mirrors/apparmor.d
1
0
Fork 0
mirror of https://github.com/roddhjav/apparmor.d.git synced 2025-01-18 00:48:10 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat(abs): minor cleanup.

Browse source
This commit is contained in:
Alexandre Pujol 2024-06-11 23:18:07 +01:00
parent ca9a8d47f8
commit ff88400b22
Failed to generate hash of commit
4 changed files with 10 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
apparmor.d/abstractions/app/chromium
View file

@ -150,10 +150,10 @@
owner @{tmp}/.@{domain}.* rw,
owner @{tmp}/.@{domain}*/{,**} rw,
owner @{tmp}/@{name}-crashlog-@{int}-@{int}.txt rw,
owner @{tmp}/scoped_dir*/{,**} rw,
owner @{tmp}/tmp.* rw,
owner @{tmp}/tmp.*/ rw,
owner @{tmp}/tmp.*/** rwk,
audit owner @{tmp}/scoped_dir@{rand6}/{,**} rw,
owner @{tmp}/tmp.@{rand6} rw,
owner @{tmp}/tmp.@{rand6}/ rw,
owner @{tmp}/tmp.@{rand6}/** rwk,
owner @{run}/user/@{uid}/app/org.keepassxc.KeePassXC/org.keepassxc.KeePassXC.BrowserServer rw,
owner @{run}/user/@{uid}/org.keepassxc.KeePassXC.BrowserServer rw,

2
apparmor.d/abstractions/common/app
View file

@ -16,10 +16,10 @@
include <abstractions/bus/org.a11y>
include <abstractions/consoles>
include <abstractions/cups-client>
# include <abstractions/deny-sensitive-home>
include <abstractions/desktop>
include <abstractions/devices-usb>
include <abstractions/disks-read>
include <abstractions/enchant>
include <abstractions/fontconfig-cache-read>
include <abstractions/graphics>
include <abstractions/gstreamer>

8
apparmor.d/abstractions/common/chromium
View file

@ -20,19 +20,19 @@
owner @{HOME}/.pki/nssdb/{cert9,key4}.db rwk,
owner @{HOME}/.pki/nssdb/{cert9,key4}.db-journal rw,
owner @{user_share_dirs}/.org.chromium.Chromium.* rw,
owner @{user_share_dirs}/.org.chromium.Chromium.@{rand6} rw,
/tmp/ r,
/var/tmp/ r,
owner @{tmp}/.org.chromium.Chromium.* rw,
owner @{tmp}/.org.chromium.Chromium.*/{,**} rw,
owner @{tmp}/.org.chromium.Chromium.@{rand6} rw,
owner @{tmp}/.org.chromium.Chromium.@{rand6}/{,**} rw,
owner @{tmp}/scoped_dir*/ rw,
owner @{tmp}/scoped_dir*/SingletonCookie w,
owner @{tmp}/scoped_dir*/SingletonSocket w,
owner @{tmp}/scoped_dir*/SS w,
/dev/shm/ r,
owner /dev/shm/.org.chromium.Chromium.* rw,
owner /dev/shm/.org.chromium.Chromium.@{rand6} rw,
# If kernel.unprivileged_userns_clone = 1
owner @{PROC}/@{pid}/setgroups w,

1
apparmor.d/abstractions/common/steam-game
View file

@ -59,6 +59,7 @@
owner /dev/shm/mono.@{int} rw,
owner /dev/shm/softbuffer-x11-@{rand6}@{c} rw,
owner /dev/shm/u@{uid}-Shm_@{hex4}@{h} rw,
owner /dev/shm/u@{uid}-Shm_@{hex6} rw,
owner /dev/shm/u@{uid}-Shm_@{hex6}@{h} rw,
owner /dev/shm/u@{uid}-Shm_@{hex8} rw,