← Back to branch summary

~jbicha/firefox/dont-depend-on-gtk2

« back to all changes in this revision

Viewing changes to debian/usr.bin.firefox.apparmor.14.10

  • Committer: Rico Tzschichholz
  • Date: 2017-11-14 11:59:37 UTC
  • Revision ID: ricotz@ubuntu.com-20171114115937-eec02juysofd8419
* New upstream release from the beta channel (FIREFOX_58_0b3_BUILD2)
* Adapt to upstream and use ./mach
  - debian/build/rules.mk
* Install EmojiOneMozilla.ttf (LP: #1644021)
  - debian/firefox.install.in
* Update patches
  - debian/patches/allow-lockPref-everywhere.patch
  - debian/patches/revert-upstream-search-engine-changes.patch
* Update revert-upstream-search-engine-changes.patch to ensure we keep the
  region overrides for non-Google plugins
* Update AppArmor profile

Show diffs side-by-side

added added

removed removed

Lines of Context:
debian/usr.bin.firefox.apparmor.14.10
38
38
  # for networking
39
39
  network inet stream,
40
40
  network inet6 stream,
 
41
  @{PROC}/[0-9]*/net/arp r,
41
42
  @{PROC}/[0-9]*/net/if_inet6 r,
42
43
  @{PROC}/[0-9]*/net/ipv6_route r,
43
44
  @{PROC}/[0-9]*/net/dev r,
60
61
  owner @{HOME}/.local/share/applications/defaults.list r,
61
62
  owner @{HOME}/.local/share/applications/mimeapps.list r,
62
63
  owner @{HOME}/.local/share/applications/mimeinfo.cache r,
 
64
  /var/lib/snapd/desktop/applications/mimeinfo.cache r,
 
65
  /var/lib/snapd/desktop/applications/*.desktop r,
63
66
  owner /tmp/** m,
64
67
  owner /var/tmp/** m,
65
68
  owner /{,var/}run/shm/shmfd-* rw,
120
123
  /sys/devices/pci[0-9]*/**/uevent r,
121
124
  /sys/devices/platform/**/uevent r,
122
125
  /sys/devices/pci*/**/{busnum,idVendor,idProduct} r,
 
126
  /sys/devices/pci*/**/{,subsystem_}device r,
 
127
  /sys/devices/pci*/**/{,subsystem_}vendor r,
 
128
  /sys/devices/system/node/node[0-9]*/meminfo r,
123
129
  owner @{HOME}/.cache/thumbnails/** rw,
124
130
 
125
131
  /etc/mtab r,
174
180
  dbus (send)
175
181
       bus=session
176
182
       path=/org/gnome/GConf/Server
177
 
       member=GetDefaultDatabase,
 
183
       member=GetDefaultDatabase
 
184
       peer=(label=unconfined),
178
185
  dbus (send)
179
186
       bus=session
180
187
       path=/org/gnome/GConf/Database/*
181
 
       member={AddMatch,AddNotify,AllEntries,LookupExtended,RemoveNotify},
 
188
       member={AddMatch,AddNotify,AllEntries,LookupExtended,RemoveNotify}
 
189
       peer=(label=unconfined),
 
190
  dbus (send)
 
191
       bus=session
 
192
       path=/org/gtk/vfs/mounttracker
 
193
       interface=org.gtk.vfs.MountTracker
 
194
       member=ListMountableInfo
 
195
       peer=(label=unconfined),
 
196
 
 
197
  # gnome-session
 
198
  dbus (send)
 
199
       bus=session
 
200
       path=/org/gnome/SessionManager
 
201
       interface=org.gnome.SessionManager
 
202
       member={Inhibit,Uninhibit}
 
203
       peer=(label=unconfined),
 
204
 
 
205
  # unity screen API
 
206
  dbus (send)
 
207
       bus=system
 
208
       interface="org.freedesktop.DBus.Introspectable"
 
209
       path="/com/canonical/Unity/Screen"
 
210
       member="Introspect"
 
211
       peer=(label=unconfined),
 
212
  dbus (send)
 
213
       bus=system
 
214
       interface="com.canonical.Unity.Screen"
 
215
       path="/com/canonical/Unity/Screen"
 
216
       member={keepDisplayOn,removeDisplayOnRequest}
 
217
       peer=(label=unconfined),
 
218
 
 
219
  # freedesktop.org ScreenSaver
 
220
  dbus (send)
 
221
       bus=session
 
222
       path=/{,org/freedesktop/,org.gnome/}Screen{s,S}aver
 
223
       interface=org.freedesktop.ScreenSaver
 
224
       member={Inhibit,UnInhibit,SimulateUserActivity}
 
225
       peer=(label=unconfined),
 
226
 
 
227
  # gnome, kde and cinnamon screensaver
 
228
  dbus (send)
 
229
       bus=session
 
230
       path=/{,ScreenSaver}
 
231
       interface=org.{gnome.ScreenSaver,kde.screensaver,cinnamon.ScreenSaver}
 
232
       member=SimulateUserActivity
 
233
       peer=(label=unconfined),
 
234
 
 
235
  # UPower
 
236
  dbus (send)
 
237
       bus=system
 
238
       path=/org/freedesktop/UPower
 
239
       interface=org.freedesktop.UPower
 
240
       member=EnumerateDevices
 
241
       peer=(label=unconfined),
182
242
 
183
243
  #
184
244
  # Extensions
210
270
    /usr/include/python2.[4567]/pyconfig.h r,
211
271
    /etc/lsb-release r,
212
272
    /etc/debian_version r,
 
273
    /usr/share/distro-info/*.csv r,
213
274
    /var/lib/dpkg/** r,
214
275
 
215
 
    /usr/local/lib/python3.[0-4]/dist-packages/ r,
 
276
    /usr/local/lib/python3.[0-6]/dist-packages/ r,
216
277
    /usr/bin/ r,
217
 
    /usr/bin/python3.[0-4] r,
 
278
    /usr/bin/python3.[0-6] mr,
218
279
 
219
280
    # file_inherit
220
281
    deny /tmp/gtalkplugin.log w,