diff --git a/colord-gtk.changes b/colord-gtk.changes index 1324194..a30505f 100644 --- a/colord-gtk.changes +++ b/colord-gtk.changes @@ -1,3 +1,8 @@ +------------------------------------------------------------------- +Thu Jul 5 14:47:17 UTC 2012 - meissner@suse.com + +- Add a apparmor profile for usr.lib.colord + ------------------------------------------------------------------- Wed May 23 19:18:54 UTC 2012 - zaitor@opensuse.org diff --git a/colord-gtk.spec b/colord-gtk.spec index 6a1b3d7..a27876f 100644 --- a/colord-gtk.spec +++ b/colord-gtk.spec @@ -28,6 +28,8 @@ License: GPL-2.0+ Group: System/Daemons Url: http://colord.hughsie.com/ Source0: http://www.freedesktop.org/software/colord/releases/%{_name}-%{version}.tar.xz +# Apparmor profile +Source1: usr.lib.colord Source99: baselibs.conf BuildRequires: gobject-introspection-devel BuildRequires: intltool @@ -145,6 +147,8 @@ find %{buildroot} -type f -name '*.la' -delete -print %if !%{build_gtk} +mkdir %{buildroot}/etc/apparmor.d +install -c -m 644 %{SOURCE1} %{buildroot}/etc/apparmor.d/ # Manually install prebuilt man pages, since we don't have docbook2man pushd man test ! -f %{buildroot}%{_mandir}/man1/* @@ -223,6 +227,8 @@ exit 0 %{_mandir}/man1/cd-create-profile.1%{?ext_man} %{_mandir}/man1/cd-fix-profile.1%{?ext_man} %{_mandir}/man1/colormgr.1%{?ext_man} +%dir /etc/apparmor.d/ +%config /etc/apparmor.d/usr.lib.colord %files -n libcolord1 %defattr(-, root, root) diff --git a/colord.changes b/colord.changes index 1324194..a30505f 100644 --- a/colord.changes +++ b/colord.changes @@ -1,3 +1,8 @@ +------------------------------------------------------------------- +Thu Jul 5 14:47:17 UTC 2012 - meissner@suse.com + +- Add a apparmor profile for usr.lib.colord + ------------------------------------------------------------------- Wed May 23 19:18:54 UTC 2012 - zaitor@opensuse.org diff --git a/colord.spec b/colord.spec index a0966d0..20becc1 100644 --- a/colord.spec +++ b/colord.spec @@ -27,6 +27,8 @@ License: GPL-2.0+ Group: System/Daemons Url: http://colord.hughsie.com/ Source0: http://www.freedesktop.org/software/colord/releases/%{_name}-%{version}.tar.xz +# Apparmor profile +Source1: usr.lib.colord Source99: baselibs.conf BuildRequires: gobject-introspection-devel BuildRequires: intltool @@ -144,6 +146,8 @@ find %{buildroot} -type f -name '*.la' -delete -print %if !%{build_gtk} +mkdir %{buildroot}/etc/apparmor.d +install -c -m 644 %{SOURCE1} %{buildroot}/etc/apparmor.d/ # Manually install prebuilt man pages, since we don't have docbook2man pushd man test ! -f %{buildroot}%{_mandir}/man1/* @@ -222,6 +226,8 @@ exit 0 %{_mandir}/man1/cd-create-profile.1%{?ext_man} %{_mandir}/man1/cd-fix-profile.1%{?ext_man} %{_mandir}/man1/colormgr.1%{?ext_man} +%dir /etc/apparmor.d/ +%config /etc/apparmor.d/usr.lib.colord %files -n libcolord1 %defattr(-, root, root) diff --git a/usr.lib.colord b/usr.lib.colord new file mode 100644 index 0000000..f604d13 --- /dev/null +++ b/usr.lib.colord @@ -0,0 +1,37 @@ +# Last Modified: Thu Jul 5 16:42:52 2012 +#include + +/usr/lib/colord { + #include + #include + + + deny /usr/share/gvfs/remote-volume-monitors/ r, + deny /usr/share/gvfs/remote-volume-monitors/afc.monitor r, + deny /usr/share/gvfs/remote-volume-monitors/udisks2.monitor r, + + /etc/colord.conf r, + /etc/fstab r, + /etc/udev/udev.conf r, + /proc/*/mounts r, + /run/udev/data/* r, + /sys/bus/ r, + /sys/bus/usb/devices/ r, + /sys/class/ r, + /sys/devices/** r, + /usr/lib/colord mr, + /usr/share/color/**/ r, + /usr/share/color/icc/** r, + /usr/share/dbus-1/interfaces/org.freedesktop.ColorManager.Device.xml r, + /usr/share/dbus-1/interfaces/org.freedesktop.ColorManager.Profile.xml r, + /usr/share/dbus-1/interfaces/org.freedesktop.ColorManager.Sensor.xml r, + /usr/share/dbus-1/interfaces/org.freedesktop.ColorManager.xml r, + /usr/share/gvfs/remote-volume-monitors/gphoto2.monitor r, + /usr/share/locale-bundle/**.mo r, + /var/lib/color/icc/ r, + /var/lib/colord/mapping.db rwk, + /var/lib/colord/mapping.db-journal rw, + /var/lib/colord/storage.db rwk, + /var/lib/colord/storage.db-journal rw, + +}