# apparmor.d - Full set of apparmor profiles # Copyright (C) 2020-2021 Mikhail Morfikov # Copyright (C) 2021-2024 Alexandre Pujol # SPDX-License-Identifier: GPL-2.0-only abi , include @{exec_path} = @{bin}/kodi @{lib}/@{multiarch}/kodi/kodi.bin profile kodi @{exec_path} { include include include include include include include include include @{exec_path} mr, @{lib}/@{multiarch}/kodi/kodi.bin mrix, @{lib}/@{multiarch}/kodi/kodi-xrandr rPx, @{sh_path} rix, @{bin}/basename rix, @{bin}/cat rix, @{bin}/cut rix, @{bin}/date rix, @{bin}/dirname rix, @{bin}/find rix, @{bin}/ldconfig rix, @{bin}/mv rix, @{bin}/uname rix, @{bin}/lsb_release rPx -> lsb_release, @{bin}/df rCx -> df, /usr/share/kodi/{,**} r, owner @{HOME}/.kodi/ rw, owner @{HOME}/.kodi/** rwk, owner @{HOME}/core w, owner @{HOME}/kodi_crashlog-[0-9]*_[0-9]*.log w, owner @{HOME}/.icons/default/index.theme r, /usr/share/publicsuffix/* r, /usr/share/icons/*/index.theme r, /etc/mime.types r, /etc/timezone r, /etc/fstab r, owner @{PROC}/@{pid}/mounts r, @{PROC}/@{pid}/net/dev r, @{PROC}/sys/kernel/core_pattern r, @{PROC}/@{pid}/net/route r, @{sys}/**/ r, @{sys}/devices/**/uevent r, @{sys}/devices/@{pci}/usb@{int}/{bDeviceClass,idProduct,idVendor} r, @{sys}/devices/@{pci}/usb@{int}/**/{bDeviceClass,idProduct,idVendor} r, @{sys}/devices/system/node/ r, @{sys}/devices/system/node/node@{int}/meminfo r, @{sys}/devices/system/cpu/cpufreq/policy@{int}/scaling_cur_freq r, @{sys}/devices/virtual/thermal/thermal_zone[0-9]*/temp r, @{run}/udev/data/* r, /var/lib/dbus/machine-id r, /etc/machine-id r, profile df { include @{bin}/df mr, owner @{PROC}/@{pid}/mountinfo r, # file_inherit /usr/share/kodi/** r, /sys/devices/virtual/thermal/thermal_zone[0-9]*/temp r, /sys/devices/system/cpu/cpufreq/policy@{int}/scaling_cur_freq r, /home/morfik/.kodi/temp/kodi.log w, } include if exists }