You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

103 lines
2.8 KiB

#include <tunables/global>
/usr/bin/virt-manager {
#include <abstractions/gnome>
#include <abstractions/openssl>
#include <abstractions/python>
# Enable this if you want audio
# #include <abstractions/audio>
network netlink raw,
network tcp,
network udp,
/etc/resolv.conf r,
/etc/host.conf r,
/etc/nsswitch.conf r,
/etc/passwd r,
/dev/ r,
/etc/libnl/classid r,
/sys/devices/system/node/ r,
/sys/devices/system/node/node0/meminfo r,
/usr/bin/bash ix,
/usr/bin/env ix,
/usr/bin/getfacl mrix,
/usr/bin/python3 mrix,
/usr/bin/python3.7 mrix,
/usr/bin/setfacl mrix,
/usr/bin/virt-manager r,
/usr/share/gtk-3.0/settings.ini r,
/usr/share/hwdata/pci.ids r,
/usr/share/hwdata/usb.ids r,
/usr/share/osinfo/ r,
/usr/share/osinfo/* r,
# Datamaps
/usr/share/osinfo/datamap/ r,
/usr/share/osinfo/datamap/*/ r,
/usr/share/osinfo/datamap/*/* r,
# Devices
/usr/share/osinfo/device/ r,
/usr/share/osinfo/device/*/ r,
/usr/share/osinfo/device/*/* r,
/usr/share/osinfo/device/*/*/ r,
/usr/share/osinfo/device/*/*/* r,
# Operating systems
/usr/share/osinfo/install-script/ r,
/usr/share/osinfo/install-script/*/ r,
/usr/share/osinfo/install-script/*/*.xml r,
/usr/share/osinfo/os/ r,
/usr/share/osinfo/os/*/ r,
/usr/share/osinfo/os/*/*.xml r,
# Platforms
/usr/share/osinfo/platform/ r,
/usr/share/osinfo/platform/*/ r,
/usr/share/osinfo/platform/*/*.xml r,
/usr/share/osinfo/schema/ r,
/usr/share/osinfo/schema/osinfo.rng r,
/usr/share/virt-manager/ r,
/usr/share/virt-manager/icons/ r,
/usr/share/virt-manager/icons/hicolor/*/*/ r,
/usr/share/virt-manager/icons/hicolor/*/*/* r,
/usr/share/virt-manager/virt-manager mrix,
/usr/share/virt-manager/ui/*.ui r,
/usr/share/virt-manager/virtManager/ r,
/usr/share/virt-manager/virtManager/* r,
/usr/share/virt-manager/virtManager/__pycache__/* r,
/usr/share/virt-manager/virtcli/ r,
/usr/share/virt-manager/virtcli/* r,
/usr/share/virt-manager/virtcli/__pycache__/* r,
/usr/share/virt-manager/virtinst/ r,
/usr/share/virt-manager/virtinst/* r,
/usr/share/virt-manager/virtinst/__pycache__/* r,
/usr/share/virt-manager/virtinst/devices/ r,
/usr/share/virt-manager/virtinst/devices/* r,
/usr/share/virt-manager/virtinst/devices/__pycache__/* r,
/usr/share/virt-manager/virtinst/domain/ r,
/usr/share/virt-manager/virtinst/domain/* r,
/usr/share/virt-manager/virtinst/domain/__pycache__/* r,
/var/lib/libvirt r,
/var/lib/libvirt/* r,
/var/lib/libvirt/dnsmasq/* rw,
/var/lib/libvirt/images/* rw,
/var/lib/libvirt/lxc/* rw,
owner @{HOME}/.cache/fontconfig/ w,
owner @{HOME}/.cache/fontconfig/* rwl,
owner @{HOME}/.cache/virt-manager/ w,
owner @{HOME}/.cache/virt-manager/* rw,
owner @{HOME}/.config/dconf/user r,
owner @{PROC}/@{pid}/fd/ r,
}