On Thu, Apr 14, 2016 at 07:09:24PM -0000, Serge Hallyn wrote: > Yeah my main goal was to keep it from reading most of my own > files. It runs as me so not very worried about system files. > I did the MR to make myself follow up. I'll find time to > tighten it down later.
Does this profile work for you? # vim:syntax=apparmor # Author: Serge Hallyn <[email protected]> # Author: Steve Beattie <[email protected]> #include <tunables/global> /usr/bin/ttytter { #include <abstractions/base> #include <abstractions/dbus-session-strict> #include <abstractions/fonts> #include <abstractions/nameservice> #include <abstractions/perl> dbus (send) bus=session interface="org.freedesktop.Notifications" member={GetServerInformation,Notify}, /bin/dash ixr, /usr/bin/ttytter ixr, /usr/bin/curl ixr, /usr/bin/clear ixr, /usr/bin/notify-send Pixr, owner @{HOME}/.ttytter/** rw, owner @{HOME}/.ttytterkey rw, owner @{HOME}/.ttytterrc* rw, owner @{HOME}/.inputrc r, } (Tested locally on xenial, but I haven't used ttytter in a long time. Hrm, I guess I should submit my bitlbee profile, too.) Here's a quickie notify-send profile I made while testing ttytter and was trying to figure out why notifications don't work: # Last Modified: Thu Apr 14 12:47:44 2016 #include <tunables/global> /usr/bin/notify-send { #include <abstractions/base> #include <abstractions/dbus-session-strict> dbus (send) bus=session interface="org.freedesktop.Notifications" member={GetServerInformation,Notify}, /usr/bin/notify-send mr, } -- Steve Beattie <[email protected]> http://NxNW.org/~steve/
signature.asc
Description: PGP signature
-- AppArmor mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
