,4 +43,6 @@ profile steam-launch @{exec_path} {
deny /opt/** r, deny /opt/** r,
include if exists <local/steam-launch> include if exists <local/steam-launch>
} }
# vim:syntax=apparmor

View file

@ -26,4 +26,6 @@ profile steam-launcher @{exec_path} flags=(attach_disconnected) {
@{lib_dirs}/** mr, @{lib_dirs}/** mr,
include if exists <local/steam-launcher> include if exists <local/steam-launcher>
} }
# vim:syntax=apparmor

View file

@ -80,4 +80,6 @@ profile steam-runtime @{exec_path} flags=(attach_disconnected) {
/dev/tty rw, /dev/tty rw,
include if exists <local/steam-runtime> include if exists <local/steam-runtime>
} }
# vim:syntax=apparmor

View file

@ -38,4 +38,6 @@ profile steamerrorreporter @{exec_path} flags=(attach_disconnected) {
owner @{PROC}/@{pid}/status r, owner @{PROC}/@{pid}/status r,
include if exists <local/steamerrorreporter> include if exists <local/steamerrorreporter>
} }
# vim:syntax=apparmor

View file

@ -79,3 +79,5 @@ profile strawberry @{exec_path} {
include if exists <local/strawberry> include if exists <local/strawberry>
} }
# vim:syntax=apparmor

View file

@ -29,3 +29,5 @@ profile strawberry-tagreader @{exec_path} {
include if exists <local/strawberry-tagreader> include if exists <local/strawberry-tagreader>
} }
# vim:syntax=apparmor

View file

@ -28,3 +28,5 @@ profile su @{exec_path} {
include if exists <local/su> include if exists <local/su>
} }
# vim:syntax=apparmor

View file

@ -47,3 +47,5 @@ profile sudo @{exec_path} flags=(attach_disconnected) {
include if exists <local/sudo> include if exists <local/sudo>
} }
# vim:syntax=apparmor

View file

@ -26,4 +26,6 @@ profile sulogin @{exec_path} {
/dev/tty@{int} rw, /dev/tty@{int} rw,
include if exists <local/sulogin> include if exists <local/sulogin>
} }
# vim:syntax=apparmor

View file

@ -19,3 +19,5 @@ profile swaplabel @{exec_path} {
include if exists <local/swaplabel> include if exists <local/swaplabel>
} }
# vim:syntax=apparmor

View file

@ -28,3 +28,5 @@ profile swapon @{exec_path} {
include if exists <local/swapon> include if exists <local/swapon>
} }
# vim:syntax=apparmor

View file

@ -34,3 +34,5 @@ profile switcheroo-control @{exec_path} flags=(attach_disconnected) {
include if exists <local/switcheroo-control> include if exists <local/switcheroo-control>
} }
# vim:syntax=apparmor

View file

@ -17,4 +17,6 @@ profile switcherooctl @{exec_path} {
@{exec_path} mr, @{exec_path} mr,
include if exists <local/switcherooctl> include if exists <local/switcherooctl>
} }
# vim:syntax=apparmor

View file

@ -28,4 +28,6 @@ profile swtpm @{exec_path} {
@{run}/libvirt/qemu/swtpm/*.pid w, @{run}/libvirt/qemu/swtpm/*.pid w,
include if exists <local/swtpm> include if exists <local/swtpm>
} }
# vim:syntax=apparmor

View file

@ -16,4 +16,6 @@ profile swtpm_ioctl @{exec_path} {
@{exec_path} mr, @{exec_path} mr,
include if exists <local/swtpm_ioctl> include if exists <local/swtpm_ioctl>
} }
# vim:syntax=apparmor

View file

@ -30,4 +30,6 @@ profile swtpm_localca @{exec_path} {
@{run}/libvirt/qemu/swtpm/*.sock w, @{run}/libvirt/qemu/swtpm/*.sock w,
include if exists <local/swtpm_localca> include if exists <local/swtpm_localca>
} }
# vim:syntax=apparmor

View file

@ -26,4 +26,6 @@ profile swtpm_setup @{exec_path} {
owner @{tmp}/.swtpm_setup.pidfile* rw, owner @{tmp}/.swtpm_setup.pidfile* rw,
include if exists <local/swtpm_setup> include if exists <local/swtpm_setup>
} }
# vim:syntax=apparmor

View file

@ -14,4 +14,6 @@ profile sync @{exec_path} {
@{exec_path} mr, @{exec_path} mr,
include if exists <local/sync> include if exists <local/sync>
} }
# vim:syntax=apparmor

View file

@ -31,3 +31,5 @@ profile syncoid @{exec_path} flags=(complain) {
include if exists <local/syncoid> include if exists <local/syncoid>
} }
# vim:syntax=apparmor

View file

@ -45,3 +45,5 @@ profile syncthing @{exec_path} {
include if exists <local/syncthing> include if exists <local/syncthing>
} }
# vim:syntax=apparmor

View file

@ -31,4 +31,6 @@ profile sysctl @{exec_path} {
deny network inet stream, deny network inet stream,
include if exists <local/sysctl> include if exists <local/sysctl>
} }
# vim:syntax=apparmor

