diff --git a/apparmor.d/abstractions/video.d/complete b/apparmor.d/abstractions/video.d/complete deleted file mode 100644 index af4c9afb..00000000 --- a/apparmor.d/abstractions/video.d/complete +++ /dev/null @@ -1,13 +0,0 @@ -# apparmor.d - Full set of apparmor profiles -# Copyright (C) 2020-2021 Mikhail Morfikov -# Copyright (C) 2021 Alexandre Pujol -# SPDX-License-Identifier: GPL-2.0-only - - owner /dev/shm/libv4l-* rw, - /dev/video[0-9]* rw, - @{sys}/devices/pci[0-9]*/**/usb[0-9]/**/video4linux/video[0-9]*/dev r, - @{sys}/devices/pci[0-9]*/**/usb[0-9]/**/{modalias,speed} r, - - @{sys}/devices/virtual/dmi/id/sys_vendor r, - @{sys}/devices/virtual/dmi/id/product_{name,version} r, - @{sys}/devices/virtual/dmi/id/board_{vendor,name,version} r, diff --git a/apparmor.d/groups/pacman/mkinitcpio b/apparmor.d/groups/pacman/mkinitcpio index a64bb9cf..3a61bb52 100644 --- a/apparmor.d/groups/pacman/mkinitcpio +++ b/apparmor.d/groups/pacman/mkinitcpio @@ -34,6 +34,8 @@ profile mkinitcpio @{exec_path} flags=(attach_disconnected) { /{usr/,}bin/hexdump rix, /{usr/,}bin/install rix, /{usr/,}bin/ldconfig rix, + /{usr/,}bin/mv rix, + /{usr/,}bin/sync rix, /{usr/,}bin/ldd rix, /{usr/,}bin/ln rix, /{usr/,}bin/loadkeys rix, @@ -84,7 +86,7 @@ profile mkinitcpio @{exec_path} flags=(attach_disconnected) { # Manage /boot / r, - /boot/initramfs-*.img rw, + /boot/initramfs-*.img* rw, /boot/vmlinuz-* r, @{sys}/class/block/ r, diff --git a/apparmor.d/groups/pacman/pacman b/apparmor.d/groups/pacman/pacman index 6d795cbc..edde0033 100644 --- a/apparmor.d/groups/pacman/pacman +++ b/apparmor.d/groups/pacman/pacman @@ -73,6 +73,7 @@ profile pacman @{exec_path} { /{usr/,}bin/sed rix, /{usr/,}bin/setcap rix, /{usr/,}bin/touch rix, + /{usr/,}bin/tput rix, /{usr/,}bin/vercmp rix, /{usr/,}bin/xmlcatalog rix, /{usr/,}lib/ghc-*/bin/ghc-pkg rix, @@ -106,7 +107,7 @@ profile pacman @{exec_path} { # Install/update packages / r, - /*/ rw, + /*{,/} rw, /boot/** rwl -> /boot/**, /etc/** rwl -> /etc/**, /opt/** rwl -> /opt/**,