mirror of
https://gitlab.com/apparmor/apparmor.git
synced 2025-03-08 18:31:03 +01:00
51 lines
1.4 KiB
Text
51 lines
1.4 KiB
Text
# vim:syntax=apparmor
|
|
# Users of this abstraction need to include the ubuntu-helpers abstraction
|
|
# in the toplevel profile. Eg:
|
|
# include <abstractions/ubuntu-helpers>
|
|
|
|
abi <abi/3.0>,
|
|
|
|
include <abstractions/X>
|
|
|
|
# Pulseaudio
|
|
/usr/bin/pulseaudio Pixr,
|
|
|
|
# Image viewers
|
|
/usr/bin/eog Cxr -> sanitized_helper,
|
|
/usr/bin/gimp* Cxr -> sanitized_helper,
|
|
/usr/bin/shotwell Cxr -> sanitized_helper,
|
|
/usr/bin/digikam Cxr -> sanitized_helper,
|
|
/usr/bin/gwenview Cxr -> sanitized_helper,
|
|
|
|
include <abstractions/ubuntu-media-players>
|
|
owner @{HOME}/.adobe/ w,
|
|
owner @{HOME}/.adobe/** rw,
|
|
owner @{HOME}/.macromedia/ w,
|
|
owner @{HOME}/.macromedia/** rw,
|
|
/opt/real/RealPlayer/mozilla/nphelix.so rm,
|
|
/usr/bin/lpstat Cxr -> sanitized_helper,
|
|
/usr/bin/lpr Cxr -> sanitized_helper,
|
|
|
|
# Bittorrent clients
|
|
include <abstractions/ubuntu-bittorrent-clients>
|
|
|
|
# Archivers
|
|
/usr/bin/ark Cxr -> sanitized_helper,
|
|
/usr/bin/file-roller Cxr -> sanitized_helper,
|
|
/usr/bin/xarchiver Cxr -> sanitized_helper,
|
|
/usr/local/lib{,32,64}/*.so* mr,
|
|
|
|
# News feed readers
|
|
include <abstractions/ubuntu-feed-readers>
|
|
|
|
# If we allow the above, nvidia based systems will also need this
|
|
include <abstractions/nvidia>
|
|
|
|
# Virus scanners
|
|
/usr/bin/clamscan Cx -> sanitized_helper,
|
|
|
|
# gxine (LP: #1057642)
|
|
/var/lib/xine/gxine.desktop r,
|
|
|
|
# For WebRTC camera access (LP: #1665535)
|
|
/dev/video[0-9]* rw,
|