| 1 | # vim:syntax=apparmor |
| 2 | # Last Modified: Wed Sep 7 21:32:52 2005 |
| 3 | # ------------------------------------------------------------------ |
| 4 | # |
| 5 | # Copyright (C) 2002-2005 Novell/SUSE |
| 6 | # |
| 7 | # This program is free software; you can redistribute it and/or |
| 8 | # modify it under the terms of version 2 of the GNU General Public |
| 9 | # License published by the Free Software Foundation. |
| 10 | # |
| 11 | # ---------------------------------------------------------------------- |
| 12 | # |
| 13 | # |
| 14 | # Profile for Evolution 2.4: |
| 15 | # |
| 16 | # Covered scenarios: |
| 17 | # |
| 18 | # Receive Mail: |
| 19 | # IMAP/POP/Local |
| 20 | # Mark mail as junk mail |
| 21 | # Print mail message with lpr local |
| 22 | # Print mail message with cups remote |
| 23 | # View pdf attachements |
| 24 | # Decrypt using gpg |
| 25 | # |
| 26 | # Send Mail: |
| 27 | # SMTP/Sendmail |
| 28 | # Encrypt/Sign using gpg |
| 29 | # |
| 30 | # Contacts: |
| 31 | # Add/Edit/Delete local contacts |
| 32 | # |
| 33 | # Calendaring: |
| 34 | # Add Local calendar |
| 35 | # Add|Edit|Delete event to|in|from local calendar |
| 36 | # Publish free/busy information to webdav server |
| 37 | # Subscribe to webcal:// calendar |
| 38 | # |
| 39 | # |
| 40 | |
| 41 | #include <tunables/global> |
| 42 | |
| 43 | /usr/bin/evolution-2.10 { |
| 44 | #include <abstractions/base> |
| 45 | #include <abstractions/bash> |
| 46 | #include <abstractions/consoles> |
| 47 | #include <abstractions/fonts> |
| 48 | #include <abstractions/kde> |
| 49 | #include <abstractions/nameservice> |
| 50 | #include <abstractions/perl> |
| 51 | #include <abstractions/gnome> |
| 52 | #include <abstractions/user-mail> |
| 53 | #include <abstractions/user-write> |
| 54 | |
| 55 | capability ipc_lock, |
| 56 | capability setuid, |
| 57 | |
| 58 | /bin/basename mixr, |
| 59 | /bin/bash mix, |
| 60 | /bin/grep mixr, |
| 61 | /bin/netstat mixr, |
| 62 | /dev/random r, |
| 63 | /etc/cups/client.conf r, |
| 64 | /etc/cups/lpoptions r, |
| 65 | /etc/cups/printcap r, |
| 66 | /etc/mail/spamassassin r, |
| 67 | /etc/mail/spamassassin/* r, |
| 68 | /etc/mtab r, |
| 69 | /etc/gnome-vfs-*/modules r, |
| 70 | /etc/gnome-vfs-*/modules/*.conf r, |
| 71 | /etc/pango/*.modules r, |
| 72 | /etc/opt/kde3/share/applications r, |
| 73 | /etc/opt/kde3/share/applications/kde r, |
| 74 | /etc/opt/kde3/share/applications/kde/*.desktop r, |
| 75 | /etc/opt/kde3/share/applications/mimeinfo.cache r, |
| 76 | /etc/rpc r, |
| 77 | /etc/xdg/menus/*.menu r, |
| 78 | /etc/xdg/menus/applications-merged r, |
| 79 | /etc/xdg/menus/applications-merged/*.menu r, |
| 80 | /etc/xml/*.xml r, |
| 81 | /etc/xml/catalog r, |
| 82 | |
| 83 | @{HOMEDIRS} r, |
| 84 | @{HOMEDIRS}/* r, |
| 85 | @{HOME}* r, |
