diff options
| author | Robert Ancell <robert.ancell@canonical.com> | 2014-10-01 08:28:43 +1300 |
|---|---|---|
| committer | Robert Ancell <robert.ancell@canonical.com> | 2014-10-01 08:28:43 +1300 |
| commit | d2addaaf9037c9adda1c3de7fed386d465a49949 (patch) | |
| tree | ecdee4c2082419fa54f981e2f395bfa58b582318 /data | |
| parent | d742da033d56c226cb225d08f3913c2159ff1776 (diff) | |
| download | lightdm-d2addaaf9037c9adda1c3de7fed386d465a49949.tar.gz | |
Apply debian/patches/07_apparmor-chrome.patch debian/patches/08_apparmor-updates.patch
Diffstat (limited to 'data')
| -rw-r--r-- | data/apparmor/abstractions/lightdm | 7 | ||||
| -rw-r--r-- | data/apparmor/abstractions/lightdm_chromium-browser | 2 |
2 files changed, 8 insertions, 1 deletions
diff --git a/data/apparmor/abstractions/lightdm b/data/apparmor/abstractions/lightdm index 0052569e..42341e0a 100644 --- a/data/apparmor/abstractions/lightdm +++ b/data/apparmor/abstractions/lightdm @@ -14,7 +14,10 @@ #include <abstractions/dbus-accessibility> #include <abstractions/nameservice> #include <abstractions/wutmp> - /etc/compizconfig/config rw, # bug in compiz https://launchpad.net/bugs/697678 + + # bug in compiz https://launchpad.net/bugs/697678 + /etc/compizconfig/config rw, + /etc/compizconfig/unity.ini rw, / r, /bin/ rmix, @@ -44,6 +47,7 @@ @{PROC}/asound/** rm, @{PROC}/ati rm, @{PROC}/ati/** rm, + @{PROC}/sys/vm/overcommit_memory r, owner @{PROC}/** rm, # needed for gnome-keyring-daemon @{PROC}/*/status r, @@ -68,6 +72,7 @@ # necessary for writing to sockets, etc. /{,var/}run/** rmkix, /{,var/}run/shm/** wl, + /{,var/}run/uuidd/request w, # libpam-xdg-support/logind owner /{,var/}run/user/*/** rw, diff --git a/data/apparmor/abstractions/lightdm_chromium-browser b/data/apparmor/abstractions/lightdm_chromium-browser index fd9c94d3..9f3671bd 100644 --- a/data/apparmor/abstractions/lightdm_chromium-browser +++ b/data/apparmor/abstractions/lightdm_chromium-browser @@ -15,6 +15,7 @@ /opt/google/chrome-stable/google-chrome-stable Cx -> chromium, /opt/google/chrome-beta/google-chrome-beta Cx -> chromium, /opt/google/chrome-unstable/google-chrome-unstable Cx -> chromium, + /opt/google/chrome/google-chrome Cx -> chromium, # Allow ptracing processes in the chromium child profile ptrace peer=/usr/lib/lightdm/lightdm-guest-session//chromium, @@ -49,6 +50,7 @@ @{PROC}/[0-9]*/ r, # sandbox wants these @{PROC}/[0-9]*/fd/ r, # sandbox wants these + @{PROC}/[0-9]*/statm r, # sandbox wants these @{PROC}/[0-9]*/task/[0-9]*/stat r, # sandbox wants these /selinux/ r, |