* ubuntu/1.2/accounts: online accounts now has Mir trusted session support so move accounts policy group to reserved (LP: #1230091) * ubuntu/1.2/ubuntu-scope-network, pending/ubuntu-scope-local-content: - add DBus session and system accesses to scope templates like we have in the app templates. This allows scopes to talk to trusted helpers like online accounts and location-service. Actual communication with the services is still controlled by the respective policy groups. - add scope-specific access to /run/user/[0-9]*/scopes/leaf-{net,fs}/* * ubuntu/1.2/ubuntu-scope-network, pending/ubuntu-scope-local-content: adjust path to settings, it was renamed to settings.ini (LP: #1356930) * ubuntu/1.2/ubuntu-scope-network, pending/ubuntu-scope-local-content: - allow rk access to scope specific settings.db - explicitly noisy deny rw access to unconfined directory * ubuntu/*: explicitly deny 'w' access to /dev/xLog (LP: #1352432) * ubuntu/1.2/connectivity: update to use upcoming connectivity DBus API (LP: #1341548) * ubuntu/1.[12]/contacts: remove workaround policy since address-book-app no longer uses the telepathy API (LP: #1227818) * ubuntu/*: explicitly deny rw access to /dev/fb0. It is both dangerous and noisy with the camera app * ubuntu/ubuntu-webapp: receive application-specific Open on org.freedesktop.Application to allow url-dispatcher working with already running webapps (LP: #1342129) * ubuntu/*: explicitly deny noisy access to @{PROC}/xlog (LP: #1352432)