refractor: move more profiles to groups.

2025-02-17 21:04:28 +01:00 · 2025-02-17 21:04:28 +01:00 · 5870e1ee40
commit 5870e1ee40
parent 5aab9da030
48 changed files with 0 additions and 0 deletions
--- a/apparmor.d/profiles-m-r/mtools
+++ b/apparmor.d/profiles-m-r/mtools
@ -1,35 +0,0 @@
-# apparmor.d - Full set of apparmor profiles
-# Copyright (C) 2019-2021 Mikhail Morfikov
-# Copyright (C) 2023-2024 Alexandre Pujol <alexandre@pujol.io>
-# SPDX-License-Identifier: GPL-2.0-only
-
-abi <abi/4.0>,
-
-include <tunables/global>
-
-@{exec_path} = @{bin}/{mtools,mattrib,mbadblocks,mcat,mcd,mclasserase,mcopy,mdel,mdeltree,mdir,mdu,mformat,minfo,mlabel,mmd,mmount,mmove,mpartition,mrd,mren,mshortname,mshowfat,mtoolstest,mtype,mzip}
-profile mtools @{exec_path} {
-  include <abstractions/base>
-  include <abstractions/consoles>
-  include <abstractions/disks-write>
-  include <abstractions/user-download-strict>
-
-  capability setuid,
-  capability setgid,
-
-  @{exec_path} mr,
-
-  # Mtools config file locations
-  /etc/mtools.conf r,
-  /etc/default/mtools.conf r,
-  owner @{HOME}/.mtoolsrc r,
-
-  # A place for file images
-  owner @{user_img_dirs}/{,**} rwk,
-  /dev/shm/*/**.{iso,img,bin,mdf,nrg} rwk,
-  /dev/shm/*/**.{ISO,IMG,BIN,MDF,NRG} rwk,
-
-  include if exists <local/mtools>
-}
-
-# vim:syntax=apparmor
--- a/apparmor.d/profiles-m-r/netcap
+++ b/apparmor.d/profiles-m-r/netcap
@ -1,36 +0,0 @@
-# apparmor.d - Full set of apparmor profiles
-# Copyright (C) 2020-2021 Mikhail Morfikov
-# Copyright (C) 2021-2024 Alexandre Pujol <alexandre@pujol.io>
-# SPDX-License-Identifier: GPL-2.0-only
-
-abi <abi/4.0>,
-
-include <tunables/global>
-
-@{exec_path} = @{bin}/netcap
-profile netcap @{exec_path} {
-  include <abstractions/base>
-  include <abstractions/consoles>
-  include <abstractions/nameservice-strict>
-
-  capability sys_ptrace,
-  capability dac_read_search,
-
-  ptrace (read),
-
-  @{exec_path} mr,
-
-  @{PROC}/ r,
-  @{PROC}/@{pid}/net/dev r,
-  @{PROC}/@{pid}/net/packet r,
-  @{PROC}/@{pid}/net/raw{,6} r,
-  @{PROC}/@{pid}/net/tcp{,6} r,
-  @{PROC}/@{pid}/net/udp{,6} r,
-  @{PROC}/@{pid}/net/udplite{,6} r,
-  @{PROC}/@{pids}/fd/ r,
-  @{PROC}/@{pids}/stat r,
-
-  include if exists <local/netcap>
-}
-
-# vim:syntax=apparmor
--- a/apparmor.d/profiles-m-r/nfsdcld
+++ b/apparmor.d/profiles-m-r/nfsdcld
@ -1,27 +0,0 @@
-# apparmor.d - Full set of apparmor profiles
-# Copyright (C) 2021-2024 Alexandre Pujol <alexandre@pujol.io>
-# SPDX-License-Identifier: GPL-2.0-only
-
-abi <abi/4.0>,
-
-include <tunables/global>
-
-@{exec_path} = @{bin}/nfsdcld
-profile nfsdcld @{exec_path} {
-  include <abstractions/base>
-
-  capability mknod,
-  capability setpcap,
-
-  @{exec_path} mr,
-
-  /etc/nfs.conf r,
-  /etc/nfs.conf rk,
-
-  /var/lib/nfs/nfsdcld/{,**} rw,
-  /var/lib/nfs/rpc_pipefs/nfsd/* rw,
-
-  include if exists <local/nfsdcld>
-}
-
-# vim:syntax=apparmor
