diff -Nru apparmor-easyprof-ubuntu-1.0.38/data/policygroups/ubuntu/1.0/calendar apparmor-easyprof-ubuntu-1.0.39/data/policygroups/ubuntu/1.0/calendar --- apparmor-easyprof-ubuntu-1.0.38/data/policygroups/ubuntu/1.0/calendar 2013-10-01 17:47:00.000000000 -0500 +++ apparmor-easyprof-ubuntu-1.0.39/data/policygroups/ubuntu/1.0/calendar 2013-10-11 23:41:28.000000000 -0500 @@ -19,3 +19,6 @@ dbus (receive, send) bus=session path=/org/gnome/evolution/dataserver/Calendar/**, +dbus (receive, send) + bus=session + path=/org/gnome/evolution/dataserver/CalendarView/**, diff -Nru apparmor-easyprof-ubuntu-1.0.38/data/policygroups/ubuntu/1.0/friends apparmor-easyprof-ubuntu-1.0.39/data/policygroups/ubuntu/1.0/friends --- apparmor-easyprof-ubuntu-1.0.38/data/policygroups/ubuntu/1.0/friends 2013-10-07 16:02:06.000000000 -0500 +++ apparmor-easyprof-ubuntu-1.0.39/data/policygroups/ubuntu/1.0/friends 2013-10-09 16:53:24.000000000 -0500 @@ -23,6 +23,10 @@ path=/com/canonical/dee/peer/com/canonical/Friends/Streams interface=com.canonical.Dee.Peer peer=(name=com.canonical.Friends.Streams), +dbus (receive) + bus=session + path=/com/canonical/dee/peer/com/canonical/Friends/Streams + interface=com.canonical.Dee.Peer, dbus (send) bus=session path=/com/canonical/dee/model/com/canonical/Friends/Streams diff -Nru apparmor-easyprof-ubuntu-1.0.38/data/templates/ubuntu/1.0/default apparmor-easyprof-ubuntu-1.0.39/data/templates/ubuntu/1.0/default --- apparmor-easyprof-ubuntu-1.0.38/data/templates/ubuntu/1.0/default 2013-10-09 12:47:37.000000000 -0500 +++ apparmor-easyprof-ubuntu-1.0.39/data/templates/ubuntu/1.0/default 2013-10-11 12:57:24.000000000 -0500 @@ -234,6 +234,7 @@ # subset of freedesktop.org /usr/share/mime/** r, owner @{HOME}/.local/share/mime/** r, + owner @{HOME}/.config/user-dirs.dirs r, /usr/share/glib*/schemas/gschemas.compiled r, @@ -288,7 +289,6 @@ # # thumbnailing helper # - /usr/share/thumbnailer/vs-thumb ixr, # FIXME: LP: #1235325 /usr/lib/@{multiarch}/thumbnailer/vs-thumb ixr, deny @{HOME}/.cache/tncache-write-text.null w, # silence access test # FIXME: this leaks running process. AppArmor kernel var could solve this diff -Nru apparmor-easyprof-ubuntu-1.0.38/data/templates/ubuntu/1.0/ubuntu-sdk apparmor-easyprof-ubuntu-1.0.39/data/templates/ubuntu/1.0/ubuntu-sdk --- apparmor-easyprof-ubuntu-1.0.38/data/templates/ubuntu/1.0/ubuntu-sdk 2013-10-09 12:47:37.000000000 -0500 +++ apparmor-easyprof-ubuntu-1.0.39/data/templates/ubuntu/1.0/ubuntu-sdk 2013-10-11 12:57:24.000000000 -0500 @@ -234,6 +234,7 @@ # subset of freedesktop.org /usr/share/mime/** r, owner @{HOME}/.local/share/mime/** r, + owner @{HOME}/.config/user-dirs.dirs r, /usr/share/glib*/schemas/gschemas.compiled r, @@ -288,7 +289,6 @@ # # thumbnailing helper # - /usr/share/thumbnailer/vs-thumb ixr, # FIXME: LP: #1235325 /usr/lib/@{multiarch}/thumbnailer/vs-thumb ixr, deny @{HOME}/.cache/tncache-write-text.null w, # silence access test # FIXME: this leaks running process. AppArmor kernel var could solve this diff -Nru apparmor-easyprof-ubuntu-1.0.38/data/templates/ubuntu/1.0/ubuntu-webapp apparmor-easyprof-ubuntu-1.0.39/data/templates/ubuntu/1.0/ubuntu-webapp --- apparmor-easyprof-ubuntu-1.0.38/data/templates/ubuntu/1.0/ubuntu-webapp 2013-10-09 12:47:47.000000000 -0500 +++ apparmor-easyprof-ubuntu-1.0.39/data/templates/ubuntu/1.0/ubuntu-webapp 2013-10-11 12:57:31.000000000 -0500 @@ -234,6 +234,7 @@ # subset of freedesktop.org /usr/share/mime/** r, owner @{HOME}/.local/share/mime/** r, + owner @{HOME}/.config/user-dirs.dirs r, # various /proc entries (be careful to not allow things that can be used to # enumerate installed apps-- this will be easier once we have a PID kernel @@ -286,7 +287,6 @@ # # thumbnailing helper # - /usr/share/thumbnailer/vs-thumb ixr, # FIXME: LP: #1235325 /usr/lib/@{multiarch}/thumbnailer/vs-thumb ixr, deny @{HOME}/.cache/tncache-write-text.null w, # silence access test # FIXME: this leaks running process. AppArmor kernel var could solve this diff -Nru apparmor-easyprof-ubuntu-1.0.38/debian/changelog apparmor-easyprof-ubuntu-1.0.39/debian/changelog --- apparmor-easyprof-ubuntu-1.0.38/debian/changelog 2013-10-09 12:48:54.000000000 -0500 +++ apparmor-easyprof-ubuntu-1.0.39/debian/changelog 2013-10-13 21:55:37.000000000 -0500 @@ -1,3 +1,14 @@ +apparmor-easyprof-ubuntu (1.0.39) saucy; urgency=low + + * friends: add dbus receive to interface=com.canonical.Dee.Peer + * ubuntu-* templates: + - add 'r' for ~/.config/user-dirs.dirs + - remove temporary vs-thumb /usr/share access now that it is fixed + (LP: #1235325) + * calendar: also allow CalendarView (LP: #1239073) + + -- Jamie Strandboge Sun, 13 Oct 2013 21:55:36 -0500 + apparmor-easyprof-ubuntu (1.0.38) saucy; urgency=low * ubuntu-* templates: move /run/shm/hybris_shm_data access out of the