| 86 | @{HOME}/.AbiSuite/* r, |
| 87 | @{HOME}/.AbiSuite/AbiWord.Profile rw, |
| 88 | @{HOME}/.camel_certs/* rw, |
| 89 | @{HOME}/.evolution-composer.autosave-* lrw, |
| 90 | @{HOME}/.evolution/*.db rw, |
| 91 | @{HOME}/.evolution/cache/tmp r, |
| 92 | @{HOME}/.evolution/cache/tmp/** lrw, |
| 93 | @{HOME}/.evolution/calendar/config/** lrw, |
| 94 | @{HOME}/.evolution/calendar/local/** lrw, |
| 95 | @{HOME}/.evolution/camel-cert.db~ lrw, |
| 96 | @{HOME}/.evolution/mail/** lrw, |
| 97 | @{HOME}/.evolution/tasks/local/system/*.ics rw, |
| 98 | @{HOME}/.evolution/tasks/local/system/*.ics~ lrw, |
| 99 | @{HOME}/.gaim/blist.xml r, |
| 100 | @{HOME}/.gnome2/evolution-* lw, |
| 101 | @{HOME}/.gnome2/gnome-pilot.d/gpilotd rw, |
| 102 | @{HOME}/.gnome2/yelp rw, |
| 103 | @{HOME}/.gnome2/yelp.d/mozilla/** lrw, |
| 104 | @{HOME}/.gnome2_private w, |
| 105 | @{HOME}/.gnome2_private/Evolution rw, |
| 106 | @{HOME}/.kde/share/config/gtkrc-2.0 r, |
| 107 | @{HOME}/.mozilla/pluginreg.dat r, |
| 108 | @{HOME}/.qt/** lrw, |
| 109 | @{HOME}/.recently-used rw, |
| 110 | |
| 111 | /usr/bin/evolution-2.10 mixr, |
| 112 | /usr/bin/firefox Pxr, |
| 113 | /usr/lib/** r, |
| 114 | /usr/lib/GConf/2/gconfd-2 Px, |
| 115 | /usr/lib64/GConf/2/gconfd-2 Px, |
| 116 | /usr/lib/evolution-data-server*/* r, |
| 117 | /usr/lib/evolution-data-server*/evolution-data-server-* Pxr, |
| 118 | /usr/lib/evolution/** r, |
| 119 | /usr/lib/evolution/*/evolution-alarm-notify mixr, |
| 120 | /usr/lib/gnome-** r, |
| 121 | /usr/lib/gnome-spell/libgnome-spell-component-*.so mr, |
| 122 | /usr/lib/gtk-** r, |
| 123 | /usr/lib/gtkhtml/libgnome-gtkhtml-editor-*.so mr, |
| 124 | /usr/lib/libgnomeui/gnome_segv2 mixr, |
| 125 | /usr/lib/pango/** r, |
| 126 | /usr/share/** r, |
| 127 | /opt/kde3/share/** r, |
| 128 | /opt/mozilla/bin/mozilla.sh Pxr, |
| 129 | @{PROC}/*/cmdline r, |
| 130 | @{PROC}/net r, |
| 131 | @{PROC}/net/* r, |
| 132 | /tmp r, |
| 133 | /tmp/* lrw, |
| 134 | /tmp/.ICE-unix/* w, |
| 135 | /tmp/gconfd-** r, |
| 136 | /tmp/orbit** lrw, |
| 137 | /usr/lib/aspell-** r, |
| 138 | /usr/lib/enchant r, |
| 139 | /usr/lib/enchant/*.* mr, |
| 140 | /usr/lib/jvm/java-*/jre/lib/fonts r, |
| 141 | /usr/lib/jvm/java-*/jre/lib/fonts/* r, |
| 142 | /usr/lib/ooo-2.0/share/fonts r, |
| 143 | /usr/lib/ooo-2.0/share/fonts/** r, |
| 144 | /usr/share/applications r, |
| 145 | /usr/share/applications/*.desktop r, |
| 146 | /usr/share/applications/mimeinfo.cache r, |
| 147 | /usr/share/icons r, |
| 148 | /usr/share/mime/** r, |
| 149 | /usr/share/spamassassin r, |
| 150 | /usr/share/spamassassin/*.cf r, |
| 151 | /usr/share/spamassassin/triplets.txt r, |
| 152 | /usr/share/xml/docbook/schema/** r, |
| 153 | /usr/X11R6/lib/Acrobat7/Resource/Font r, |
| 154 | /usr/X11R6/lib/Acrobat7/Resource/Font/** r, |
| 155 | /var/tmp r, |
| 156 | } |