From 16b440ec98200782726c0eccec595f7c873b3297 Mon Sep 17 00:00:00 2001
From: barmogund <stephmg@mailfence.com>
Date: Fri, 1 Nov 2024 14:54:07 +0100
Subject: [PATCH] Update tlp

---
 apparmor.d/profiles-s-z/tlp | 29 ++++++++++++++---------------
 1 file changed, 14 insertions(+), 15 deletions(-)

diff --git a/apparmor.d/profiles-s-z/tlp b/apparmor.d/profiles-s-z/tlp
index bce8b4f9e..ededada30 100644
--- a/apparmor.d/profiles-s-z/tlp
+++ b/apparmor.d/profiles-s-z/tlp
@@ -29,7 +29,7 @@ profile tlp @{exec_path} flags=(attach_disconnected) {
 
   @{exec_path} mr,
 
-  @{bin}/systemctl              rix,
+  @{bin}/systemctl  rCx ->  systemctl,
   @{bin}/logger                 rix,
   @{sh_path}                    rix,
   @{bin}/cp                     rix,
@@ -57,30 +57,22 @@ profile tlp @{exec_path} flags=(attach_disconnected) {
   /etc/tlp.d/ r,
   /etc/tlp.d/** rw,
   /etc/tlp.conf rw,
-  /etc/udev/udev.conf r,
-
-  /usr/share/tlp/** rw,
-  /usr/share/tlp/func.d/** rw,
-
-  /usr/share/tlp/tlp-readconfs   rw,
+  
+  /usr/share/tlp/** r,
 
   /var/lib/power-profiles-daemon/state.ini rw,
 
-  owner /usr/share/tlp/bat.d/** rw,
-
   @{run}/udev/data/+platform:* r,
   owner @{run}/tlp/* rw,
   owner @{run}/tlp/lock_tlp  rwk,
-  owner @{run}/udev/data/b@{int}:@{int} r,
-
+  
   @{sys}/class/net/ r,
   @{sys}/class/power_supply/ r,
   @{sys}/bus/pci/drivers/mei_me/  r,
   @{sys}/bus/pci/drivers/nouveau/  r,
   @{sys}/bus/pci/drivers/xhci_hcd/  r,
-  @{sys}/devices/LNXSYSTM:@{rand2}/**/power_supply/BAT@{int}/type r,
-  @{sys}/devices/LNXSYSTM:@{rand2}/**/**/power_supply/BAT@{int}/type r,
-  @{sys}/devices/LNXSYSTM:@{rand2}/**/**/power_supply/BAT@{int}/present r,
+  @{sys}/devices/**/power_supply/BAT@{int}/type r,
+  @{sys}/devices/**/power_supply/BAT@{int}/present r,
   @{sys}/devices/@{pci}/ r,
   @{sys}/devices/@{pci}/power/control rw,
   @{sys}/devices/platform/**/power_supply/ADP@{int}/online r,
@@ -104,7 +96,12 @@ profile tlp @{exec_path} flags=(attach_disconnected) {
   owner /dev/sda r,
   /dev/tty rw,
 
-  include if exists <local/tlp>
+  profile systemctl {
+    include <abstractions/base>
+    include <abstractions/app/systemctl>
+
+    include if exists <local/<profile_name>_systemctl>
+  }
 
   profile udevadm {
     include <abstractions/base>
@@ -112,6 +109,8 @@ profile tlp @{exec_path} flags=(attach_disconnected) {
 
     include if exists <local/tlp_udevadm>
   }
+
+  include if exists <local/tlp>
 }
 
 # vim:syntax=apparmor