mirrors/apparmor.d
1
0
Fork 0
mirror of https://github.com/roddhjav/apparmor.d.git synced 2025-01-19 09:28:17 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
apparmor.d/apparmor.d/abstractions/desktop
Alexandre Pujol 69f9e8464f
feat(profile): update profiles for gnome 47.
2024-09-25 00:14:02 +01:00

79 lines
2.3 KiB
Text
Raw Blame History

# apparmor.d - Full set of apparmor profiles
# Copyright (C) 2023-2024 Alexandre Pujol <alexandre@pujol.io>
# SPDX-License-Identifier: GPL-2.0-only
# Unified minimal abstraction for all UI application regardless of the desktop environment.
# When supported in apparmor, condition will be used in this abstraction to filter
# resources specific for supported DE.
include <abstractions/fonts>
include <abstractions/freedesktop.org>
include <abstractions/gtk>
include <abstractions/qt5>
include <abstractions/wayland>
include <abstractions/X-strict>
include <abstractions/xdg-desktop>
# if @{DE} == gnome
dbus receive bus=session
interface=org.freedesktop.DBus.Introspectable
member=Introspect
peer=(name=:*, label=gnome-shell),
/usr/{local/,}share/ r,
/usr/{local/,}share/glib-@{version}/schemas/** r,
/usr/{local/,}share/gvfs/remote-volume-monitors/{,*} r,
/etc/gnome/* r,
/etc/xdg/{,*-}mimeapps.list r,
/var/cache/gio-@{version}/gnome-mimeapps.list r,
owner @{user_share_dirs}/gnome-shell/session.gvdb rw,
# else if @{DE} == kde
@{lib}/kde{,3,4}/*.so mr,
@{lib}/kde{,3,4}/plugins/*/ r,
@{lib}/kde{,3,4}/plugins/*/*.so mr,
/usr/share/knotifications{5,6}/*.notifyrc r,
/etc/xdg/baloofilerc r,
/etc/xdg/kcminputrc r,
/etc/xdg/kdeglobals r,
/etc/xdg/kwinrc r,
owner @{user_cache_dirs}/#@{int} rw,
owner @{user_cache_dirs}/icon-cache.kcache rw,
owner @{user_cache_dirs}/ksycoca{5,6}_??_* rwlk,
owner @{user_config_dirs}/baloofilerc r,
owner @{user_config_dirs}/dolphinrc r,
owner @{user_config_dirs}/kcminputrc r,
owner @{user_config_dirs}/kdedefaults/ r,
owner @{user_config_dirs}/kdedefaults/kcminputrc r,
owner @{user_config_dirs}/kdedefaults/kdeglobals r,
owner @{user_config_dirs}/kdedefaults/kwinrc r,
owner @{user_config_dirs}/kdeglobals r,
owner @{user_config_dirs}/kwinrc r,
owner @{user_config_dirs}/trashrc r,
# else if @{DE} == xfce
/usr/share/xfce4/ r,
owner @{user_config_dirs}/xfce4/help{,ers}.rc rw,
owner @{user_config_dirs}/xfce4/help{,ers}.rc.@{int}.tmp rw,
# end
/usr/share/desktop-base/{,**} r,
/usr/share/hwdata/*.ids r,
/usr/share/icu/@{int}.@{int}/*.dat r,
include if exists <abstractions/desktop.d>
# vim:syntax=apparmor
Reference in a new issue View git blame Copy permalink