-
Notifications
You must be signed in to change notification settings - Fork 4
/
opt.spotify.spotify-client.spotify
92 lines (79 loc) · 2.6 KB
/
opt.spotify.spotify-client.spotify
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
#include <tunables/global>
/opt/spotify/spotify-client/spotify flags=(attach_disconnected) {
#include <abstractions/base>
#include <abstractions/kde>
#include <abstractions/dbus>
#include <abstractions/dbus-session>
#include <abstractions/ibus>
#include <abstractions/dconf>
#include <abstractions/audio>
#include <abstractions/nameservice>
# Networking
network inet dgram,
network inet stream,
network inet6 dgram,
network inet6 stream,
# Home folder
owner @{HOME}/Music/ r,
owner @{HOME}/Music/** r,
owner @{HOME}/.config/spotify/ rw,
owner @{HOME}/.config/spotify/** rwk,
owner @{HOME}/.cache/spotify/ rw,
owner @{HOME}/.cache/spotify/** rwk,
owner @{HOME}/.local/share/spotify/ rw,
owner @{HOME}/.local/share/spotify/** rwk,
owner @{HOME}/.local/share/fonts/ r,
owner @{HOME}/.local/share/fonts/** r,
owner @{HOME}/.mozilla/plugins/ r,
owner @{HOME}/.mozilla/plugins/** r,
# Application and libraries
/opt/spotify/spotify-client/** mr,
/opt/spotify/spotify-client/Data/SpotifyHelper ixr,
/lib/** mr,
/usr/** mr,
/usr/bin/xdg-open Uxr,
# dconf
owner /run/user/*/dconf/ w,
owner /run/user/*/dconf/user rw,
# Gnome
owner @{HOME}/.gtkrc-2.0 r,
owner @{HOME}/.gtkrc-2.0-gnome-color-chooser r,
owner @{HOME}/.config/gtk-2.0/gtkfilechooser.ini r,
# QT
/etc/xdg/Trolltech.conf rk,
# Chromium
ptrace (trace) peer=@{profile_name},
owner @{HOME}/.pki/nssdb/* rwk,
owner /{dev,run}/shm/{,.}org.chromium.* mrw,
@{PROC}/ r,
@{PROC}/filesystems r,
@{PROC}/sys/kernel/shmmax r,
owner @{PROC}/[0-9]*/auxv r,
owner @{PROC}/[0-9]*/cmdline r,
owner @{PROC}/[0-9]*/fd/ r,
owner @{PROC}/[0-9]*/io r,
owner @{PROC}/[0-9]*/oom_{,score_}adj w,
owner @{PROC}/[0-9]*/smaps r,
owner @{PROC}/[0-9]*/stat r,
owner @{PROC}/[0-9]*/statm r,
owner @{PROC}/[0-9]*/status r,
owner @{PROC}/[0-9]*/task/ r,
owner @{PROC}/[0-9]*/task/[0-9]*/stat r,
/etc/udev/udev.conf r,
deny /run/udev/data/** r,
/sys/bus/pci/devices/ r,
/sys/devices/system/cpu/cpu*/cpufreq/cpuinfo_max_freq r,
/sys/devices/pci[0-9]*/**/class r,
/sys/devices/pci[0-9]*/**/device r,
/sys/devices/pci[0-9]*/**/irq r,
/sys/devices/pci[0-9]*/**/resource r,
/sys/devices/pci[0-9]*/**/vendor r,
/sys/devices/pci[0-9]*/**/removable r,
/sys/devices/pci[0-9]*/**/uevent r,
/sys/devices/pci[0-9]*/**/block/**/size r,
/sys/devices/virtual/block/**/removable r,
/sys/devices/virtual/block/**/uevent r,
/sys/devices/virtual/block/**/size r,
# NOTE: comment out the following line on Ubuntu 14.04 LTS and older.
unix (receive, send, connect) peer=(addr=@/tmp/.ICE-unix/*),
}