Permalink
Switch branches/tags
Nothing to show
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
51 lines (38 sloc) 1.32 KB
# vim:syntax=apparmor
#include <tunables/global>
/usr/bin/keepassx {
#include <abstractions/base>
#include <abstractions/dbus-session>
#include <abstractions/ibus>
#include <abstractions/kde>
#include <abstractions/nameservice>
#include <abstractions/private-files>
# missing from dbus abstractions?
audit /usr/bin/dbus-send ix,
/etc/xdg/sni-qt.conf rk,
/etc/xdg/Trolltech.conf rk,
/usr/share/themes/** r,
/usr/share/glib-2.0/schemas/gschemas.compiled r,
/usr/lib/@{multiarch}/gtk-[0-9]*/**.so mr,
owner @{HOME}/.config/gtk-[0-9]*/* rw,
owner @{HOME}/.{cache,config}/dconf/user rw,
owner /{,var/}run/user/*/dconf/user rwk,
# gvfs
/usr/share/gvfs/remote-volume-monitors/ r,
/usr/share/gvfs/remote-volume-monitors/* r,
# usb
/media/ r,
/media/** r,
owner @{HOME}/.config/keepassx/ rw,
owner @{HOME}/.config/keepassx/config.ini rwk,
/usr/share/keepassx/** r,
owner @{PROC}/@{pid}/cmdline r,
# When opening an URL, KeePassX will attempt xdg-open, gnome-open
# then firefox.sh
deny /usr/bin/xdg-open x,
deny /usr/bin/gnome-open x,
# Only allow launching Firefox when protected by a profile
/usr/lib/firefox/firefox.sh Px -> /usr/lib/firefox/firefox{,*[^s][^h]},
# Site-specific additions and overrides. See local/README for details.
#include <local/usr.bin.keepassx>
}