[Bringing this back to the list with Serge's permission.] On Fri, Apr 15, 2016 at 04:23:07PM +0000, Serge Hallyn wrote: > Quoting Steve Beattie ([email protected]): > > On Thu, Apr 14, 2016 at 07:09:24PM -0000, Serge Hallyn wrote: > > > Yeah my main goal was to keep it from reading most of my own > > > files. It runs as me so not very worried about system files. > > > I did the MR to make myself follow up. I'll find time to > > > tighten it down later. > > > > Does this profile work for you? > > Yup, it does, thanks. And maybe I should install the notify-send > one too :)
Great, thanks for testing! (Note that the way ttytter tries to use notify-send is broken, as apparently it tries to pass in the message to be displayed over stdin, rather than on the command line, and notify-send doesn't support that.) > > # vim:syntax=apparmor > > # Author: Serge Hallyn <[email protected]> > > # Author: Steve Beattie <[email protected]> > > > > #include <tunables/global> > > /usr/bin/ttytter { > > #include <abstractions/base> > > #include <abstractions/dbus-session-strict> > > #include <abstractions/fonts> > > #include <abstractions/nameservice> > > #include <abstractions/perl> > > > > dbus (send) > > bus=session > > interface="org.freedesktop.Notifications" > > member={GetServerInformation,Notify}, > > > > /bin/dash ixr, > > /usr/bin/ttytter ixr, > > /usr/bin/curl ixr, > > /usr/bin/clear ixr, > > > > /usr/bin/notify-send Pixr, > > > > owner @{HOME}/.ttytter/** rw, > > owner @{HOME}/.ttytterkey rw, > > owner @{HOME}/.ttytterrc* rw, > > > > owner @{HOME}/.inputrc r, > > } > > > > (Tested locally on xenial, but I haven't used ttytter in a long time. > > Hrm, I guess I should submit my bitlbee profile, too.) > > > > Here's a quickie notify-send profile I made while testing ttytter and > > was trying to figure out why notifications don't work: > > > > # Last Modified: Thu Apr 14 12:47:44 2016 > > #include <tunables/global> > > > > /usr/bin/notify-send { > > #include <abstractions/base> > > #include <abstractions/dbus-session-strict> > > > > dbus (send) > > bus=session > > interface="org.freedesktop.Notifications" > > member={GetServerInformation,Notify}, > > /usr/bin/notify-send mr, > > > > } > > > > > > > > -- > > Steve Beattie > > <[email protected]> > > http://NxNW.org/~steve/ -- Steve Beattie <[email protected]> http://NxNW.org/~steve/
signature.asc
Description: PGP signature
-- AppArmor mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
