diff --git a/apparmor.d/groups/bus/dbus-daemon b/apparmor.d/groups/bus/dbus-daemon index 1f7045681..7f425725a 100644 --- a/apparmor.d/groups/bus/dbus-daemon +++ b/apparmor.d/groups/bus/dbus-daemon @@ -54,7 +54,6 @@ profile dbus-daemon @{exec_path} flags=(attach_disconnected) { @{PROC}/1/environ r, @{PROC}/cmdline r, @{PROC}/sys/kernel/osrelease r, - @{PROC}/sys/kernel/random/boot_id r, @{sys}/module/apparmor/parameters/enabled r, diff --git a/apparmor.d/groups/gnome/gdm b/apparmor.d/groups/gnome/gdm index 99feeacf9..e2a6c608e 100644 --- a/apparmor.d/groups/gnome/gdm +++ b/apparmor.d/groups/gnome/gdm @@ -54,7 +54,6 @@ profile gdm @{exec_path} flags=(attach_disconnected) { @{PROC}/1/environ r, @{PROC}/cmdline r, @{PROC}/sys/kernel/osrelease r, - @{PROC}/sys/kernel/random/boot_id r, include if exists } diff --git a/apparmor.d/groups/gnome/gdm-session-worker b/apparmor.d/groups/gnome/gdm-session-worker index 6f569f541..82582578d 100644 --- a/apparmor.d/groups/gnome/gdm-session-worker +++ b/apparmor.d/groups/gnome/gdm-session-worker @@ -65,7 +65,6 @@ profile gdm-session-worker @{exec_path} flags=(attach_disconnected) { owner @{PROC}/@{pid}/fd/ r, owner @{PROC}/@{pid}/loginuid rw, owner @{PROC}/@{pid}/uid_map r, - owner @{PROC}/sys/kernel/random/boot_id r, /dev/tty rw, /dev/tty[0-9]* rw, diff --git a/apparmor.d/groups/gnome/nautilus b/apparmor.d/groups/gnome/nautilus index ec38eeae8..dc958633f 100644 --- a/apparmor.d/groups/gnome/nautilus +++ b/apparmor.d/groups/gnome/nautilus @@ -46,7 +46,6 @@ profile nautilus @{exec_path} flags=(attach_disconnected) { owner @{PROC}/@{pid}/fd/ r, owner @{PROC}/@{pid}/mountinfo r, owner @{PROC}/@{pid}/net/wireless r, - @{PROC}/sys/kernel/random/boot_id r, @{run}/mount/utab r, @{run}/systemd/userdb/ r, diff --git a/apparmor.d/groups/gvfs/gvfsd-recent b/apparmor.d/groups/gvfs/gvfsd-recent index 5dd4c5e6a..a245dcfeb 100644 --- a/apparmor.d/groups/gvfs/gvfsd-recent +++ b/apparmor.d/groups/gvfs/gvfsd-recent @@ -30,7 +30,6 @@ profile gvfsd-recent @{exec_path} { owner @{run}/user/@{uid}/gvfsd/socket-[a-zA-z0-9]* rw, owner @{PROC}/@{pid}/mountinfo r, - @{PROC}/sys/kernel/random/boot_id r, @{run}/systemd/userdb/ r, @{run}/mount/utab r, diff --git a/apparmor.d/groups/network/NetworkManager b/apparmor.d/groups/network/NetworkManager index 1f053f311..b6be6095b 100644 --- a/apparmor.d/groups/network/NetworkManager +++ b/apparmor.d/groups/network/NetworkManager @@ -84,7 +84,6 @@ profile NetworkManager @{exec_path} flags=(attach_disconnected) { @{PROC}/1/environ r, @{PROC}/cmdline r, @{PROC}/sys/kernel/osrelease r, - @{PROC}/sys/kernel/random/boot_id r, @{PROC}/sys/net/** rw, include if exists diff --git a/apparmor.d/groups/network/nm-openvpn-service