jgdye
/
samwiseetc
1
0
Fork 0
Code Issues Pull Requests Releases Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'a683285a94'
${ noResults }
samwiseetc/apparmor.d/abstractions/gnome

112 lines
3.5 KiB
Plaintext
Raw Normal View History Unescape Escape

Initial recommit
2 years ago
# vim:syntax=apparmor
# ------------------------------------------------------------------
#
# Copyright (C) 2002-2009 Novell/SUSE
# Copyright (C) 2009-2011 Canonical Ltd.
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of version 2 of the GNU General Public
# License published by the Free Software Foundation.
#
# ------------------------------------------------------------------
#include <abstractions/base>
#include <abstractions/fonts>
#include <abstractions/X>
#include <abstractions/freedesktop.org>
#include <abstractions/xdg-desktop>
#include <abstractions/user-tmp>
#include <abstractions/wayland>
# systemwide gtk defaults
/etc/gnome/gtkrc* r,
/etc/gtk/* r,
/usr/lib{,32,64}/gtk/** mr,
/usr/lib/@{multiarch}/gtk/** mr,
/usr/lib{,32,64}/gtk-[0-9]*/** mr,
/usr/lib/@{multiarch}/gtk-[0-9]*/** mr,
/usr/share/themes/ r,
/usr/share/themes/** r,
/usr/share/gtk-3.0/settings.ini r,
# for gnome 1 applications
/etc/orbitrc r,
# gtk-2 needed some new rights
/etc/fonts/* r,
/etc/gtk-*/* r,
/etc/pango/* r,
/usr/lib{,32,64}/pango/** mr,
/usr/lib{,32,64}/gtk-*/** mr,
/usr/lib{,32,64}/gdk-pixbuf-*/** mr,
/usr/lib/@{multiarch}/pango/** mr,
/usr/lib/@{multiarch}/gtk-*/** mr,
/usr/lib/@{multiarch}/gdk-pixbuf-*/** mr,
# per-user gtk configuration
owner @{HOME}/.config/gtk-3.0/ w,
owner @{HOME}/.config/gtk-3.0/* r,
owner @{HOME}/.gnome/Gnome r,
owner @{HOME}/.gtk r,
owner @{HOME}/.gtkrc r,
owner @{HOME}/.gtkrc-2.0 r,
owner @{HOME}/.gtk-bookmarks r,
owner @{HOME}/.themes/ r,
owner @{HOME}/.themes/** r,
owner @{user_share_dirs}/themes/ r,
owner @{user_share_dirs}/themes/** r,
# for gtk file dialog
owner @{HOME}/.config/gtk-2.0/ w,
owner @{HOME}/.config/gtk-2.0/** r,
owner @{HOME}/.config/gtk-2.0/gtkfilechooser.ini* rw,
# from evolution-mail
owner @{HOME}/.gconfd/lock/* r,
owner @{HOME}/.gnome/application-info r,
# per-user font business
owner @{HOME}/.fonts.cache-* rwl,
# GtkComposeTable
owner @{HOME}/.cache/gtk-3.0/** r,
# icon caches
/var/cache/**/icon-theme.cache r,
/usr/share/**/icon-theme.cache r,
# GLib schemas
/usr/{local/,}share/glib-[0-9]*/schemas/ r,
/usr/{local/,}share/glib-[0-9]*/schemas/** r,
# gnome VFS modules
/etc/gnome-vfs-2.0/modules/ r,
/etc/gnome-vfs-2.0/modules/* r,
/usr/lib/gnome-vfs-2.0/modules/*.so mr,
/usr/lib/@{multiarch}/gnome-vfs-2.0/modules/*.so mr,
# gvfs
/usr/share/gvfs/remote-volume-monitors/ r,
/usr/share/gvfs/remote-volume-monitors/* r,
@{PROC}/@{pid}/mounts r,
/run/mount/utab r,
# printing
/etc/papersize r,
/etc/cups/lpoptions r,
/usr/share/cups/charmaps/** r,
# holds MIT-MAGIC-COOKIE for gnome
owner /{,var/}run/gdm/auth*/database r,
# mime-types
/etc/gnome/defaults.list r,
/etc/xdg/{,*-}mimeapps.list r,
/usr/share/gnome/applications/ r,
/usr/share/gnome/applications/mimeinfo.cache r,
# Allow connecting to the GNOME vfs socket (still need corresponding DBus
# rules)
unix (send, receive, connect)
type=stream
peer=(addr="@/dbus-vfs-daemon/socket-*"),