mirrors/apparmor
1
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor.git synced 2025-03-06 09:21:00 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
apparmor/profiles/apparmor.d/abstractions
History
Alex Murray cd91492d53
abstraction/exo-open: Remove dbus deny rule 
Abstractions should not generally include deny rules as this can unduly
constrain profiles which include them due to the precedent matching rules
between deny vs allow rules. Also as per the comment, this is not required
for exo-open to work, so simply omit it from the abstraction for
now. Finally, in Ubuntu, the evince profile includes the exo-open
abstraction and this deny rule causes evince to fail to initialise
correctly as it then assumes it cannot use gvfs.

Signed-off-by: Alex Murray <alex.murray@canonical.com>
2022-06-15 14:54:19 +09:30
..
apparmor_api [7/7] abstractions: Make "available" readable as part of the enabled api 2021-07-21 14:31:44 -07:00
ubuntu-browsers.d add new path for kwallet (used in KDE 5) 2021-02-07 14:19:46 +01:00
apache2-common Update apache2-common so that other processes can trace the hats that include this file. The main includes abstractions/base which has these lines in it, which is why ss -tnlp sometimes fails. 2022-02-17 07:57:55 +00:00
aspell abstractions: remove '#' from 'include if exists' 2020-05-30 19:53:49 +02:00
audio abstractions: remove '#' from 'include if exists' 2020-05-30 19:53:49 +02:00
authentication Allow reading /etc/login.defs.d/ in abstraction/authentication 2021-07-15 13:04:44 +02:00
base move @{PROC}/sys/crypto/* permissions from base to crypto 2021-07-13 21:56:29 +02:00
bash abstractions: remove '#' from 'include if exists' 2020-05-30 19:53:49 +02:00
consoles abstractions: remove '#' from 'include if exists' 2020-05-30 19:53:49 +02:00
crypto move @{PROC}/sys/crypto/fips_enabled r, rule 2021-07-13 21:56:29 +02:00
cups-client abstractions: remove '#' from 'include if exists' 2020-05-30 19:53:49 +02:00
dbus Change #include to include in abstractions and tunables 2020-06-09 23:28:41 +02:00
dbus-accessibility Change #include to include in abstractions and tunables 2020-06-09 23:28:41 +02:00
dbus-accessibility-strict abstractions: remove '#' from 'include if exists' 2020-05-30 19:53:49 +02:00
dbus-network-manager-strict abstractions: remove '#' from 'include if exists' 2020-05-30 19:53:49 +02:00
dbus-session Change #include to include in abstractions and tunables 2020-06-09 23:28:41 +02:00
dbus-session-strict abstractions: remove '#' from 'include if exists' 2020-05-30 19:53:49 +02:00
dbus-strict abstractions: remove '#' from 'include if exists' 2020-05-30 19:53:49 +02:00
dconf abstractions: remove '#' from 'include if exists' 2020-05-30 19:53:49 +02:00
dovecot-common abstractions: remove '#' from 'include if exists' 2020-05-30 19:53:49 +02:00
dri-common abstractions: remove '#' from 'include if exists' 2020-05-30 19:53:49 +02:00
dri-enumerate abstractions: remove '#' from 'include if exists' 2020-05-30 19:53:49 +02:00
enchant Support libenchant-2-2 2020-06-17 09:20:25 +02:00
exo-open abstraction/exo-open: Remove dbus deny rule 2022-06-15 14:54:19 +09:30
fcitx Change #include to include in abstractions and tunables 2020-06-09 23:28:41 +02:00
fcitx-strict Change #include to include in abstractions and tunables 2020-06-09 23:28:41 +02:00
fonts Add Fontmatrix to abstractions/fonts 2020-10-14 19:45:23 -06:00
freedesktop.org abstractions: remove '#' from 'include if exists' 2020-05-30 19:53:49 +02:00
gio-open Change #include to include in abstractions and tunables 2020-06-09 23:28:41 +02:00
gnome abstractions/gnome: allow /usr/share/gtk-3.0/settings.ini 2020-08-18 12:28:53 +02:00
gnupg abstractions: remove '#' from 'include if exists' 2020-05-30 19:53:49 +02:00
gtk GTK abstraction: add support for gtk4. 2022-02-22 19:34:59 +00:00
gvfs-open Change #include to include in abstractions and tunables 2020-06-09 23:28:41 +02:00
hosts_access profiles: Add a hosts_access abstraction 2020-09-01 19:39:59 -07:00
ibus Allow access to socket directory used by recent ibus-daemon 2022-02-12 08:38:23 +00:00
kde Change #include to include in abstractions and tunables 2020-06-09 23:28:41 +02:00
kde-globals-write abstractions: remove '#' from 'include if exists' 2020-05-30 19:53:49 +02:00
kde-icon-cache-write abstractions: remove '#' from 'include if exists' 2020-05-30 19:53:49 +02:00
kde-language-write abstractions: remove '#' from 'include if exists' 2020-05-30 19:53:49 +02:00
kde-open5 treewide: spelling/typo fixes in comments and docs 2020-12-01 12:47:11 -08:00
kerberosclient abstractions: remove '#' from 'include if exists' 2020-05-30 19:53:49 +02:00
ldapclient Change #include to include in abstractions and tunables 2020-06-09 23:28:41 +02:00
libpam-systemd Change #include to include in abstractions and tunables 2020-06-09 23:28:41 +02:00
likewise abstractions: remove '#' from 'include if exists' 2020-05-30 19:53:49 +02:00
mdns abstractions: remove '#' from 'include if exists' 2020-05-30 19:53:49 +02:00
mesa Update for the mesa abstraction 2022-04-29 22:58:37 +02:00
mir abstractions: remove '#' from 'include if exists' 2020-05-30 19:53:49 +02:00
mozc abstractions: remove '#' from 'include if exists' 2020-05-30 19:53:49 +02:00
mysql abstractions: remove '#' from 'include if exists' 2020-05-30 19:53:49 +02:00
nameservice Convert abstractions from /{usr/,}etc/ to @{etc_ro} 2020-07-23 20:51:25 +02:00
nis abstractions: remove '#' from 'include if exists' 2020-05-30 19:53:49 +02:00
nss-systemd abstractions/nss-systemd: Allow access for systemd-machined names 2022-03-10 11:57:13 +10:30
nvidia abstractions: remove '#' from 'include if exists' 2020-05-30 19:53:49 +02:00
opencl Change #include to include in abstractions and tunables 2020-06-09 23:28:41 +02:00
opencl-common abstractions: remove '#' from 'include if exists' 2020-05-30 19:53:49 +02:00
opencl-intel Change #include to include in abstractions and tunables 2020-06-09 23:28:41 +02:00
opencl-mesa Change #include to include in abstractions and tunables 2020-06-09 23:28:41 +02:00
opencl-nvidia Change #include to include in abstractions and tunables 2020-06-09 23:28:41 +02:00
opencl-pocl Change #include to include in abstractions and tunables 2020-06-09 23:28:41 +02:00
openssl abstractions/openssl: allow /etc/ssl/{engdef,engines}.d/ 2021-12-19 22:36:05 +01:00
orbit2 abstractions: remove '#' from 'include if exists' 2020-05-30 19:53:49 +02:00
p11-kit abstractions: remove '#' from 'include if exists' 2020-05-30 19:53:49 +02:00
perl abstractions: remove '#' from 'include if exists' 2020-05-30 19:53:49 +02:00
php Allow reading all of /etc/php[578]/** in abstractions/php 2022-04-18 20:52:39 +02:00
php-worker php-fpm: fix profile name in php-worker 2020-09-06 05:26:45 -06:00
php5 Change #include to include in abstractions and tunables 2020-06-09 23:28:41 +02:00
postfix-common postfix: allow access to *.lmdb files 2021-03-07 14:33:49 +01:00
private-files abstractions: remove '#' from 'include if exists' 2020-05-30 19:53:49 +02:00
private-files-strict add new path for kwallet (used in KDE 5) 2021-02-07 14:19:46 +01:00
python abstractions/python: add several permissions 2021-12-04 20:54:52 +01:00
qt5 abstractions: remove '#' from 'include if exists' 2020-05-30 19:53:49 +02:00
qt5-compose-cache-write abstractions: remove '#' from 'include if exists' 2020-05-30 19:53:49 +02:00