b/apparmor.d/groups/network/nm-openvpn-service index 79b30c5ae..5c799a41a 100644 --- a/apparmor.d/groups/network/nm-openvpn-service +++ b/apparmor.d/groups/network/nm-openvpn-service @@ -31,7 +31,6 @@ profile nm-openvpn-service @{exec_path} { /dev/tty rw, owner @{PROC}/@{pid}/fd/ r, - @{PROC}/sys/kernel/random/boot_id r, include if exists } diff --git a/apparmor.d/groups/systemd/hostnamectl b/apparmor.d/groups/systemd/hostnamectl index 51e4b3582..46b5eaa46 100644 --- a/apparmor.d/groups/systemd/hostnamectl +++ b/apparmor.d/groups/systemd/hostnamectl @@ -14,7 +14,5 @@ profile hostnamectl @{exec_path} { /etc/machine-id r, - @{PROC}/sys/kernel/random/boot_id r, - include if exists } \ No newline at end of file diff --git a/apparmor.d/groups/systemd/systemd-journald b/apparmor.d/groups/systemd/systemd-journald index 6ee54dfdd..2f5a5d195 100644 --- a/apparmor.d/groups/systemd/systemd-journald +++ b/apparmor.d/groups/systemd/systemd-journald @@ -67,7 +67,6 @@ profile systemd-journald @{exec_path} { @{PROC}/@{pids}/sessionid r, @{PROC}/@{pids}/loginuid r, @{PROC}/@{pids}/cgroup r, - @{PROC}/sys/kernel/random/boot_id r, @{PROC}/sys/kernel/hostname r, /dev/kmsg rw, diff --git a/apparmor.d/groups/systemd/systemd-resolved b/apparmor.d/groups/systemd/systemd-resolved index 50ceea935..8d84f87a4 100644 --- a/apparmor.d/groups/systemd/systemd-resolved +++ b/apparmor.d/groups/systemd/systemd-resolved @@ -41,7 +41,6 @@ profile systemd-resolved @{exec_path} { @{PROC}/cmdline r, @{PROC}/sys/kernel/hostname r, @{PROC}/sys/kernel/osrelease r, - @{PROC}/sys/kernel/random/boot_id r, # System access @{sys}/firmware/efi/efivars/SecureBoot-@{uuid} r, diff --git a/apparmor.d/groups/systemd/systemd-udevd b/apparmor.d/groups/systemd/systemd-udevd index 80edcfd48..a7da15df3 100644 --- a/apparmor.d/groups/systemd/systemd-udevd +++ b/apparmor.d/groups/systemd/systemd-udevd @@ -93,7 +93,6 @@ profile systemd-udevd @{exec_path} flags=(attach_disconnected complain) { owner @{PROC}/@{pid}/fd/ r, @{PROC}/@{pids}/cgroup r, @{PROC}/devices r, - @{PROC}/sys/kernel/random/boot_id r, # file_inherit owner @{HOME}/.xsession-errors w, diff --git a/apparmor.d/groups/systemd/userdbctl b/apparmor.d/groups/systemd/userdbctl index f2a1a2e09..084115314 100644 --- a/apparmor.d/groups/systemd/userdbctl +++ b/apparmor.d/groups/systemd/userdbctl @@ -25,7 +25,6 @@ profile userdbctl @{exec_path} { @{run}/systemd/userdb/ r, @{PROC}/@{pid}/cgroup r, - @{PROC}/sys/kernel/random/boot_id r, include if exists } \ No newline at end of file diff --git a/apparmor.d/groups/virt/cockpit-bridge b/apparmor.d/groups/virt/cockpit-bridge index 4bdf50963..9b4b840e7 100644 --- a/apparmor.d/groups/virt/cockpit-bridge +++ b/apparmor.d/groups/virt/cockpit-bridge @@ -50,7 +50,6 @@ profile cockpit-bridge @{exec_path} { @{PROC}/1/cgroup r, @{PROC}/cmdline r, @{PROC}/diskstats r, - @{PROC}/sys/kernel/random/boot_id r, @{PROC}/uptime r, /dev/ptmx rw, diff --git a/apparmor.d/groups/virt/cockpit-session b/apparmor.d/groups/virt/cockpit-session index d5589ffa3..2223836f3 100644 --- a/apparmor.d/groups/virt/cockpit-session +++ b/apparmor.d/groups/virt/cockpit-session @@ -43,7 +43,6 @@ profile cockpit-session @{exec_path} flags=(attach_disconnected) { owner @{PROC}/@{pid}/loginuid rw, owner @{PROC}/@{pid}/uid_map r, @{PROC}/@{pids}/fd/ r, - @{PROC}/sys/kernel/random/boot_id r, include if exists } \ No newline at end of file diff --git a/apparmor.d/profiles-g-l/kwalletd5 b/apparmor.d/profiles-g-l/kwalletd5 index 906242de4..3249aeea5 100644 --- a/apparmor.d/profiles-g-l/kwalletd5 +++ b/apparmor.d/profiles-g-l/kwalletd5 @@ -48,7 +48,6 @@ profile kwalletd5 @{exec_path} { owner @{PROC}/@{pid}/cmdline r, owner @{PROC}/@{pid}/fd/ r, - @{PROC}/sys/kernel/random/boot_id r, @{PROC}/sys/kernel/core_pattern r, owner /tmp/kwalletd5.* rw, diff --git a/apparmor.d/profiles-m-r/pwck b/apparmor.d/profiles-m-r/pwck index 3dc62b72a..34780b697 100644 --- a/apparmor.d/profiles-m-r/pwck +++ b/apparmor.d/profiles-m-r/pwck @@ -26,7 +26,5 @@ profile pwck @{exec_path} { @{run}/systemd/userdb/ r, - @{PROC}/sys/kernel/random/boot_id r, - include if exists } \ No newline at end of file diff --git a/apparmor.d/profiles-m-r/qtox b/apparmor.d/profiles-m-r/qtox index c988f7120..c8a3bcaa6 100644 --- a/apparmor.d/profiles-m-r/qtox +++ b/apparmor.d/profiles-m-r/qtox @@ -54,7 +54,6 @@ profile qtox @{exec_path} { owner @{PROC}/@{pid}/cmdline r, @{PROC}/sys/kernel/core_pattern r, # for KCrash::initialize() - @{PROC}/sys/kernel/random/boot_id r, # for QSysInfo::bootUniqueId(), mvoe to qt5 abstraction? /usr/share/hwdata/pnp.ids r, diff --git a/apparmor.d/profiles-s-z/su b/apparmor.d/profiles-s-z/su index 166a3553a..19d1ec1c3 100644 --- a/apparmor.d/profiles-s-z/su +++ b/apparmor.d/profiles-s-z/su @@ -46,7 +46,6 @@ profile su @{exec_path} { /etc/shells r, @{PROC}/1/limits r, - @{PROC}/sys/kernel/random/boot_id r, owner @{PROC}/@{pids}/loginuid r, owner @{PROC}/@{pids}/cgroup r, owner @{PROC}/@{pids}/mountinfo r, diff --git a/apparmor.d/profiles-s-z/sudo b/apparmor.d/profiles-s-z/sudo index 637047c89..f090d4a62 100644 --- a/apparmor.d/profiles-s-z/sudo +++ b/apparmor.d/profiles-s-z/sudo @@ -79,8 +79,6 @@ profile sudo @{exec_path} { @{run}/systemd/userdb/ r, @{run}/systemd/userdb/io.systemd.DynamicUser rw, - @{PROC}/sys/kernel/random/boot_id r, - /dev/ r, # interactive login /dev/ptmx rw,