mirrors/apparmor.d
1
0
Fork 0
mirror of https://github.com/roddhjav/apparmor.d.git synced 2025-01-31 07:17:22 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Deduplicate and revert

Browse source 
Signed-off-by: Jeroen Rijken <jeroen.rijken@xs4all.nl>
This commit is contained in:
Jeroen Rijken 2024-02-24 11:17:57 +01:00 committed by Alex
parent 13079bbd7e
commit f807d5a190
2 changed files with 2 additions and 39 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
apparmor.d/abstractions/systemd-common
View file

@ -3,14 +3,8 @@
# Copyright (C) 2021-2024 Alexandre Pujol <alexandre@pujol.io> # Copyright (C) 2021-2024 Alexandre Pujol <alexandre@pujol.io>
# SPDX-License-Identifier: GPL-2.0-only # SPDX-License-Identifier: GPL-2.0-only
capability sys_ptrace,
ptrace (read) peer=@{systemd}, ptrace (read) peer=@{systemd},
owner @{lib}/systemd/{,systemd} r,
owner @{run}/systemd/system/ r,
@{sys}/firmware/efi/efivars/SecureBoot-@{uuid} r, @{sys}/firmware/efi/efivars/SecureBoot-@{uuid} r,
@{sys}/fs/cgroup/system.slice/@{profile_name}.service/memory.pressure rw, @{sys}/fs/cgroup/system.slice/@{profile_name}.service/memory.pressure rw,
@ -20,7 +14,6 @@
@{PROC}/cmdline r, @{PROC}/cmdline r,
@{PROC}/sys/kernel/osrelease r, @{PROC}/sys/kernel/osrelease r,
@{PROC}/sys/kernel/random/boot_id r, @{PROC}/sys/kernel/random/boot_id r,
owner @{PROC}/filesystems r,
owner @{PROC}/@{pid}/stat r, owner @{PROC}/@{pid}/stat r,
/dev/kmsg w, /dev/kmsg w,

34
apparmor.d/profiles-a-f/bluetoothd
View file

@ -28,22 +28,7 @@ profile bluetoothd @{exec_path} flags=(attach_disconnected) {
dbus receive bus=system path=/ dbus receive bus=system path=/
interface=org.freedesktop.DBus.ObjectManager interface=org.freedesktop.DBus.ObjectManager
member=GetManagedObjects member=GetManagedObjects
peer=(name=:*, label=brave), peer=(name=:*, label="{brave,NetworkManager,pulseaudio,upowerd}"),
dbus receive bus=system path=/
interface=org.freedesktop.DBus.ObjectManager
member=GetManagedObjects
peer=(name=:*, label=NetworkManager),
dbus receive bus=system path=/
interface=org.freedesktop.DBus.ObjectManager
member=GetManagedObjects
peer=(name=:*, label=pulseaudio),
dbus receive bus=system path=/
interface=org.freedesktop.DBus.ObjectManager
member=GetManagedObjects
peer=(name=:*, label=upowerd),
dbus send bus=system path=/MediaEndpoint dbus send bus=system path=/MediaEndpoint
interface=org.freedesktop.DBus.ObjectManager interface=org.freedesktop.DBus.ObjectManager
@ -63,22 +48,7 @@ profile bluetoothd @{exec_path} flags=(attach_disconnected) {
dbus send bus=system path=/ dbus send bus=system path=/
interface=org.freedesktop.DBus.ObjectManager interface=org.freedesktop.DBus.ObjectManager
member=InterfacesRemoved member=InterfacesRemoved
peer=(name=org.freedesktop.DBus, label=fwupd), peer=(name=org.freedesktop.DBus, label="{jwupd,NetworkManager,pulseaudio,upowerd}"),
dbus send bus=system path=/
interface=org.freedesktop.DBus.ObjectManager
member=InterfacesRemoved
peer=(name=org.freedesktop.DBus, label=NetworkManager),
dbus send bus=system path=/
interface=org.freedesktop.DBus.ObjectManager
member=InterfacesRemoved
peer=(name=org.freedesktop.DBus, label=pulseaudio),
dbus send bus=system path=/
interface=org.freedesktop.DBus.ObjectManager
member=InterfacesRemoved
peer=(name=org.freedesktop.DBus, label=upowerd),
@{exec_path} mr, @{exec_path} mr,