2
0
mirror of https://gitlab.com/apparmor/apparmor synced 2025-08-30 22:05:27 +00:00

profiles: update wireshark profile for modern releases

Acked-by: Steve Beattie <steve@nxnw.org>
This commit is contained in:
Steve Beattie
2017-10-26 16:58:26 -07:00

View File

@@ -16,29 +16,66 @@
#include <abstractions/base>
#include <abstractions/bash>
#include <abstractions/consoles>
#include <abstractions/dconf>
#include <abstractions/dbus-session-strict>
#include <abstractions/ibus>
#include <abstractions/kde>
#include <abstractions/nameservice>
#include <abstractions/gnome>
#include <abstractions/user-write>
#include <abstractions/X>
#include <abstractions/dbus-accessibility-strict>
dbus (send)
bus=session
peer=(name=org.a11y.Bus),
dbus (receive)
bus=session
interface=org.a11y.atspi**,
dbus (receive, send)
bus=accessibility,
capability net_raw,
/etc/ethers r,
# From abstractions/evince
deny /run/udev/data/** r,
@{HOME}/.wireshark/* rw,
@{HOME}/.fonts.cache-* r,
/etc/ethers r,
/etc/udev/udev.conf r,
/etc/wireshark/** r,
owner @{HOME}/.wireshark/* rw,
owner @{HOME}/.config/wireshark/* rw,
owner @{HOME}/.config/QtProject.conf rw,
owner @{HOME}/.config/QtProject.conf.lock rw,
owner @{HOME}/.fonts.cache-* r,
owner @{HOME}/.config/dconf/user w,
owner /{,var/}run/user/*/dconf/user w,
owner @{PROC}/@{pid}/cmdline r,
owner @{PROC}/@{pid}/fd/ r,
@{PROC}/@{pid}/net/dev r,
/sys/devices/pci[0-9]*/**/uevent r,
/etc/pango/pango.modules r,
/usr/lib/gtk-*/*/loaders/* mr,
/usr/share/* r,
/usr/share/icons/** r,
/usr/share/icons/ r,
/usr/share/icons/** rk,
/usr/share/glib-2.0/schemas/gschemas.compiled r,
/usr/share/mime/* r,
/usr/lib/firefox/firefox.sh rPx,
/usr/bin/wireshark mixr,
/usr/share/icons r,
/usr/share/mime/* r,
/usr/share/snmp/mibs r,
/usr/share/snmp/mibs/* r,
/usr/share/snmp/mibs/.index rw,
/usr/share/wireshark/** r,
/usr/share/GeoIP/ r,
/usr/share/GeoIP/** r,
/usr/lib/@{multiarch}/wireshark/extcap/* ix,
/usr/lib/@{multiarch}/wireshark/plugins/**/ r,
/usr/lib/@{multiarch}/wireshark/plugins/**.so mr,
# for reading pcaps
/**.pcap r,
}