feat(profiles): replace old [0-9]* glob by @{int}

Beware some [0-9]* glob are actually not proper @{int}.

apparmor.d/profiles-m-r/megasync

@@ -80,7 +80,7 @@ profile megasync @{exec_path} {
   @{bin}/spacefm         rPx,
 
   # file_inherit
-  owner /dev/tty[0-9]* rw,
+  owner /dev/tty@{int} rw,
 
 
   profile open {

apparmor.d/profiles-m-r/merkaartor

@@ -56,7 +56,7 @@ profile merkaartor @{exec_path} {
   owner /tmp/qtsingleapp-merkaa-*-lockfile rwk,
 
   @{sys}/devices/system/node/ r,
-  @{sys}/devices/system/node/node[0-9]*/meminfo r,
+  @{sys}/devices/system/node/node@{int}/meminfo r,
 
   include if exists <local/merkaartor>
 }

apparmor.d/profiles-m-r/minitube

@@ -95,7 +95,7 @@ profile minitube @{exec_path} {
   @{lib}/firefox/firefox  rPx,
 
   # file_inherit
-  owner /dev/tty[0-9]* rw,
+  owner /dev/tty@{int} rw,
 
 
   profile open {
@@ -139,7 +139,7 @@ profile minitube @{exec_path} {
     owner @{HOME}/.Xauthority r,
 
     # file_inherit
-    /dev/dri/card[0-9]* rw,
+    /dev/dri/card@{int} rw,
     network inet stream,
     network inet6 stream,
   }

apparmor.d/profiles-m-r/mkvmerge

@@ -23,7 +23,7 @@ profile mkvmerge @{exec_path} {
   owner /tmp/MKVToolNix-GUI-MuxJob-*.json r,
 
   # file_inherit
-  /dev/dri/card[0-9]* rw,
+  /dev/dri/card@{int} rw,
 
   include if exists <local/mkvmerge>
 }

apparmor.d/profiles-m-r/mkvtoolnix-gui

@@ -65,7 +65,7 @@ profile mkvtoolnix-gui @{exec_path} {
              @{PROC}/@{pid}/mountinfo r,
              @{PROC}/@{pid}/mounts r,
 
-  owner /dev/tty[0-9]* rw,
+  owner /dev/tty@{int} rw,
 
   include if exists <local/mkvtoolnix-gui>
 }

apparmor.d/profiles-m-r/mount-zfs

@@ -16,7 +16,7 @@ profile mount-zfs @{exec_path} flags=(complain) {
 
   @{exec_path} mr,
 
-  /dev/pts/[0-9]* rw,
+  /dev/pts/@{int} rw,
 
   @{MOUNTDIRS}/ r,
   @{MOUNTS}/ r,

apparmor.d/profiles-m-r/mpv

@@ -60,7 +60,7 @@ profile mpv @{exec_path} {
   owner /tmp/mpsyt-input* rw,
   owner /tmp/mpsyt-mpv*.sock rw,
   owner /tmp/smplayer-mpv-* rw,
-  owner /tmp/smplayer_preview/[0-9]*.{jpg,png} w,
+  owner /tmp/smplayer_preview/@{int}.{jpg,png} w,
   owner /tmp/smplayer_screenshots/cap_*.{jpg,png} w,
 
   owner @{run}/user/@{uid}/gvfs/smb-share:server=*,share=**/ r,
@@ -83,8 +83,8 @@ profile mpv @{exec_path} {
   @{sys}/devices/**/sound/**/capabilities/* r,
   @{sys}/devices/**/sound/**/uevent r,
 
-        /dev/input/event[0-9]* r,
-  owner /dev/tty[0-9]* rw,
+        /dev/input/event@{int} r,
+  owner /dev/tty@{int} rw,
 
   profile xdg-screensaver {
     include <abstractions/base>
@@ -105,7 +105,7 @@ profile mpv @{exec_path} {
     owner @{HOME}/.Xauthority r,
 
