Instead of denying everything here, enumerate just the bits that are required
and also deny access to display devices since that is not actually needed by
rygel itself.
Signed-off-by: Alex Murray <alex.murray@canonical.com>
mx-extract also uses these parts of gstreamer so allow it as well as for the
main rygel profile.
Signed-off-by: Alex Murray <alex.murray@canonical.com>
This allows access to the freedesktop.org mime info amongst others which is
needed for rygel mx-extract to index files etc.
Signed-off-by: Alex Murray <alex.murray@canonical.com>
It turns out we need to allow /dev/null for fd inheritance and /dev for reading
plus /dev/urandom, all of which are quite safe.
Signed-off-by: Alex Murray <alex.murray@canonical.com>
gst-plugin-scanner wants to try and scan hardware devices but since rygel itself
doesn't actually use or need any access to such devices the access to these can
be denied and any log spam silenced via an explicit denial rule.
Signed-off-by: Alex Murray <alex.murray@canonical.com>
Allow more easy customisation of the paths allowed to rygel by introducing a
tunable which provides the @{rygel_media_dirs} variable and an example
site-local file to show how this can be easily extended. Essentially this
follows the same logic as the home tunable with @{HOME}.
Signed-off-by: Alex Murray <alex.murray@canonical.com>
