mirror of
https://gitlab.com/apparmor/apparmor.git
synced 2025-03-04 08:24:42 +01:00
Merge changes from trunk -- almost entirely additions to abstractions, a
perl multiarch change to logprof.conf and new perl severity entries. intrigeri@boum.org 2014-09-10 Cherry-pick r2671 from master. intrigeri@boum.org 2014-09-10 Cherry-pick r2387 from master. intrigeri@boum.org 2014-09-10 Cherry-pick r2610 from master. intrigeri@boum.org 2014-09-10 Cherry-pick r2506 from master. intrigeri@boum.org 2014-09-10 Cherry-pick r2592 from master. intrigeri@boum.org 2014-09-10 Cherry-pick r2353 from master. intrigeri@boum.org 2014-09-10 Cherry-pick r2294 from master. intrigeri@boum.org 2014-09-10 Cherry-pick r2593 from master. intrigeri@boum.org 2014-09-10 Cherry-pick r2590 from master. intrigeri@boum.org 2014-09-10 Cherry-pick r2522 from master. intrigeri@boum.org 2014-09-10 Cherry-pick r2369 from master. intrigeri@boum.org 2014-09-10 Cherry-pick r2246 from master.
This commit is contained in:
Seth Arnold
commit
766485972a
11 changed files with 35 additions and 15 deletions
|
|
@ -68,3 +68,6 @@ owner /tmp/pulse-*/* rw,
|
|||
# openal
|
||||
/etc/openal/alsoft.conf r,
|
||||
owner @{HOME}/.alsoftrc r,
|
||||
|
||||
# wildmidi
|
||||
/etc/wildmidi/wildmidi.cfg r,
|
||||
|
|
|
|||
|
|
@ -30,6 +30,7 @@
|
|||
owner @{HOME}/.recently-used.xbel* rw,
|
||||
owner @{HOME}/.local/share/recently-used.xbel* rw,
|
||||
owner @{HOME}/.config/user-dirs.dirs r,
|
||||
owner @{HOME}/.local/share/applications/ r,
|
||||
owner @{HOME}/.local/share/applications/*.desktop r,
|
||||
owner @{HOME}/.local/share/applications/defaults.list r,
|
||||
owner @{HOME}/.local/share/applications/mimeapps.list r,
|
||||
|
|
|
|||
|
|
@ -21,6 +21,7 @@
|
|||
/etc/gtk/* r,
|
||||
/usr/lib{,32,64}/gtk/** mr,
|
||||
/usr/lib/@{multiarch}/gtk/** mr,
|
||||
/usr/share/themes/ r,
|
||||
/usr/share/themes/** r,
|
||||
|
||||
# for gnome 1 applications
|
||||
|
|
@ -82,4 +83,5 @@
|
|||
|
||||
# mime-types
|
||||
/etc/gnome/defaults.list r,
|
||||
/usr/share/gnome/applications/ r,
|
||||
/usr/share/gnome/applications/mimeinfo.cache r,
|
||||
|
|
|
|||
|
|
@ -22,6 +22,7 @@
|
|||
/etc/kderc r,
|
||||
/etc/kde3/* r,
|
||||
/etc/kde4rc r,
|
||||
/etc/xdg/Trolltech.conf r,
|
||||
|
||||
@{HOME}/.DCOPserver_* r,
|
||||
@{HOME}/.ICEauthority r,
|
||||
|
|
|
|||
|
|
@ -9,7 +9,7 @@
|
|||
#
|
||||
# ------------------------------------------------------------------
|
||||
|
||||
/var/lib/mysql/mysql.sock rw,
|
||||
/{var/,}run/mysql/mysql.sock rw,
|
||||
/var/lib/mysql{,d}/mysql{,d}.sock rw,
|
||||
/{var/,}run/mysql{,d}/mysql{,d}.sock rw,
|
||||
/usr/share/{mysql,mysql-community-server,mariadb}/charsets/ r,
|
||||
/usr/share/{mysql,mysql-community-server,mariadb}/charsets/*.xml r,
|
||||
|
|
|
|||
|
|
@ -21,6 +21,11 @@
|
|||
/etc/passwd r,
|
||||
/etc/protocols r,
|
||||
|
||||
# When using libnss-extrausers, the passwd and group files are merged from
|
||||
# an alternate path
|
||||
/var/lib/extrausers/group r,
|
||||
/var/lib/extrausers/passwd r,
|
||||
|
||||
/etc/resolv.conf r,
|
||||
# on systems using resolvconf, /etc/resolv.conf is a symlink to
|
||||
# /{,var/}run/resolvconf/resolv.conf and a file sometimes referenced in
|
||||
|
|
@ -50,7 +55,7 @@
|
|||
/etc/default/nss r,
|
||||
|
||||
# avahi-daemon is used for mdns4 resolution
|
||||
/{,var/}run/avahi-daemon/socket w,
|
||||
/{,var/}run/avahi-daemon/socket rw,
|
||||
|
||||
# nis
|
||||
#include <abstractions/nis>
|
||||
|
|
|
|||
|
|
@ -10,4 +10,5 @@
|
|||
