From 6f5ce42a7f9780d28873a08556fdfbf27c20f43e Mon Sep 17 00:00:00 2001
From: valoq <valoq@mailbox.org>
Date: Wed, 10 Sep 2025 12:10:58 +0200
Subject: [PATCH 1/2] add preview tools

---
 apparmor.d/profiles-a-f/chafa      | 19 +++++++++++++++++++
 apparmor.d/profiles-m-r/magick     | 25 +++++++++++++++++++++++++
 apparmor.d/profiles-m-r/resvg      | 21 +++++++++++++++++++++
 apparmor.d/profiles-s-z/ueberzugpp | 19 +++++++++++++++++++
 4 files changed, 84 insertions(+)
 create mode 100644 apparmor.d/profiles-a-f/chafa
 create mode 100644 apparmor.d/profiles-m-r/magick
 create mode 100644 apparmor.d/profiles-m-r/resvg
 create mode 100644 apparmor.d/profiles-s-z/ueberzugpp

diff --git a/apparmor.d/profiles-a-f/chafa b/apparmor.d/profiles-a-f/chafa
new file mode 100644
index 000000000..1f373c986
--- /dev/null
+++ b/apparmor.d/profiles-a-f/chafa
@@ -0,0 +1,19 @@
+# apparmor.d - Full set of apparmor profiles
+# Copyright (C) 2025 valoq <valoq@mailbox.org>
+# SPDX-License-Identifier: GPL-2.0-only
+
+abi <abi/4.0>,
+
+include <tunables/global>
+
+@{exec_path} = @{bin}/chafa
+profile chafa /{,usr/}bin/chafa {
+  include <abstractions/base>
+  include <abstractions/user-read-strict>
+
+  @{exec_path} mr,
+
+  include if exists <local/chafa>
+}
+
+# vim:syntax=apparmor
diff --git a/apparmor.d/profiles-m-r/magick b/apparmor.d/profiles-m-r/magick
new file mode 100644
index 000000000..b2d51ef78
--- /dev/null
+++ b/apparmor.d/profiles-m-r/magick
@@ -0,0 +1,25 @@
+# apparmor.d - Full set of apparmor profiles
+# Copyright (C) 2025 valoq <valoq@mailbox.org>
+# SPDX-License-Identifier: GPL-2.0-only
+
+abi <abi/4.0>,
+
+include <tunables/global>
+
+@{exec_path} = @{bin}/magick
+profile magick /{,usr/}bin/magick {
+  include <abstractions/base>
+  include <abstractions/fonts>
+  include <abstractions/user-read-strict>
+  include <abstractions/user-write-strict>
+
+  @{exec_path} mr,
+
+  /etc/ImageMagick-@{int}/** r,
+
+  /usr/share/ImageMagick-@{int}/** r,
+
+  include if exists <local/magick>
+}
+
+# vim:syntax=apparmor
diff --git a/apparmor.d/profiles-m-r/resvg b/apparmor.d/profiles-m-r/resvg
new file mode 100644
index 000000000..f3005a784
--- /dev/null
+++ b/apparmor.d/profiles-m-r/resvg
@@ -0,0 +1,21 @@
+# apparmor.d - Full set of apparmor profiles
+# Copyright (C) 2025 valoq <valoq@mailbox.org>
+# SPDX-License-Identifier: GPL-2.0-only
+
+abi <abi/4.0>,
+
+include <tunables/global>
+
+@{exec_path} = @{bin}/resvg
+profile resvg /{,usr/}bin/resvg {
+  include <abstractions/base>
+  include <abstractions/fonts>
+  include <abstractions/user-read-strict>
+  include <abstractions/user-write-strict>
+
+  @{exec_path} mr,
+
+  include if exists <local/resvg>
+}
+
+# vim:syntax=apparmor
diff --git a/apparmor.d/profiles-s-z/ueberzugpp b/apparmor.d/profiles-s-z/ueberzugpp
new file mode 100644
index 000000000..57e384d4c
--- /dev/null
+++ b/apparmor.d/profiles-s-z/ueberzugpp
@@ -0,0 +1,19 @@
+# apparmor.d - Full set of apparmor profiles
+# Copyright (C) 2025 valoq <valoq@mailbox.org>
+# SPDX-License-Identifier: GPL-2.0-only
+
+abi <abi/4.0>,
+
+include <tunables/global>
+
+@{exec_path} = @{bin}/uberzugpp
+profile uberzugpp /{,usr/}bin/uberzugpp {
+  include <abstractions/base>
+  include <abstractions/user-read-strict>
+
+  @{exec_path} mr,
+
+  include if exists <local/uberzugpp>
+}
+
+# vim:syntax=apparmor

