Added usr.bin.virt-manager

4 years ago · 8776fc15ba
parent 1d028d713f
commit 8776fc15ba
1 changed files with 103 additions and 0 deletions
--- a/usr.bin.virt-manager
+++ b/usr.bin.virt-manager
@ -0,0 +1,103 @@
+#include <tunables/global>
+
+/usr/bin/virt-manager {
+  #include <abstractions/gnome>
+  #include <abstractions/openssl>
+  #include <abstractions/python>
+  
+  # Enable this if you want audio
+  # #include <abstractions/audio>
+
+  network netlink raw,
+  network tcp, 
+  network udp,
+
+  /etc/resolv.conf r,
+  /etc/host.conf r,
+  /etc/nsswitch.conf r,
+  /etc/passwd r,
+  
+  /dev/ r,
+  /etc/libnl/classid r,
+  /sys/devices/system/node/ r,
+  /sys/devices/system/node/node0/meminfo r,
+  /usr/bin/bash ix,
+  /usr/bin/env ix,
+  /usr/bin/getfacl mrix,
+  /usr/bin/python3 mrix,
+  /usr/bin/python3.7 mrix,
+  /usr/bin/setfacl mrix,
+
+  /usr/bin/virt-manager r,
+  /usr/share/gtk-3.0/settings.ini r,
+  /usr/share/hwdata/pci.ids r,
+  /usr/share/hwdata/usb.ids r,
+
+  /usr/share/osinfo/ r,
+  /usr/share/osinfo/* r,
+  
+  # Datamaps
+  /usr/share/osinfo/datamap/ r,
+  /usr/share/osinfo/datamap/*/ r,
+  /usr/share/osinfo/datamap/*/* r,
+  
+  # Devices
+  /usr/share/osinfo/device/ r,
+  /usr/share/osinfo/device/*/ r,
+  /usr/share/osinfo/device/*/* r,
+  /usr/share/osinfo/device/*/*/ r,
+  /usr/share/osinfo/device/*/*/* r,
+
+  # Operating systems
+  /usr/share/osinfo/install-script/ r,
+  /usr/share/osinfo/install-script/*/ r,
+  /usr/share/osinfo/install-script/*/*.xml r,
+  /usr/share/osinfo/os/ r,
+  /usr/share/osinfo/os/*/ r,
+  /usr/share/osinfo/os/*/*.xml r,
+  
+  # Platforms
+  /usr/share/osinfo/platform/ r,
+  /usr/share/osinfo/platform/*/ r,
+  /usr/share/osinfo/platform/*/*.xml r,
+
+  /usr/share/osinfo/schema/ r,
+  /usr/share/osinfo/schema/osinfo.rng r,
+
+  /usr/share/virt-manager/ r,
+  /usr/share/virt-manager/icons/ r,
+  /usr/share/virt-manager/icons/hicolor/*/*/ r,
+  /usr/share/virt-manager/icons/hicolor/*/*/* r,
+
+  /usr/share/virt-manager/virt-manager mrix,
+  /usr/share/virt-manager/ui/*.ui r,
+  /usr/share/virt-manager/virtManager/ r,
+  /usr/share/virt-manager/virtManager/* r,
+  /usr/share/virt-manager/virtManager/__pycache__/* r,
+  /usr/share/virt-manager/virtcli/ r,
+  /usr/share/virt-manager/virtcli/* r,
+  /usr/share/virt-manager/virtcli/__pycache__/* r,
+  /usr/share/virt-manager/virtinst/ r,
+  /usr/share/virt-manager/virtinst/* r,
+  /usr/share/virt-manager/virtinst/__pycache__/* r,
+  /usr/share/virt-manager/virtinst/devices/ r,
+  /usr/share/virt-manager/virtinst/devices/* r,
+  /usr/share/virt-manager/virtinst/devices/__pycache__/* r,
+  /usr/share/virt-manager/virtinst/domain/ r,
+  /usr/share/virt-manager/virtinst/domain/* r,
+  /usr/share/virt-manager/virtinst/domain/__pycache__/* r,
+
+  /var/lib/libvirt r,
+  /var/lib/libvirt/* r,
+  /var/lib/libvirt/dnsmasq/* rw,
+  /var/lib/libvirt/images/* rw,
+  /var/lib/libvirt/lxc/* rw,
+
+  owner @{HOME}/.cache/fontconfig/ w,
+  owner @{HOME}/.cache/fontconfig/* rwl,
+  owner @{HOME}/.cache/virt-manager/ w,
+  owner @{HOME}/.cache/virt-manager/* rw,
+  owner @{HOME}/.config/dconf/user r,
+  owner @{PROC}/@{pid}/fd/ r,
+
+}