mirrors/apparmor.d
1
0
Fork 0
mirror of https://github.com/roddhjav/apparmor.d.git synced 2024-11-15 07:54:17 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

feat(profile): gnome-shell//open: ensure gnome can start any program.

Browse Source
This commit is contained in:
Alexandre Pujol 2024-06-23 11:26:15 +01:00
parent ae71b323c2
commit e8aa338d5e
No known key found for this signature in database
GPG Key ID: C5469996F0DF68EC
1 changed files with 10 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
apparmor.d/groups/gnome/gnome-shell
View File

@ -394,18 +394,21 @@ profile gnome-shell @{exec_path} flags=(attach_disconnected,mediate_deleted) {
include if exists <local/gnome-shell_shell> include if exists <local/gnome-shell_shell>
} }
profile open flags=(attach_disconnected,mediate_deleted) { profile open flags=(attach_disconnected,mediate_deleted,complain) {
include <abstractions/base> include <abstractions/base>
include <abstractions/app-launcher-user>
unix receive type=stream, network inet stream,
network unix stream,
@{lib}/gio-launch-desktop mr,
@{lib}/@{multiarch}/glib-[0-9]*/gio-launch-desktop mr, @{lib}/@{multiarch}/glib-[0-9]*/gio-launch-desktop mr,
@{lib}/gio-launch-desktop mr,
@{lib}/* PUx, @{lib}/** PUx,
/usr/games/* PUx, @{bin}/** PUx,
/usr/share/gnome-shell/extensions/ding@rastersoft.com/{,*/}ding.js rPx, /opt/*/** PUx,
/usr/share/*/** PUx,
/usr/local/bin/** PUx,
/usr/games/** PUx,
owner @{run}/user/@{uid}/gnome-shell-disable-extensions w, owner @{run}/user/@{uid}/gnome-shell-disable-extensions w,