Merge pull request #2452 from bergotorino/feature/fix-pa-apparmor-rulesubuntu/16.04

interfaces/builtin: fix pulseaudio apparmor rules
author: Michael Vogt <michael.vogt@gmail.com> 2016-12-14 08:06:57 +0100
committer: GitHub <noreply@github.com> 2016-12-14 08:06:57 +0100
commit: 292c289a5441ea7e0296157fa6d9e67eba498fed (patch)
tree: 68238a7b17b864dd4b3993eeb4f319262007a0c9
parent: 8b2946082f0d403c10dba2ac359ffd9efdd78057 (diff)
parent: 64d299520e0679113e80862e6c7d564d993a2634 (diff)
1 files changed, 8 insertions, 0 deletions
diff --git a/interfaces/builtin/pulseaudio.go b/interfaces/builtin/pulseaudio.go
index 7cc60b2930..e92ea849fe 100644
--- a/interfaces/builtin/pulseaudio.go
+++ b/interfaces/builtin/pulseaudio.go
@@ -31,6 +31,8 @@ const pulseaudioConnectedPlugAppArmor = `
 
 owner /{,var/}run/pulse/ r,
 owner /{,var/}run/pulse/native rwk,
+owner /run/user/[0-9]*/ r,
+owner /run/user/[0-9]*/pulse/ rw,
 `
 
 const pulseaudioConnectedPlugAppArmorDesktop = `
@@ -92,6 +94,12 @@ owner /{,var/}run/pulse/** rwk,
 
 # Shared memory based communication with clients
 /{run,dev}/shm/pulse-shm-* rwk,
+
+/usr/share/applications/ r,
+
+owner /run/pulse/native/ rwk,
+owner /run/user/[0-9]*/ r,
+owner /run/user/[0-9]*/pulse/ rw,
 `
 
 const pulseaudioPermanentSlotSecComp = `
author	Michael Vogt <michael.vogt@gmail.com>	2016-12-14 08:06:57 +0100
committer	GitHub <noreply@github.com>	2016-12-14 08:06:57 +0100
commit	292c289a5441ea7e0296157fa6d9e67eba498fed (patch)
tree	68238a7b17b864dd4b3993eeb4f319262007a0c9
parent	8b2946082f0d403c10dba2ac359ffd9efdd78057 (diff)
parent	64d299520e0679113e80862e6c7d564d993a2634 (diff)