From 755b9709ed6f4e149ba19c094ba6e3feb8586c1c Mon Sep 17 00:00:00 2001
From: valoq <valoq@mailbox.org>
Date: Wed, 10 Sep 2025 12:18:08 +0200
Subject: [PATCH 2/2] fix exec

---
 apparmor.d/profiles-a-f/chafa      | 2 +-
 apparmor.d/profiles-m-r/magick     | 2 +-
 apparmor.d/profiles-m-r/resvg      | 2 +-
 apparmor.d/profiles-s-z/ueberzugpp | 6 +++---
 4 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/apparmor.d/profiles-a-f/chafa b/apparmor.d/profiles-a-f/chafa
index 1f373c986..f95eaa28b 100644
--- a/apparmor.d/profiles-a-f/chafa
+++ b/apparmor.d/profiles-a-f/chafa
@@ -7,7 +7,7 @@ abi <abi/4.0>,
 include <tunables/global>
 
 @{exec_path} = @{bin}/chafa
-profile chafa /{,usr/}bin/chafa {
+profile chafa @{exec_path} {
   include <abstractions/base>
   include <abstractions/user-read-strict>
 
diff --git a/apparmor.d/profiles-m-r/magick b/apparmor.d/profiles-m-r/magick
index b2d51ef78..fe1302388 100644
--- a/apparmor.d/profiles-m-r/magick
+++ b/apparmor.d/profiles-m-r/magick
@@ -7,7 +7,7 @@ abi <abi/4.0>,
 include <tunables/global>
 
 @{exec_path} = @{bin}/magick
-profile magick /{,usr/}bin/magick {
+profile magick @{exec_path} {
   include <abstractions/base>
   include <abstractions/fonts>
   include <abstractions/user-read-strict>
diff --git a/apparmor.d/profiles-m-r/resvg b/apparmor.d/profiles-m-r/resvg
index f3005a784..195b87e1c 100644
--- a/apparmor.d/profiles-m-r/resvg
+++ b/apparmor.d/profiles-m-r/resvg
@@ -7,7 +7,7 @@ abi <abi/4.0>,
 include <tunables/global>
 
 @{exec_path} = @{bin}/resvg
-profile resvg /{,usr/}bin/resvg {
+profile resvg @{exec_path} {
   include <abstractions/base>
   include <abstractions/fonts>
   include <abstractions/user-read-strict>
diff --git a/apparmor.d/profiles-s-z/ueberzugpp b/apparmor.d/profiles-s-z/ueberzugpp
index 57e384d4c..468113bce 100644
--- a/apparmor.d/profiles-s-z/ueberzugpp
+++ b/apparmor.d/profiles-s-z/ueberzugpp
@@ -6,14 +6,14 @@ abi <abi/4.0>,
 
 include <tunables/global>
 
-@{exec_path} = @{bin}/uberzugpp
-profile uberzugpp /{,usr/}bin/uberzugpp {
+@{exec_path} = @{bin}/ueberzugpp
+profile ueberzugpp @{exec_path} {
   include <abstractions/base>
   include <abstractions/user-read-strict>
 
   @{exec_path} mr,
 
-  include if exists <local/uberzugpp>
+  include if exists <local/ueberzugpp>
 }
 
 # vim:syntax=apparmor