     # file_inherit
-    /dev/dri/card[0-9]* rw,
+    /dev/dri/card@{int} rw,
     network inet stream,
     network inet6 stream,
   }

apparmor.d/profiles-m-r/mumble

@@ -74,7 +74,7 @@ profile mumble @{exec_path} {
   @{lib}/firefox/firefox rPUx,
 
   # file_inherit
-  owner /dev/tty[0-9]* rw,
+  owner /dev/tty@{int} rw,
 
 
   profile open {

apparmor.d/profiles-m-r/needrestart-iucode-scan-versions

@@ -27,11 +27,11 @@ profile needrestart-iucode-scan-versions @{exec_path} {
   /boot/intel-ucode.img r,
   /boot/early_ucode.cpio r,
  
-  @{sys}/devices/system/cpu/cpu[0-9]*/microcode/processor_flags r,
+  @{sys}/devices/system/cpu/cpu@{int}/microcode/processor_flags r,
 
         /dev/tty rw,
-        /dev/tty[0-9]* rw,
-  owner /dev/pts/[0-9]* rw,
+        /dev/tty@{int} rw,
+  owner /dev/pts/@{int} rw,
 
   include if exists <local/needrestart-iucode-scan-versions>
 }

apparmor.d/profiles-m-r/numlockx

@@ -15,7 +15,7 @@ profile numlockx @{exec_path} {
   owner @{HOME}/.Xauthority r,
 
   # file_inherit
-  owner /dev/tty[0-9]* rw,
+  owner /dev/tty@{int} rw,
   owner @{HOME}/.xsession-errors w,
 
   include if exists <local/numlockx>

apparmor.d/profiles-m-r/nvtop

@@ -37,16 +37,16 @@ profile nvtop @{exec_path} flags=(attach_disconnected) {
   @{sys}/bus/ r,
   @{sys}/class/ r,
   @{sys}/class/drm/ r,
-  @{sys}/devices/pci[0-9]*/**/drm/card[0-9]*/gt_cur_freq_mhz r,
+  @{sys}/devices/pci[0-9]*/**/drm/card@{int}/gt_cur_freq_mhz r,
   @{sys}/devices/pci[0-9]*/**/enable r,
-  @{sys}/devices/system/node/node[0-9]*/cpumap r,
+  @{sys}/devices/system/node/node@{int}/cpumap r,
 
   @{PROC}/ r,
   @{PROC}/@{pids}/ r,
   @{PROC}/@{pids}/cmdline r,
   @{PROC}/@{pids}/fd/ r,
   @{PROC}/@{pids}/fdinfo/ r,
-  @{PROC}/@{pids}/fdinfo/[0-9]* r,
+  @{PROC}/@{pids}/fdinfo/@{int} r,
   @{PROC}/@{pids}/stat r,
   @{PROC}/driver/nvidia/capabilities/mig/{config,monitor}  r,
 

apparmor.d/profiles-m-r/obconf

@@ -33,7 +33,7 @@ profile obconf @{exec_path} {
   /etc/fstab r,
 
   # file_inherit
-  owner /dev/tty[0-9]* rw,
+  owner /dev/tty@{int} rw,
 
   include if exists <local/obconf>
 }

apparmor.d/profiles-m-r/openbox

@@ -46,7 +46,7 @@ profile openbox @{exec_path} {
   owner @{PROC}/@{pid}/fd/ r,
 
   # file_inherit
-  owner /dev/tty[0-9]* rw,
+  owner /dev/tty@{int} rw,
   owner @{HOME}/.xsession-errors w,
 
 
@@ -79,7 +79,7 @@ profile openbox @{exec_path} {
 
     # file_inherit
     owner @{HOME}/.xsession-errors w,
-    owner /dev/tty[0-9]* rw,
+    owner /dev/tty@{int} rw,
 
     include if exists <local/openbox_autostart>
   }

apparmor.d/profiles-m-r/openbox-session

@@ -21,7 +21,7 @@ profile openbox-session @{exec_path} {
 
   # file_inherit
   owner @{HOME}/.xsession-errors w,
-  owner /dev/tty[0-9]* rw,
+  owner /dev/tty@{int} rw,
 
   include if exists <local/openbox-session>
 }

apparmor.d/profiles-m-r/orage

@@ -40,7 +40,7 @@ profile orage @{exec_path} {
   @{lib}/firefox/firefox rPUx,
 
   # file_inherit
-  owner /dev/tty[0-9]* rw,
+  owner /dev/tty@{int} rw,
 
 
   profile open {

apparmor.d/profiles-m-r/packagekitd

@@ -127,7 +127,7 @@ profile packagekitd @{exec_path} flags=(attach_disconnected) {
   owner @{run}/systemd/users/@{uid} r,
   owner @{run}/zypp-rpm.pid rwk, # only: opensuse
 
