owner @{libo_user_dirs}/**~lock.* rw, #lock file support
owner @{libo_user_dirs}/**.@{libreoffice_ext} rwk, #Open files rw with the right exts
owner @{libo_user_dirs}/{,**/}lu??????????{,?}.tmp rwk, #Temporary file used when saving
+ owner @{libo_user_dirs}/{,**/}.directory r, #Read directory settings on KDE
# Settings
/etc/libreoffice/ r,
/proc/*/status r,
owner @{HOME}/.config/libreoffice{,dev}/** rwk,
+ owner @{HOME}/.config/soffice.binrc rwl -> @{HOME}/.config/#[0-9]*,
+ owner @{HOME}/.config/soffice.binrc.* rwl -> @{HOME}/.config/#[0-9]*,
+ owner @{HOME}/.config/soffice.binrc.lock rwk,
owner @{HOME}/.cache/fontconfig/** rw,
owner @{HOME}/.config/gtk-???/bookmarks r, #Make bookmarks work
owner @{HOME}/.recently-used rwk,
#Likely moving to abstractions in the future
owner @{HOME}/.icons/*/cursors/* r,
+ /etc/fstab r, # Solid::DeviceNotifier::instance() TODO: deny?
/sys/devices/pci[0-9]*/**/{device,subsystem_device,subsystem_vendor,uevent,vendor} r, # for libdrm
/usr/share/*-fonts/conf.avail/*.conf r,
/usr/share/fonts-config/conf.avail/*.conf r,
+ /{,var/}run/udev/data/+usb:* r, # Solid::Device::listFromQuery()
+ /{,var/}run/udev/data/{c,b}*:* r, # Solid::Device::description(), Solid::Device::listFromQuery()
+ @{PROC}/sys/kernel/random/boot_id r, # KRecentDocument::add() -> QSysInfo::bootUniqueId()
+
+ #To avoid "Unable to create io-slave." for file dialog
+ owner /{,var/}run/user/[0-9]*/#[0-9]* rw,
+ #For KIO IO::Slave::createSlave()
+ owner /{,var/}run/user/[0-9]*/soffice.bin*.slave-socket wl -> /{,var/}run/user/[0-9]*/#[0-9]*,
owner @{HOME}/.mozilla/firefox/profiles.ini r,
owner @{HOME}/.mozilla/firefox/*/secmod.db r,
owner @{HOME}/.mozilla/firefox/*/cert8.db r,
# firefox >= 58
owner @{HOME}/.mozilla/firefox/*/cert9.db r,
+
+ owner @{HOME}/.local/share/user-places.xbel r,
+
# there is abstractions/gnupg but that's just for gpg1...
profile gpg {
#include <abstractions/base>
/usr/lib/*/qt5/plugins/** rm,
/usr/share/plasma/look-and-feel/**/contents/defaults r,
+ # TODO: remove when rules are available in abstractions/kde
+ owner @{HOME}/.cache/ksycoca5_??_* r, # KDE System Configuration Cache
+ owner @{HOME}/.config/baloofilerc r, # indexing options (excludes, etc), used by KFileWidget
+ owner @{HOME}/.config/dolphinrc r, # settings used by KFileWidget
+ owner @{HOME}/.config/kde.org/libphonon.conf r, # for KNotifications::sendEvent()
+ owner @{HOME}/.config/klanguageoverridesrc r, # per-application languages, for KDEPrivate::initializeLanguages() from libKF5XmlGui.so
+ owner @{HOME}/.config/trashrc r, # user by KFileWidget
+ /usr/share/knotifications5/*.notifyrc r, # KNotification::sendEvent
+
+ # TODO: remove when rules are available in abstactions/kde-write-icon-cache or similar
+ owner @{HOME}/.cache/icon-cache.kcache rw, # for KIconLoader
+
+ # TODO: remove when rules are available in abstractions/kdeframeworks5 or simiar
+ /usr/share/kservices5/*.protocol r,
+
+ # TODO: use qt5-settings-write abstraction when it is available
+ owner @{HOME}/.config/#[0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9] rw,
+ owner @{HOME}/.config/QtProject.conf rw,
+ owner @{HOME}/.config/QtProject.conf.?????? l -> @{HOME}/.config/#[0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9],
+ owner @{HOME}/.config/QtProject.conf.?????? rw, # for temporary files like QtProject.conf.Aqrgeb
+ owner @{HOME}/.config/QtProject.conf.lock rwk,
+
+ # TODO: use qt5-compose-cache-write abstraction when it is available
+ owner @{HOME}/.cache/qt_compose_cache_{little,big}_endian_* r,
+
+ # TODO: use recent-documents-write abstaction when it is available
+ owner @{HOME}/.local/share/RecentDocuments/** r,
+ owner @{HOME}/.local/share/RecentDocuments/*.desktop rwl -> @{HOME}/.local/share/RecentDocuments/#[0-9]*,
+ owner @{HOME}/.local/share/RecentDocuments/#[0-9]* rw,
+ owner @{HOME}/.local/share/RecentDocuments/*.lock rwk,
+
+ # TODO: use kde-globals-write abstraction when it is available
+ owner @{HOME}/.config/kdeglobals rw,
+ owner @{HOME}/.config/kdeglobals.* rwl -> @{HOME}/.config/#[0-9]*,
+ owner @{HOME}/.config/kdeglobals.lock rwk,
}
projects / libreoffice.git / commitdiff