mirrors/apparmor.d
1
0
Fork 0
mirror of https://github.com/roddhjav/apparmor.d.git synced 2024-11-14 23:43:56 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

feat(profile): gdm-session-worker: initial support for fscrypt.

Browse Source 
fix #430
This commit is contained in:
Alexandre Pujol 2024-08-20 19:29:43 +01:00
parent dc8cc1eb09
commit fb6e718b98
No known key found for this signature in database
GPG Key ID: C5469996F0DF68EC
1 changed files with 11 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
apparmor.d/groups/gnome/gdm-session-worker
View File

@ -77,6 +77,7 @@ profile gdm-session-worker @{exec_path} flags=(attach_disconnected) {
@{etc_ro}/environment r,
@{etc_ro}/security/limits.d/{,*.conf} r,
/etc/default/locale r,
/etc/fscrypt.conf r,
/etc/gdm{3,}/custom.conf r,
/etc/gdm{3,}/daemon.conf r,
/etc/locale.conf r,
@ -93,7 +94,14 @@ profile gdm-session-worker @{exec_path} flags=(attach_disconnected) {
/var/lib/wtmpdb/ r,
/var/lib/wtmpdb/* rwk,
/.fscrypt/policies/ r,
/.fscrypt/protectors/ r,
owner /.fscrypt/protectors/@{hex16} r,
/home/ r,
owner @{HOME}/.pam_environment r,
owner @{HOME}/policies/@{hex32} r,
owner @{HOME}/protectors/@{hex16}.link r,
@{run}/cockpit/inactive.motd r,
owner @{run}/systemd/seats/seat@{int} r,
@ -106,12 +114,15 @@ profile gdm-session-worker @{exec_path} flags=(attach_disconnected) {
@{run}/cockpit/active.motd r,
@{run}/faillock/@{user} rwk,
@{run}/fscrypt/ rw,
@{run}/fscrypt/@{uid}.count rwk,
@{run}/motd.d/{,*} r,
@{run}/systemd/sessions/* r,
@{run}/systemd/sessions/*.ref rw,
@{run}/systemd/users/@{uid} r,
@{run}/utmp rwk,
@{PROC}/@{pid}/mountinfo r,
@{PROC}/@{pids}/cgroup r,
@{PROC}/1/limits r,
@{PROC}/keys r,