View file

@ -58,3 +58,5 @@ profile system-config-printer @{exec_path} flags=(complain) {
include if exists <local/system-config-printer> include if exists <local/system-config-printer>
} }
# vim:syntax=apparmor

View file

@ -31,3 +31,5 @@ profile system-config-printer-applet @{exec_path} {
include if exists <local/system-config-printer-applet> include if exists <local/system-config-printer-applet>
} }
# vim:syntax=apparmor

View file

@ -47,3 +47,5 @@ profile task @{exec_path} {
include if exists <local/task> include if exists <local/task>
} }
# vim:syntax=apparmor

View file

@ -80,3 +80,5 @@ profile tasksel @{exec_path} flags=(complain) {
include if exists <local/tasksel> include if exists <local/tasksel>
} }
# vim:syntax=apparmor

View file

@ -30,3 +30,5 @@ profile taskwarrior-tui @{exec_path} {
include if exists <local/taskwarrior-tui> include if exists <local/taskwarrior-tui>
} }
# vim:syntax=apparmor

View file

@ -63,4 +63,6 @@ profile terminator @{exec_path} flags=(attach_disconnected) {
deny @{user_share_dirs}/gvfs-metadata/{,*} r, deny @{user_share_dirs}/gvfs-metadata/{,*} r,
include if exists <local/terminator> include if exists <local/terminator>
} }
# vim:syntax=apparmor

View file

@ -17,3 +17,5 @@ profile tftp @{exec_path} {
include if exists <local/tftp> include if exists <local/tftp>
} }
# vim:syntax=apparmor

View file

@ -82,3 +82,5 @@ profile thermald @{exec_path} flags=(attach_disconnected) {
include if exists <local/thermald> include if exists <local/thermald>
} }
# vim:syntax=apparmor

View file

@ -28,3 +28,5 @@ profile thinkfan @{exec_path} {
include if exists <local/thinkfan> include if exists <local/thinkfan>
} }
# vim:syntax=apparmor

View file

@ -179,3 +179,5 @@ profile thunderbird @{exec_path} {
include if exists <local/thunderbird> include if exists <local/thunderbird>
} }
# vim:syntax=apparmor

View file

@ -26,4 +26,6 @@ profile thunderbird-glxtest @{exec_path} {
owner @{PROC}/@{pid}/cmdline r, owner @{PROC}/@{pid}/cmdline r,
include if exists <local/thunderbird-glxtest> include if exists <local/thunderbird-glxtest>
} }
# vim:syntax=apparmor

View file

@ -28,3 +28,5 @@ profile thunderbird-vaapitest @{exec_path} {
include if exists <local/thunderbird-vaapitest> include if exists <local/thunderbird-vaapitest>
} }
# vim:syntax=apparmor

View file

@ -62,3 +62,5 @@ profile tint2 @{exec_path} {
include if exists <local/tint2> include if exists <local/tint2>
} }
# vim:syntax=apparmor

View file

@ -41,3 +41,5 @@ profile tint2conf @{exec_path} {
include if exists <local/tint2conf> include if exists <local/tint2conf>
} }
# vim:syntax=apparmor

View file

@ -68,3 +68,5 @@ profile top @{exec_path} flags=(attach_disconnected) {
include if exists <local/top> include if exists <local/top>
} }
# vim:syntax=apparmor

View file

@ -16,3 +16,5 @@ profile torify @{exec_path} {
include if exists <local/torify> include if exists <local/torify>
} }
# vim:syntax=apparmor

View file

@ -25,3 +25,5 @@ profile torsocks @{exec_path} {
include if exists <local/torsocks> include if exists <local/torsocks>
} }
# vim:syntax=apparmor

View file

@ -28,3 +28,5 @@ profile tpacpi-bat @{exec_path} {
include if exists <local/tpacpi-bat> include if exists <local/tpacpi-bat>
} }
# vim:syntax=apparmor

View file

@ -50,3 +50,5 @@ profile transmission-gtk @{exec_path} {
include if exists <local/transmission-gtk> include if exists <local/transmission-gtk>
} }
# vim:syntax=apparmor

View file

@ -52,3 +52,5 @@ profile transmission-qt @{exec_path} {
include if exists <local/transmission-qt> include if exists <local/transmission-qt>
} }
# vim:syntax=apparmor

View file

@ -34,3 +34,5 @@ profile tune2fs @{exec_path} {
include if exists <local/tune2fs> include if exists <local/tune2fs>
} }
# vim:syntax=apparmor

View file

@ -18,4 +18,6 @@ profile udev-dmi-memory-id @{exec_path} {
@{sys}/firmware/dmi/tables/smbios_entry_point r, @{sys}/firmware/dmi/tables/smbios_entry_point r,
include if exists <local/udev-dmi-memory-id> include if exists <local/udev-dmi-memory-id>
} }
# vim:syntax=apparmor

View file

@ -68,3 +68,5 @@ profile udiskie @{exec_path} {
include if exists <local/udiskie> include if exists <local/udiskie>
} }
# vim:syntax=apparmor

View file

@ -24,3 +24,5 @@ profile udiskie-info @{exec_path} {
include if exists <local/udiskie-info> include if exists <local/udiskie-info>
} }
# vim:syntax=apparmor

Some files were not shown because too many files have changed in this diff Show more