qt5-settings-write abstractions: remove '#' from 'include if exists' 2020-05-30 19:53:49 +02:00
recent-documents-write abstractions: remove '#' from 'include if exists' 2020-05-30 19:53:49 +02:00
ruby abstractions: remove '#' from 'include if exists' 2020-05-30 19:53:49 +02:00
samba profiles/apparmor.d/abstraction: Squash noisey setsockopt calls. 2022-03-31 12:23:00 +01:00
samba-rpcd profiles/apparmor.d: Add new profiles needed for samba-4.16 2022-04-15 12:10:07 +01:00
smbpass abstractions: remove '#' from 'include if exists' 2020-05-30 19:53:49 +02:00
snap_browsers profiles: update snap_browsers permissions 2022-04-18 21:18:26 -03:00
ssl_certs abstractions/ssh_certs: extend pki/trust directories 2022-03-22 12:36:42 +01:00
ssl_keys abstractions: remove '#' from 'include if exists' 2020-05-30 19:53:49 +02:00
svn-repositories treewide: spelling/typo fixes in comments and docs 2020-12-01 12:47:11 -08:00
trash abstractions: Add trash abstraction 2021-04-21 13:01:43 -07:00
ubuntu-bittorrent-clients Change #include to include in abstractions and tunables 2020-06-09 23:28:41 +02:00
ubuntu-browsers Adjust to support brave in ubuntu abstractions 2020-10-25 09:53:44 +00:00
ubuntu-console-browsers Change #include to include in abstractions and tunables 2020-06-09 23:28:41 +02:00
ubuntu-console-email Change #include to include in abstractions and tunables 2020-06-09 23:28:41 +02:00
ubuntu-email Change #include to include in abstractions and tunables 2020-06-09 23:28:41 +02:00
ubuntu-feed-readers Change #include to include in abstractions and tunables 2020-06-09 23:28:41 +02:00
ubuntu-gnome-terminal Change #include to include in abstractions and tunables 2020-06-09 23:28:41 +02:00
ubuntu-helpers Fix: Opening links with Chrome 2022-02-03 09:42:36 -03:00
ubuntu-konsole Change #include to include in abstractions and tunables 2020-06-09 23:28:41 +02:00
ubuntu-media-players Change #include to include in abstractions and tunables 2020-06-09 23:28:41 +02:00
ubuntu-unity7-base Change #include to include in abstractions and tunables 2020-06-09 23:28:41 +02:00
ubuntu-unity7-launcher abstractions: remove '#' from 'include if exists' 2020-05-30 19:53:49 +02:00
ubuntu-unity7-messaging abstractions: remove '#' from 'include if exists' 2020-05-30 19:53:49 +02:00
ubuntu-xterm Change #include to include in abstractions and tunables 2020-06-09 23:28:41 +02:00
user-download abstractions: remove '#' from 'include if exists' 2020-05-30 19:53:49 +02:00
user-mail abstractions: remove '#' from 'include if exists' 2020-05-30 19:53:49 +02:00
user-manpages abstractions: remove '#' from 'include if exists' 2020-05-30 19:53:49 +02:00
user-tmp abstractions: remove '#' from 'include if exists' 2020-05-30 19:53:49 +02:00
user-write abstractions: remove '#' from 'include if exists' 2020-05-30 19:53:49 +02:00
video add a missing slash at the end of the sys rule 2021-08-20 00:38:14 +02:00
vulkan abstractions: remove '#' from 'include if exists' 2020-05-30 19:53:49 +02:00
wayland abstractions: Fix wayland abstraction for compositors based on wlroots 2021-03-15 05:54:39 -07:00
web-data abstractions: remove '#' from 'include if exists' 2020-05-30 19:53:49 +02:00
winbind abstractions: remove '#' from 'include if exists' 2020-05-30 19:53:49 +02:00
wutmp abstractions: Add missing rule in wutmp abstraction 2021-03-14 11:50:43 -07:00
X abstractions/X: Allow (only) reading X compose cache 2020-11-16 20:42:00 +01:00
xad abstractions: remove '#' from 'include if exists' 2020-05-30 19:53:49 +02:00
xdg-desktop abstractions: remove '#' from 'include if exists' 2020-05-30 19:53:49 +02:00
xdg-open treewide: spelling/typo fixes in comments and docs 2020-12-01 12:47:11 -08:00