From 1699260a87e020f90be4cedcb98a122c867c5e14 Mon Sep 17 00:00:00 2001
From: Alexandre Pujol <alexandre@pujol.io>
Date: Tue, 5 Mar 2024 00:16:24 +0000
Subject: [PATCH] fear(fsp): expand systemd-service for more services.

---
 apparmor.d/groups/_full/systemd-service | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/apparmor.d/groups/_full/systemd-service b/apparmor.d/groups/_full/systemd-service
index bc8f1eded..8b8203f42 100644
--- a/apparmor.d/groups/_full/systemd-service
+++ b/apparmor.d/groups/_full/systemd-service
@@ -43,10 +43,18 @@ profile systemd-service @{exec_path} flags=(attach_disconnected) {
   /var/log/dmesg rw,
   /var/log/dmesg.* rwl -> /var/log/dmesg,
 
+  # man-db.service
+  /usr/{,local/}share/man/{,**} r,
+  /var/cache/man/{,**} rw,
+
   # snapd.system-shutdown.service
   @{run}/initramfs/shutdown rw,
   @{run}/initramfs/ rw,
 
+  # cockpit.socket
+  @{run}/cockpit/@{rand8} rw,
+  @{run}/cockpit/motd w,
+
   @{PROC}/cmdline r,
   @{PROC}/sys/kernel/osrelease r,