92bc3717 |
1 | # vim:syntax=apparmor |
2 | # Last Modified: Wed Sep 7 21:32:52 2005 |
3 | # ------------------------------------------------------------------ |
4 | # |
5 | # Copyright (C) 2002-2005 Novell/SUSE |
6 | # |
7 | # This program is free software; you can redistribute it and/or |
8 | # modify it under the terms of version 2 of the GNU General Public |
9 | # License published by the Free Software Foundation. |
10 | # |
11 | # ---------------------------------------------------------------------- |
12 | # |
13 | # |
14 | # Profile for Evolution 2.4: |
15 | # |
16 | # Covered scenarios: |
17 | # |
18 | # Receive Mail: |
19 | # IMAP/POP/Local |
20 | # Mark mail as junk mail |
21 | # Print mail message with lpr local |
22 | # Print mail message with cups remote |
23 | # View pdf attachements |
24 | # Decrypt using gpg |
25 | # |
26 | # Send Mail: |
27 | # SMTP/Sendmail |
28 | # Encrypt/Sign using gpg |
29 | # |
30 | # Contacts: |
31 | # Add/Edit/Delete local contacts |
32 | # |
33 | # Calendaring: |
34 | # Add Local calendar |
35 | # Add|Edit|Delete event to|in|from local calendar |
36 | # Publish free/busy information to webdav server |
37 | # Subscribe to webcal:// calendar |
38 | # |
39 | # |
40 | |
41 | #include <tunables/global> |
42 | |
43 | /usr/bin/evolution-2.10 { |
44 | #include <abstractions/base> |
45 | #include <abstractions/bash> |
46 | #include <abstractions/consoles> |
47 | #include <abstractions/fonts> |
48 | #include <abstractions/kde> |
49 | #include <abstractions/nameservice> |
50 | #include <abstractions/perl> |
51 | #include <abstractions/gnome> |
52 | #include <abstractions/user-mail> |
53 | #include <abstractions/user-write> |
54 | |
55 | capability ipc_lock, |
56 | capability setuid, |
57 | |
58 | /bin/basename mixr, |
59 | /bin/bash mix, |
60 | /bin/grep mixr, |
61 | /bin/netstat mixr, |
62 | /dev/random r, |
63 | /etc/cups/client.conf r, |
64 | /etc/cups/lpoptions r, |
65 | /etc/cups/printcap r, |
66 | /etc/mail/spamassassin r, |
67 | /etc/mail/spamassassin/* r, |
68 | /etc/mtab r, |
69 | /etc/gnome-vfs-*/modules r, |
70 | /etc/gnome-vfs-*/modules/*.conf r, |
71 | /etc/pango/*.modules r, |
72 | /etc/opt/kde3/share/applications r, |
73 | /etc/opt/kde3/share/applications/kde r, |
74 | /etc/opt/kde3/share/applications/kde/*.desktop r, |
75 | /etc/opt/kde3/share/applications/mimeinfo.cache r, |
76 | /etc/rpc r, |
77 | /etc/xdg/menus/*.menu r, |
78 | /etc/xdg/menus/applications-merged r, |
79 | /etc/xdg/menus/applications-merged/*.menu r, |
80 | /etc/xml/*.xml r, |
81 | /etc/xml/catalog r, |
82 | |
83 | @{HOMEDIRS} r, |
84 | @{HOMEDIRS}/* r, |
85 | @{HOME}* r, |
86 | @{HOME}/.AbiSuite/* r, |
87 | @{HOME}/.AbiSuite/AbiWord.Profile rw, |
88 | @{HOME}/.camel_certs/* rw, |
89 | @{HOME}/.evolution-composer.autosave-* lrw, |
90 | @{HOME}/.evolution/*.db rw, |
91 | @{HOME}/.evolution/cache/tmp r, |
92 | @{HOME}/.evolution/cache/tmp/** lrw, |
93 | @{HOME}/.evolution/calendar/config/** lrw, |
94 | @{HOME}/.evolution/calendar/local/** lrw, |
95 | @{HOME}/.evolution/camel-cert.db~ lrw, |
96 | @{HOME}/.evolution/mail/** lrw, |
97 | @{HOME}/.evolution/tasks/local/system/*.ics rw, |
98 | @{HOME}/.evolution/tasks/local/system/*.ics~ lrw, |
99 | @{HOME}/.gaim/blist.xml r, |
100 | @{HOME}/.gnome2/evolution-* lw, |
101 | @{HOME}/.gnome2/gnome-pilot.d/gpilotd rw, |
102 | @{HOME}/.gnome2/yelp rw, |
103 | @{HOME}/.gnome2/yelp.d/mozilla/** lrw, |
104 | @{HOME}/.gnome2_private w, |
105 | @{HOME}/.gnome2_private/Evolution rw, |
106 | @{HOME}/.kde/share/config/gtkrc-2.0 r, |
107 | @{HOME}/.mozilla/pluginreg.dat r, |
108 | @{HOME}/.qt/** lrw, |
109 | @{HOME}/.recently-used rw, |
110 | |
111 | /usr/bin/evolution-2.10 mixr, |
112 | /usr/bin/firefox Pxr, |
113 | /usr/lib/** r, |
114 | /usr/lib/GConf/2/gconfd-2 Px, |
115 | /usr/lib64/GConf/2/gconfd-2 Px, |
116 | /usr/lib/evolution-data-server*/* r, |
117 | /usr/lib/evolution-data-server*/evolution-data-server-* Pxr, |
118 | /usr/lib/evolution/** r, |
119 | /usr/lib/evolution/*/evolution-alarm-notify mixr, |
120 | /usr/lib/gnome-** r, |
121 | /usr/lib/gnome-spell/libgnome-spell-component-*.so mr, |
122 | /usr/lib/gtk-** r, |
123 | /usr/lib/gtkhtml/libgnome-gtkhtml-editor-*.so mr, |
124 | /usr/lib/libgnomeui/gnome_segv2 mixr, |
125 | /usr/lib/pango/** r, |
126 | /usr/share/** r, |
127 | /opt/kde3/share/** r, |
128 | /opt/mozilla/bin/mozilla.sh Pxr, |
129 | @{PROC}/*/cmdline r, |
130 | @{PROC}/net r, |
131 | @{PROC}/net/* r, |
132 | /tmp r, |
133 | /tmp/* lrw, |
134 | /tmp/.ICE-unix/* w, |
135 | /tmp/gconfd-** r, |
136 | /tmp/orbit** lrw, |
137 | /usr/lib/aspell-** r, |
138 | /usr/lib/enchant r, |
139 | /usr/lib/enchant/*.* mr, |
140 | /usr/lib/jvm/java-*/jre/lib/fonts r, |
141 | /usr/lib/jvm/java-*/jre/lib/fonts/* r, |
142 | /usr/lib/ooo-2.0/share/fonts r, |
143 | /usr/lib/ooo-2.0/share/fonts/** r, |
144 | /usr/share/applications r, |
145 | /usr/share/applications/*.desktop r, |
146 | /usr/share/applications/mimeinfo.cache r, |
147 | /usr/share/icons r, |
148 | /usr/share/mime/** r, |
149 | /usr/share/spamassassin r, |
150 | /usr/share/spamassassin/*.cf r, |
151 | /usr/share/spamassassin/triplets.txt r, |
152 | /usr/share/xml/docbook/schema/** r, |
153 | /usr/X11R6/lib/Acrobat7/Resource/Font r, |
154 | /usr/X11R6/lib/Acrobat7/Resource/Font/** r, |
155 | /var/tmp r, |
156 | } |