-  owner /dev/shm/AP_0x??????/{,**} rw,
+  owner /dev/shm/AP_0x@{rand6}/{,**} rw,
   owner /dev/shm/ r,
 
   @{sys}/**/ r,

apparmor.d/profiles-m-r/pactl

@@ -27,7 +27,7 @@ profile pactl @{exec_path} {
   owner @{user_config_dirs}/pulse/ rw,
 
   # file_inherit
-  owner /dev/tty[0-9]* rw,
+  owner /dev/tty@{int} rw,
   owner @{HOME}/.xsession-errors w,
   owner @{HOME}/.anyRemote/anyremote.stdout w,
 

apparmor.d/profiles-m-r/pavucontrol

@@ -33,7 +33,7 @@ profile pavucontrol @{exec_path} {
   /usr/share/**/icons/**/*.png r,
 
   # file_inherit
-  owner /dev/tty[0-9]* rw,
+  owner /dev/tty@{int} rw,
 
   include if exists <local/pavucontrol>
 }

apparmor.d/profiles-m-r/picom

@@ -32,7 +32,7 @@ profile picom @{exec_path} {
   owner @{PROC}/@{pid}/fd/ r,
 
   # file_inherit
-  owner /dev/tty[0-9]* rw,
+  owner /dev/tty@{int} rw,
 
   include if exists <local/picom>
 }

apparmor.d/profiles-m-r/pidof

@@ -23,7 +23,7 @@ profile pidof @{exec_path} {
   @{PROC}/@{pids}/stat r,
   @{PROC}/sys/kernel/osrelease r,
 
-  owner /dev/tty[0-9]* rw,
+  owner /dev/tty@{int} rw,
 
   include if exists <local/pidof>
 }

apparmor.d/profiles-m-r/pkexec

@@ -70,7 +70,7 @@ profile pkexec @{exec_path} {
   owner @{PROC}/@{pid}/fd/ r,
 
   # file_inherit
-  owner /dev/tty[0-9]* rw,
+  owner /dev/tty@{int} rw,
   owner @{HOME}/.xsession-errors w,
 
   # Silencer

apparmor.d/profiles-m-r/power-profiles-daemon

@@ -52,10 +52,10 @@ profile power-profiles-daemon @{exec_path} flags=(attach_disconnected) {
   @{sys}/devices/**/power_supply/*/uevent r,
   @{sys}/devices/system/cpu/*_pstate/{no_turbo,turbo_pct} r,
   @{sys}/devices/system/cpu/*_pstate/status r,
-  @{sys}/devices/system/cpu/cpu[0-9]*/power/energy_perf_bias rw,
+  @{sys}/devices/system/cpu/cpu@{int}/power/energy_perf_bias rw,
   @{sys}/devices/system/cpu/cpufreq/ r,
-  @{sys}/devices/system/cpu/cpufreq/policy[0-9]*/energy_performance_preference rw,
-  @{sys}/devices/system/cpu/cpufreq/policy[0-9]*/scaling_governor rw,
+  @{sys}/devices/system/cpu/cpufreq/policy@{int}/energy_performance_preference rw,
+  @{sys}/devices/system/cpu/cpufreq/policy@{int}/scaling_governor rw,
   @{sys}/firmware/acpi/platform_profile* rw,
   @{sys}/firmware/acpi/pm_profile* rw,
 

apparmor.d/profiles-m-r/ps

@@ -23,8 +23,8 @@ profile ps @{exec_path} flags=(attach_disconnected) {
   @{run}/systemd/sessions/* r,
 
   @{sys}/devices/system/node/ r,
-  @{sys}/devices/system/node/node[0-9]*/cpumap r,
-  @{sys}/devices/system/node/node[0-9]*/meminfo r,
+  @{sys}/devices/system/node/node@{int}/cpumap r,
+  @{sys}/devices/system/node/node@{int}/meminfo r,
 
