Proposals that were decisively approved through voting: * Proposal 3.1 - Change subj= to subject= * Proposal 3.2 - Move the access to the front
Unfortunately, the way that I laid out the proposals in the last email did not result in clear decision on whether people preferred the original Proposal 3's grouping like subject=() or Proposal 3.5's subject {} style. I've revised the profiles to include what we have already approved. I'm asking for a *quick* set of responses to finalize this today. * Revised Proposal 3 - subject=() and peer=() dbus [acquire] [<bus>] [subject=(<subject>)], dbus [send | receive] [<bus>] [subject=(<subject>)] [peer=(<peer>)], /usr/bin/gnome-screensaver { # Ignore file and accessibility bus access for this exercise file, dbus bus=accessibility, # Talks to system and session buses dbus (send receive) bus={system,session} peer=(name=org.freedesktop.DBus), # Sends messages on the system bus dbus send bus=system peer=(name=org.freedesktop.ConsoleKit path=/org/freedesktop/ConsoleKit/Manager interface=org.freedesktop.ConsoleKit.Manager), dbus send bus=system peer=(name=org.freedesktop.Accounts path=/org/freedesktop/Accounts interface=org.freedesktop.Accounts), dbus send bus=system peer=(name=org.freedesktop.Accounts path=/org/freedesktop/Accounts/User* interface=org.freedesktop.DBus.Properties), # Receives messages on the session bus dbus acquire bus=session subject=(name=org.gnome.ScreenSaver), dbus receive bus=session subject=(path=/org/gnome/ScreenSaver interface=org.freedesktop.DBus.Properties), # Be selective because the Lock method is mediated by these rules dbus receive bus=session subject=(path=/org/gnome/ScreenSaver interface=org.gnome.ScreenSaver) peer=(label=/usr/bin/gnome-settings-daemon), dbus receive bus=session subject=(path=/org/gnome/ScreenSaver interface=org.gnome.ScreenSaver) peer=(name=com.canonical.indicator.session), # Sends messages on the session bus dbus send bus=session peer=(name=org.gnome.SessionManager path=/org/gnome/SessionManager/Presence interface=org.freedesktop.DBus.Properties), dbus send bus=session peer=(path=/org/gtk/vfs/mounttracker interface=org.gtk.vfs.MountTracker), dbus send bus=session peer=(name=org.gnome.Shell path=/org/gnome/Shell interface=org.freedesktop.DBus.Properties), } * Revised Proposal 3.5 - subject {} and peer {} dbus [acquire] [<bus>] [subject {<subject>}], dbus [send | receive] [<bus>] [subject {<subject>}] [peer {<peer>}], /usr/bin/gnome-screensaver { # Ignore file and accessibility bus access for this exercise file, dbus bus=accessibility, # Talks to system and session buses dbus (send receive) bus={system,session} peer {name=org.freedesktop.DBus}, # Sends messages on the system bus dbus send bus=system peer {name=org.freedesktop.ConsoleKit path=/org/freedesktop/ConsoleKit/Manager interface=org.freedesktop.ConsoleKit.Manager}, dbus send bus=system peer {name=org.freedesktop.Accounts path=/org/freedesktop/Accounts interface=org.freedesktop.Accounts}, dbus send bus=system peer {name=org.freedesktop.Accounts path=/org/freedesktop/Accounts/User* interface=org.freedesktop.DBus.Properties}, # Receives messages on the session bus dbus acquire bus=session subject {name=org.gnome.ScreenSaver}, dbus receive bus=session subject {path=/org/gnome/ScreenSaver interface=org.freedesktop.DBus.Properties}, # Be selective because the Lock method is mediated by these rules dbus receive bus=session subject {path=/org/gnome/ScreenSaver interface=org.gnome.ScreenSaver} peer {label=/usr/bin/gnome-settings-daemon}, dbus receive bus=session subject {path=/org/gnome/ScreenSaver interface=org.gnome.ScreenSaver} peer {name=com.canonical.indicator.session}, # Sends messages on the session bus dbus send bus=session peer {name=org.gnome.SessionManager path=/org/gnome/SessionManager/Presence interface=org.freedesktop.DBus.Properties}, dbus send bus=session peer {path=/org/gtk/vfs/mounttracker interface=org.gtk.vfs.MountTracker}, dbus send bus=session peer {name=org.gnome.Shell path=/org/gnome/Shell interface=org.freedesktop.DBus.Properties}, } Thanks! Tyler
signature.asc
Description: Digital signature
-- AppArmor mailing list AppArmor@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor