logo

apparmor.d

Unnamed repository; edit this file 'description' to name the repository. git clone https://hacktivis.me/git/apparmor.d.git

ubuntu-unity7-base (2558B)

    

  1. # vim:syntax=apparmor
  2. # ------------------------------------------------------------------
  3. #
  4. #    Copyright (C) 2013-2014 Canonical Ltd.
  5. #
  6. #    This program is free software; you can redistribute it and/or
  7. #    modify it under the terms of version 2 of the GNU General Public
  8. #    License published by the Free Software Foundation.
  9. #
  10. # ------------------------------------------------------------------
  12.   abi <abi/3.0>,
  14. #
  15. # Rules common to applications running under Unity 7
  16. #
  18. include <abstractions/gnome>
  20. include <abstractions/dbus-session-strict>
  21. include <abstractions/dbus-strict>
  23.   #
  24.   # Access required for connecting to/communication with Unity HUD
  25.   #
  26.   dbus (send)
  27.        bus=session
  28.        path="/com/canonical/hud",
  29.   dbus (send)
  30.        bus=session
  31.        interface="com.canonical.hud.*",
  32.   dbus (send)
  33.        bus=session
  34.        path="/com/canonical/hud/applications/*",
  35.   dbus (receive)
  36.        bus=session
  37.        path="/com/canonical/hud",
  38.   dbus (receive)
  39.        bus=session
  40.        interface="com.canonical.hud.*",
  42.   #
  43.   # Allow access for connecting to/communication with the appmenu
  44.   #
  45.   # dbusmenu
  46.   dbus (send)
  47.        bus=session
  48.        interface="com.canonical.AppMenu.*",
  49.   dbus (receive, send)
  50.         bus=session
  51.         path=/com/canonical/menu/**,
  53.   # gmenu
  54.   dbus (receive, send)
  55.        bus=session
  56.        interface=org.gtk.Actions,
  57.   dbus (receive, send)
  58.        bus=session
  59.        interface=org.gtk.Menus,
  61.   #
  62.   # Access required for using freedesktop notifications
  63.   #
  64.   dbus (send)
  65.        bus=session
  66.        path=/org/freedesktop/Notifications
  67.        member=GetCapabilities,
  68.   dbus (send)
  69.        bus=session
  70.        path=/org/freedesktop/Notifications
  71.        member=GetServerInformation,
  72.   dbus (send)
  73.        bus=session
  74.        path=/org/freedesktop/Notifications
  75.        member=Notify,
  76.   dbus (receive)
  77.        bus=session
  78.        member="Notify"
  79.        peer=(name="org.freedesktop.DBus"),
  80.   dbus (receive)
  81.        bus=session
  82.        path=/org/freedesktop/Notifications
  83.        member=NotificationClosed,
  84.   dbus (send)
  85.        bus=session
  86.        path=/org/freedesktop/Notifications
  87.        member=CloseNotification,
  89.   # accessibility
  90.   dbus (send)
  91.        bus=session
  92.        peer=(name=org.a11y.Bus),
  93.   dbus (receive)
  94.        bus=session
  95.        interface=org.a11y.atspi*,
  96.   dbus (receive, send)
  97.        bus=accessibility,
  99.   #
  100.   # Deny potentially dangerous access
  101.   #
  102.   deny dbus bus=session path=/com/canonical/[Uu]nity/[Dd]ebug**,
  104.   # Include additions to the abstraction
  105.   include if exists <abstractions/ubuntu-unity7-base.d>