   @{PROC}/ r,
   @{PROC}/@{pids}/attr/current r,
@@ -47,7 +47,7 @@ profile ps @{exec_path} flags=(attach_disconnected) {
 
   # file_inherit
   owner @{HOME}/.xsession-errors w,
-  owner /dev/tty[0-9]* rw,
+  owner /dev/tty@{int} rw,
 
   deny @{user_share_dirs}/gvfs-metadata/* r,
 

apparmor.d/profiles-m-r/psi

@@ -78,7 +78,7 @@ profile psi @{exec_path} {
   /dev/shm/#@{int} rw,
 
   # file_inherit
-  owner /dev/tty[0-9]* rw,
+  owner /dev/tty@{int} rw,
 
   profile aplay {
     include <abstractions/base>
@@ -95,7 +95,7 @@ profile psi @{exec_path} {
     owner @{HOME}/.Xauthority r,
 
     # file_inherit
-    /dev/dri/card[0-9]* rw,
+    /dev/dri/card@{int} rw,
 
   }
 
@@ -108,7 +108,7 @@ profile psi @{exec_path} {
     owner @{HOME}/.gnupg/** rwkl -> @{HOME}/.gnupg/**,
 
     # file_inherit
-    /dev/dri/card[0-9]* rw,
+    /dev/dri/card@{int} rw,
 
   }
 

apparmor.d/profiles-m-r/psi-plus

@@ -77,7 +77,7 @@ profile psi-plus @{exec_path} {
   /dev/shm/#@{int} rw,
 
   # file_inherit
-  owner /dev/tty[0-9]* rw,
+  owner /dev/tty@{int} rw,
 
   profile aplay {
     include <abstractions/base>
@@ -94,7 +94,7 @@ profile psi-plus @{exec_path} {
     owner @{HOME}/.Xauthority r,
 
     # file_inherit
-    /dev/dri/card[0-9]* rw,
+    /dev/dri/card@{int} rw,
 
   }
 
@@ -107,7 +107,7 @@ profile psi-plus @{exec_path} {
     owner @{HOME}/@{XDG_GPG_DIR}/** rwkl -> @{HOME}/@{XDG_GPG_DIR}/**,
 
     # file_inherit
-    /dev/dri/card[0-9]* rw,
+    /dev/dri/card@{int} rw,
 
   }
 

apparmor.d/profiles-m-r/pulseeffects

@@ -33,7 +33,7 @@ profile pulseeffects @{exec_path} {
   owner @{PROC}/@{pid}/fd/ r,
 
   # file_inherit
-  owner /dev/tty[0-9]* rw,
+  owner /dev/tty@{int} rw,
 
   include if exists <local/pulseeffects>
 }

apparmor.d/profiles-m-r/qbittorrent

@@ -163,7 +163,7 @@ profile qbittorrent @{exec_path} {
   owner /tmp/xauth-[0-9]*-_[0-9] rw,
 
   # file_inherit
-  owner /dev/tty[0-9]* rw,
+  owner /dev/tty@{int} rw,
 
   # gnome-tiny
   /usr/share/gvfs/remote-volume-monitors/{,*} r,
@@ -267,7 +267,7 @@ profile qbittorrent @{exec_path} {
 
     # file_inherit
     owner @{MOUNTS}/torrent/** r,
-    deny /dev/dri/card[0-9]* rw,
+    deny /dev/dri/card@{int} rw,
 
     include if exists <local/qbittorrent_python3>
   }

apparmor.d/profiles-m-r/qnapi

@@ -81,7 +81,7 @@ profile qnapi @{exec_path} {
        owner @{PROC}/@{pid}/mounts r,
   deny       @{PROC}/sys/kernel/random/boot_id r,
 
-  owner /dev/tty[0-9]* rw,
+  owner /dev/tty@{int} rw,
 
   profile open {
     include <abstractions/base>

apparmor.d/profiles-m-r/qpdfview

@@ -67,7 +67,7 @@ profile qpdfview @{exec_path} {
   deny       @{PROC}/sys/kernel/random/boot_id r,
   deny owner @{PROC}/@{pid}/cmdline r,
 