--- a/apparmor.d/profiles-m-r/ntfs-3g
+++ b/apparmor.d/profiles-m-r/ntfs-3g
@ -1,61 +0,0 @@
-# apparmor.d - Full set of apparmor profiles
-# Copyright (C) 2018-2021 Mikhail Morfikov
-# Copyright (C) 2021-2024 Alexandre Pujol <alexandre@pujol.io>
-# SPDX-License-Identifier: GPL-2.0-only
-
-abi <abi/4.0>,
-
-include <tunables/global>
-
-@{exec_path}  = @{bin}/{low,}ntfs{,-3g}
-@{exec_path} += @{bin}/mount.{low,}ntfs{,-3g}
-profile ntfs-3g @{exec_path} flags=(attach_disconnected) {
-  include <abstractions/base>
-  include <abstractions/consoles>
-  include <abstractions/disks-write>
-  include <abstractions/nameservice-strict>
-
-  capability dac_override,
-  capability dac_read_search,
-  capability mknod,
-  capability setgid,
-  capability setuid,
-  capability sys_admin,
-
-  # Allow to mount ntfs disks only under the /media/, /run/media, and /mnt/ dirs
-  mount fstype=fuseblk /dev/{s,v}d[a-z]*[0-9]* -> @{MOUNTDIRS},
-  mount fstype=fuseblk /dev/{s,v}d[a-z]*[0-9]* -> @{MOUNTS}/,
-  mount fstype=fuseblk /dev/{s,v}d[a-z]*[0-9]* -> @{MOUNTS}/*/,
-  mount fstype=fuseblk /dev/mmcblk[0-9]*p[0-9]* -> @{MOUNTS}/,
-  mount fstype=fuseblk /dev/mmcblk[0-9]*p[0-9]* -> @{MOUNTS}/*/,
-
-  # Allow to mount encrypted partition
-  mount fstype=fuseblk /dev/dm-[0-9]* -> @{MOUNTDIRS}/,
-  mount fstype=fuseblk /dev/dm-[0-9]* -> @{MOUNTS}/,
-  mount fstype=fuseblk /dev/dm-[0-9]* -> @{MOUNTS}/*/,
-
-  umount @{MOUNTDIRS}/,
-  umount @{MOUNTS}/,
-  umount @{MOUNTS}/*/,
-
-  @{exec_path} mr,
-
-  @{bin}/kmod rPx,  # To load the fuse kernel module
-
-  # Mount points
-  @{MOUNTDIRS}/ r,
-  @{MOUNTS}/ r,
-  @{MOUNTS}/*/ r,
-
-        @{PROC}/@{pids}/mountinfo r,
-        @{PROC}/@{pids}/task/@{tid}/status r,
-        @{PROC}/swaps r,
-  owner @{PROC}/@{pid}/mounts r,
-
-  /dev/fuse rw,
-  /dev/tty@{int} rw,
-
-  include if exists <local/ntfs-3g>
-}
-
-# vim:syntax=apparmor
--- a/apparmor.d/profiles-m-r/ntfs-3g-probe
+++ b/apparmor.d/profiles-m-r/ntfs-3g-probe
@ -1,22 +0,0 @@
-# apparmor.d - Full set of apparmor profiles
-# Copyright (C) 2019-2021 Mikhail Morfikov
-# Copyright (C) 2021-2024 Alexandre Pujol <alexandre@pujol.io>
-# SPDX-License-Identifier: GPL-2.0-only
-
-abi <abi/4.0>,
-
-include <tunables/global>
-
-@{exec_path} = @{bin}/ntfs-3g.probe
-profile ntfs-3g-probe @{exec_path} {
-  include <abstractions/base>
-  include <abstractions/disks-write>
-
-  capability sys_admin,
-
-  @{exec_path} mr,
-
-  include if exists <local/ntfs-3g-probe>
-}
-
-# vim:syntax=apparmor
--- a/apparmor.d/profiles-m-r/ntfscat
+++ b/apparmor.d/profiles-m-r/ntfscat
@ -1,24 +0,0 @@
-# apparmor.d - Full set of apparmor profiles
-# Copyright (C) 2019-2021 Mikhail Morfikov
-# Copyright (C) 2021-2024 Alexandre Pujol <alexandre@pujol.io>
-# SPDX-License-Identifier: GPL-2.0-only
-
-abi <abi/4.0>,
-
-include <tunables/global>
-
-@{exec_path} = @{bin}/ntfscat
-profile ntfscat @{exec_path} {
-  include <abstractions/base>
-  include <abstractions/disks-read>
-
-  capability sys_admin,
-
-  @{exec_path} mr,
-
-  owner @{PROC}/@{pid}/mounts r,
-
-  include if exists <local/ntfscat>
-}
-
-# vim:syntax=apparmor
--- a/apparmor.d/profiles-m-r/ntfsclone
+++ b/apparmor.d/profiles-m-r/ntfsclone
@ -1,30 +0,0 @@
-# apparmor.d - Full set of apparmor profiles
-# Copyright (C) 2019-2021 Mikhail Morfikov
-# Copyright (C) 2021-2024 Alexandre Pujol <alexandre@pujol.io>
-# SPDX-License-Identifier: GPL-2.0-only
-
-abi <abi/4.0>,
-
-include <tunables/global>
-
-@{exec_path} = @{bin}/ntfsclone
-profile ntfsclone @{exec_path} {
-  include <abstractions/base>
-  include <abstractions/disks-write>
-  include <abstractions/private-files-strict>
-  include <abstractions/user-download-strict>
-
-  capability sys_admin,
-
-  @{exec_path} mr,
-
-  owner @{PROC}/@{pid}/mounts r,
-
-  # A place for backups
-  @{HOME}/* rwk,
-  @{MOUNTS}/** rwk,
-
-  include if exists <local/ntfsclone>
-}
-
-# vim:syntax=apparmor
--- a/apparmor.d/profiles-m-r/ntfscluster
+++ b/apparmor.d/profiles-m-r/ntfscluster
@ -1,24 +0,0 @@
-# apparmor.d - Full set of apparmor profiles
-# Copyright (C) 2019-2021 Mikhail Morfikov
-# Copyright (C) 2021-2024 Alexandre Pujol <alexandre@pujol.io>
-# SPDX-License-Identifier: GPL-2.0-only
-
-abi <abi/4.0>,
-
-include <tunables/global>
-
-@{exec_path} = @{bin}/ntfscluster
-profile ntfscluster @{exec_path} {
-  include <abstractions/base>
-  include <abstractions/disks-read>
-
-  capability sys_admin,
-
-  @{exec_path} mr,
-
-  owner @{PROC}/@{pid}/mounts r,
-
-  include if exists <local/ntfscluster>
-}
-
-# vim:syntax=apparmor
--- a/apparmor.d/profiles-m-r/ntfscmp
+++ b/apparmor.d/profiles-m-r/ntfscmp
@ -1,24 +0,0 @@
-# apparmor.d - Full set of apparmor profiles
-# Copyright (C) 2019-2021 Mikhail Morfikov
-# Copyright (C) 2021-2024 Alexandre Pujol <alexandre@pujol.io>
-# SPDX-License-Identifier: GPL-2.0-only
-
-abi <abi/4.0>,
-
-include <tunables/global>
-
-@{exec_path} = @{bin}/ntfscmp
-profile ntfscmp @{exec_path} {
-  include <abstractions/base>
-  include <abstractions/disks-read>
-
-  capability sys_admin,
-
-  @{exec_path} mr,
-
-  owner @{PROC}/@{pid}/mounts r,
-
-  include if exists <local/ntfscmp>
-}
-
-# vim:syntax=apparmor
--- a/apparmor.d/profiles-m-r/ntfscp
+++ b/apparmor.d/profiles-m-r/ntfscp
@ -1,31 +0,0 @@
-# apparmor.d - Full set of apparmor profiles
-# Copyright (C) 2019-2021 Mikhail Morfikov
-# Copyright (C) 2021-2024 Alexandre Pujol <alexandre@pujol.io>
-# SPDX-License-Identifier: GPL-2.0-only
-
-abi <abi/4.0>,
-
-include <tunables/global>
-
-@{exec_path} = @{bin}/ntfscp
-profile ntfscp @{exec_path} {
-  include <abstractions/base>
-  include <abstractions/disks-write>
-
-  capability sys_admin,
-
-  @{exec_path} mr,
-
-  # For writing files owned by users other than root, since ntfscp has to be started as root.
