From 04c2cabeb636dc98faa8a9aaae1d7f2ed9ea9138 Mon Sep 17 00:00:00 2001
From: Alexandre Pujol <alexandre@pujol.io>
Date: Wed, 11 Sep 2024 19:40:01 +0100
Subject: [PATCH] feat(profile): remove linssid profile.

---
 apparmor.d/profiles-g-l/linssid | 113 --------------------------------
 1 file changed, 113 deletions(-)
 delete mode 100644 apparmor.d/profiles-g-l/linssid

diff --git a/apparmor.d/profiles-g-l/linssid b/apparmor.d/profiles-g-l/linssid
deleted file mode 100644
index 615f51b62..000000000
--- a/apparmor.d/profiles-g-l/linssid
+++ /dev/null
@@ -1,113 +0,0 @@
-# apparmor.d - Full set of apparmor profiles
-# Copyright (C) 2020-2021 Mikhail Morfikov
-# Copyright (C) 2021-2024 Alexandre Pujol <alexandre@pujol.io>
-# SPDX-License-Identifier: GPL-2.0-only
-
-abi <abi/3.0>,
-
-include <tunables/global>
-
-@{exec_path} = @{bin}/linssid @{bin}/linssid-pkexec
-profile linssid @{exec_path} {
-  include <abstractions/base>
-  include <abstractions/X>
-  include <abstractions/gtk>
-  include <abstractions/fonts>
-  include <abstractions/fontconfig-cache-read>
-  include <abstractions/freedesktop.org>
-  include <abstractions/nameservice-strict>
-  include <abstractions/dri-enumerate>
-  include <abstractions/mesa>
-  include <abstractions/qt5>
-
-  # For reading/saving config/log files when linssid is started via pkexec
-  #capability dac_read_search,
-  #capability dac_override,
-
-  # Needed?
-  deny capability sys_admin,
-  deny capability sys_nice,
-
-  @{exec_path} mr,
-
-  @{sh_path}        rix,
-  @{bin}/cat        rix,
-
-  # When linssid is run as root, it wants to exec dbus-launch, and hence it creates the two
-  # following root processes:
-  #  dbus-launch --autolaunch e0a30ad97cd6421c85247839ccef9db2 --binary-syntax --close-stderr
-  #  /usr/bin/dbus-daemon --syslog-only --fork --print-pid 5 --print-address 7 --session
-  #
-  # Should this be allowed? Linssid works fine without this.
-  #@{bin}/dbus-launch        rCx -> dbus,
-  #@{bin}/dbus-send          rCx -> dbus,
-  deny @{bin}/dbus-launch rx,
-  deny @{bin}/dbus-send   rx,
-
-  @{bin}/iw      rCx -> iw,
-  @{bin}/pkexec      rPx,
-
-  # For regular run as root user
-  owner @{HOME}/.linssid.prefs rw,
-  owner @{HOME}/LinSSID.datalog rw,
-  # For pkexec
-  #@{HOME}/.linssid.prefs rw,
-  #@{HOME}/LinSSID.datalog rw,
-
-  /usr/share/linssid/{,*} r,
-
-  /usr/share/hwdata/pnp.ids r,
-
-  owner @{PROC}/@{pid}/fd/ r,
-  owner @{PROC}/@{pid}/net/wireless r,
-  owner @{PROC}/@{pid}/cmdline r,
-
-  owner @{tmp}/runtime-root/ rw,
-  owner @{tmp}/linssid_* rw,
-
-  /var/lib/dbus/machine-id r,
-  /etc/machine-id r,
-
-  # For shell pwd
-  /root/ r,
-
-  # file_inherit
-  owner /dev/tty@{int} rw,
-
-
-  profile iw {
-    include <abstractions/base>
-
-    capability net_admin,
-    deny capability sys_module,
-
-    network netlink raw,
-
-    @{bin}/iw mr,
-
-    # file_inherit
-    owner @{HOME}/.linssid.prefs rw,
-    owner @{HOME}/LinSSID.datalog rw,
-    owner @{tmp}/linssid_* rw,
-    owner /dev/dri/card@{int} rw,
-
-  }
-
-  profile dbus {
-    include <abstractions/base>
-    include <abstractions/nameservice-strict>
-
-    @{bin}/dbus-launch   mr,
-    @{bin}/dbus-send     mr,
-    @{bin}/dbus-daemon rPUx,
-
-    # for dbus-launch
-    owner @{HOME}/.dbus/session-bus/@{hex}-[0-9] w,
-
-    @{HOME}/.Xauthority r,
-  }
-
-  include if exists <local/linssid>
-}
-
-# vim:syntax=apparmor