-  owner /dev/tty[0-9]* rw,
+  owner /dev/tty@{int} rw,
 
   include if exists <local/qpdfview>
 }

apparmor.d/profiles-m-r/qtox

@@ -63,10 +63,10 @@ profile qtox @{exec_path} {
   owner /tmp/qipc_{systemsem,sharedmemory}_*@{hex} rw,
 
   @{sys}/devices/system/node/ r,                   # for ld-linux-x86-64.so -> libnuma1.so
-  @{sys}/devices/system/node/node[0-9]*/meminfo r, # for ld-linux-x86-64.so -> libnuma1.so
+  @{sys}/devices/system/node/node@{int}/meminfo r, # for ld-linux-x86-64.so -> libnuma1.so
 
   /dev/ r,
-  /dev/video[0-9]* rw,
+  /dev/video@{int} rw,
 
 
   profile open {
@@ -91,7 +91,7 @@ profile qtox @{exec_path} {
     # file_inherit
     owner @{HOME}/.xsession-errors w,
     owner @{user_cache_dirs}/qTox/qtox.log w,
-    deny /dev/video[0-9]* rw,
+    deny /dev/video@{int} rw,
 
   }
 

apparmor.d/profiles-m-r/quiterss

@@ -73,7 +73,7 @@ profile quiterss @{exec_path} {
   @{lib}/firefox/firefox rPUx,
 
   # file_inherit
-  owner /dev/tty[0-9]* rw,
+  owner /dev/tty@{int} rw,
 
 
   profile open {

apparmor.d/profiles-m-r/rdmsr

@@ -15,7 +15,7 @@ profile rdmsr @{exec_path} {
 
   @{exec_path} mr,
 
-  owner /dev/cpu/[0-9]*/msr r,
+  owner /dev/cpu/@{int}/msr r,
 
   include if exists <local/rdmsr>
 }

apparmor.d/profiles-m-r/redshift

@@ -36,7 +36,7 @@ profile redshift @{exec_path} {
   owner /tmp/xauth-[0-9]*-_[0-9] r,
 
   # file_inherit
-  owner /dev/tty[0-9]* rw,
+  owner /dev/tty@{int} rw,
 
   include if exists <local/redshift>
 }

apparmor.d/profiles-m-r/run-parts

@@ -104,7 +104,7 @@ profile run-parts @{exec_path} {
 
   # Motd
   /etc/update-motd.d/ r,
-  /etc/update-motd.d/[0-9]*-[a-z]* rCx -> motd,
+  /etc/update-motd.d/@{int}-[a-z]* rCx -> motd,
 
   # Kernel 
   /etc/kernel/header_postinst.d/ r,
@@ -135,7 +135,7 @@ profile run-parts @{exec_path} {
   
   owner @{sys}/class/power_supply/            r,
 
-  /dev/tty[0-9]* rw,
+  /dev/tty@{int} rw,
 
   profile motd {
     include <abstractions/base>
@@ -161,7 +161,7 @@ profile run-parts @{exec_path} {
     / r,
     /etc/default/motd-news r,
     /etc/lsb-release r,
-    /etc/update-motd.d/[0-9]*-[a-z]* r,
+    /etc/update-motd.d/@{int}-[a-z]* r,
 
     /var/cache/motd-news rw,
     /var/lib/update-notifier/updates-available r,
@@ -171,7 +171,7 @@ profile run-parts @{exec_path} {
 
     @{PROC}/@{pids}/mounts r,
 
-    /dev/tty[0-9]* rw,
+    /dev/tty@{int} rw,
   }
 
   profile kernel {

apparmor.d/profiles-m-r/rustdesk

@@ -68,7 +68,7 @@ profile rustdesk @{exec_path} {
   owner @{user_share_dirs}/logs/[rR]ust[dD]esk/{,**} rw,
   owner @{user_config_dirs}/[rR]ust[dD]esk/{,**} rw,
 
-  @{sys}/devices/system/cpu/cpufreq/policy[0-9]*/scaling_{cur,min,max}_freq r,
+  @{sys}/devices/system/cpu/cpufreq/policy@{int}/scaling_{cur,min,max}_freq r,
 
         @{PROC}/uptime r,
   owner @{PROC}/@{pid}/cgroup r,