From 656da6f3aae564b04401183f9a44b3fbaf8e778b Mon Sep 17 00:00:00 2001
From: Besanon <m231009ts@mailfence.com>
Date: Wed, 5 Jun 2024 15:46:01 +0200
Subject: [PATCH] Create lxqt-admin-user

---
 apparmor.d/groups/lxqt/lxqt-admin-user | 32 ++++++++++++++++++++++++++
 1 file changed, 32 insertions(+)
 create mode 100644 apparmor.d/groups/lxqt/lxqt-admin-user

diff --git a/apparmor.d/groups/lxqt/lxqt-admin-user b/apparmor.d/groups/lxqt/lxqt-admin-user
new file mode 100644
index 000000000..ed9e52908
--- /dev/null
+++ b/apparmor.d/groups/lxqt/lxqt-admin-user
@@ -0,0 +1,32 @@
+# apparmor.d - Full set of apparmor profiles
+# Copyright (C) 2024 Alexandre Pujol <alexandre@pujol.io>
+# Copyright (C) 2024 Besanon  <m231009ts@mailfence.com>
+# SPDX-License-Identifier: GPL-2.0-only
+
+#include <tunables/global>
+
+@{exec_path} = @{bin}/lxqt-admin-user
+profile lxqt-admin-user @{exec_path} {
+  include <abstractions/base>
+  include <abstractions/gtk>
+  include <abstractions/video>
+  include <abstractions/lxqt>
+  include <abstractions/qt5-shader-cache>
+  include <abstractions/dbus-session-strict>
+  include <abstractions/dbus-accessibility-strict>
+  include <abstractions/gvfs-open>
+  
+  @{exec_path}			mr,
+
+   /etc/passwd  			r,
+   /etc/group   			r,
+   /etc/shells 				r, 
+   /etc/nsswitch.conf   		r,
+
+  owner /tmp/{,**}  			r,
+
+  @{sys}/devices/@{pci_bus}/{,**}       r,
+  @{sys}/devices/@{pci_bus}/**/**/**    r,
+
+  /dev/tty				rw,
+}