# apparmor.d - Full set of apparmor profiles
# Copyright (C) 2020-2022 Mikhail Morfikov
# Copyright (C) 2021-2024 Alexandre Pujol <alexandre@pujol.io>
# SPDX-License-Identifier: GPL-2.0-only

  # Allow to receive some signals from new well-known profiles
  signal (receive)                           peer=htop,
  signal (receive)                           peer=sudo,
  signal (receive)                           peer=top,
  signal (receive) set=(cont,term,kill,stop) peer=systemd-shutdown,
  signal (receive) set=(cont,term)           peer=@{systemd_user},
  signal (receive) set=(cont,term)           peer=@{systemd},
  signal (receive) set=(hup)                 peer=xinit,
  signal (receive) set=(term,kill)           peer=gnome-shell,
  signal (receive) set=(term,kill)           peer=gnome-system-monitor,
  signal (receive) set=(term,kill)           peer=openbox,
  signal (receive) set=(term,kill)           peer=su,

  ptrace (readby) peer=systemd-coredump,

  /usr/share/locale/ r,

  @{etc_rw}/localtime r,
  /etc/locale.conf r,

  @{sys}/devices/system/cpu/possible r,

  deny /apparmor/.null rw,
