From 20928c61adb680a5ff8a3bf4ccd037e6cfeb6fc2 Mon Sep 17 00:00:00 2001
From: Wolfgang Wiedmeyer <wolfgit@wiedmeyer.de>
Date: Sat, 9 Jan 2016 19:41:57 +0100
Subject: add apparmor profile for scudcloud

Signed-off-by: Wolfgang Wiedmeyer <wolfgit@wiedmeyer.de>
---
 apparmor-profiles/opt.scudcloud.scudcloud | 76 +++++++++++++++++++++++++++++++
 1 file changed, 76 insertions(+)
 create mode 100644 apparmor-profiles/opt.scudcloud.scudcloud

(limited to 'apparmor-profiles/opt.scudcloud.scudcloud')

diff --git a/apparmor-profiles/opt.scudcloud.scudcloud b/apparmor-profiles/opt.scudcloud.scudcloud
new file mode 100644
index 0000000..135194c
--- /dev/null
+++ b/apparmor-profiles/opt.scudcloud.scudcloud
@@ -0,0 +1,76 @@
+# Last Modified: Sat Nov 14 17:12:20 2015
+#include <tunables/global>
+
+/opt/scudcloud/scudcloud {
+  #include <abstractions/base>
+  #include <abstractions/gnome>
+  #include <abstractions/kde>
+  #include <abstractions/nameservice>
+  #include <abstractions/fonts>
+  #include <abstractions/audio>
+  #include <abstractions/cups-client>
+  #include <abstractions/dbus-session>
+  #include <abstractions/ibus>
+
+  /opt/scudcloud/ r,
+  /opt/scudcloud/** r,
+  "/usr/bin/env python3" ix,
+  /usr/bin/python3.4 ix,
+
+  @{PROC}/[0-9]*/cmdline r,
+
+  #/etc/localtime r,
+  /etc/fstab r,
+  #/etc/resolv.conf r,
+  #/etc/hosts r,
+  #/etc/host.conf r,
+  #/etc/gai.conf r,
+  #/etc/fonts/** r,
+  #/etc/ssl/certs/ r,
+  #/etc/nsswitch.conf r,
+ 
+  /usr/bin/xdg-open rix,
+  /usr/bin/xprop rix,
+  /bin/grep rix,
+  /bin/egrep rix,
+  /usr/bin/dbus-send rix,
+  /usr/bin/xdg-mime rix,
+  /usr/lib/iceweasel/iceweasel px,
+
+  /usr/share/** r,
+  #/usr/share/icons/ r,
+  /usr/share/icons/** rk,
+  #/usr/share/ca-certificates/mozilla/** r,
+  /usr/local/lib/python*/dist-packages/ r,
+  /usr/local/lib/python*/dist-packages/** rm,
+  /usr/lib/python*/** rm,
+  #/usr/share/fonts/** r,
+  #/usr/share/fontconfig/** r,
+  #/usr/share/hunspell/** r,
+  #/usr/share/texmf/fonts/** r,
+  #/usr/local/share/fonts/ r,
+  #/usr/local/share/fonts/** r,
+  /usr/local/share/** r,
+
+  /var/cache/fontconfig/** r,
+
+  owner /tmp/** rwm,
+  #owner /tmp/*.png rw,
+  #/tmp/.X[0-9]*-lock r,
+
+  #owner @{HOME}/ r,
+  #owner @{HOME}/.gtk-bookmarks r,
+  owner @{HOME}/.config/gtk-3.0/bookmarks r,
+  #owner @{HOME}/.config/gtk-2.0/gtkfilechooser.ini r,
+  owner @{HOME}/.config/scudcloud/ r,
+  owner @{HOME}/.config/scudcloud/** rwk,
+  #owner @{HOME}/.gtkrc-2.0 r,
+  #owner @{HOME}/.Xauthority r,
+  #owner @{HOME}/.config/Trolltech.conf rk,
+  owner @{HOME}/.cache/gstreamer-1.0/** r,
+
+  owner @{HOME}/Öffentlich/ r,
+  owner @{HOME}/Öffentlich/** r,
+  owner /mnt/virtual/wolfi/Öffentlich/ r,
+  owner /mnt/virtual/wolfi/Öffentlich/** r,
+}
-- 
cgit v1.1