[apparmor] [Merge] lp:~serge-hallyn/apparmor-profiles/apparmor-profiles into lp:apparmor-profiles

Steve Beattie steve at nxnw.org
Fri Apr 15 17:34:06 UTC 2016 

[Bringing this back to the list with Serge's permission.]

On Fri, Apr 15, 2016 at 04:23:07PM +0000, Serge Hallyn wrote:
> Quoting Steve Beattie (steve at nxnw.org):
> > On Thu, Apr 14, 2016 at 07:09:24PM -0000, Serge Hallyn wrote:
> > > Yeah my main goal was to keep it from reading most of my own
> > > files.  It runs as me so not very worried about system files.
> > > I did the MR to make myself follow up.  I'll find time to
> > > tighten it down later.
> > 
> > Does this profile work for you?
> 
> Yup, it does, thanks.  And maybe I should install the notify-send
> one too :)

Great, thanks for testing!

(Note that the way ttytter tries to use notify-send is broken, as
apparently it tries to pass in the message to be displayed over stdin,
rather than on the command line, and notify-send doesn't support that.)

> > # vim:syntax=apparmor
> > # Author: Serge Hallyn <serge.hallyn at ubuntu.com>
> > # Author: Steve Beattie <steve at nxnw.org>
> > 
> > #include <tunables/global>
> > /usr/bin/ttytter {
> >   #include <abstractions/base>
> >   #include <abstractions/dbus-session-strict>
> >   #include <abstractions/fonts>
> >   #include <abstractions/nameservice>
> >   #include <abstractions/perl>
> > 
> >   dbus (send)
> >        bus=session
> >        interface="org.freedesktop.Notifications"
> >        member={GetServerInformation,Notify},
> > 
> >   /bin/dash ixr,
> >   /usr/bin/ttytter ixr,
> >   /usr/bin/curl ixr,
> >   /usr/bin/clear ixr,
> > 
> >   /usr/bin/notify-send Pixr,
> > 
> >   owner @{HOME}/.ttytter/** rw,
> >   owner @{HOME}/.ttytterkey rw,
> >   owner @{HOME}/.ttytterrc* rw,
> > 
> >   owner @{HOME}/.inputrc r,
> > }
> > 
> > (Tested locally on xenial, but I haven't used ttytter in a long time.
> > Hrm, I guess I should submit my bitlbee profile, too.)
> > 
> > Here's a quickie notify-send profile I made while testing ttytter and
> > was trying to figure out why notifications don't work:
> > 
> > # Last Modified: Thu Apr 14 12:47:44 2016
> > #include <tunables/global>
> > 
> > /usr/bin/notify-send {
> >   #include <abstractions/base>
> >   #include <abstractions/dbus-session-strict>
> > 
> >   dbus (send)
> >        bus=session
> >        interface="org.freedesktop.Notifications"
> >        member={GetServerInformation,Notify},
> >   /usr/bin/notify-send mr,
> > 
> > }
> > 
> > 
> > 
> > -- 
> > Steve Beattie
> > <sbeattie at ubuntu.com>
> > http://NxNW.org/~steve/

-- 
Steve Beattie
<sbeattie at ubuntu.com>
http://NxNW.org/~steve/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20160415/3182cf76/attachment.pgp>

More information about the AppArmor mailing list