From dab928305f17c67e9bf0f91d877e0efd13c98b35 Mon Sep 17 00:00:00 2001 From: Alexandre Pujol Date: Sun, 31 Mar 2024 12:45:13 +0100 Subject: [PATCH] feat(abs): add igfx_user_feature to the graphics abs. --- apparmor.d/abstractions/app/chromium | 1 - apparmor.d/abstractions/common/app | 1 - apparmor.d/abstractions/graphics | 1 + apparmor.d/groups/browsers/firefox | 1 - apparmor.d/groups/browsers/firefox-vaapitest | 2 -- apparmor.d/groups/network/mullvad-gui | 3 --- apparmor.d/groups/whonix/torbrowser | 1 - apparmor.d/groups/whonix/torbrowser-vaapitest | 2 -- apparmor.d/profiles-s-z/thunderbird-vaapitest | 2 -- 9 files changed, 1 insertion(+), 13 deletions(-) diff --git a/apparmor.d/abstractions/app/chromium b/apparmor.d/abstractions/app/chromium index a3b8998b..02bbb766 100644 --- a/apparmor.d/abstractions/app/chromium +++ b/apparmor.d/abstractions/app/chromium @@ -106,7 +106,6 @@ /etc/@{name}/{,**} r, /etc/fstab r, - /etc/igfx_user_feature{,_next}.txt rw, /etc/opensc.conf r, /var/lib/dbus/machine-id r, diff --git a/apparmor.d/abstractions/common/app b/apparmor.d/abstractions/common/app index c57ff459..3c22d0cb 100644 --- a/apparmor.d/abstractions/common/app +++ b/apparmor.d/abstractions/common/app @@ -32,7 +32,6 @@ /usr/** r, /etc/** r, - /etc/igfx_user_feature*.txt rw, /etc/shells rw, / r, diff --git a/apparmor.d/abstractions/graphics b/apparmor.d/abstractions/graphics index 15b2795a..85589272 100644 --- a/apparmor.d/abstractions/graphics +++ b/apparmor.d/abstractions/graphics @@ -7,6 +7,7 @@ include include + /etc/igfx_user_feature{,_next}.txt w, /etc/libva.conf r, @{sys}/bus/pci/devices/ r, diff --git a/apparmor.d/groups/browsers/firefox b/apparmor.d/groups/browsers/firefox index ab9fc0f6..00e11da2 100644 --- a/apparmor.d/groups/browsers/firefox +++ b/apparmor.d/groups/browsers/firefox @@ -115,7 +115,6 @@ profile firefox @{exec_path} flags=(attach_disconnected) { /etc/@{name}/{,**} r, /etc/cups/client.conf r, /etc/fstab r, - /etc/igfx_user_feature{,_next}.txt w, /etc/mailcap r, /etc/mime.types r, /etc/opensc.conf r, diff --git a/apparmor.d/groups/browsers/firefox-vaapitest b/apparmor.d/groups/browsers/firefox-vaapitest index 65917929..f151a00a 100644 --- a/apparmor.d/groups/browsers/firefox-vaapitest +++ b/apparmor.d/groups/browsers/firefox-vaapitest @@ -19,8 +19,6 @@ profile firefox-vaapitest @{exec_path} flags=(attach_disconnected) { @{exec_path} mr, - /etc/igfx_user_feature{,_next}.txt w, - owner /tmp/@{name}/.parentlock rw, deny @{config_dirs}/firefox/*/.parentlock rw, diff --git a/apparmor.d/groups/network/mullvad-gui b/apparmor.d/groups/network/mullvad-gui index 4a9c3194..86f11b55 100644 --- a/apparmor.d/groups/network/mullvad-gui +++ b/apparmor.d/groups/network/mullvad-gui @@ -28,9 +28,6 @@ profile mullvad-gui @{exec_path} flags=(attach_disconnected) { @{bin}/gsettings rix, @{open_path} rPx -> child-open-browsers, - /etc/libva.conf r, - /etc/igfx_user_feature{,_next}.txt w, - owner @{user_cache_dirs}/dconf/user rw, owner /tmp/.org.chromium.Chromium.@{rand6}/@{name}*.png rw, diff --git a/apparmor.d/groups/whonix/torbrowser b/apparmor.d/groups/whonix/torbrowser index 53bb3851..a8236628 100644 --- a/apparmor.d/groups/whonix/torbrowser +++ b/apparmor.d/groups/whonix/torbrowser @@ -61,7 +61,6 @@ profile torbrowser @{exec_path} flags=(attach_disconnected) { /usr/share/xul-ext/kwallet5/* r, /etc/@{name}.d/{,**} r, - /etc/igfx_user_feature{,_next}.txt w, /etc/mailcap r, /etc/mime.types r, /etc/opensc.conf r, diff --git a/apparmor.d/groups/whonix/torbrowser-vaapitest b/apparmor.d/groups/whonix/torbrowser-vaapitest index 743a9188..9217c5f6 100644 --- a/apparmor.d/groups/whonix/torbrowser-vaapitest +++ b/apparmor.d/groups/whonix/torbrowser-vaapitest @@ -21,8 +21,6 @@ profile torbrowser-vaapitest @{exec_path} { @{exec_path} mr, - /etc/igfx_user_feature{,_next}.txt w, - owner /tmp/@{name}/.parentlock rw, deny @{config_dirs}/.parentlock rw, diff --git a/apparmor.d/profiles-s-z/thunderbird-vaapitest b/apparmor.d/profiles-s-z/thunderbird-vaapitest index b1e013a5..d5050b01 100644 --- a/apparmor.d/profiles-s-z/thunderbird-vaapitest +++ b/apparmor.d/profiles-s-z/thunderbird-vaapitest @@ -20,8 +20,6 @@ profile thunderbird-vaapitest @{exec_path} { @{exec_path} mr, - /etc/igfx_user_feature{,_next}.txt rw, - owner /tmp/thunderbird/.parentlock rw, deny @{cache_dirs}/*/startupCache/** r,