mirror of
https://github.com/roddhjav/apparmor.d.git
synced 2025-02-07 02:35:06 +01:00
73 lines
1.7 KiB
Text
73 lines
1.7 KiB
Text
# apparmor.d - Full set of apparmor profiles
|
|
# Copyright (C) 2021 Mikhail Morfikov
|
|
# SPDX-License-Identifier: GPL-2.0-only
|
|
|
|
abi <abi/3.0>,
|
|
|
|
include <tunables/global>
|
|
|
|
@{exec_path} = /{usr/,}bin/czkawka_gui
|
|
profile czkawka-gui @{exec_path} {
|
|
include <abstractions/base>
|
|
include <abstractions/gtk>
|
|
include <abstractions/fonts>
|
|
include <abstractions/fontconfig-cache-read>
|
|
include <abstractions/freedesktop.org>
|
|
|
|
@{exec_path} mr,
|
|
|
|
/{usr/,}bin/xdg-open rCx -> open,
|
|
|
|
# Dirs to scan for duplicates
|
|
#owner @{HOME}/** rw,
|
|
owner @{MOUNTS}/** rw,
|
|
|
|
owner @{user_config_dirs}/czkawka/ rw,
|
|
owner @{user_config_dirs}/czkawka/** rw,
|
|
|
|
owner @{user_cache_dirs}/ rw,
|
|
owner @{user_cache_dirs}/czkawka/ rw,
|
|
owner @{user_cache_dirs}/czkawka/** rw,
|
|
|
|
owner @{PROC}/@{pid}/cmdline r,
|
|
owner @{PROC}/@{pid}/cgroup r,
|
|
owner @{PROC}/@{pid}/mountinfo r,
|
|
owner @{PROC}/@{pid}/mounts r,
|
|
|
|
@{sys}/fs/cgroup/{,**} r,
|
|
|
|
/usr/share/glib-2.0/schemas/gschemas.compiled r,
|
|
|
|
include <abstractions/dconf>
|
|
owner @{run}/user/@{uid}/dconf/ rw,
|
|
owner @{run}/user/@{uid}/dconf/user rw,
|
|
|
|
|
|
profile open {
|
|
include <abstractions/base>
|
|
include <abstractions/xdg-open>
|
|
|
|
/{usr/,}bin/xdg-open mr,
|
|
|
|
/{usr/,}bin/{,ba,da}sh rix,
|
|
/{usr/,}bin/gawk rix,
|
|
/{usr/,}bin/readlink rix,
|
|
/{usr/,}bin/basename rix,
|
|
|
|
owner @{HOME}/ r,
|
|
|
|
owner @{run}/user/@{uid}/ r,
|
|
|
|
# Allowed apps to open
|
|
#/{usr/,}lib/firefox/firefox rPx,
|
|
/{usr/,}bin/smplayer rPx,
|
|
/{usr/,}bin/geany rPx,
|
|
/{usr/,}bin/viewnior rPUx,
|
|
|
|
# file_inherit
|
|
owner @{HOME}/.xsession-errors w,
|
|
|
|
}
|
|
|
|
include if exists <local/czkawka-gui>
|
|
}
|