From 4beb096532ab6c60c376fb4a3acf070e11e2d56b Mon Sep 17 00:00:00 2001
From: Alexandre Pujol <alexandre@pujol.io>
Date: Sat, 17 May 2025 22:29:33 +0200
Subject: [PATCH] feat(abs): expand zsh abs to more default locations

- Add support for oh-my-zsh
- Add support for gitstatus & p10k
- Add more zsh config dirctories.
---
 apparmor.d/abstractions/zsh | 24 ++++++++++++++++++++----
 1 file changed, 20 insertions(+), 4 deletions(-)

diff --git a/apparmor.d/abstractions/zsh b/apparmor.d/abstractions/zsh
index a22895c91..ff90849c0 100644
--- a/apparmor.d/abstractions/zsh
+++ b/apparmor.d/abstractions/zsh
@@ -10,24 +10,40 @@
 
   @{lib}/@{multiarch}/zsh/@{int}/zsh/*.so mr,
 
-  /usr/share/zsh/{,**} r,
   /usr/local/share/zsh/{,**} r,
+  /usr/share/oh-my-zsh/{,**} r,
+  /usr/share/zsh/{,**} r,
 
   /etc/zsh/* r,
 
-  owner @{HOME}/.zshrc r,
-  owner @{HOME}/.zshenv r,
+  owner @{HOME}/.zcompdump-* rw,
   owner @{HOME}/.zsh_history rw,
   owner @{HOME}/.zsh_history.LOCK rwk,
+  owner @{HOME}/.zsh_history.new rw,
+  owner @{HOME}/.zshenv r,
+  owner @{HOME}/.zshrc r,
 
   owner @{HOME}/.oh-my-zsh/{,**} r,
   owner @{HOME}/.oh-my-zsh/log/update.lock/ w,
 
-  owner @{HOME}/.zcompdump-* rw,
+  owner @{user_cache_dirs}/oh-my-zsh/{,**} r,
+  owner @{user_cache_dirs}/p10k-@{user}/{,**} rw,
+  owner @{user_cache_dirs}/p10k-dump-@{user}.zsh{,.*} rw,
+  owner @{user_cache_dirs}/p10k-instant-prompt-@{user}.zsh{,.*} rw,
 
   owner @{user_config_dirs}/zsh/.zcompdump-* rw,
   owner @{user_config_dirs}/zsh/{,**} r,
 
+  owner @{user_share_dirs}/zsh/history rw,
+  owner @{user_share_dirs}/zsh/history.LOCK rwk,
+  owner @{user_share_dirs}/zsh/history.new rw,
+
+  owner @{tmp}/gitstatus.POWERLEVEL9K.*.fifo rw,
+  owner @{tmp}/gitstatus.POWERLEVEL9K.*.lock rwk,
+
+        @{PROC}/version r,
+  owner @{PROC}/@{pid}/loginuid r,
+
   include if exists <abstractions/zsh.d>
 
 # vim:syntax=apparmor