Commit 77c349d0 authored by André Magalhães's avatar André Magalhães
parent 06fbf62b
# vim:set ft=apparmor:
###
# This abstraction allows identification of V4L camera devices.
#
# Older versions described it as allowing "access to VPU device file"
# and "V4L2 device files", although it actually does neither of those things.
# FIXME: The intention of this abstraction is unknown.
# See https://phabricator.apertis.org/T3586
#
# It also allows inspection of an x86 computer's vendor and product name
# via DMI ID. FIXME: Why? What does this have to do with cameras?
#
# Include <abstractions/video> if /sys/class/video4linux/ is needed.
#
# Status: Apertis-specific, candidate for deletion
# Privilege level: small additional privilege
# Known users: used by /usr/bin/gst-launch-1.0
###
/sys/devices/**/video4linux/*/dev r,
/sys/devices/**/modalias r,
/sys/devices/**/speed r,
/sys/devices/virtual/dmi/id/sys_vendor r ,
/sys/devices/virtual/dmi/id/product_name r,
/sys/devices/virtual/dmi/id/product_version r,
rm_conffile /etc/apparmor.d/abstractions/cameras UNRELEASED chaiwala-apparmor-profiles
rm_conffile /etc/apparmor.d/abstractions/chaiwala-execution UNRELEASED chaiwala-apparmor-profiles
rm_conffile /etc/apparmor.d/abstractions/chaiwala-helpers UNRELEASED chaiwala-apparmor-profiles
rm_conffile /etc/apparmor.d/abstractions/chaiwala-user-read UNRELEASED chaiwala-apparmor-profiles
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment