From 2a249cfe3494976e6f6bfd3c81ecd41056af1296 Mon Sep 17 00:00:00 2001
From: Alexandre Pujol <alexandre@pujol.io>
Date: Sun, 27 Jul 2025 13:24:57 +0200
Subject: [PATCH] tests(check): more linting.

---
 apparmor.d/groups/gnome/gnome-shell  |  1 -
 apparmor.d/groups/lxqt/startlxqt     |  2 --
 apparmor.d/groups/snap/snap          |  1 -
 apparmor.d/profiles-g-l/kdump-config |  2 --
 apparmor.d/profiles-m-r/needrestart  |  1 -
 tests/check.sh                       | 12 +++++++++---
 6 files changed, 9 insertions(+), 10 deletions(-)

diff --git a/apparmor.d/groups/gnome/gnome-shell b/apparmor.d/groups/gnome/gnome-shell
index acae2d601..25ce44f14 100644
--- a/apparmor.d/groups/gnome/gnome-shell
+++ b/apparmor.d/groups/gnome/gnome-shell
@@ -57,7 +57,6 @@ profile gnome-shell @{exec_path} flags=(attach_disconnected,mediate_deleted) {
   network unix stream,
 
   ptrace read,
-  ptrace readby peer=pipewire,
 
   signal receive set=(term, hup) peer=gdm*,
   signal send,
diff --git a/apparmor.d/groups/lxqt/startlxqt b/apparmor.d/groups/lxqt/startlxqt
index 06967e694..a708e2336 100644
--- a/apparmor.d/groups/lxqt/startlxqt
+++ b/apparmor.d/groups/lxqt/startlxqt
@@ -54,8 +54,6 @@ profile startlxqt @{exec_path} {
 
   owner @{run}/user/@{uid}/ r,
 
-  owner @{PROC}/@{pid}/maps r,
-
   /dev/tty rw,
   /dev/tty@{int} rw,
 
diff --git a/apparmor.d/groups/snap/snap b/apparmor.d/groups/snap/snap
index 562f49dca..425d5cd66 100644
--- a/apparmor.d/groups/snap/snap
+++ b/apparmor.d/groups/snap/snap
@@ -86,7 +86,6 @@ profile snap @{exec_path} flags=(attach_disconnected) {
   @{sys}/kernel/security/apparmor/features/{,**} r,
 
         @{PROC}/@{pid}/cgroup r,
-        @{PROC}/@{pid}/maps r,
         @{PROC}/@{pid}/mountinfo r,
         @{PROC}/cgroups r,
         @{PROC}/cmdline r,
diff --git a/apparmor.d/profiles-g-l/kdump-config b/apparmor.d/profiles-g-l/kdump-config
index b6f915024..2bd8ef6b9 100644
--- a/apparmor.d/profiles-g-l/kdump-config
+++ b/apparmor.d/profiles-g-l/kdump-config
@@ -12,8 +12,6 @@ profile kdump-config @{exec_path} flags=(attach_disconnected) {
 
   capability sys_admin,
 
-  ptrace readby peer=@{p_systemd_journald},
-
   @{exec_path} mr,
 
   @{sh_path}       rix,
diff --git a/apparmor.d/profiles-m-r/needrestart b/apparmor.d/profiles-m-r/needrestart
index 5a65b40a9..8c908ddb4 100644
--- a/apparmor.d/profiles-m-r/needrestart
+++ b/apparmor.d/profiles-m-r/needrestart
@@ -59,7 +59,6 @@ profile needrestart @{exec_path} flags=(attach_disconnected) {
         @{PROC}/@{pid}/cgroup r,
         @{PROC}/@{pid}/cmdline r,
         @{PROC}/@{pid}/environ r,
-        @{PROC}/@{pid}/maps r,
         @{PROC}/@{pid}/stat r,
   owner @{PROC}/@{pid}/fd/ r,
 
diff --git a/tests/check.sh b/tests/check.sh
index c2e954834..815f7f07e 100644
--- a/tests/check.sh
+++ b/tests/check.sh
@@ -246,10 +246,16 @@ _check_transition() {
 }
 
 readonly USELESS=(
-    '@{PROC}/filesystems' '@{PROC}/sys/kernel/cap_last_cap'
-    '@{PROC}/meminfo' '@{PROC}/stat' '@{PROC}/cpuinfo'
-    '@{sys}/devices/system/cpu/online' '@{sys}/devices/system/cpu/possible'
+    'ptrace readby'
     '/usr/share/locale/'
+    '@{sys}/devices/system/cpu/online'
+    '@{sys}/devices/system/cpu/possible'
+    '@{sys}/kernel/mm/transparent_hugepage/hpage_pmd_size'
+    '@{PROC}/@{pid}/auxv' '@{PROC}/@{pid}/maps' '@{PROC}/@{pid}/status' '@{PROC}/cpuinfo'
+    '@{PROC}/filesystems' '@{PROC}/meminfo' '@{PROC}/stat'
+    '@{PROC}/sys/kernel/cap_last_cap' '@{PROC}/sys/kernel/ngroups_max'
+    '@{PROC}/sys/kernel/version' '@{PROC}/sys/vm/overcommit_memory'
+    '/dev/full' '/dev/zero'
 )
 _check_useless() {
     _is_enabled useless || return 0