-  capability dac_read_search,
-  @{HOME}/@{XDG_DESKTOP_DIR}/ r,
-  @{HOME}/@{XDG_DESKTOP_DIR}/** rwkl -> @{HOME}/@{XDG_DESKTOP_DIR}/**,
-  @{user_download_dirs}/ r,
-  @{user_download_dirs}/** rwkl -> @{user_download_dirs}/**,
-
-  owner @{PROC}/@{pid}/mounts r,
-
-  include if exists <local/ntfscp>
-}
-
-# vim:syntax=apparmor
--- a/apparmor.d/profiles-m-r/ntfsdecrypt
+++ b/apparmor.d/profiles-m-r/ntfsdecrypt
@ -1,26 +0,0 @@
-# apparmor.d - Full set of apparmor profiles
-# Copyright (C) 2019-2021 Mikhail Morfikov
-# Copyright (C) 2021-2024 Alexandre Pujol <alexandre@pujol.io>
-# SPDX-License-Identifier: GPL-2.0-only
-
-abi <abi/4.0>,
-
-include <tunables/global>
-
-@{exec_path} = @{bin}/ntfsdecrypt
-profile ntfsdecrypt @{exec_path} {
-  include <abstractions/base>
-  include <abstractions/disks-read>
-
-  capability sys_admin,
-
-  @{exec_path} mr,
-
-  # Common locations of the key
-  owner @{tmp}/*.key r,
-  owner @{HOME}/*.key r,
-
-  include if exists <local/ntfsdecrypt>
-}
-
-# vim:syntax=apparmor
--- a/apparmor.d/profiles-m-r/ntfsfallocate
+++ b/apparmor.d/profiles-m-r/ntfsfallocate
@ -1,24 +0,0 @@
-# apparmor.d - Full set of apparmor profiles
-# Copyright (C) 2019-2021 Mikhail Morfikov
-# Copyright (C) 2021-2024 Alexandre Pujol <alexandre@pujol.io>
-# SPDX-License-Identifier: GPL-2.0-only
-
-abi <abi/4.0>,
-
-include <tunables/global>
-
-@{exec_path} = @{bin}/ntfsfallocate
-profile ntfsfallocate @{exec_path} {
-  include <abstractions/base>
-  include <abstractions/disks-write>
-
-  capability sys_admin,
-
-  @{exec_path} mr,
-
-  owner @{PROC}/@{pid}/mounts r,
-
-  include if exists <local/ntfsfallocate>
-}
-
-# vim:syntax=apparmor
--- a/apparmor.d/profiles-m-r/ntfsfix
+++ b/apparmor.d/profiles-m-r/ntfsfix
@ -1,24 +0,0 @@
-# apparmor.d - Full set of apparmor profiles
-# Copyright (C) 2019-2021 Mikhail Morfikov
-# Copyright (C) 2021-2024 Alexandre Pujol <alexandre@pujol.io>
-# SPDX-License-Identifier: GPL-2.0-only
-
-abi <abi/4.0>,
-
-include <tunables/global>
-
-@{exec_path} = @{bin}/ntfsfix
-profile ntfsfix @{exec_path} {
-  include <abstractions/base>
-  include <abstractions/disks-write>
-
-  capability sys_admin,
-
-  @{exec_path} mr,
-
-  owner @{PROC}/@{pid}/mounts r,
-
-  include if exists <local/ntfsfix>
-}
-
-# vim:syntax=apparmor
--- a/apparmor.d/profiles-m-r/ntfsinfo
+++ b/apparmor.d/profiles-m-r/ntfsinfo
@ -1,24 +0,0 @@
-# apparmor.d - Full set of apparmor profiles
-# Copyright (C) 2019-2021 Mikhail Morfikov
-# Copyright (C) 2021-2024 Alexandre Pujol <alexandre@pujol.io>
-# SPDX-License-Identifier: GPL-2.0-only
-
-abi <abi/4.0>,
-
-include <tunables/global>
-
-@{exec_path} = @{bin}/ntfsinfo
-profile ntfsinfo @{exec_path} {
-  include <abstractions/base>
-  include <abstractions/disks-read>
-
-  capability sys_admin,
-
-  @{exec_path} mr,
-
-  owner @{PROC}/@{pid}/mounts r,
-
-  include if exists <local/ntfsinfo>
-}
-
-# vim:syntax=apparmor
--- a/apparmor.d/profiles-m-r/ntfslabel
+++ b/apparmor.d/profiles-m-r/ntfslabel
@ -1,24 +0,0 @@
-# apparmor.d - Full set of apparmor profiles
-# Copyright (C) 2019-2021 Mikhail Morfikov
-# Copyright (C) 2021-2024 Alexandre Pujol <alexandre@pujol.io>
-# SPDX-License-Identifier: GPL-2.0-only
-
-abi <abi/4.0>,
-
-include <tunables/global>
-
-@{exec_path} = @{bin}/ntfslabel
-profile ntfslabel @{exec_path} {
-  include <abstractions/base>
-  include <abstractions/disks-write>
-
-  capability sys_admin,
-
-  @{exec_path} mr,
-
-  owner @{PROC}/@{pid}/mounts r,
-
-  include if exists <local/ntfslabel>
-}
-
-# vim:syntax=apparmor
--- a/apparmor.d/profiles-m-r/ntfsls
+++ b/apparmor.d/profiles-m-r/ntfsls
@ -1,24 +0,0 @@
-# apparmor.d - Full set of apparmor profiles
-# Copyright (C) 2019-2021 Mikhail Morfikov
-# Copyright (C) 2021-2024 Alexandre Pujol <alexandre@pujol.io>
-# SPDX-License-Identifier: GPL-2.0-only
-
-abi <abi/4.0>,
-
-include <tunables/global>
-
-@{exec_path} = @{bin}/ntfsls
-profile ntfsls @{exec_path} {
-  include <abstractions/base>
-  include <abstractions/disks-read>
-
-  capability sys_admin,
-
-  @{exec_path} mr,
-
-  owner @{PROC}/@{pid}/mounts r,
-
-  include if exists <local/ntfsls>
-}
-
-# vim:syntax=apparmor
--- a/apparmor.d/profiles-m-r/ntfsmove
+++ b/apparmor.d/profiles-m-r/ntfsmove
@ -1,24 +0,0 @@
-# apparmor.d - Full set of apparmor profiles
-# Copyright (C) 2019-2021 Mikhail Morfikov
-# Copyright (C) 2021-2024 Alexandre Pujol <alexandre@pujol.io>
-# SPDX-License-Identifier: GPL-2.0-only
-
-abi <abi/4.0>,
-
-include <tunables/global>
-
-@{exec_path} = @{bin}/ntfsmove
-profile ntfsmove @{exec_path} {
-  include <abstractions/base>
-  include <abstractions/disks-write>
-
-  capability sys_admin,
-
-  @{exec_path} mr,
-
-  owner @{PROC}/@{pid}/mounts r,
-
-  include if exists <local/ntfsmove>
-}
-
-# vim:syntax=apparmor
--- a/apparmor.d/profiles-m-r/ntfsrecover
+++ b/apparmor.d/profiles-m-r/ntfsrecover
@ -1,24 +0,0 @@
-# apparmor.d - Full set of apparmor profiles
-# Copyright (C) 2019-2021 Mikhail Morfikov
-# Copyright (C) 2021-2024 Alexandre Pujol <alexandre@pujol.io>
-# SPDX-License-Identifier: GPL-2.0-only
-
-abi <abi/4.0>,
-
-include <tunables/global>
-
-@{exec_path} = @{bin}/ntfsrecover
-profile ntfsrecover @{exec_path} {
-  include <abstractions/base>
-  include <abstractions/disks-write>
-
-  capability sys_admin,
-
-  @{exec_path} mr,
-
-  owner @{PROC}/@{pid}/mounts r,
-
-  include if exists <local/ntfsrecover>
-}
-
-# vim:syntax=apparmor
--- a/apparmor.d/profiles-m-r/ntfsresize
+++ b/apparmor.d/profiles-m-r/ntfsresize
@ -1,24 +0,0 @@
-# apparmor.d - Full set of apparmor profiles
-# Copyright (C) 2019-2021 Mikhail Morfikov
-# Copyright (C) 2021-2024 Alexandre Pujol <alexandre@pujol.io>
-# SPDX-License-Identifier: GPL-2.0-only
-
-abi <abi/4.0>,
-
-include <tunables/global>
-
-@{exec_path} = @{bin}/ntfsresize
-profile ntfsresize @{exec_path} {
-  include <abstractions/base>
-  include <abstractions/disks-write>
-
-  capability sys_admin,
-
-  @{exec_path} mr,
-
-  owner @{PROC}/@{pid}/mounts r,
-
-  include if exists <local/ntfsresize>
-}
-
-# vim:syntax=apparmor
--- a/apparmor.d/profiles-m-r/ntfssecaudit
+++ b/apparmor.d/profiles-m-r/ntfssecaudit
@ -1,25 +0,0 @@
-# apparmor.d - Full set of apparmor profiles
-# Copyright (C) 2019-2021 Mikhail Morfikov
-# Copyright (C) 2021-2024 Alexandre Pujol <alexandre@pujol.io>
-# SPDX-License-Identifier: GPL-2.0-only
-
-abi <abi/4.0>,
-
-include <tunables/global>
-
-@{exec_path} = @{bin}/ntfssecaudit
-profile ntfssecaudit @{exec_path} {
-  include <abstractions/base>
-  include <abstractions/disks-write>
-  include <abstractions/nameservice-strict>
-
-  capability sys_admin,
-
-  @{exec_path} mr,
-
-  owner @{PROC}/@{pid}/mounts r,
-
-  include if exists <local/ntfssecaudit>
-}
-
-# vim:syntax=apparmor
--- a/apparmor.d/profiles-m-r/ntfstruncate
+++ b/apparmor.d/profiles-m-r/ntfstruncate
@ -1,24 +0,0 @@
-# apparmor.d - Full set of apparmor profiles
-# Copyright (C) 2019-2021 Mikhail Morfikov
-# Copyright (C) 2021-2024 Alexandre Pujol <alexandre@pujol.io>
-# SPDX-License-Identifier: GPL-2.0-only
-
-abi <abi/4.0>,
-
-include <tunables/global>
-
-@{exec_path} = @{bin}/ntfstruncate
-profile ntfstruncate @{exec_path} {
-  include <abstractions/base>
-  include <abstractions/disks-write>
-
-  capability sys_admin,
-
-  @{exec_path} mr,
-
-  owner @{PROC}/@{pid}/mounts r,
-
-  include if exists <local/ntfstruncate>
-}
-
-# vim:syntax=apparmor
--- a/apparmor.d/profiles-m-r/ntfsundelete
+++ b/apparmor.d/profiles-m-r/ntfsundelete
@ -1,28 +0,0 @@
-# apparmor.d - Full set of apparmor profiles
-# Copyright (C) 2019-2021 Mikhail Morfikov
-# Copyright (C) 2021-2024 Alexandre Pujol <alexandre@pujol.io>
-# SPDX-License-Identifier: GPL-2.0-only
-
-abi <abi/4.0>,
-
-include <tunables/global>
-
-@{exec_path} = @{bin}/ntfsundelete
-profile ntfsundelete @{exec_path} {
-  include <abstractions/base>
-  include <abstractions/disks-read>
-
-  capability sys_admin,
-
-  @{exec_path} mr,
-
-  owner @{PROC}/@{pid}/mounts r,
-
-  # The recovery dir
-  owner @{tmp}/ntfs-recovery/ r,
-  owner @{tmp}/ntfs-recovery/* rw,
-
-  include if exists <local/ntfsundelete>
-}
-
-# vim:syntax=apparmor
--- a/apparmor.d/profiles-m-r/ntfsusermap
+++ b/apparmor.d/profiles-m-r/ntfsusermap
@ -1,29 +0,0 @@
-# apparmor.d - Full set of apparmor profiles
-# Copyright (C) 2019-2021 Mikhail Morfikov
-# Copyright (C) 2021-2024 Alexandre Pujol <alexandre@pujol.io>
-# SPDX-License-Identifier: GPL-2.0-only
-
-abi <abi/4.0>,
-
-include <tunables/global>
-
-@{exec_path} = @{bin}/ntfsusermap
-profile ntfsusermap @{exec_path} {
-  include <abstractions/base>
-  include <abstractions/disks-read>
-  include <abstractions/nameservice-strict>
-
-  capability sys_admin,
-
-  @{exec_path} mr,
-
-  owner @{PROC}/@{pid}/mounts r,
-
-  # Where to save the UserMapping file
-  owner /root/UserMapping w,
-  owner @{tmp}/UserMapping w,
-
-  include if exists <local/ntfsusermap>
-}
-
-# vim:syntax=apparmor
--- a/apparmor.d/profiles-m-r/ntfswipe
+++ b/apparmor.d/profiles-m-r/ntfswipe
@ -1,24 +0,0 @@
-# apparmor.d - Full set of apparmor profiles
-# Copyright (C) 2019-2021 Mikhail Morfikov
-# Copyright (C) 2021-2024 Alexandre Pujol <alexandre@pujol.io>
-# SPDX-License-Identifier: GPL-2.0-only
-
-abi <abi/4.0>,
-
-include <tunables/global>
-
-@{exec_path} = @{bin}/ntfswipe
-profile ntfswipe @{exec_path} {
-  include <abstractions/base>
-  include <abstractions/disks-write>
-
-  capability sys_admin,
-
-  @{exec_path} mr,
-
-  owner @{PROC}/@{pid}/mounts r,
-
-  include if exists <local/ntfswipe>
-}
-
-# vim:syntax=apparmor
--- a/apparmor.d/profiles-m-r/pscap
+++ b/apparmor.d/profiles-m-r/pscap
@ -1,28 +0,0 @@
-# apparmor.d - Full set of apparmor profiles
-# Copyright (C) 2020-2021 Mikhail Morfikov
-# Copyright (C) 2021-2024 Alexandre Pujol <alexandre@pujol.io>
-# SPDX-License-Identifier: GPL-2.0-only
-
-abi <abi/4.0>,
-
-include <tunables/global>
-
-@{exec_path} = @{bin}/pscap
-profile pscap @{exec_path} {
-  include <abstractions/base>
-  include <abstractions/consoles>
-  include <abstractions/nameservice-strict>
-
-  capability sys_ptrace,
-
-  ptrace (read),
-
-  @{exec_path} mr,
-
-  @{PROC}/ r,
-  @{PROC}/@{pids}/stat r,
-
-  include if exists <local/pscap>
-}
-
-# vim:syntax=apparmor