mirrors/apparmor.d
1
0
Fork 0
mirror of https://github.com/roddhjav/apparmor.d.git synced 2025-01-31 23:35:03 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
apparmor.d/apparmor.d/abstractions/kde5-plasma5
Alexandre Pujol 3734e5aedf
Add include if exists abstractions *.d
2021-04-12 19:59:04 +01:00

62 lines
No EOL
2.3 KiB
Text
Raw Blame History

# apparmor.d - Full set of apparmor profiles
# Copyright (C) 2018-2021 Mikhail Morfikov
# SPDX-License-Identifier: GPL-2.0-only
abi <abi/3.0>,
include <abstractions/thumbnails-cache-read>
# KDE/Plasma5 themes
#/{usr/,}lib/@{multiarch}/qt5/plugins/platformthemes/KDEPlasmaPlatformTheme.so mr,
#/{usr/,}lib/@{multiarch}/qt5/plugins/styles/breeze.so mr,
#/usr/share/plasma/look-and-feel/** r,
#/usr/share/color-schemes/*.colors r,
#/usr/share/kservices5/{,**/} r,
#/usr/share/kservices5/*.protocol r,
#/usr/share/knotifications5/plasma_workspace.notifyrc r,
# For app config (in order to work the KDE_APP_NAME variable has to be set in profile which
# includes this abstraction)
#owner @{user_config_dirs}/#[0-9]*[0-9] rwk,
#owner @{user_config_dirs}/@{KDE_APP_NAME}rc* rwlk -> @{user_config_dirs}/#[0-9]*[0-9],
#owner @{run}/user/[0-9]*/#[0-9]*[0-9] rw,
#owner @{run}/user/[0-9]*/@{KDE_APP_NAME}*.slave-socket rwl -> @{run}/user/[0-9]*/#[0-9]*[0-9],
# Common KDE config files
#owner @{user_config_dirs}/#[0-9]*[0-9] rw,
#owner @{user_config_dirs}/kdeglobals* rwkl -> @{user_config_dirs}/#[0-9]*[0-9],
#owner @{user_config_dirs}/baloofilerc r,
#owner @{user_config_dirs}/dolphinrc r,
#owner @{user_config_dirs}/trashrc r,
#owner @{user_config_dirs}/knfsshare r,
#owner /**/.directory r,
# For bookmarks
#/{usr/,}bin/keditbookmarks rPUx,
#owner @{user_share_dirs}/kfile/ rw,
#owner @{user_share_dirs}/kfile/#[0-9]*[0-9] rw,
#owner @{user_share_dirs}/kfile/bookmarks.xml* rwl -> @{user_share_dirs}/kfile/#[0-9]*[0-9],
# Common cache files
#owner @{user_cache_dirs}/icon-cache.kcache rw,
#owner @{user_cache_dirs}/ksycoca5_* r,
# Think what to do about this #FIXME#
# It seems when a QT app is started in Plasma5/KDE5 environment it also wants the following.
include <abstractions/recent-documents-write>
#signal (send) set=(term, kill) peer=unconfined,
#deny @{sys}/bus/ r,
#deny @{sys}/bus/usb/devices/ r,
#deny @{sys}/class/ r,
#deny @{run}/udev/data/b8:[0-9]* r, # for /dev/sda1 , etc.
#deny @{run}/udev/data/c189:[0-9]* r, # for /dev/bus/usb/001/001 , etc.
#deny @{run}/udev/data/+usb:* r, #
#/etc/exports r,
#/etc/xdg/menus/ r,
#/usr/share/mime/ r,
#owner @{user_config_dirs}/menus/ r,
#owner @{user_config_dirs}/menus/applications-merged/ r,
include if exists <abstractions/kde5-plasma5.d>
Reference in a new issue View git blame Copy permalink