|
||||
/etc/ssl/openssl.cnf r,
|
||||
/usr/share/ssl/openssl.cnf r,
|
||||
@{PROC}/sys/crypto/fips_enabled r,
|
||||
|
||||
|
|
|
|||
|
|
@ -15,6 +15,8 @@
|
|||
|
||||
/usr/lib{,32,64}/perl5/** r,
|
||||
/usr/lib{,32,64}/perl{,5}/**.so* mr,
|
||||
/usr/lib/@{multiarch}/perl{,5}/** r,
|
||||
/usr/lib/@{multiarch}/perl{,5}/[0-9]*/**.so* mr,
|
||||
|
||||
/usr/share/perl/** r,
|
||||
/usr/share/perl5/** r,
|
||||
|
|
|
|||
|
|
@ -10,28 +10,28 @@
|
|||
#
|
||||
# ------------------------------------------------------------------
|
||||
|
||||
/usr/lib{,32,64}/python2.[4567]/**.{pyc,so} mr,
|
||||
/usr/lib{,32,64}/python2.[4567]/**.{egg,py,pth} r,
|
||||
/usr/lib{,32,64}/python2.[4567]/{site,dist}-packages/ r,
|
||||
/usr/lib{,32,64}/python{2,3}.[34567]/**.{pyc,so} mr,
|
||||
/usr/lib{,32,64}/python{2,3}.[34567]/**.{egg,py,pth} r,
|
||||
/usr/lib{,32,64}/python{2,3}.[34567]/{site,dist}-packages/ r,
|
||||
/usr/lib{,32,64}/python3.[234]/lib-dynload/*.so mr,
|
||||
|
||||
/usr/local/lib{,32,64}/python2.[4567]/**.{pyc,so} mr,
|
||||
/usr/local/lib{,32,64}/python2.[4567]/**.{egg,py,pth} r,
|
||||
/usr/local/lib{,32,64}/python2.[4567]/{site,dist}-packages/ r,
|
||||
/usr/local/lib{,32,64}/python{2,3}.[34567]/**.{pyc,so} mr,
|
||||
/usr/local/lib{,32,64}/python{2,3}.[34567]/**.{egg,py,pth} r,
|
||||
/usr/local/lib{,32,64}/python{2,3}.[34567]/{site,dist}-packages/ r,
|
||||
/usr/local/lib{,32,64}/python3.[234]/lib-dynload/*.so mr,
|
||||
|
||||
# Site-wide configuration
|
||||
/etc/python2.[4567]/** r,
|
||||
/etc/python{2,3}.[34567]/** r,
|
||||
|
||||
# shared python paths
|
||||
/usr/share/{pyshared,pycentral,python-support}/** r,
|
||||
/{var,usr}/lib/{pyshared,pycentral,python-support}/** r,
|
||||
/usr/lib/{pyshared,pycentral,python-support}/**.so mr,
|
||||
/var/lib/{pyshared,pycentral,python-support}/**.pyc mr,
|
||||
/usr/lib/python3/dist-packages/**.so mr,
|
||||
|
||||
# wx paths
|
||||
/usr/lib/wx/python/*.pth r,
|
||||
|
||||
# python build configuration and headers
|
||||
/usr/include/python{2,3}.[0-7]*/pyconfig.h r,
|
||||
|
||||
# python setup script used by apport
|
||||
/etc/python{2,3}.[0-7]*/sitecustomize.py r,
|
||||
|
|
|
|||
|
|
@ -1,6 +1,7 @@
|
|||
# ------------------------------------------------------------------
|
||||
#
|
||||
# Copyright (C) 2004-2006 Novell/SUSE
|
||||
# Copyright (C) 2014 Canonical Ltd.
|
||||
#
|
||||
# This program is free software; you can redistribute it and/or
|
||||
# modify it under the terms of version 2 of the GNU General Public
|
||||
|
|
@ -105,6 +106,7 @@
|
|||
|
||||
# if they use any perl modules, grant access to all
|
||||
^/usr/lib/perl5/.+$ = /usr/lib/perl5/**
|
||||
^/usr/lib/[^\/]+/perl5?/.+$ = /usr/lib/@{multiarch}/perl{,5}/**
|
||||
|
||||
# locale foo
|
||||
^/usr/lib/locale/.+$ = /usr/lib/locale/**
|
||||
|
|
|
|||
|
|
@ -1,6 +1,7 @@
|
|||
# ------------------------------------------------------------------
|
||||
#
|
||||
# Copyright (C) 2002-2005 Novell/SUSE
|
||||
# Copyright (C) 2014 Canonical Ltd.
|
||||
#
|
||||
# This program is free software; you can redistribute it and/or
|
||||
# modify it under the terms of version 2 of the GNU General Public
|
||||
|
|
@ -231,6 +232,8 @@
|
|||
/usr/lib/lib*so* 3 8 4
|
||||
/usr/lib/iptables/* 2 8 2
|
||||
/usr/lib/perl5/** 4 10 6
|
||||
/usr/lib/*/perl/** 4 10 6
|
||||
/usr/lib/*/perl5/** 4 10 6
|
||||
/usr/lib/gconv/* 4 7 4
|
||||
/usr/lib/locale/** 4 8 0
|
||||
/usr/lib/jvm/** 5 7 5
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue