From 5934c3d07e663506259db911d15b07aa3ef7d386 Mon Sep 17 00:00:00 2001
From: Besanon <m231009ts@mailfence.com>
Date: Wed, 5 Jun 2024 15:53:23 +0200
Subject: [PATCH] Create lxqt-config-input

---
 apparmor.d/groups/lxqt/lxqt-config-input | 67 ++++++++++++++++++++++++
 1 file changed, 67 insertions(+)
 create mode 100644 apparmor.d/groups/lxqt/lxqt-config-input

diff --git a/apparmor.d/groups/lxqt/lxqt-config-input b/apparmor.d/groups/lxqt/lxqt-config-input
new file mode 100644
index 000000000..b2a407373
--- /dev/null
+++ b/apparmor.d/groups/lxqt/lxqt-config-input
@@ -0,0 +1,67 @@
+# apparmor.d - Full set of apparmor profiles
+# Copyright (C) 2024 Alexandre Pujol <alexandre@pujol.io>
+# Copyright (C) 2024 Besanon  <m231009ts@mailfence.com>
+# SPDX-License-Identifier: GPL-2.0-only
+
+#include <tunables/global>
+
+@{exec_path} = @{bin}/lxqt-config-input
+profile lxqt-config-input @{exec_path} {
+  include <abstractions/base>
+  include <abstractions/gtk>
+  include <abstractions/video>
+  include <abstractions/lxqt>
+  include <abstractions/qt5-shader-cache>
+  include <abstractions/dbus-session-strict>
+  include <abstractions/dbus-accessibility-strict>
+  include <abstractions/gvfs-open>
+  
+  @{exec_path}			mr,
+  
+  @{bin}/setxkbmap 			rix,  
+
+  owner @{user_config_dirs}/lxqt/** rwkl -> @{user_config_dirs}/lxqt/#@{int},
+
+  owner /tmp/@{int}  		       r,
+
+  owner @{run}/udev/data/ r,
+  owner @{run}/udev/data/** r,
+  owner @{run}/udev/data/**/** r,
+
+  @{run}/udev/data/		       r,
+  @{run}/udev/data/+acpi:*      r,
+  @{run}/udev/data/+bluetooth:* r,
+  @{run}/udev/data/+hid:* r,              # for HID-Compliant Keyboard
+  @{run}/udev/data/+input:input@{int} r,  # for mouse, keyboard, touchpad
+  @{run}/udev/data/+pci:*       r,
+  @{run}/udev/data/+platform:*   r,
+  @{run}/udev/data/+scsi:*      r,
+  @{run}/udev/data/+sdio:*      r,
+  @{run}/udev/data/+thunderbolt:* r,
+  @{run}/udev/data/+usb-serial:* r,
+  @{run}/udev/data/+usb:*       r,
+  @{run}/udev/data/+virtio:*    r,
+  @{run}/udev/data/b254:@{int} r,         # for /dev/zram*
+  @{run}/udev/data/b259:@{int} r,
+  @{run}/udev/data/c1:@{int}    r,        # For RAM disk
+  @{run}/udev/data/c4:@{int} r,           # For TTY devices
+  @{run}/udev/data/c10:@{int}   r,        # For non-serial mice, misc features
+  @{run}/udev/data/c108:@{int} r,         # For /dev/ppp
+  @{run}/udev/data/c18[8-9]:@{int} r,     # USB devices & USB serial converters
+  @{run}/udev/data/c203:@{int} r,         # CPU CPUID information
+  @{run}/udev/data/c239:@{int} r,         # CPU CPUID information
+  @{run}/udev/data/c29:@{int} r,          # For CD-ROM
+  @{run}/udev/data/c@{dynamic}:@{int} r,  # For dynamic assignment range 234 to 254, 384 to 511
+
+  @{sys}/devices/	               r,
+  @{sys}/devices/{,**}     	       r,
+  @{sys}/class/ 		       r,
+  @{sys}/class/{,**} 		       r,
+  @{sys}/bus/ 			       r,
+  @{sys}/bus/{,**}		       r,
+
+  @{PROC}/sys/kernel/random/boot_id     r,
+
+  /dev/tty				rw,
+
+}